Hey zusammen,

ich hatte mal über chip.de folgendes programm downloaden wollen.
"Free YouTube to MP3 Converter"
hxxp://www.chip.de/downloads/Free-YouTube-to-MP3-Converter_26495270.html

nach der installation lief das programm einwandfrei.
nach einem systemneustart popten diese installationsfenster von dem programm immer und immer erneut auf.
ich sollte das programm installieren, aber ich brach es ab, weil ich es ja schon aufm pc hatte.
irgendwie kam mir das nicht koscher vor und deinstallierte das programm wieder.
machte erneut einen neustart.

dennoch popten immer und immer wieder die setupfenster vom programm auf (beim start ca. 12 x das gleiche fenster).
ganz schlimm wurde es, als ich mein grafiktreiber updaten wollte...das fenster hing sich auf und mir poppten wieder die fenster entgegen (aber jetzt wurde es richtig schlimm)...
es hörte nicht auf, bis ich über den taskmanager meinen grafiktreiber schloss.
die setupfenster popten auch ohne,dass ich irgendwas machte..nach ca 3 stunden auch mal von alleine auf (wieder ca. 12 stück).

ich dachte mir, vllt muss ich es ja nochmal installieren und RICHTIG deinstallieren.
das tat ich erneut aber dennoch fing alles wieder von vorne an.

derzeit habe ich folgendes unternommen:
- spybot search and destroy durchlaufen gelassen
- antivir laufen lassen
- windows 7 (original) reinstallation
- festplatten defragmentiert
- festplatten bereinigen lassen
- CCleaner durchlaufen gelassen

pc-daten:
Prozessor: Intel(R) Core(TM) i7-4770k CPU @ 3.50GHz
Arbeitsspeicher/RAM: 16,0GB
Betriebssystem: Windows 7 Home Premium 64-Bit
Grafikkarte: GeForce GTX770 2048MB (2xDVI/HDMI/DP)
Festplatte: SSD 120GB S-ATA3
2.Festplatte: 2000GB S-ATA3, 600MB/Sek.
Mainboard: MSI Z87-G45 GAMING, Intel Z87

wenn das fenster sich immer und immer wieder öffnet, gibt es kein dateipfad und die datei nennt sich setup*32

benötige dringende hilfe/unterstützung
![]() | #2 |
/// the machine /// TB-Ausbilder ![]() ![]() ![]() ![]() ![]() ![]() ![]() ![]() | ![]() FreeYoutube Converter Virus? Hi,
__________________Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: ![]() (Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
![]() | #3 |
![]() | ![]() FRST u ADDITION in zip hey schrauber,
__________________dank dir für die schnelle antwort. zip-datei ist im anhang dank dir ![]() |
![]() | #4 |
Hi,

Logs bitte immer in den Thread posten. Zur Notaufteilen und mehrere Posts nutzen.
Ich kann auf Arbeit keine Anhänge öffnen, danke.

So gehts:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert mir massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu gross für das Forum.
Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
• Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
• Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
• Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
• Klicke auf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.
![]() | #5 |
![]() | ![]() FreeYoutube Converter Virus? hey schrauber, wie bekome ich meine "zip"(geht leider nur zip,weil die 2 datein schon zu groß sind) denn in die zwischenablage? lg |
![]() | #6 |
/// the machine /// TB-Ausbilder ![]() ![]() ![]() ![]() ![]() ![]() ![]() ![]() | ![]() FreeYoutube Converter Virus? ZIP gar nicht. Nimm die Logs einzeln. Dann das Log öffnen, alles markieren, kopieren, hier einfügen. Bzw dann eben das Log aufteilen wenn es zu lang ist.
![]() | #7 |
![]() | ![]() FRSTFRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 24-01-2015 01 Ran by Timo Doblinski (administrator) on ARES on 28-01-2015 12:35:35 Running from C:\Users\Timo Doblinski\Downloads Loaded Profiles: Timo Doblinski (Available profiles: Timo Doblinski) Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland) Internet Explorer Version 8 (Default browser: FF) Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (Logitech Inc.) C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (Avira Operations GmbH & Co. KG) D:\Avira\AntiVir Desktop\sched.exe (Adobe Systems Incorporated) D:\Photoshop Elements\Elements 12 Organizer\PhotoshopElementsFileAgent.exe (Avira Operations GmbH & Co. KG) D:\Avira\AntiVir Desktop\avguard.exe (Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (AVM Berlin) C:\Program Files (x86)\avmwlanstick\WLanNetService.exe (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe (Hi-Rez Studios) D:\HiPatchService.exe (Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe () C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe (MSI) C:\Program Files (x86)\MSI\Super-Charger\ChargeService.exe (MICRO-STAR INTERNATIONAL CO., LTD.) C:\Program Files (x86)\MSI\MSITrigger\MSI_Trigger_Service.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe (Qualcomm Atheros) C:\Program Files\Qualcomm Atheros\Network Manager\KillerService.exe () C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe (Razer Inc.) D:\Razer Cortex\RzKLService.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe (Avira Operations GmbH & Co. KG) D:\Avira\AntiVir Desktop\avshadow.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe (Microsoft Corporation) C:\Program Files\Microsoft Xbox 360 Accessories\XBoxStat.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe (Microsoft Corporation) C:\Windows\System32\rundll32.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe (Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe (Akamai Technologies, Inc.) C:\Users\Timo Doblinski\AppData\Local\Akamai\netsession_win.exe (Intel Corporation) C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTsysTray8.exe (Akamai Technologies, Inc.) C:\Users\Timo Doblinski\AppData\Local\Akamai\netsession_win.exe () C:\Program Files\Qualcomm Atheros\Network Manager\NetworkManager.exe (Avira Operations GmbH & Co. KG) D:\Avira\AntiVir Desktop\avgnt.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe (MSI) C:\Program Files (x86)\MSI\Super-Charger\Super-Charger.exe (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (Creative Technology Ltd) C:\Program Files (x86)\Creative\Sound Blaster Cinema\Sound Blaster Cinema\SBCinema.exe (CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe (CyberLink) C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe (cyberlink) C:\Program Files (x86)\CyberLink\Shared files\brs.exe (AVM Berlin) C:\Program Files (x86)\avmwlanstick\WLanGUI.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe (Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe (Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE (Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe (Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe (Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe (Microsoft Corporation) C:\Windows\System32\wbem\WMIADAP.exe (Microsoft Corporation) C:\Windows\System32\rundll32.exe (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe ==================== Registry (Whitelisted) ================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [XboxStat] => C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe [825184 2009-09-30] (Microsoft Corporation) HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7202008 2013-10-17] (Realtek Semiconductor) HKLM\...\Run: [MBCfg64] => C:\Windows\system32\RunDLL32.exe C:\Windows\system32\MBCfg64.dll,RunDLLEntry MBCfg64 HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [557768 2014-09-19] (Adobe Systems Incorporated) HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2585928 2015-01-16] (NVIDIA Corporation) HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart HKLM-x32\...\Run: [avgnt] => D:\Avira\AntiVir Desktop\avgnt.exe [702768 2014-12-09] (Avira Operations GmbH & Co. KG) HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [292848 2013-04-26] (Intel Corporation) HKLM-x32\...\Run: [UpdReg] => C:\Windows\UpdReg.EXE [90112 2000-05-11] (Creative Technology Ltd.) HKLM-x32\...\Run: [Super-Charger] => C:\Program Files (x86)\MSI\Super-Charger\Super-Charger.exe [1047536 2013-11-12] (MSI) HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [271744 2014-09-26] (Oracle Corporation) HKLM-x32\...\Run: [Sound Blaster Cinema] => C:\Program Files (x86)\Creative\Sound Blaster Cinema\Sound Blaster Cinema\SBCinema.exe [711680 2013-08-16] (Creative Technology Ltd) HKLM-x32\...\Run: [RemoteControl10] => C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [95192 2013-03-08] (CyberLink Corp.) HKLM-x32\...\Run: [RazerCortex] => D:\Razer Cortex\RazerCortex.exe [60640 2014-12-06] (Razer Inc.) HKLM-x32\...\Run: [CLMLServer] => C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe [107816 2011-03-09] (CyberLink) HKLM-x32\...\Run: [BDRegion] => C:\Program Files (x86)\Cyberlink\Shared files\brs.exe [179976 2013-09-02] (cyberlink) HKLM-x32\...\Run: [AVMWlanClient] => C:\Program Files (x86)\avmwlanstick\wlangui.exe [2105344 2010-10-22] (AVM Berlin) HKLM-x32\...\Run: [Avira Systray] => C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe [126200 2014-11-20] (Avira Operations GmbH & Co. KG) HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2694320 2014-10-01] (Adobe Systems Incorporated) HKLM-x32\...\Run: [SDTray] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [4101576 2014-06-24] (Safer-Networking Ltd.) Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X] HKU\S-1-5-21-2490962840-1107168080-2429785914-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [6501656 2014-10-23] (Piriform Ltd) HKU\S-1-5-21-2490962840-1107168080-2429785914-1000\...\Run: [CAHeadless] => D:\Photoshop Elements\Elements 12 Organizer\CAHeadless\ElementsAutoAnalyzer.exe [1401040 2014-04-24] (Adobe Systems Incorporated) HKU\S-1-5-21-2490962840-1107168080-2429785914-1000\...\Run: [Akamai NetSession Interface] => C:\Users\Timo Doblinski\AppData\Local\Akamai\netsession_win.exe [4673432 2014-10-29] (Akamai Technologies, Inc.) AppInit_DLLs: C:\PROGRA~2\SupTab\SEARCH~2.DLL => C:\PROGRA~2\SupTab\SEARCH~2.DLL File Not Found Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\ISCTSystray.lnk ShortcutTarget: ISCTSystray.lnk -> C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTsysTray8.exe (Intel Corporation) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Killer Network Manager.lnk ShortcutTarget: Killer Network Manager.lnk -> C:\Windows\Installer\{4E08CC97-912D-458B-8705-9A14C325532F}\NetworkManager.exe_130C27D738F34C89BDDF21BCFD74B56D.exe (Flexera Software LLC) ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll () ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll () ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll () BootExecute: autocheck autochk * sdnclean64.exe ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = about:blank HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = about:blank HKU\S-1-5-21-2490962840-1107168080-2429785914-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.sweet-page.com/?type=hp&ts=1403632136&from=wld&uid=ST2000DM001-1CH164_Z1E6X6L8XXXXZ1E6X6L8 HKU\S-1-5-21-2490962840-1107168080-2429785914-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/ StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe SearchScopes: HKLM -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = SearchScopes: HKLM-x32 -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation) BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.) BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation) BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation) BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation) BHO-x32: Microsoft-Konto-Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.) BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\Office15\URLREDIR.DLL (Microsoft Corporation) BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) Toolbar: HKU\S-1-5-21-2490962840-1107168080-2429785914-1000 -> No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File Toolbar: HKU\S-1-5-21-2490962840-1107168080-2429785914-1000 -> No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL (Microsoft Corporation) Tcpip\Parameters: [DhcpNameServer] FireFox: ======== FF ProfilePath: C:\Users\Timo Doblinski\AppData\Roaming\Mozilla\Firefox\Profiles\10zfidt7.default-1418130938130 FF NewTab: chrome://unitedtb/content/newtab/newtab-page.xhtml FF Homepage: google.de FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_16_0_0_296.dll () FF Plugin: @esn/npbattlelog,version=2.5.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.5.1\npbattlelogx64.dll (EA Digital Illusions CE AB) FF Plugin: adobe.com/AdobeAAMDetect_x86_64 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems) FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_296.dll () FF Plugin-x32: @esn/npbattlelog,version=2.3.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.3.2\npbattlelog.dll No File FF Plugin-x32: @esn/npbattlelog,version=2.5.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.5.1\npbattlelog.dll (EA Digital Illusions CE AB) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation) FF Plugin-x32: @java.com/DTPlugin,version=10.71.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=10.71.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3508.0205 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF Plugin-x32: @Nero.com/KM -> C:\PROGRA~2\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL (Nero AG) FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation) FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\\npGoogleUpdate3.dll (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\\npGoogleUpdate3.dll (Google Inc.) FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll (Adobe Systems) FF Extension: WEB.DE MailCheck - C:\Users\Timo Doblinski\AppData\Roaming\Mozilla\Firefox\Profiles\10zfidt7.default-1418130938130\Extensions\toolbar@web.de [2014-12-18] FF Extension: Adblock Plus - C:\Users\Timo Doblinski\AppData\Roaming\Mozilla\Firefox\Profiles\10zfidt7.default-1418130938130\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-12-10] FF HKLM-x32\...\Firefox\Extensions: [faststartff@gmail.com] - C:\Users\Timo Doblinski\AppData\Roaming\Mozilla\Firefox\Profiles\06kd259v.default\extensions\faststartff@gmail.com Chrome: ======= CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - No Path ==================== Services (Whitelisted) ================= (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R2 AdobeActiveFileMonitor12.0; D:\Photoshop Elements\Elements 12 Organizer\PhotoshopElementsFileAgent.exe [181152 2013-09-03] (Adobe Systems Incorporated) R2 AntiVirSchedulerService; D:\Avira\AntiVir Desktop\sched.exe [431920 2014-12-09] (Avira Operations GmbH & Co. KG) R2 AntiVirService; D:\Avira\AntiVir Desktop\avguard.exe [431920 2014-12-09] (Avira Operations GmbH & Co. KG) R2 Avira.OE.ServiceHost; C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe [166192 2014-11-20] (Avira Operations GmbH & Co. KG) R2 AVM WLAN Connection Service; C:\Program Files (x86)\avmwlanstick\WlanNetService.exe [376832 2010-10-22] (AVM Berlin) [File not signed] S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [448384 2014-12-03] () S4 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2449592 2014-11-12] (Microsoft Corporation) S2 CLKMSVC10_38F51D56; C:\Program Files (x86)\CyberLink\PowerDVD10\NavFilter\kmsvc.exe [243464 2013-09-02] (CyberLink) R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1148744 2015-01-16] (NVIDIA Corporation) U2 HiPatchService; D:\HiPatchService.exe [9216 2014-02-28] (Hi-Rez Studios) [File not signed] S3 IEEtwCollectorService; C:\Windows\system32\IEEtwCollector.exe [114688 2014-11-22] (Microsoft Corporation) [File not signed] R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-27] (Intel(R) Corporation) [File not signed] S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [828376 2013-08-27] (Intel(R) Corporation) R2 ISCTAgent; C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe [198120 2013-08-01] () R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-09-16] (Intel Corporation) R2 MSI_SuperCharger; C:\Program Files (x86)\MSI\Super-Charger\ChargeService.exe [161776 2013-09-09] (MSI) R2 MSI_Trigger_Service; C:\Program Files (x86)\MSI\MSITrigger\MSI_Trigger_Service.exe [30240 2013-09-26] (MICRO-STAR INTERNATIONAL CO., LTD.) R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1706312 2015-01-16] (NVIDIA Corporation) R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [21833544 2015-01-16] (NVIDIA Corporation) S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [1900400 2014-12-06] (Electronic Arts) R2 Qualcomm Atheros Killer Service V2; C:\Program Files\Qualcomm Atheros\Network Manager\KillerService.exe [343040 2013-08-08] (Qualcomm Atheros) [File not signed] R2 Razer Game Scanner Service; C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe [186048 2014-12-09] () R2 RzKLService; D:\Razer Cortex\RzKLService.exe [105448 2014-12-06] (Razer Inc.) R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1738168 2014-06-24] (Safer-Networking Ltd.) R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2088408 2014-06-27] (Safer-Networking Ltd.) R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [171928 2014-04-25] (Safer-Networking Ltd.) R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation) ==================== Drivers (Whitelisted) ==================== (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [119272 2014-10-09] (Avira Operations GmbH & Co. KG) R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [131608 2014-10-09] (Avira Operations GmbH & Co. KG) R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2014-05-09] (Avira Operations GmbH & Co. KG) S3 avmeject; C:\Windows\System32\drivers\avmeject.sys [14120 2010-10-04] (AVM Berlin) S1 BfLwf; C:\Windows\System32\DRIVERS\bflwfx64.sys [67888 2013-02-13] (Qualcomm Atheros, Inc.) R3 ikbevent; C:\Windows\System32\DRIVERS\ikbevent.sys [21408 2013-08-01] () R3 imsevent; C:\Windows\System32\DRIVERS\imsevent.sys [21920 2013-08-01] () R3 INETMON; C:\Windows\System32\Drivers\INETMON.sys [29088 2013-08-01] () R3 ISCT; C:\Windows\System32\DRIVERS\ISCTD64.sys [46568 2013-08-01] () R3 Ke2200; C:\Windows\System32\DRIVERS\e22w7x64.sys [154320 2013-03-20] (Qualcomm Atheros, Inc.) R3 MEIx64; C:\Windows\System32\DRIVERS\TeeDriverx64.sys [99288 2013-09-16] (Intel Corporation) R3 NTIOLib_1_0_3; C:\Program Files (x86)\MSI\Super-Charger\NTIOLib_X64.sys [13368 2012-10-25] (MSI) R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19784 2015-01-16] (NVIDIA Corporation) R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [38032 2014-11-22] (NVIDIA Corporation) R0 PxHlpa64; C:\Windows\System32\drivers\PxHlpa64.sys [56336 2013-07-19] (Corel Corporation) R2 rzpmgrk; C:\Windows\system32\drivers\rzpmgrk.sys [37184 2014-12-09] (Razer, Inc.) ==================== NetSvcs (Whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.) ==================== One Month Created Files and Folders ======== (If an entry is included in the fixlist, the file\folder will be moved.) 2015-01-28 12:33 - 2015-01-28 12:35 - 00022203 _____ () C:\Users\Timo Doblinski\Downloads\FRST.txt 2015-01-28 12:33 - 2015-01-28 12:35 - 00000000 ____D () C:\FRST 2015-01-28 12:33 - 2015-01-28 12:33 - 00039836 _____ () C:\Users\Timo Doblinski\Downloads\Addition.txt 2015-01-28 12:32 - 2015-01-28 12:32 - 02129920 _____ (Farbar) C:\Users\Timo Doblinski\Downloads\FRST64.exe 2015-01-27 12:55 - 2015-01-27 12:55 - 00000000 ____D () C:\Users\Timo Doblinski\Desktop\Neuer Ordner 2015-01-27 12:50 - 2015-01-28 12:29 - 00180774 _____ () C:\Windows\setupact.log 2015-01-27 12:50 - 2015-01-27 12:50 - 00000332 _____ () C:\Windows\PFRO.log 2015-01-27 12:50 - 2015-01-27 12:50 - 00000000 _____ () C:\Windows\setuperr.log 2015-01-27 04:04 - 2015-01-27 04:05 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox 2015-01-27 03:00 - 2015-01-28 03:39 - 00025776 _____ () C:\Windows\IE10_main.log 2015-01-25 23:42 - 2009-06-10 22:00 - 00000824 _____ () C:\Windows\system32\Drivers\etc\hosts.20150125-234201.backup 2015-01-25 22:43 - 2015-01-25 22:43 - 00000000 ____D () C:\Users\Timo Doblinski\AppData\Roaming\NVIDIA 2015-01-25 22:35 - 2009-06-10 22:00 - 00000824 _____ () C:\Windows\system32\Drivers\etc\hosts.20150125-223513.backup 2015-01-25 22:25 - 2015-01-25 22:32 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy 2015-01-25 22:25 - 2015-01-25 22:27 - 00000000 ____D () C:\Program Files (x86)\Spybot - Search & Destroy 2 2015-01-25 22:25 - 2015-01-25 22:25 - 00001395 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk 2015-01-25 22:25 - 2015-01-25 22:25 - 00001383 _____ () C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk 2015-01-25 22:25 - 2015-01-25 22:25 - 00000000 ____D () C:\Windows\System32\Tasks\Safer-Networking 2015-01-25 22:25 - 2015-01-25 22:25 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2 2015-01-25 22:25 - 2013-09-20 10:49 - 00021040 _____ (Safer Networking Limited) C:\Windows\system32\sdnclean64.exe 2015-01-25 22:14 - 2015-01-25 22:15 - 00000000 ____D () C:\Users\Timo Doblinski\AppData\Local\NVIDIA 2015-01-25 22:13 - 2015-01-28 12:29 - 00000000 ____D () C:\ProgramData\NVIDIA 2015-01-25 22:13 - 2015-01-25 22:15 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation 2015-01-25 22:13 - 2015-01-25 22:13 - 00001351 _____ () C:\Users\Public\Desktop\GeForce Experience.lnk 2015-01-25 22:13 - 2015-01-16 07:41 - 01756424 _____ (NVIDIA Corporation) C:\Windows\system32\nvspbridge64.dll 2015-01-25 22:13 - 2015-01-16 07:41 - 01514528 _____ (NVIDIA Corporation) C:\Windows\system32\nvspcap64.dll 2015-01-25 22:13 - 2015-01-16 07:41 - 01316184 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspbridge.dll 2015-01-25 22:13 - 2015-01-16 07:41 - 01278920 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspcap.dll 2015-01-25 22:13 - 2015-01-10 09:07 - 00073872 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll 2015-01-25 22:13 - 2015-01-10 09:07 - 00060744 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll 2015-01-25 22:13 - 2015-01-10 00:30 - 06860432 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll 2015-01-25 22:13 - 2015-01-10 00:30 - 03517256 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll 2015-01-25 22:13 - 2015-01-10 00:29 - 02558608 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll 2015-01-25 22:13 - 2015-01-10 00:29 - 00935056 _____ (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe 2015-01-25 22:13 - 2015-01-10 00:29 - 00385352 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll 2015-01-25 22:13 - 2015-01-10 00:29 - 00062608 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll 2015-01-25 22:13 - 2015-01-09 23:27 - 00621200 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe 2015-01-25 22:13 - 2015-01-09 20:47 - 04173527 _____ () C:\Windows\system32\nvcoproc.bin 2015-01-25 22:12 - 2015-01-13 05:15 - 01540240 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdagenco6420103.dll 2015-01-25 22:12 - 2015-01-13 05:15 - 00195728 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvhda64v.sys 2015-01-25 22:12 - 2015-01-13 05:15 - 00030536 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdap64.dll 2015-01-25 22:12 - 2015-01-10 09:07 - 32102544 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll 2015-01-25 22:12 - 2015-01-10 09:07 - 25459856 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll 2015-01-25 22:12 - 2015-01-10 09:07 - 24765584 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll 2015-01-25 22:12 - 2015-01-10 09:07 - 20465296 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll 2015-01-25 22:12 - 2015-01-10 09:07 - 18566296 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll 2015-01-25 22:12 - 2015-01-10 09:07 - 17250776 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll 2015-01-25 22:12 - 2015-01-10 09:07 - 16009120 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll 2015-01-25 22:12 - 2015-01-10 09:07 - 14115944 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll 2015-01-25 22:12 - 2015-01-10 09:07 - 13295552 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll 2015-01-25 22:12 - 2015-01-10 09:07 - 13210248 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll 2015-01-25 22:12 - 2015-01-10 09:07 - 10774544 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll 2015-01-25 22:12 - 2015-01-10 09:07 - 10714488 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll 2015-01-25 22:12 - 2015-01-10 09:07 - 10274448 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys 2015-01-25 22:12 - 2015-01-10 09:07 - 03607184 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll 2015-01-25 22:12 - 2015-01-10 09:07 - 03298816 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll 2015-01-25 22:12 - 2015-01-10 09:07 - 03245712 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll 2015-01-25 22:12 - 2015-01-10 09:07 - 02902456 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll 2015-01-25 22:12 - 2015-01-10 09:07 - 01895240 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6434725.dll 2015-01-25 22:12 - 2015-01-10 09:07 - 01556808 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6434725.dll 2015-01-25 22:12 - 2015-01-10 09:07 - 00994712 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshimx.dll 2015-01-25 22:12 - 2015-01-10 09:07 - 00969360 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll 2015-01-25 22:12 - 2015-01-10 09:07 - 00942736 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll 2015-01-25 22:12 - 2015-01-10 09:07 - 00929424 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll 2015-01-25 22:12 - 2015-01-10 09:07 - 00906384 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll 2015-01-25 22:12 - 2015-01-10 09:07 - 00877488 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll 2015-01-25 22:12 - 2015-01-10 09:07 - 00496456 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll 2015-01-25 22:12 - 2015-01-10 09:07 - 00399688 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll 2015-01-25 22:12 - 2015-01-10 09:07 - 00390472 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFROpenGL.dll 2015-01-25 22:12 - 2015-01-10 09:07 - 00353040 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll 2015-01-25 22:12 - 2015-01-10 09:07 - 00345744 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFROpenGL.dll 2015-01-25 22:12 - 2015-01-10 09:07 - 00305320 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll 2015-01-25 22:12 - 2015-01-10 09:07 - 00177624 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll 2015-01-25 22:12 - 2015-01-10 09:07 - 00164568 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll 2015-01-25 22:12 - 2015-01-10 09:07 - 00027441 _____ () C:\Windows\system32\nvinfo.pb 2015-01-25 22:12 - 2014-11-22 11:46 - 00038032 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad64v.sys 2015-01-25 22:12 - 2014-11-22 11:46 - 00035472 _____ (NVIDIA Corporation) C:\Windows\system32\nvaudcap64v.dll 2015-01-25 22:12 - 2014-11-22 11:46 - 00032400 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvaudcap32v.dll 2015-01-25 21:58 - 2015-01-25 21:58 - 00003528 ____N () C:\bootsqm.dat 2015-01-25 21:15 - 2015-01-25 21:15 - 01732032 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll 2015-01-25 21:15 - 2015-01-25 21:15 - 01292192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll 2015-01-25 21:15 - 2015-01-25 21:15 - 00878080 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll 2015-01-25 21:15 - 2015-01-25 21:15 - 00859648 _____ (Microsoft Corporation) C:\Windows\system32\tdh.dll 2015-01-25 21:15 - 2015-01-25 21:15 - 00640512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll 2015-01-25 21:15 - 2015-01-25 21:15 - 00619520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdh.dll 2015-01-25 20:59 - 2014-10-03 10:02 - 103265616 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe 2015-01-24 12:48 - 2015-01-24 12:53 - 00000000 ____D () C:\ProgramData\E1864A66-75E3-486a-BD95-D1B7D99A84A7 2015-01-24 12:47 - 2015-01-24 12:53 - 00000000 ____D () C:\Program Files\Common Files\Apple 2015-01-24 12:47 - 2015-01-24 12:47 - 00002519 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk 2015-01-24 12:47 - 2015-01-24 12:47 - 00000000 ____D () C:\Program Files\Bonjour 2015-01-24 12:47 - 2015-01-24 12:47 - 00000000 ____D () C:\Program Files (x86)\Bonjour 2015-01-24 12:47 - 2015-01-24 12:47 - 00000000 ____D () C:\Program Files (x86)\Apple Software Update 2015-01-24 12:08 - 2015-01-24 12:08 - 00003088 _____ () C:\Windows\System32\Tasks\{BC124D6D-AF19-4CFF-965A-55009F869EAD} 2015-01-24 11:56 - 2015-01-24 12:39 - 00000000 ____D () C:\Windows\pss 2015-01-20 12:30 - 2014-11-11 04:08 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll 2015-01-20 12:30 - 2014-11-11 04:08 - 00241152 _____ (Microsoft Corporation) C:\Windows\system32\pku2u.dll 2015-01-20 12:30 - 2014-11-11 03:44 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll 2015-01-20 12:30 - 2014-11-11 03:44 - 00186880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pku2u.dll 2015-01-20 12:30 - 2014-05-30 07:45 - 00497152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys 2015-01-20 12:30 - 2014-03-04 10:44 - 00722944 _____ (Microsoft Corporation) C:\Windows\system32\objsel.dll 2015-01-20 12:30 - 2014-03-04 10:44 - 00424960 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll 2015-01-20 12:30 - 2014-03-04 10:44 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\wincredprovider.dll 2015-01-20 12:30 - 2014-03-04 10:43 - 00057344 _____ (Microsoft Corporation) C:\Windows\system32\cngprovider.dll 2015-01-20 12:30 - 2014-03-04 10:43 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\adprovider.dll 2015-01-20 12:30 - 2014-03-04 10:43 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\capiprovider.dll 2015-01-20 12:30 - 2014-03-04 10:43 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\dpapiprovider.dll 2015-01-20 12:30 - 2014-03-04 10:43 - 00044544 _____ (Microsoft Corporation) C:\Windows\system32\dimsroam.dll 2015-01-20 12:30 - 2014-03-04 10:17 - 00538112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\objsel.dll 2015-01-20 12:30 - 2014-03-04 10:17 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cngprovider.dll 2015-01-20 12:30 - 2014-03-04 10:17 - 00049664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adprovider.dll 2015-01-20 12:30 - 2014-03-04 10:17 - 00048128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\capiprovider.dll 2015-01-20 12:30 - 2014-03-04 10:17 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpapiprovider.dll 2015-01-20 12:30 - 2014-03-04 10:17 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dimsroam.dll 2015-01-20 12:30 - 2014-03-04 10:17 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wincredprovider.dll 2015-01-20 12:30 - 2014-03-04 10:16 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll 2015-01-20 12:30 - 2013-10-19 03:18 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\imagehlp.dll 2015-01-20 12:30 - 2013-10-19 02:36 - 00159232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imagehlp.dll 2015-01-20 12:30 - 2013-07-03 05:05 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidclass.sys 2015-01-20 12:30 - 2013-07-03 05:05 - 00032896 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidparse.sys 2015-01-20 03:02 - 2012-03-01 07:46 - 00023408 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fs_rec.sys 2015-01-20 03:02 - 2012-03-01 07:28 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\wmi.dll 2015-01-20 03:02 - 2012-03-01 06:29 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmi.dll 2015-01-20 03:00 - 2014-06-30 23:24 - 00008856 _____ (Microsoft Corporation) C:\Windows\system32\icardres.dll 2015-01-20 03:00 - 2014-06-30 23:14 - 00008856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardres.dll 2015-01-20 03:00 - 2014-06-06 07:16 - 00035480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TsWpfWrp.exe 2015-01-20 03:00 - 2014-06-06 07:12 - 00035480 _____ (Microsoft Corporation) C:\Windows\system32\TsWpfWrp.exe 2015-01-20 03:00 - 2014-03-09 22:48 - 01389208 _____ (Microsoft Corporation) C:\Windows\system32\icardagt.exe 2015-01-20 03:00 - 2014-03-09 22:48 - 00171160 _____ (Microsoft Corporation) C:\Windows\system32\infocardapi.dll 2015-01-20 03:00 - 2014-03-09 22:47 - 00619672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardagt.exe 2015-01-20 03:00 - 2014-03-09 22:47 - 00099480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\infocardapi.dll 2015-01-19 12:33 - 2011-04-09 07:58 - 00142336 _____ (Microsoft Corporation) C:\Windows\system32\poqexec.exe 2015-01-19 12:33 - 2011-04-09 06:56 - 00123904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\poqexec.exe 2015-01-19 12:32 - 2014-12-19 04:06 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll 2015-01-19 12:32 - 2014-12-11 18:47 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\TSWbPrxy.exe 2015-01-19 12:32 - 2014-12-06 05:17 - 00303616 _____ (Microsoft Corporation) C:\Windows\system32\nlasvc.dll 2015-01-19 12:32 - 2014-12-06 04:50 - 00156672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncsi.dll 2015-01-19 12:32 - 2014-12-06 04:50 - 00052224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nlaapi.dll 2015-01-19 12:32 - 2014-11-21 12:35 - 01188864 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2015-01-19 12:32 - 2014-11-21 12:34 - 12289024 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2015-01-19 12:32 - 2014-11-21 12:34 - 09058816 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2015-01-19 12:32 - 2014-11-21 12:34 - 02467328 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2015-01-19 12:32 - 2014-11-21 12:34 - 01541632 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2015-01-19 12:32 - 2014-11-21 12:34 - 00735232 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2015-01-19 12:32 - 2014-11-21 12:34 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll 2015-01-19 12:32 - 2014-11-21 12:34 - 00134144 _____ (Microsoft Corporation) C:\Windows\system32\url.dll 2015-01-19 12:32 - 2014-11-21 12:34 - 00097280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll 2015-01-19 12:32 - 2014-11-21 12:34 - 00082944 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll 2015-01-19 12:32 - 2014-11-21 12:34 - 00065024 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll 2015-01-19 12:32 - 2014-11-21 12:33 - 00495616 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll 2015-01-19 12:32 - 2014-11-21 12:33 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll 2015-01-19 12:32 - 2014-11-21 12:33 - 00174592 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe 2015-01-19 12:32 - 2014-11-21 12:33 - 00047616 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe 2015-01-19 12:32 - 2014-11-21 12:33 - 00016896 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe 2015-01-19 12:32 - 2014-11-21 12:32 - 01538048 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl 2015-01-19 12:32 - 2014-11-21 11:44 - 00981504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2015-01-19 12:32 - 2014-11-21 11:43 - 06026240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2015-01-19 12:32 - 2014-11-21 11:43 - 01267712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2015-01-19 12:32 - 2014-11-21 11:43 - 00627712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll 2015-01-19 12:32 - 2014-11-21 11:43 - 00132096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll 2015-01-19 12:32 - 2014-11-21 11:43 - 00067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll 2015-01-19 12:32 - 2014-11-21 11:43 - 00064512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll 2015-01-19 12:32 - 2014-11-21 11:43 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll 2015-01-19 12:32 - 2014-11-21 11:42 - 11019264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2015-01-19 12:32 - 2014-11-21 11:42 - 02086912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2015-01-19 12:32 - 2014-11-21 11:42 - 00345600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll 2015-01-19 12:32 - 2014-11-21 11:42 - 00216064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll 2015-01-19 12:32 - 2014-11-21 11:42 - 00176640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll 2015-01-19 12:32 - 2014-11-21 11:41 - 01466368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl 2015-01-19 12:32 - 2014-11-21 11:41 - 00142848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe 2015-01-19 12:32 - 2014-11-21 11:41 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe 2015-01-19 12:32 - 2014-11-21 11:41 - 00016384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe 2015-01-19 12:32 - 2014-11-21 11:23 - 00482816 _____ (Microsoft Corporation) C:\Windows\system32\html.iec 2015-01-19 12:32 - 2014-11-21 10:28 - 00386048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec 2015-01-19 12:32 - 2014-11-21 09:55 - 01638912 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2015-01-19 12:32 - 2014-11-21 08:53 - 01638912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb 2015-01-19 12:32 - 2014-10-14 03:16 - 00155064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys 2015-01-19 12:32 - 2014-10-14 03:13 - 00683520 _____ (Microsoft Corporation) C:\Windows\system32\termsrv.dll 2015-01-19 12:32 - 2014-10-14 03:12 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll 2015-01-19 12:32 - 2014-10-14 03:09 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll 2015-01-19 12:32 - 2014-10-14 03:07 - 00681984 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll 2015-01-19 12:32 - 2014-10-14 02:50 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll 2015-01-19 12:32 - 2014-10-14 02:49 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll 2015-01-19 12:32 - 2014-10-14 02:47 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll 2015-01-19 12:32 - 2014-10-14 02:46 - 00681984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll 2015-01-19 12:32 - 2014-06-18 23:23 - 01943696 _____ (Microsoft Corporation) C:\Windows\system32\dfshim.dll 2015-01-19 12:32 - 2014-06-18 23:23 - 01131664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dfshim.dll 2015-01-19 12:32 - 2014-06-18 23:23 - 00156824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscorier.dll 2015-01-19 12:32 - 2014-06-18 23:23 - 00156312 _____ (Microsoft Corporation) C:\Windows\system32\mscorier.dll 2015-01-19 12:32 - 2014-06-18 23:23 - 00081560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscories.dll 2015-01-19 12:32 - 2014-06-18 23:23 - 00073880 _____ (Microsoft Corporation) C:\Windows\system32\mscories.dll 2015-01-19 12:32 - 2014-04-25 03:34 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\usp10.dll 2015-01-19 12:32 - 2014-04-25 03:06 - 00626688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usp10.dll 2015-01-19 12:32 - 2014-04-12 03:22 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys 2015-01-19 12:32 - 2014-04-12 03:19 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll 2015-01-19 12:32 - 2014-04-12 03:19 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe 2015-01-19 12:32 - 2014-04-12 03:19 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll 2015-01-19 12:32 - 2014-04-12 03:19 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll 2015-01-19 12:32 - 2014-04-05 03:47 - 01903552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys 2015-01-19 12:32 - 2014-04-05 03:47 - 00288192 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS 2015-01-19 12:32 - 2014-03-26 15:44 - 02002432 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll 2015-01-19 12:32 - 2014-03-26 15:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml6r.dll 2015-01-19 12:32 - 2014-03-26 15:27 - 01389056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll 2015-01-19 12:32 - 2014-03-26 15:25 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6r.dll 2015-01-19 12:32 - 2014-03-25 03:43 - 14175744 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll 2015-01-19 12:32 - 2014-03-25 03:09 - 12874240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll 2015-01-19 12:32 - 2014-01-29 03:32 - 00484864 _____ (Microsoft Corporation) C:\Windows\system32\wer.dll 2015-01-19 12:32 - 2014-01-29 03:06 - 00381440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wer.dll 2015-01-19 12:32 - 2013-11-26 12:40 - 00376768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys 2015-01-19 12:32 - 2013-10-05 21:25 - 01474048 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll 2015-01-19 12:32 - 2013-10-05 20:57 - 01168384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll 2015-01-19 12:32 - 2013-07-09 06:52 - 00224256 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll 2015-01-19 12:32 - 2013-07-09 06:46 - 00184320 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll 2015-01-19 12:32 - 2013-07-09 06:46 - 00139776 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll 2015-01-19 12:32 - 2013-07-09 05:52 - 00175104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll 2015-01-19 12:32 - 2013-07-09 05:46 - 00140288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll 2015-01-19 12:32 - 2013-07-09 05:46 - 00103936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll 2015-01-19 12:32 - 2013-07-04 13:50 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\comctl32.dll 2015-01-19 12:32 - 2013-07-04 12:50 - 00530432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comctl32.dll 2015-01-19 12:32 - 2013-04-12 15:45 - 01656680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys 2015-01-19 12:32 - 2012-10-03 18:44 - 00216576 _____ (Microsoft Corporation) C:\Windows\system32\ncsi.dll 2015-01-19 12:32 - 2012-10-03 18:44 - 00070656 _____ (Microsoft Corporation) C:\Windows\system32\nlaapi.dll 2015-01-19 12:32 - 2011-11-17 07:35 - 00395776 _____ (Microsoft Corporation) C:\Windows\system32\webio.dll 2015-01-19 12:32 - 2011-11-17 06:35 - 00314880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webio.dll 2015-01-19 12:32 - 2011-10-26 06:25 - 01572864 _____ (Microsoft Corporation) C:\Windows\system32\quartz.dll 2015-01-19 12:32 - 2011-10-26 06:25 - 00366592 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll 2015-01-19 12:32 - 2011-10-26 05:32 - 01328128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\quartz.dll 2015-01-19 12:32 - 2011-10-26 05:32 - 00514560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qdvd.dll 2015-01-19 12:32 - 2011-07-09 03:46 - 00288768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys 2015-01-19 12:32 - 2011-06-15 11:02 - 00212992 _____ (Microsoft Corporation) C:\Windows\system32\odbctrac.dll 2015-01-19 12:32 - 2011-06-15 11:02 - 00163840 _____ (Microsoft Corporation) C:\Windows\system32\odbccp32.dll 2015-01-19 12:32 - 2011-06-15 11:02 - 00106496 _____ (Microsoft Corporation) C:\Windows\system32\odbccu32.dll 2015-01-19 12:32 - 2011-06-15 11:02 - 00106496 _____ (Microsoft Corporation) C:\Windows\system32\odbccr32.dll 2015-01-19 12:32 - 2011-06-15 09:55 - 00319488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\odbcjt32.dll 2015-01-19 12:32 - 2011-06-15 09:55 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\odbctrac.dll 2015-01-19 12:32 - 2011-06-15 09:55 - 00122880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\odbccp32.dll 2015-01-19 12:32 - 2011-06-15 09:55 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\odbccu32.dll 2015-01-19 12:32 - 2011-06-15 09:55 - 00081920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\odbccr32.dll 2015-01-19 12:32 - 2011-04-27 03:40 - 00158208 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys 2015-01-19 12:32 - 2011-04-27 03:39 - 00128000 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys 2015-01-19 12:32 - 2010-12-23 11:42 - 01118720 _____ (Microsoft Corporation) C:\Windows\system32\sbe.dll 2015-01-19 12:32 - 2010-12-23 11:42 - 00961024 _____ (Microsoft Corporation) C:\Windows\system32\CPFilters.dll 2015-01-19 12:32 - 2010-12-23 11:36 - 00259072 _____ (Microsoft Corporation) C:\Windows\system32\mpg2splt.ax 2015-01-19 12:32 - 2010-12-23 06:54 - 00850944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sbe.dll 2015-01-19 12:32 - 2010-12-23 06:54 - 00642048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CPFilters.dll 2015-01-19 12:32 - 2010-12-23 06:50 - 00199680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mpg2splt.ax 2015-01-19 12:31 - 2014-12-19 02:46 - 00141312 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys 2015-01-19 12:31 - 2014-12-12 06:35 - 05553592 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe 2015-01-19 12:31 - 2014-12-12 06:31 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll 2015-01-19 12:31 - 2014-12-12 06:31 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe 2015-01-19 12:31 - 2014-12-12 06:31 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll 2015-01-19 12:31 - 2014-12-12 06:11 - 03971512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe 2015-01-19 12:31 - 2014-12-12 06:11 - 03916728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe 2015-01-19 12:31 - 2014-12-12 06:07 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll 2015-01-19 12:31 - 2014-11-11 04:09 - 01190912 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll 2015-01-19 12:31 - 2014-11-11 03:44 - 01011200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll 2015-01-19 12:31 - 2014-10-30 03:04 - 00610304 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll 2015-01-19 12:31 - 2014-10-30 02:46 - 00428544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll 2015-01-19 12:31 - 2014-10-03 03:12 - 00500224 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll 2015-01-19 12:31 - 2014-10-03 03:11 - 00680960 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll 2015-01-19 12:31 - 2014-10-03 03:11 - 00440832 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll 2015-01-19 12:31 - 2014-10-03 03:11 - 00296448 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll 2015-01-19 12:31 - 2014-10-03 03:11 - 00284672 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll 2015-01-19 12:31 - 2014-10-03 02:44 - 00442880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AUDIOKSE.dll 2015-01-19 12:31 - 2014-10-03 02:44 - 00374784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioEng.dll 2015-01-19 12:31 - 2014-10-03 02:44 - 00195584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll 2015-01-19 12:31 - 2014-09-19 10:42 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll 2015-01-19 12:31 - 2014-09-04 06:23 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\rastls.dll 2015-01-19 12:31 - 2014-09-04 06:04 - 00372736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rastls.dll 2015-01-19 12:31 - 2014-08-21 07:43 - 01882624 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll 2015-01-19 12:31 - 2014-08-21 07:40 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll 2015-01-19 12:31 - 2014-08-21 07:26 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll 2015-01-19 12:31 - 2014-08-21 07:23 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll 2015-01-19 12:31 - 2014-08-12 03:02 - 00878080 _____ (Microsoft Corporation) C:\Windows\system32\IMJP10K.DLL 2015-01-19 12:31 - 2014-08-12 02:36 - 00701440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IMJP10K.DLL 2015-01-19 12:31 - 2014-06-18 03:18 - 00692736 _____ (Microsoft Corporation) C:\Windows\system32\osk.exe 2015-01-19 12:31 - 2014-06-18 02:51 - 00646144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\osk.exe 2015-01-19 12:31 - 2014-06-16 03:10 - 00985536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys 2015-01-19 12:31 - 2014-06-06 11:10 - 00624128 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll 2015-01-19 12:31 - 2014-06-06 10:44 - 00509440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll 2015-01-19 12:31 - 2014-06-03 11:02 - 03241984 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll 2015-01-19 12:31 - 2014-06-03 11:02 - 01941504 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll 2015-01-19 12:31 - 2014-06-03 11:02 - 00504320 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll 2015-01-19 12:31 - 2014-06-03 11:02 - 00112064 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe 2015-01-19 12:31 - 2014-06-03 10:29 - 02363392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll 2015-01-19 12:31 - 2014-06-03 10:29 - 01805824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll 2015-01-19 12:31 - 2014-06-03 10:29 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll 2015-01-19 12:31 - 2013-11-27 02:41 - 00343040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys 2015-01-19 12:31 - 2013-11-27 02:41 - 00325120 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys 2015-01-19 12:31 - 2013-11-27 02:41 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys 2015-01-19 12:31 - 2013-11-27 02:41 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys 2015-01-19 12:31 - 2013-11-27 02:41 - 00007808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys 2015-01-19 12:31 - 2013-10-04 03:16 - 00116736 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\drmk.sys 2015-01-19 12:31 - 2013-10-04 02:36 - 00230400 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\portcls.sys 2015-01-19 12:31 - 2013-08-02 03:12 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll 2015-01-19 12:31 - 2013-08-02 03:12 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll 2015-01-19 12:31 - 2013-08-02 02:48 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll 2015-01-19 12:31 - 2013-08-02 01:59 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe 2015-01-19 12:31 - 2013-07-26 03:24 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\shdocvw.dll 2015-01-19 12:31 - 2013-07-26 02:55 - 00180224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shdocvw.dll 2015-01-19 12:31 - 2013-07-25 10:25 - 01888768 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL 2015-01-19 12:31 - 2013-07-25 09:57 - 01620992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVDECOD.DLL 2015-01-19 12:31 - 2013-07-20 11:33 - 00124112 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll 2015-01-19 12:31 - 2013-07-20 11:33 - 00102608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll 2015-01-19 12:31 - 2013-07-12 11:41 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbcir.sys 2015-01-19 12:31 - 2013-07-12 11:40 - 00109824 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBAUDIO.sys 2015-01-19 12:31 - 2013-06-25 23:55 - 00785624 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Wdf01000.sys 2015-01-19 12:31 - 2013-06-06 06:50 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll 2015-01-19 12:31 - 2013-06-06 06:49 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll 2015-01-19 12:31 - 2013-06-06 06:49 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll 2015-01-19 12:31 - 2013-06-06 06:47 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll 2015-01-19 12:31 - 2013-06-06 05:57 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll 2015-01-19 12:31 - 2013-06-06 05:51 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll 2015-01-19 12:31 - 2013-06-06 05:50 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll 2015-01-19 12:31 - 2013-06-06 04:30 - 00368128 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll 2015-01-19 12:31 - 2013-06-06 04:01 - 00295424 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll 2015-01-19 12:31 - 2013-06-06 04:01 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll 2015-01-19 12:31 - 2013-04-26 06:51 - 00751104 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll 2015-01-19 12:31 - 2013-04-26 05:55 - 00492544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\win32spl.dll 2015-01-19 12:31 - 2013-04-10 07:01 - 00265064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms1.sys 2015-01-19 12:31 - 2013-02-27 06:47 - 00070144 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll 2015-01-19 12:31 - 2013-02-12 05:12 - 00019968 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usb8023.sys 2015-01-19 12:31 - 2012-11-23 04:13 - 00068608 _____ (Microsoft Corporation) C:\Windows\system32\taskhost.exe 2015-01-19 12:31 - 2012-11-02 06:59 - 00478208 _____ (Microsoft Corporation) C:\Windows\system32\dpnet.dll 2015-01-19 12:31 - 2012-11-02 06:11 - 00376832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpnet.dll 2015-01-19 12:31 - 2012-09-25 23:47 - 00078336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\synceng.dll 2015-01-19 12:31 - 2012-09-25 23:46 - 00095744 _____ (Microsoft Corporation) C:\Windows\system32\synceng.dll 2015-01-19 12:31 - 2012-06-16 06:15 - 00911360 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll 2015-01-19 12:31 - 2012-06-16 05:26 - 00717824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll 2015-01-19 12:31 - 2012-03-17 08:58 - 00075120 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\partmgr.sys 2015-01-19 12:31 - 2011-08-17 06:26 - 00613888 _____ (Microsoft Corporation) C:\Windows\system32\psisdecd.dll 2015-01-19 12:31 - 2011-08-17 06:25 - 00108032 _____ (Microsoft Corporation) C:\Windows\system32\psisrndr.ax 2015-01-19 12:31 - 2011-08-17 05:24 - 00465408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\psisdecd.dll 2015-01-19 12:31 - 2011-08-17 05:19 - 00075776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\psisrndr.ax 2015-01-19 12:31 - 2011-05-24 12:42 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\umpnpmgr.dll 2015-01-19 12:31 - 2011-05-24 11:40 - 00064512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\devobj.dll 2015-01-19 12:31 - 2011-05-24 11:40 - 00044544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\devrtl.dll 2015-01-19 12:31 - 2011-05-24 11:39 - 00145920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cfgmgr32.dll 2015-01-19 12:31 - 2011-05-24 11:37 - 00252928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drvinst.exe 2015-01-19 12:31 - 2011-04-29 04:06 - 00467456 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv.sys 2015-01-19 12:31 - 2011-04-29 04:05 - 00410112 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys 2015-01-19 12:31 - 2011-04-29 04:05 - 00168448 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys 2015-01-19 12:31 - 2011-03-11 07:34 - 01395712 _____ (Microsoft Corporation) C:\Windows\system32\mfc42.dll 2015-01-19 12:31 - 2011-03-11 07:34 - 01359872 _____ (Microsoft Corporation) C:\Windows\system32\mfc42u.dll 2015-01-19 12:31 - 2011-03-11 06:33 - 01164288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc42u.dll 2015-01-19 12:31 - 2011-03-11 06:33 - 01137664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc42.dll 2015-01-19 12:31 - 2011-03-03 07:24 - 00357888 _____ (Microsoft Corporation) C:\Windows\system32\dnsapi.dll 2015-01-19 12:31 - 2011-03-03 07:24 - 00183296 _____ (Microsoft Corporation) C:\Windows\system32\dnsrslvr.dll 2015-01-19 12:31 - 2011-03-03 07:21 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\dnscacheugc.exe 2015-01-19 12:31 - 2011-03-03 06:38 - 00270336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dnsapi.dll 2015-01-19 12:31 - 2011-03-03 06:36 - 00028672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dnscacheugc.exe 2015-01-19 12:31 - 2011-02-05 18:10 - 00642944 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi 2015-01-19 12:31 - 2011-02-05 18:10 - 00020352 _____ (Microsoft Corporation) C:\Windows\system32\kdusb.dll 2015-01-19 12:31 - 2011-02-05 18:10 - 00019328 _____ (Microsoft Corporation) C:\Windows\system32\kd1394.dll 2015-01-19 12:31 - 2011-02-05 18:10 - 00017792 _____ (Microsoft Corporation) C:\Windows\system32\kdcom.dll 2015-01-19 12:31 - 2011-02-05 18:06 - 00605552 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe 2015-01-19 12:31 - 2011-02-05 18:06 - 00566208 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi 2015-01-19 12:31 - 2011-02-05 18:06 - 00518672 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe 2015-01-19 12:31 - 2011-02-03 12:25 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\cdd.dll 2015-01-19 12:30 - 2014-10-25 02:57 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\packager.dll 2015-01-19 12:30 - 2014-10-25 02:32 - 00067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\packager.dll 2015-01-19 12:30 - 2014-10-18 03:05 - 00861696 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll 2015-01-19 12:30 - 2014-10-18 02:33 - 00571904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll 2015-01-19 12:30 - 2014-10-10 01:57 - 03198976 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys 2015-01-19 12:30 - 2014-09-19 10:42 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll 2015-01-19 12:30 - 2014-09-19 10:42 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll 2015-01-19 12:30 - 2014-09-19 10:42 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll 2015-01-19 12:30 - 2014-09-19 10:42 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll 2015-01-19 12:30 - 2014-09-19 10:42 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll 2015-01-19 12:30 - 2014-09-19 10:23 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll 2015-01-19 12:30 - 2014-09-19 10:23 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll 2015-01-19 12:30 - 2014-09-19 10:23 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll 2015-01-19 12:30 - 2014-09-19 10:23 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll 2015-01-19 12:30 - 2014-09-19 10:23 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll 2015-01-19 12:30 - 2014-09-19 10:23 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll 2015-01-19 12:30 - 2014-08-23 03:07 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll 2015-01-19 12:30 - 2014-08-23 02:45 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll 2015-01-19 12:30 - 2014-07-17 03:07 - 03722240 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll 2015-01-19 12:30 - 2014-07-17 03:07 - 01118720 _____ (Microsoft Corporation) C:\Windows\system32\mstsc.exe 2015-01-19 12:30 - 2014-07-17 03:07 - 00455168 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe 2015-01-19 12:30 - 2014-07-17 03:07 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\winsta.dll 2015-01-19 12:30 - 2014-07-17 03:07 - 00150528 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorekmts.dll 2015-01-19 12:30 - 2014-07-17 02:40 - 00157696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winsta.dll 2015-01-19 12:30 - 2014-07-17 02:39 - 03221504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll 2015-01-19 12:30 - 2014-07-17 02:39 - 01051136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstsc.exe 2015-01-19 12:30 - 2014-07-17 02:39 - 00131584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aaclient.dll 2015-01-19 12:30 - 2014-07-17 02:21 - 00212480 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpwd.sys 2015-01-19 12:30 - 2014-07-17 02:21 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys 2015-01-19 12:30 - 2014-07-14 03:02 - 01216000 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll 2015-01-19 12:30 - 2014-07-14 02:40 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll 2015-01-19 12:30 - 2014-03-04 10:44 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll 2015-01-19 12:30 - 2014-03-04 10:44 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll 2015-01-19 12:30 - 2014-03-04 10:44 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll 2015-01-19 12:30 - 2014-03-04 10:44 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll 2015-01-19 12:30 - 2014-03-04 10:44 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll 2015-01-19 12:30 - 2014-03-04 10:17 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll 2015-01-19 12:30 - 2014-03-04 10:16 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll 2015-01-19 12:30 - 2014-03-04 10:16 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe 2015-01-19 12:30 - 2014-03-04 10:16 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll 2015-01-19 12:30 - 2014-03-04 09:09 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe 2015-01-19 12:30 - 2014-03-04 09:09 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe 2015-01-19 12:30 - 2013-10-12 03:32 - 00150016 _____ (Microsoft Corporation) C:\Windows\system32\wshom.ocx 2015-01-19 12:30 - 2013-10-12 03:31 - 00202752 _____ (Microsoft Corporation) C:\Windows\system32\scrrun.dll 2015-01-19 12:30 - 2013-10-12 03:30 - 00830464 _____ (Microsoft Corporation) C:\Windows\system32\nshwfp.dll 2015-01-19 12:30 - 2013-10-12 03:29 - 00859648 _____ (Microsoft Corporation) C:\Windows\system32\IKEEXT.DLL 2015-01-19 12:30 - 2013-10-12 03:29 - 00324096 _____ (Microsoft Corporation) C:\Windows\system32\FWPUCLNT.DLL 2015-01-19 12:30 - 2013-10-12 03:04 - 00121856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wshom.ocx 2015-01-19 12:30 - 2013-10-12 03:03 - 00656896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nshwfp.dll 2015-01-19 12:30 - 2013-10-12 03:03 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scrrun.dll 2015-01-19 12:30 - 2013-10-12 03:01 - 00216576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FWPUCLNT.DLL 2015-01-19 12:30 - 2013-10-12 02:33 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\wscript.exe 2015-01-19 12:30 - 2013-10-12 02:33 - 00156160 _____ (Microsoft Corporation) C:\Windows\system32\cscript.exe 2015-01-19 12:30 - 2013-10-12 02:15 - 00141824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wscript.exe 2015-01-19 12:30 - 2013-10-12 02:15 - 00126976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cscript.exe 2015-01-19 12:30 - 2013-08-27 10:01 - 01545728 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll 2015-01-19 12:30 - 2013-08-27 10:01 - 01143296 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll 2015-01-19 12:30 - 2013-08-27 09:21 - 01077760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll 2015-01-19 12:30 - 2013-08-02 03:14 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll 2015-01-19 12:30 - 2013-08-02 03:12 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll 2015-01-19 12:30 - 2013-08-02 03:12 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll 2015-01-19 12:30 - 2013-08-02 03:12 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll 2015-01-19 12:30 - 2013-08-02 03:12 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll 2015-01-19 12:30 - 2013-08-02 03:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll 2015-01-19 12:30 - 2013-08-02 03:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll 2015-01-19 12:30 - 2013-08-02 03:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll 2015-01-19 12:30 - 2013-08-02 03:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll 2015-01-19 12:30 - 2013-08-02 03:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll 2015-01-19 12:30 - 2013-08-02 03:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll 2015-01-19 12:30 - 2013-08-02 03:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll 2015-01-19 12:30 - 2013-08-02 03:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll 2015-01-19 12:30 - 2013-08-02 03:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll 2015-01-19 12:30 - 2013-08-02 03:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll 2015-01-19 12:30 - 2013-08-02 03:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll 2015-01-19 12:30 - 2013-08-02 03:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll 2015-01-19 12:30 - 2013-08-02 03:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll 2015-01-19 12:30 - 2013-08-02 03:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll 2015-01-19 12:30 - 2013-08-02 03:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll 2015-01-19 12:30 - 2013-08-02 03:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll 2015-01-19 12:30 - 2013-08-02 03:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll 2015-01-19 12:30 - 2013-08-02 03:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll 2015-01-19 12:30 - 2013-08-02 03:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll 2015-01-19 12:30 - 2013-08-02 03:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll 2015-01-19 12:30 - 2013-08-02 03:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll 2015-01-19 12:30 - 2013-08-02 03:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll 2015-01-19 12:30 - 2013-08-02 03:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll 2015-01-19 12:30 - 2013-08-02 03:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll 2015-01-19 12:30 - 2013-08-02 02:48 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll 2015-01-19 12:30 - 2013-08-02 02:48 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll 2015-01-19 12:30 - 2013-08-02 02:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll 2015-01-19 12:30 - 2013-08-02 02:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll 2015-01-19 12:30 - 2013-08-02 02:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll 2015-01-19 12:30 - 2013-08-02 02:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll 2015-01-19 12:30 - 2013-08-02 02:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll 2015-01-19 12:30 - 2013-08-02 02:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll 2015-01-19 12:30 - 2013-08-02 02:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll 2015-01-19 12:30 - 2013-08-02 02:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll 2015-01-19 12:30 - 2013-08-02 02:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll 2015-01-19 12:30 - 2013-08-02 02:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll 2015-01-19 12:30 - 2013-08-02 02:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll 2015-01-19 12:30 - 2013-08-02 02:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll 2015-01-19 12:30 - 2013-08-02 02:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll 2015-01-19 12:30 - 2013-08-02 02:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll 2015-01-19 12:30 - 2013-08-02 02:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll 2015-01-19 12:30 - 2013-08-02 02:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll 2015-01-19 12:30 - 2013-08-02 02:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll 2015-01-19 12:30 - 2013-08-02 02:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll 2015-01-19 12:30 - 2013-08-02 02:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll 2015-01-19 12:30 - 2013-08-02 02:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll 2015-01-19 12:30 - 2013-08-02 02:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll 2015-01-19 12:30 - 2013-08-02 02:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll 2015-01-19 12:30 - 2013-08-02 02:09 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe 2015-01-19 12:30 - 2013-08-02 01:43 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll 2015-01-19 12:30 - 2013-08-02 01:43 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll 2015-01-19 12:30 - 2013-08-02 01:43 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll 2015-01-19 12:30 - 2013-08-02 01:43 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll 2015-01-19 12:30 - 2013-07-04 13:18 - 00458712 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys 2015-01-19 12:30 - 2013-05-13 06:50 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\certenc.dll 2015-01-19 12:30 - 2013-05-13 04:43 - 01192448 _____ (Microsoft Corporation) C:\Windows\system32\certutil.exe 2015-01-19 12:30 - 2013-05-13 04:08 - 00903168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certutil.exe 2015-01-19 12:30 - 2013-05-13 04:08 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certenc.dll 2015-01-19 12:30 - 2013-02-15 07:08 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\tsgqec.dll 2015-01-19 12:30 - 2013-02-15 07:02 - 00158720 _____ (Microsoft Corporation) C:\Windows\system32\aaclient.dll 2015-01-19 12:30 - 2013-02-15 04:25 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tsgqec.dll 2015-01-19 12:30 - 2012-07-04 23:16 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\netapi32.dll 2015-01-19 12:30 - 2012-07-04 23:13 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\browser.dll 2015-01-19 12:30 - 2012-07-04 23:13 - 00059392 _____ (Microsoft Corporation) C:\Windows\system32\browcli.dll 2015-01-19 12:30 - 2012-07-04 22:16 - 00057344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netapi32.dll 2015-01-19 12:30 - 2012-07-04 22:14 - 00041984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\browcli.dll 2015-01-19 12:30 - 2012-06-06 07:02 - 01133568 _____ (Microsoft Corporation) C:\Windows\system32\cdosys.dll 2015-01-19 12:30 - 2012-06-06 06:03 - 00805376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cdosys.dll 2015-01-19 12:30 - 2012-05-14 06:26 - 00956928 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll 2015-01-19 12:30 - 2012-04-26 06:41 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\rdpwsx.dll 2015-01-19 12:30 - 2012-04-26 06:34 - 00009216 _____ (Microsoft Corporation) C:\Windows\system32\rdrmemptylst.exe 2015-01-19 12:30 - 2011-12-16 09:46 - 00634880 _____ (Microsoft Corporation) C:\Windows\system32\msvcrt.dll 2015-01-19 12:30 - 2011-12-16 08:52 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcrt.dll 2015-01-19 12:30 - 2011-10-15 07:31 - 00723456 _____ (Microsoft Corporation) C:\Windows\system32\EncDec.dll 2015-01-19 12:30 - 2011-10-15 06:38 - 00534528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\EncDec.dll 2015-01-19 12:30 - 2011-08-27 06:37 - 00331776 _____ (Microsoft Corporation) C:\Windows\system32\oleacc.dll 2015-01-19 12:30 - 2011-08-27 05:26 - 00233472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleacc.dll 2015-01-19 12:30 - 2011-05-03 06:29 - 00976896 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll 2015-01-19 12:30 - 2011-05-03 05:30 - 00741376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll 2015-01-19 12:30 - 2011-02-23 05:55 - 00090624 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bowser.sys 2015-01-19 12:30 - 2011-02-12 12:34 - 00267776 _____ (Microsoft Corporation) C:\Windows\system32\FXSCOVER.exe 2015-01-18 20:26 - 2012-02-17 07:38 - 01031680 _____ (Microsoft Corporation) C:\Windows\system32\rdpcore.dll 2015-01-18 20:26 - 2012-02-17 06:34 - 00826880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdpcore.dll 2015-01-18 20:26 - 2012-02-17 05:57 - 00023552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdtcp.sys 2015-01-18 20:12 - 2015-01-18 20:12 - 01597660 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI 2015-01-18 20:11 - 2015-01-18 20:11 - 00077832 _____ () C:\Users\Timo Doblinski\AppData\Local\GDIPFONTCACHEV1.DAT 2015-01-18 20:10 - 2015-01-18 20:10 - 00000020 ___SH () C:\Users\Timo Doblinski\ntuser.ini 2015-01-18 20:10 - 2015-01-18 20:10 - 00000000 _SHDL () C:\Users\Public\Documents\Eigene Musik 2015-01-18 20:10 - 2015-01-18 20:10 - 00000000 _SHDL () C:\Users\Public\Documents\Eigene Bilder 2015-01-18 20:10 - 2015-01-18 20:10 - 00000000 _SHDL () C:\Users\Default\Vorlagen 2015-01-18 20:10 - 2015-01-18 20:10 - 00000000 _SHDL () C:\Users\Default\Startmenü 2015-01-18 20:10 - 2015-01-18 20:10 - 00000000 _SHDL () C:\Users\Default\Netzwerkumgebung 2015-01-18 20:10 - 2015-01-18 20:10 - 00000000 _SHDL () C:\Users\Default\Lokale Einstellungen 2015-01-18 20:10 - 2015-01-18 20:10 - 00000000 _SHDL () C:\Users\Default\Eigene Dateien 2015-01-18 20:10 - 2015-01-18 20:10 - 00000000 _SHDL () C:\Users\Default\Druckumgebung 2015-01-18 20:10 - 2015-01-18 20:10 - 00000000 _SHDL () C:\Users\Default\Documents\Eigene Musik 2015-01-18 20:10 - 2015-01-18 20:10 - 00000000 _SHDL () C:\Users\Default\Documents\Eigene Bilder 2015-01-18 20:10 - 2015-01-18 20:10 - 00000000 _SHDL () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programme 2015-01-18 20:10 - 2015-01-18 20:10 - 00000000 _SHDL () C:\Users\Default\AppData\Local\Verlauf 2015-01-18 20:10 - 2015-01-18 20:10 - 00000000 _SHDL () C:\Users\Default\AppData\Local\Anwendungsdaten 2015-01-18 20:10 - 2015-01-18 20:10 - 00000000 _SHDL () C:\Users\Default\Anwendungsdaten 2015-01-18 20:10 - 2015-01-18 20:10 - 00000000 _SHDL () C:\Users\Default User\Documents\Eigene Musik 2015-01-18 20:10 - 2015-01-18 20:10 - 00000000 _SHDL () C:\Users\Default User\Documents\Eigene Bilder 2015-01-18 20:10 - 2015-01-18 20:10 - 00000000 _SHDL () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programme 2015-01-18 20:10 - 2015-01-18 20:10 - 00000000 _SHDL () C:\Users\Default User\AppData\Local\Verlauf 2015-01-18 20:10 - 2015-01-18 20:10 - 00000000 _SHDL () C:\Users\Default User\AppData\Local\Anwendungsdaten 2015-01-18 20:10 - 2015-01-18 20:10 - 00000000 _SHDL () C:\ProgramData\Vorlagen 2015-01-18 20:10 - 2015-01-18 20:10 - 00000000 _SHDL () C:\ProgramData\Startmenü 2015-01-18 20:10 - 2015-01-18 20:10 - 00000000 _SHDL () C:\ProgramData\Microsoft\Windows\Start Menu\Programme 2015-01-18 20:10 - 2015-01-18 20:10 - 00000000 _SHDL () C:\ProgramData\Favoriten 2015-01-18 20:10 - 2015-01-18 20:10 - 00000000 _SHDL () C:\ProgramData\Dokumente 2015-01-18 20:10 - 2015-01-18 20:10 - 00000000 _SHDL () C:\ProgramData\Anwendungsdaten 2015-01-18 20:10 - 2015-01-18 20:10 - 00000000 _SHDL () C:\Program Files\Gemeinsame Dateien 2015-01-18 20:09 - 2014-05-14 17:23 - 02477536 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll 2015-01-18 20:09 - 2014-05-14 17:23 - 00700384 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll 2015-01-18 20:09 - 2014-05-14 17:23 - 00581600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll 2015-01-18 20:09 - 2014-05-14 17:23 - 00058336 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe 2015-01-18 20:09 - 2014-05-14 17:23 - 00044512 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll 2015-01-18 20:09 - 2014-05-14 17:23 - 00038880 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll 2015-01-18 20:09 - 2014-05-14 17:23 - 00036320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll 2015-01-18 20:09 - 2014-05-14 17:21 - 02620928 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll 2015-01-18 20:09 - 2014-05-14 17:20 - 00097792 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll 2015-01-18 20:09 - 2014-05-14 17:17 - 00092672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll 2015-01-18 20:09 - 2014-05-14 09:23 - 00198600 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll 2015-01-18 20:09 - 2014-05-14 09:23 - 00179656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll 2015-01-18 20:09 - 2014-05-14 09:20 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe 2015-01-18 20:09 - 2014-05-14 09:17 - 00033792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe 2015-01-18 20:08 - 2012-07-26 05:55 - 00054376 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdfLdr.sys 2015-01-18 20:08 - 2012-07-26 03:36 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\Wdfres.dll 2015-01-18 20:08 - 2012-06-02 15:35 - 00000003 _____ () C:\Windows\system32\Drivers\MsftWdf_Kernel_01011_Inbox_Critical.Wdf 2015-01-18 20:05 - 2015-01-18 20:05 - 00022960 _____ () C:\Windows\system32\emptyregdb.dat 2015-01-18 20:04 - 2015-01-18 20:04 - 00000000 ____D () C:\Users\Default\AppData\Roaming\Macromedia 2015-01-18 20:04 - 2015-01-18 20:04 - 00000000 ____D () C:\Users\Default User\AppData\Roaming\Macromedia 2015-01-18 19:58 - 2015-01-26 23:53 - 00000000 ____D () C:\Users\Timo Doblinski 2015-01-18 19:58 - 2015-01-18 19:58 - 00001345 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk 2015-01-18 19:58 - 2015-01-18 19:58 - 00001326 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk 2015-01-18 19:58 - 2015-01-18 19:58 - 00000000 _SHDL () C:\Users\Timo Doblinski\Vorlagen 2015-01-18 19:58 - 2015-01-18 19:58 - 00000000 _SHDL () C:\Users\Timo Doblinski\Startmenü 2015-01-18 19:58 - 2015-01-18 19:58 - 00000000 _SHDL () C:\Users\Timo Doblinski\Netzwerkumgebung 2015-01-18 19:58 - 2015-01-18 19:58 - 00000000 _SHDL () C:\Users\Timo Doblinski\Lokale Einstellungen 2015-01-18 19:58 - 2015-01-18 19:58 - 00000000 _SHDL () C:\Users\Timo Doblinski\Eigene Dateien 2015-01-18 19:58 - 2015-01-18 19:58 - 00000000 _SHDL () C:\Users\Timo Doblinski\Druckumgebung 2015-01-18 19:58 - 2015-01-18 19:58 - 00000000 _SHDL () C:\Users\Timo Doblinski\Documents\Eigene Musik 2015-01-18 19:58 - 2015-01-18 19:58 - 00000000 _SHDL () C:\Users\Timo Doblinski\Documents\Eigene Bilder 2015-01-18 19:58 - 2015-01-18 19:58 - 00000000 _SHDL () C:\Users\Timo Doblinski\AppData\Roaming\Microsoft\Windows\Start Menu\Programme 2015-01-18 19:58 - 2015-01-18 19:58 - 00000000 _SHDL () C:\Users\Timo Doblinski\AppData\Local\Verlauf 2015-01-18 19:58 - 2015-01-18 19:58 - 00000000 _SHDL () C:\Users\Timo Doblinski\AppData\Local\Anwendungsdaten 2015-01-18 19:58 - 2015-01-18 19:58 - 00000000 _SHDL () C:\Users\Timo Doblinski\Anwendungsdaten 2015-01-18 19:58 - 2009-07-14 05:54 - 00000000 ___RD () C:\Users\Timo Doblinski\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories 2015-01-18 19:58 - 2009-07-14 05:49 - 00000000 ___RD () C:\Users\Timo Doblinski\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance 2015-01-18 19:57 - 2015-01-25 22:15 - 00000000 ____D () C:\ProgramData\NVIDIA Corporation 2015-01-18 19:57 - 2015-01-25 22:13 - 00000000 ____D () C:\Program Files\NVIDIA Corporation 2015-01-18 19:57 - 2015-01-25 22:13 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation 2015-01-18 19:57 - 2015-01-18 20:10 - 00009277 _____ () C:\Windows\system32\lvcoinst.log 2015-01-18 19:57 - 2015-01-18 19:57 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_xusb21_01009.Wdf 2015-01-18 19:57 - 2015-01-18 19:57 - 00000000 ____D () C:\Program Files\Common Files\logishrd 2015-01-18 19:56 - 2015-01-28 12:35 - 01755133 _____ () C:\Windows\WindowsUpdate.log 2015-01-18 19:56 - 2015-01-18 19:56 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_User_WpdFs_01_09_00.Wdf 2015-01-18 19:56 - 2015-01-18 19:56 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_iusb3hcs_01009.Wdf 2015-01-18 19:56 - 2015-01-18 19:56 - 00000000 ____D () C:\Windows\SysWOW64\RTCOM 2015-01-18 19:56 - 2015-01-18 19:56 - 00000000 ____D () C:\Program Files\Realtek 2015-01-18 19:54 - 2015-01-18 19:54 - 00262144 _____ () C:\Windows\system32\config\userdiff 2015-01-17 23:53 - 2015-01-27 05:52 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox.bak 2015-01-11 21:16 - 2015-01-18 20:00 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MSI 2015-01-11 21:16 - 2015-01-11 21:16 - 00002067 _____ () C:\Users\Public\Desktop\Super-Charger.lnk 2015-01-11 21:16 - 2015-01-11 21:16 - 00000000 ___HD () C:\SuperChargerProfile 2015-01-11 21:15 - 2015-01-18 20:00 - 00000000 ____D () C:\ProgramData\Qualcomm 2015-01-11 21:15 - 2015-01-18 20:00 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Qualcomm Atheros 2015-01-11 21:15 - 2015-01-18 19:59 - 00000000 ____D () C:\Program Files\Qualcomm Atheros 2015-01-11 21:15 - 2015-01-11 21:15 - 00002783 _____ () C:\Users\Public\Desktop\Killer Network Manager.lnk 2015-01-08 12:50 - 2015-01-08 12:50 - 00021712 _____ (Phoenix Technologies) C:\Windows\SysWOW64\Drivers\DrvAgent64.SYS 2015-01-08 12:50 - 2015-01-08 12:50 - 00000000 ____D () C:\Users\Timo Doblinski\AppData\Local\eSupport.com 2015-01-08 12:47 - 2015-01-18 20:00 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CPUID 2015-01-06 20:13 - 2015-01-18 20:03 - 00000000 ____D () C:\Users\Timo Doblinski\Desktop\Ultimate Twitch Bot 2015-01-06 15:40 - 2015-01-06 15:41 - 25956855 _____ () C:\Users\Timo Doblinski\Desktop\intro stream.mp4 2015-01-06 14:36 - 2015-01-26 01:10 - 00000000 ____D () C:\Program Files (x86)\Free Codec Pack 2015-01-06 00:48 - 2015-01-18 20:03 - 00000000 ____D () C:\Users\Timo Doblinski\Desktop\clrbrowser4_repack 2015-01-05 03:33 - 2015-01-18 20:03 - 00000000 ____D () C:\Users\Timo Doblinski\AppData\Roaming\WinRAR 2015-01-05 03:32 - 2015-01-18 20:03 - 00000000 ____D () C:\Users\Timo Doblinski\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR 2015-01-05 03:32 - 2015-01-18 20:00 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR 2015-01-05 03:32 - 2015-01-18 19:59 - 00000000 ____D () C:\Program Files\WinRAR 2014-12-29 17:06 - 2015-01-26 01:10 - 00000000 ____D () C:\Users\Timo Doblinski\AppData\Roaming\DVDVideoSoft ==================== One Month Modified Files and Folders ======= (If an entry is included in the fixlist, the file\folder will be moved.) 2015-01-28 12:29 - 2014-04-16 19:52 - 00001106 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2015-01-28 12:29 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT 2015-01-28 03:20 - 2014-04-16 20:18 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job 2015-01-28 03:06 - 2014-04-16 20:06 - 00000000 ____D () C:\Users\Timo Doblinski\AppData\Roaming\TS3Client 2015-01-28 02:41 - 2014-04-16 19:52 - 00001110 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2015-01-28 02:00 - 2014-04-16 20:01 - 00000000 ____D () C:\Users\Timo Doblinski\AppData\Local\Adobe 2015-01-27 22:11 - 2014-11-16 16:09 - 00000000 ____D () C:\Users\Timo Doblinski\AppData\Roaming\Spotify 2015-01-27 13:05 - 2014-11-11 03:06 - 00000000 ____D () C:\Users\Timo Doblinski\AppData\Roaming\OBS 2015-01-27 12:58 - 2009-07-14 05:45 - 00028720 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2015-01-27 12:58 - 2009-07-14 05:45 - 00028720 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2015-01-27 12:57 - 2011-04-12 08:43 - 00698688 _____ () C:\Windows\system32\perfh007.dat 2015-01-27 12:57 - 2011-04-12 08:43 - 00148828 _____ () C:\Windows\system32\perfc007.dat 2015-01-27 12:57 - 2009-07-14 06:13 - 01618320 _____ () C:\Windows\system32\PerfStringBackup.INI 2015-01-27 12:50 - 2014-04-16 20:00 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service 2015-01-27 02:07 - 2014-06-13 11:03 - 00000000 ____D () C:\Users\Timo Doblinski\Desktop\Dobs 2015-01-26 17:53 - 2014-11-16 16:09 - 00000000 ____D () C:\Users\Timo Doblinski\AppData\Local\Spotify 2015-01-26 17:00 - 2014-11-16 18:31 - 00000132 _____ () C:\Users\Timo Doblinski\AppData\Roaming\Adobe CS5-Voreinstellungen für PNG-Format 2015-01-25 22:46 - 2014-05-12 16:53 - 00000000 ____D () C:\Users\Timo Doblinski\AppData\Roaming\.minecraft 2015-01-25 22:15 - 2014-04-16 20:57 - 00000000 ____D () C:\Users\Timo Doblinski\AppData\Local\NVIDIA Corporation 2015-01-25 22:13 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\Help 2015-01-25 21:00 - 2014-04-18 11:45 - 00000000 ____D () C:\Windows\system32\MRT 2015-01-25 15:34 - 2014-05-19 22:45 - 00000000 ____D () C:\Users\Timo Doblinski\AppData\Roaming\Skype 2015-01-25 14:20 - 2014-04-16 20:18 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater 2015-01-25 14:20 - 2014-04-16 20:01 - 00701616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2015-01-25 14:20 - 2014-04-16 20:01 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2015-01-24 18:48 - 2014-11-11 03:06 - 00000000 ____D () C:\Program Files (x86)\OBS 2015-01-24 17:12 - 2014-04-23 21:03 - 00000000 ____D () C:\Users\Timo Doblinski\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam 2015-01-24 13:49 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\rescache 2015-01-24 12:48 - 2014-08-17 23:41 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69 2015-01-24 12:47 - 2014-07-17 17:14 - 00000000 ____D () C:\ProgramData\Apple 2015-01-24 12:32 - 2011-04-12 08:54 - 00000000 ___RD () C:\Users\Public\Recorded TV 2015-01-24 12:03 - 2014-04-17 00:58 - 00000000 ____D () C:\ProgramData\Oracle 2015-01-23 11:10 - 2014-04-28 23:18 - 00000000 ____D () C:\Users\Timo Doblinski\Documents\My Games 2015-01-23 10:59 - 2014-04-16 19:52 - 00000000 ____D () C:\Users\Timo Doblinski\AppData\Local\Google 2015-01-22 04:39 - 2014-04-25 22:06 - 00000000 ____D () C:\Users\Timo Doblinski\AppData\Local\CrashDumps 2015-01-20 12:23 - 2009-07-14 05:45 - 00394368 _____ () C:\Windows\system32\FNTCACHE.DAT 2015-01-20 03:33 - 2011-04-12 08:55 - 00000000 ____D () C:\Program Files\Windows Journal 2015-01-20 03:33 - 2009-07-14 06:32 - 00000000 ____D () C:\Program Files\Windows Defender 2015-01-20 03:33 - 2009-07-14 06:32 - 00000000 ____D () C:\Program Files (x86)\Windows Defender 2015-01-20 03:33 - 2009-07-14 04:20 - 00000000 ____D () C:\Program Files\Common Files\System 2015-01-19 17:48 - 2014-04-17 14:36 - 00000000 ____D () C:\Users\Timo Doblinski\AppData\Local\DayZ 2015-01-18 20:20 - 2009-07-14 05:57 - 00001547 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk 2015-01-18 20:10 - 2014-04-14 18:28 - 00000000 __SHD () C:\Recovery 2015-01-18 20:10 - 2009-07-14 04:20 - 00000000 __RHD () C:\Users\Public\Libraries 2015-01-18 20:10 - 2009-07-14 04:20 - 00000000 __RHD () C:\Users\Default 2015-01-18 20:10 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\Recovery 2015-01-18 20:10 - 2009-07-14 04:20 - 00000000 ____D () C:\Program Files\Windows NT 2015-01-18 20:09 - 2009-07-14 06:32 - 00000000 ____D () C:\Windows\system32\restore 2015-01-18 20:06 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\Registration 2015-01-18 20:05 - 2014-10-31 12:28 - 00000000 ____D () C:\Windows\System32\Tasks\OfficeSoftwareProtectionPlatform 2015-01-18 20:04 - 2014-10-25 16:59 - 00000000 ____D () C:\Users\Timo Doblinski\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games 2015-01-18 20:04 - 2009-07-14 04:20 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance 2015-01-18 20:04 - 2009-07-14 04:20 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories 2015-01-18 20:04 - 2009-07-14 04:20 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance 2015-01-18 20:04 - 2009-07-14 04:20 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories 2015-01-18 20:03 - 2014-12-24 09:18 - 00000000 ____D () C:\Users\Timo Doblinski\AppData\Local\Razer 2015-01-18 20:03 - 2014-12-18 22:26 - 00000000 ____D () C:\Users\Timo Doblinski\Documents\SavedGames 2015-01-18 20:03 - 2014-12-18 19:17 - 00000000 ____D () C:\Users\Timo Doblinski\AppData\Roaming\SpaceEngineers 2015-01-18 20:03 - 2014-12-18 01:40 - 00000000 ____D () C:\Users\Timo Doblinski\AppData\Roaming\Cubic 2015-01-18 20:03 - 2014-12-11 20:07 - 00000000 ____D () C:\Users\Timo Doblinski\Desktop\YouTube AresLPS 2015-01-18 20:03 - 2014-12-02 16:25 - 00000000 ____D () C:\Users\Timo Doblinski\Documents\TeeBoard 2015-01-18 20:03 - 2014-12-02 16:25 - 00000000 ____D () C:\Users\Timo Doblinski\AppData\Roaming\be.gip.twitch.TeeBoard 2015-01-18 20:03 - 2014-11-29 12:58 - 00000000 ____D () C:\Users\Timo Doblinski\AppData\Roaming\dekovir 2015-01-18 20:03 - 2014-11-17 22:01 - 00000000 ____D () C:\Users\Timo Doblinski\Documents\Streamtip 2015-01-18 20:03 - 2014-11-17 22:01 - 00000000 ____D () C:\Users\Timo Doblinski\AppData\Local\streamtip-alerter 2015-01-18 20:03 - 2014-11-14 21:44 - 00000000 ____D () C:\Users\Timo Doblinski\Documents\telltale games 2015-01-18 20:03 - 2014-11-13 15:47 - 00000000 ____D () C:\Users\Timo Doblinski\AppData\Roaming\TideSDK 2015-01-18 20:03 - 2014-11-11 23:35 - 00000000 ____D () C:\Users\Timo Doblinski\AppData\Roaming\Tunngle 2015-01-18 20:03 - 2014-11-11 03:06 - 00000000 ____D () C:\Users\Timo Doblinski\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Open Broadcaster Software 2015-01-18 20:03 - 2014-11-07 00:00 - 00000000 ____D () C:\Users\Timo Doblinski\Zomboid 2015-01-18 20:03 - 2014-09-02 21:53 - 00000000 ____D () C:\Users\Timo Doblinski\Documents\My Curse 2015-01-18 20:03 - 2014-09-02 21:53 - 00000000 ____D () C:\Users\Timo Doblinski\AppData\Roaming\Curse Advertising 2015-01-18 20:03 - 2014-08-16 21:17 - 00000000 ____D () C:\Users\Timo Doblinski\Documents\Electronic Arts 2015-01-18 20:03 - 2014-08-14 20:57 - 00000000 ____D () C:\Users\Timo Doblinski\AppData\Roaming\Oracle 2015-01-18 20:03 - 2014-07-25 18:14 - 00000000 ____D () C:\Users\Timo Doblinski\Desktop\GAMES 2015-01-18 20:03 - 2014-07-17 17:15 - 00000000 ____D () C:\Users\Timo Doblinski\AppData\Roaming\Apple Computer 2015-01-18 20:03 - 2014-07-10 21:45 - 00000000 ____D () C:\Users\Timo Doblinski\AVM_Driver 2015-01-18 20:03 - 2014-07-06 20:50 - 00000000 ____D () C:\Users\Timo Doblinski\Documents\PVZ Garden Warfare 2015-01-18 20:03 - 2014-06-27 20:14 - 00000000 ____D () C:\Users\Timo Doblinski\Documents\Dungeon of the Endless 2015-01-18 20:03 - 2014-06-26 14:17 - 00000000 ____D () C:\Users\Timo Doblinski\AppData\Roaming\WizardWars 2015-01-18 20:03 - 2014-06-23 17:09 - 00000000 ____D () C:\Users\Timo Doblinski\AppData\Roaming\PDAppFlex 2015-01-18 20:03 - 2014-06-23 16:49 - 00000000 ___RD () C:\Users\Timo Doblinski\Creative Cloud Files 2015-01-18 20:03 - 2014-06-23 16:44 - 00000000 ____D () C:\Users\Timo Doblinski\AppData\Local\Windows Live 2015-01-18 20:03 - 2014-06-19 00:54 - 00000000 ____D () C:\Users\Timo Doblinski\AppData\Roaming\Avira 2015-01-18 20:03 - 2014-05-19 22:45 - 00000000 ____D () C:\Users\Timo Doblinski\AppData\Local\Skype 2015-01-18 20:03 - 2014-05-12 17:33 - 00000000 ____D () C:\Users\Timo Doblinski\Desktop\Minecraft 2015-01-18 20:03 - 2014-05-11 22:23 - 00000000 ____D () C:\Users\Timo Doblinski\AppData\Local\SCE 2015-01-18 20:03 - 2014-05-10 12:43 - 00000000 ____D () C:\Users\Timo Doblinski\Documents\CyberLink 2015-01-18 20:03 - 2014-05-06 22:31 - 00000000 ____D () C:\Users\Timo Doblinski\Documents\7 Days To Die 2015-01-18 20:03 - 2014-05-06 21:49 - 00000000 ____D () C:\Users\Timo Doblinski\Documents\Adobe 2015-01-18 20:03 - 2014-04-30 20:29 - 00000000 ____D () C:\Users\Timo Doblinski\Documents\Klei 2015-01-18 20:03 - 2014-04-28 23:18 - 00000000 ____D () C:\Users\Timo Doblinski\AppData\Local\Skyrim 2015-01-18 20:03 - 2014-04-28 00:41 - 00000000 ____D () C:\Users\Timo Doblinski\AppData\Roaming\Running with rifles 2015-01-18 20:03 - 2014-04-25 20:55 - 00000000 ____D () C:\Users\Timo Doblinski\AppData\Roaming\Audacity 2015-01-18 20:03 - 2014-04-24 14:52 - 00000000 ____D () C:\Users\Timo Doblinski\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ubisoft 2015-01-18 20:03 - 2014-04-24 14:52 - 00000000 ____D () C:\Users\Timo Doblinski\AppData\Local\Ubisoft Game Launcher 2015-01-18 20:03 - 2014-04-24 14:51 - 00000000 ____D () C:\Users\Timo Doblinski\Documents\Assassin's Creed IV Black Flag 2015-01-18 20:03 - 2014-04-24 14:08 - 00000000 ____D () C:\Users\Timo Doblinski\AppData\Roaming\No Company Name 2015-01-18 20:03 - 2014-04-23 16:43 - 00000000 ____D () C:\Users\Timo Doblinski\AppData\Local\TechSmith 2015-01-18 20:03 - 2014-04-23 15:37 - 00000000 ____D () C:\Users\Timo Doblinski\Desktop\AresLPS 2015-01-18 20:03 - 2014-04-23 14:48 - 00000000 ____D () C:\Users\Timo Doblinski\Documents\Camtasia Studio 2015-01-18 20:03 - 2014-04-23 14:48 - 00000000 ____D () C:\Users\Timo Doblinski\AppData\Roaming\TechSmith 2015-01-18 20:03 - 2014-04-19 10:07 - 00000000 ____D () C:\Users\Timo Doblinski\AppData\Roaming\LolClient 2015-01-18 20:03 - 2014-04-19 09:41 - 00000000 ____D () C:\Users\Timo Doblinski\AppData\Roaming\Riot Games 2015-01-18 20:03 - 2014-04-18 14:18 - 00000000 ____D () C:\Users\Timo Doblinski\AppData\Local\PunkBuster 2015-01-18 20:03 - 2014-04-17 22:19 - 00000000 ____D () C:\Users\Timo Doblinski\AppData\Roaming\Wargaming.net 2015-01-18 20:03 - 2014-04-17 14:36 - 00000000 ____D () C:\Users\Timo Doblinski\Documents\DayZ 2015-01-18 20:03 - 2014-04-17 10:41 - 00000000 ____D () C:\Users\Timo Doblinski\AppData\Local\Power2Go 2015-01-18 20:03 - 2014-04-17 08:50 - 00000000 ____D () C:\Users\Timo Doblinski\Documents\Battlefield 4 2015-01-18 20:03 - 2014-04-16 22:32 - 00000000 ____D () C:\Users\Timo Doblinski\Documents\Diablo III 2015-01-18 20:03 - 2014-04-16 22:14 - 00000000 ____D () C:\Users\Timo Doblinski\AppData\Roaming\Origin 2015-01-18 20:03 - 2014-04-16 22:14 - 00000000 ____D () C:\Users\Timo Doblinski\AppData\Local\Origin 2015-01-18 20:03 - 2014-04-16 21:22 - 00000000 ____D () C:\Users\Timo Doblinski\AppData\Roaming\CyberLink 2015-01-18 20:03 - 2014-04-16 21:19 - 00000000 ____D () C:\Users\Timo Doblinski\AppData\Roaming\Battle.net 2015-01-18 20:03 - 2014-04-16 20:19 - 00000000 ____D () C:\Users\Timo Doblinski\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TeamSpeak 3 Client 2015-01-18 20:03 - 2014-04-16 20:19 - 00000000 ____D () C:\Users\Timo Doblinski\AppData\Local\TeamSpeak 3 Client 2015-01-18 20:03 - 2014-04-16 20:12 - 00000000 ____D () C:\Users\Timo Doblinski\AppData\Roaming\Macromedia 2015-01-18 20:03 - 2014-04-16 20:12 - 00000000 ____D () C:\Users\Timo Doblinski\AppData\Roaming\Adobe 2015-01-18 20:03 - 2014-04-16 20:00 - 00000000 ____D () C:\Users\Timo Doblinski\AppData\Roaming\Mozilla 2015-01-18 20:03 - 2014-04-16 20:00 - 00000000 ____D () C:\Users\Timo Doblinski\AppData\Local\Mozilla 2015-01-18 20:02 - 2014-09-02 21:53 - 00000000 ____D () C:\Users\Timo Doblinski\AppData\Local\Apps\2.0 2015-01-18 20:02 - 2014-08-08 02:59 - 00000000 ____D () C:\Users\Timo Doblinski\AppData\Local\LogMeIn 2015-01-18 20:02 - 2014-07-30 11:14 - 00000000 ____D () C:\Users\Timo Doblinski\AppData\Local\Blizzard 2015-01-18 20:02 - 2014-07-17 17:15 - 00000000 ____D () C:\Users\Timo Doblinski\AppData\Local\Apple Computer 2015-01-18 20:02 - 2014-07-17 17:15 - 00000000 ____D () C:\Users\Timo Doblinski\AppData\Local\Apple 2015-01-18 20:02 - 2014-06-23 18:43 - 00000000 ____D () C:\Users\Timo Doblinski\AppData\Local\Akamai 2015-01-18 20:02 - 2014-04-30 15:57 - 00000000 ____D () C:\Users\Timo Doblinski\AppData\Local\Introversion 2015-01-18 20:02 - 2014-04-17 08:50 - 00000000 ____D () C:\Users\Timo Doblinski\AppData\Local\ESN 2015-01-18 20:02 - 2014-04-16 22:29 - 00000000 ____D () C:\Users\Timo Doblinski\AppData\Local\Microsoft Games 2015-01-18 20:02 - 2014-04-16 21:35 - 00000000 ____D () C:\Users\Timo Doblinski\AppData\Local\Creative 2015-01-18 20:02 - 2014-04-16 21:34 - 00000000 ____D () C:\Users\Timo Doblinski\AppData\Local\Intel_Corporation 2015-01-18 20:02 - 2014-04-16 21:22 - 00000000 ____D () C:\Users\Timo Doblinski\AppData\Local\CyberLink 2015-01-18 20:02 - 2014-04-16 21:19 - 00000000 ____D () C:\Users\Timo Doblinski\AppData\Local\Blizzard Entertainment 2015-01-18 20:02 - 2014-04-16 21:19 - 00000000 ____D () C:\Users\Timo Doblinski\AppData\Local\Battle.net 2015-01-18 20:02 - 2014-04-16 20:18 - 00000000 ____D () C:\Users\Timo Doblinski\AppData\Local\Macromedia 2015-01-18 20:00 - 2014-12-24 09:18 - 00000000 ____D () C:\ProgramData\Razer 2015-01-18 20:00 - 2014-12-24 09:18 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Razer 2015-01-18 20:00 - 2014-12-24 09:18 - 00000000 ____D () C:\Program Files (x86)\Razer 2015-01-18 20:00 - 2014-12-18 22:54 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Xbox 360 Accessories 2015-01-18 20:00 - 2014-12-12 22:35 - 00000000 ____D () C:\Program Files (x86)\Microsoft XNA 2015-01-18 20:00 - 2014-12-11 08:54 - 00000000 ____D () C:\Windows\system32\appraiser 2015-01-18 20:00 - 2014-12-09 13:56 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype 2015-01-18 20:00 - 2014-11-04 12:38 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner 2015-01-18 20:00 - 2014-11-03 03:00 - 00000000 ____D () C:\Program Files (x86)\Microsoft ASP.NET 2015-01-18 20:00 - 2014-10-31 12:32 - 00000000 ____D () C:\Program Files (x86)\Microsoft OneDrive 2015-01-18 20:00 - 2014-10-31 12:28 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013 2015-01-18 20:00 - 2014-10-29 23:03 - 00000000 ____D () C:\Windows\Sun 2015-01-18 20:00 - 2014-10-29 23:02 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java 2015-01-18 20:00 - 2014-10-29 23:02 - 00000000 ____D () C:\Program Files (x86)\Java 2015-01-18 20:00 - 2014-10-17 20:36 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Fraps 2015-01-18 20:00 - 2014-09-04 19:58 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Die Sims 4 2015-01-18 20:00 - 2014-08-08 02:59 - 00000000 ____D () C:\ProgramData\LogMeIn 2015-01-18 20:00 - 2014-08-07 00:04 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\World of Warcraft 2015-01-18 20:00 - 2014-07-30 11:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hearthstone 2015-01-18 20:00 - 2014-07-17 17:15 - 00000000 ____D () C:\ProgramData\Apple Computer 2015-01-18 20:00 - 2014-07-16 17:57 - 00000000 ____D () C:\ProgramData\Riot Games 2015-01-18 20:00 - 2014-07-10 21:45 - 00000000 ____D () C:\Windows\AVM_Driver 2015-01-18 20:00 - 2014-07-10 21:45 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FRITZ!WLAN 2015-01-18 20:00 - 2014-07-06 20:22 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PVZ Garden Warfare 2015-01-18 20:00 - 2014-06-24 18:49 - 00000000 ____D () C:\ProgramData\WindowsProtectManger 2015-01-18 20:00 - 2014-06-24 18:41 - 00000000 ____D () C:\Program Files (x86)\Microsoft Office 2015-01-18 20:00 - 2014-06-24 18:40 - 00000000 ____D () C:\Program Files (x86)\MSECache 2015-01-18 20:00 - 2014-06-23 16:45 - 00000000 ____D () C:\Windows\de 2015-01-18 20:00 - 2014-06-23 16:45 - 00000000 ____D () C:\Program Files (x86)\Microsoft SQL Server Compact Edition 2015-01-18 20:00 - 2014-06-23 16:44 - 00000000 ____D () C:\Program Files (x86)\Windows Live 2015-01-18 20:00 - 2014-06-19 00:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira 2015-01-18 20:00 - 2014-06-19 00:52 - 00000000 ____D () C:\ProgramData\Avira 2015-01-18 20:00 - 2014-06-18 00:57 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hi-Rez Studios 2015-01-18 20:00 - 2014-06-18 00:57 - 00000000 ____D () C:\ProgramData\Hi-Rez Studios 2015-01-18 20:00 - 2014-05-29 02:18 - 00000000 ____D () C:\ProgramData\SystemRequirementsLab 2015-01-18 20:00 - 2014-05-29 02:18 - 00000000 ____D () C:\Program Files (x86)\SystemRequirementsLab 2015-01-18 20:00 - 2014-05-19 22:45 - 00000000 ___RD () C:\Program Files (x86)\Skype 2015-01-18 20:00 - 2014-05-19 22:45 - 00000000 ____D () C:\ProgramData\Skype 2015-01-18 20:00 - 2014-05-06 23:04 - 00000000 ___SD () C:\Windows\system32\CompatTel 2015-01-18 20:00 - 2014-04-28 00:41 - 00000000 ____D () C:\Program Files (x86)\OpenAL 2015-01-18 20:00 - 2014-04-24 14:52 - 00000000 ____D () C:\Program Files (x86)\Ubisoft 2015-01-18 20:00 - 2014-04-23 19:43 - 00000000 ____D () C:\ProgramData\regid.1986-12.com.adobe 2015-01-18 20:00 - 2014-04-23 19:42 - 00000000 ____D () C:\ProgramData\Adobe 2015-01-18 20:00 - 2014-04-23 14:48 - 00000000 ____D () C:\ProgramData\TechSmith 2015-01-18 20:00 - 2014-04-23 14:48 - 00000000 ____D () C:\ProgramData\regid.1995-08.com.techsmith 2015-01-18 20:00 - 2014-04-23 14:48 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TechSmith 2015-01-18 20:00 - 2014-04-23 14:48 - 00000000 ____D () C:\Program Files (x86)\QuickTime 2015-01-18 20:00 - 2014-04-19 09:43 - 00000000 __SHD () C:\Windows\SysWOW64\AI_RecycleBin 2015-01-18 20:00 - 2014-04-19 09:43 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\League of Legends 2015-01-18 20:00 - 2014-04-19 09:42 - 00000000 ____D () C:\Program Files (x86)\Pando Networks 2015-01-18 20:00 - 2014-04-17 21:26 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\World of Tanks 2015-01-18 20:00 - 2014-04-17 10:48 - 00000000 ____D () C:\ProgramData\Nero 2015-01-18 20:00 - 2014-04-17 10:48 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nero 2015-01-18 20:00 - 2014-04-17 10:48 - 00000000 ____D () C:\Program Files (x86)\Nero 2015-01-18 20:00 - 2014-04-17 08:25 - 00000000 ____D () C:\ProgramData\Package Cache 2015-01-18 20:00 - 2014-04-17 08:25 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battlefield 4 2015-01-18 20:00 - 2014-04-17 00:58 - 00000000 ____D () C:\ProgramData\Sun 2015-01-18 20:00 - 2014-04-16 22:15 - 00000000 ____D () C:\Program Files (x86)\Origin Games 2015-01-18 20:00 - 2014-04-16 22:05 - 00000000 ____D () C:\ProgramData\Origin 2015-01-18 20:00 - 2014-04-16 22:05 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Origin 2015-01-18 20:00 - 2014-04-16 22:05 - 00000000 ____D () C:\ProgramData\Electronic Arts 2015-01-18 20:00 - 2014-04-16 22:05 - 00000000 ____D () C:\Program Files (x86)\Origin 2015-01-18 20:00 - 2014-04-16 21:44 - 00000000 ____D () C:\Users\Public\CyberLink 2015-01-18 20:00 - 2014-04-16 21:28 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LG Tool Kit 2015-01-18 20:00 - 2014-04-16 21:28 - 00000000 ____D () C:\Program Files (x86)\lg_fwupdate 2015-01-18 20:00 - 2014-04-16 21:22 - 00000000 ____D () C:\ProgramData\install_clap 2015-01-18 20:00 - 2014-04-16 21:21 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Diablo III 2015-01-18 20:00 - 2014-04-16 21:20 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink Media Suite 2015-01-18 20:00 - 2014-04-16 21:20 - 00000000 ____D () C:\ProgramData\CLSK 2015-01-18 20:00 - 2014-04-16 21:20 - 00000000 ____D () C:\Program Files (x86)\CyberLink 2015-01-18 20:00 - 2014-04-16 21:19 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battle.net 2015-01-18 20:00 - 2014-04-16 21:19 - 00000000 ____D () C:\ProgramData\Blizzard Entertainment 2015-01-18 20:00 - 2014-04-16 21:18 - 00000000 ____D () C:\ProgramData\CyberLink 2015-01-18 20:00 - 2014-04-16 21:18 - 00000000 ____D () C:\ProgramData\Battle.net 2015-01-18 20:00 - 2014-04-16 21:17 - 00000000 ____D () C:\ProgramData\Temp 2015-01-18 20:00 - 2014-04-16 20:22 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam 2015-01-18 20:00 - 2014-04-16 20:01 - 00000000 ____D () C:\Windows\SysWOW64\Macromed 2015-01-18 20:00 - 2014-04-16 20:01 - 00000000 ____D () C:\Windows\system32\Macromed 2015-01-18 20:00 - 2014-04-16 20:00 - 00000000 ____D () C:\ProgramData\Mozilla 2015-01-18 20:00 - 2014-04-16 19:55 - 00000000 ____D () C:\ProgramData\Norton 2015-01-18 20:00 - 2014-04-16 19:55 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel 2015-01-18 20:00 - 2014-04-16 19:53 - 00000000 ____D () C:\ProgramData\Intel 2015-01-18 20:00 - 2014-04-16 19:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome 2015-01-18 20:00 - 2014-04-16 19:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Creative 2015-01-18 20:00 - 2014-04-16 19:52 - 00000000 ____D () C:\ProgramData\Creative 2015-01-18 20:00 - 2014-04-16 19:52 - 00000000 ____D () C:\Program Files (x86)\Google 2015-01-18 20:00 - 2014-04-16 19:37 - 00000000 ____D () C:\Program Files (x86)\Realtek 2015-01-18 20:00 - 2014-04-16 19:36 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information 2015-01-18 20:00 - 2014-04-16 19:36 - 00000000 ____D () C:\ProgramData\Downloaded Installations 2015-01-18 20:00 - 2014-04-16 19:35 - 00000000 ____D () C:\Program Files (x86)\MSI 2015-01-18 20:00 - 2014-04-16 19:35 - 00000000 ____D () C:\Program Files (x86)\Intel 2015-01-18 20:00 - 2009-07-14 06:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games 2015-01-18 20:00 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\SysWOW64\zh-HK 2015-01-18 20:00 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\SysWOW64\tr-TR 2015-01-18 20:00 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\zh-HK 2015-01-18 20:00 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\tr-TR 2015-01-18 20:00 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\NDF 2015-01-18 20:00 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\LiveKernelReports 2015-01-18 20:00 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\Cursors 2015-01-18 20:00 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\AppCompat 2015-01-18 19:59 - 2014-12-18 22:54 - 00000000 ____D () C:\Program Files\Microsoft Xbox 360 Accessories 2015-01-18 19:59 - 2014-12-02 16:25 - 00000000 ____D () C:\Program Files (x86)\Air 2015-01-18 19:59 - 2014-11-11 03:06 - 00000000 ____D () C:\Program Files\OBS 2015-01-18 19:59 - 2014-11-04 12:38 - 00000000 ____D () C:\Program Files\CCleaner 2015-01-18 19:59 - 2014-10-31 12:26 - 00000000 ____D () C:\Program Files\Microsoft Office 15 2015-01-18 19:59 - 2014-10-16 11:42 - 00000000 ____D () C:\Program Files (x86)\Avira 2015-01-18 19:59 - 2014-07-10 21:45 - 00000000 ____D () C:\Program Files (x86)\avmwlanstick 2015-01-18 19:59 - 2014-06-23 17:00 - 00000000 ____D () C:\Program Files\Adobe 2015-01-18 19:59 - 2014-06-23 16:48 - 00000000 ____D () C:\Program Files (x86)\Adobe 2015-01-18 19:59 - 2014-04-23 19:45 - 00000000 ____D () C:\Program Files\Common Files\Adobe 2015-01-18 19:59 - 2014-04-17 08:25 - 00000000 ____D () C:\Program Files (x86)\Battlelog Web Plugins 2015-01-18 19:59 - 2014-04-16 21:19 - 00000000 ____D () C:\Program Files (x86)\Battle.net 2015-01-18 19:59 - 2014-04-16 19:53 - 00000000 ____D () C:\Program Files\Intel 2015-01-18 19:59 - 2014-04-16 19:51 - 00000000 ____D () C:\Program Files (x86)\Creative 2015-01-18 19:59 - 2009-07-14 04:20 - 00000000 ____D () C:\Program Files\Common Files\Microsoft Shared 2015-01-18 19:58 - 2009-07-14 04:20 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories 2015-01-18 19:58 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\sysprep 2015-01-18 19:55 - 2009-07-14 06:38 - 00025600 ___SH () C:\Windows\system32\config\BCD-Template.LOG 2015-01-18 19:55 - 2009-07-14 06:32 - 00028672 _____ () C:\Windows\system32\config\BCD-Template 2015-01-18 19:55 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\oobe 2015-01-18 19:28 - 2014-06-23 18:48 - 00002544 _____ () C:\Windows\diagwrn.xml 2015-01-18 19:28 - 2014-06-23 18:48 - 00001890 _____ () C:\Windows\diagerr.xml 2015-01-08 09:55 - 2010-11-21 04:27 - 00298120 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe 2015-01-06 14:36 - 2014-12-23 03:29 - 03533800 _____ (DVDVideoSoft Ltd. ) C:\Users\Timo ==================== Files in the root of some directories ======= 2014-11-16 18:31 - 2015-01-26 17:00 - 0000132 _____ () C:\Users\Timo Doblinski\AppData\Roaming\Adobe CS5-Voreinstellungen für PNG-Format 2014-12-18 22:26 - 2015-01-12 22:23 - 0001474 _____ () C:\Users\Timo Doblinski\AppData\Roaming\SpeedRunnersLog.txt Some content of TEMP: ==================== C:\Users\Timo Doblinski\AppData\Local\Temp\avgnt.exe ==================== Bamital & volsnap Check ================= (There is no automatic fix for files that do not pass verification.) C:\Windows\System32\winlogon.exe => File is digitally signed C:\Windows\System32\wininit.exe => File is digitally signed C:\Windows\SysWOW64\wininit.exe => File is digitally signed C:\Windows\explorer.exe => File is digitally signed C:\Windows\SysWOW64\explorer.exe => File is digitally signed C:\Windows\System32\svchost.exe => File is digitally signed C:\Windows\SysWOW64\svchost.exe => File is digitally signed C:\Windows\System32\services.exe => File is digitally signed C:\Windows\System32\User32.dll => File is digitally signed C:\Windows\SysWOW64\User32.dll => File is digitally signed C:\Windows\System32\userinit.exe => File is digitally signed C:\Windows\SysWOW64\userinit.exe => File is digitally signed C:\Windows\System32\rpcss.dll => File is digitally signed C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2015-01-24 13:42 ==================== End Of Log ============================ |
![]() | ![]() Addition FRST Additions Logfile: Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x64) Version: 24-01-2015 01 Ran by Timo Doblinski at 2015-01-28 12:35:51 Running from C:\Users\Timo Doblinski\Downloads Boot Mode: Normal ========================================================== ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: Avira Desktop (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859} AS: Avira Desktop (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4} AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Spybot - Search and Destroy (Enabled - Up to date) {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0} ==================== Installed Programs ====================== (Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) 7 Days to Die (HKLM-x32\...\Steam App 251570) (Version: - The Fun Pimps) Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: - Adobe Systems Incorporated) Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: - Adobe Systems Incorporated) Adobe Flash Player 16 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: - Adobe Systems Incorporated) Adobe Flash Player 16 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: - Adobe Systems Incorporated) Adobe Photoshop CC 2014 (HKLM-x32\...\{D7A4F897-B20A-42D0-862D-CB5F6DB7391D}) (Version: 15.1 - Adobe Systems Incorporated) Adobe Photoshop Elements 12 (HKLM-x32\...\Adobe Photoshop Elements 12) (Version: - Adobe Systems Incorporated) Akamai NetSession Interface (HKU\S-1-5-21-2490962840-1107168080-2429785914-1000\...\Akamai) (Version: - Akamai Technologies, Inc) Apple Application Support (HKLM-x32\...\{83CAF0DE-8D3B-4C37-A631-2B8F16EC3031}) (Version: 3.1 - Apple Inc.) Apple Mobile Device Support (HKLM\...\{BDD99690-3541-4619-9D2A-3CDDB3E15F9E}) (Version: - Apple Inc.) Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: - Apple Inc.) Assassin's Creed IV Black Flag (HKLM-x32\...\Steam App 242050) (Version: - Ubisoft Montreal) Audacity 2.0.5 (HKLM-x32\...\Audacity_is1) (Version: 2.0.5 - Audacity Team) Avira (HKLM-x32\...\{e7c7c227-b742-4878-9425-f09bbf9951db}) (Version: - Avira Operations & Co. KG) Avira (x32 Version: - Avira Operations & Co. KG) Hidden Avira Free Antivirus (HKLM-x32\...\Avira AntiVir Desktop) (Version: - Avira) AVM FRITZ!WLAN (HKLM-x32\...\AVMWLANCLI) (Version: - AVM Berlin) Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment) Battlefield 4™ (HKLM-x32\...\{ABADE36E-EC37-413B-8179-B432AD3FACE7}) (Version: - Electronic Arts) Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: - Apple Inc.) Borderlands 2 (HKLM-x32\...\Steam App 49520) (Version: - Gearbox Software) Broforce (HKLM-x32\...\Steam App 274190) (Version: - Free Lives) Camtasia Studio 8 (HKLM-x32\...\{F5C9BE9A-04C3-4A72-8CD0-BB67C722D608}) (Version: - TechSmith Corporation) CCleaner (HKLM\...\CCleaner) (Version: 4.19 - Piriform) Cliqz (HKLM-x32\...\{5A0C0737-6AFE-4DC6-A8B4-6DFE509ACD75}_is1) (Version: 0.5.22 - Cliqz.com) Company of Heroes 2 (HKLM-x32\...\Steam App 231430) (Version: - Relic Entertainment) Compatibility Pack für 2007 Office System (HKLM-x32\...\{90120000-0020-0407-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation) CPUID CPU-Z 1.71.1 (HKLM\...\CPUID CPU-Z_is1) (Version: - ) Craft The World (HKLM-x32\...\Steam App 248390) (Version: - Dekovir Entertainment) CyberLink BD_3D Advisor 2.0 (HKLM-x32\...\{2D2D8FE2-605C-4D3C-B706-36E981E7EEF0}) (Version: 2.0.6410 - CyberLink Corp.) CyberLink Media Suite 10 (HKLM-x32\...\InstallShield_{8F14AA37-5193-4A14-BD5B-BDF9B361AEF7}) (Version: 10.0 - CyberLink Corp.) D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden DayZ (HKLM-x32\...\Steam App 221100) (Version: - Bohemia Interactive) Deadlight (HKLM-x32\...\Steam App 211400) (Version: - Tequila Works, S.L.) Diablo III (HKLM-x32\...\Diablo III) (Version: - Blizzard Entertainment) Die Sims™ 4 (HKLM-x32\...\{48EBEBBF-B9F8-4520-A3CF-89A730721917}) (Version: - Electronic Arts Inc.) Don't Starve (HKLM-x32\...\Steam App 219740) (Version: - Klei Entertainment) Don't Starve Together Beta (HKLM-x32\...\Steam App 322330) (Version: - Klei Entertainment) Dungeon of the Endless (HKLM-x32\...\Steam App 249050) (Version: - AMPLITUDE Studios) Elements 12 Organizer (x32 Version: 12.0 - Ihr Firmenname) Hidden EVEREST Home Edition v2.20 (HKLM-x32\...\EVEREST Home Edition_is1) (Version: 2.20 - Lavalys Inc) Fallen Enchantress: Legendary Heroes (HKLM-x32\...\Steam App 228260) (Version: - Stardock Entertainment) Fotogalerie (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden Fraps (HKLM-x32\...\Fraps) (Version: - ) Garry's Mod (HKLM-x32\...\Steam App 4000) (Version: - Facepunch Studios) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 40.0.2214.93 - Google Inc.) Google Update Helper (x32 Version: - Google Inc.) Hidden Hammerwatch (HKLM-x32\...\Steam App 239070) (Version: - Crackshell) Hearthstone (HKLM-x32\...\Hearthstone) (Version: - Blizzard Entertainment) Heroes & Generals (HKLM-x32\...\Steam App 227940) (Version: - Reto-Moto) How to Survive (HKLM-x32\...\Steam App 250400) (Version: - ) Insurgency (HKLM-x32\...\Steam App 222880) (Version: - New World Interactive) Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: - Intel Corporation) Intel(R) Smart Connect Technology (HKLM\...\{B1AC3709-3E98-4F2C-A84E-4BCA2A452E64}) (Version: - Intel Corporation) Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: - Intel Corporation) Java 7 Update 71 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217071FF}) (Version: 7.0.710 - Oracle) League of Legends (HKLM-x32\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games ) League of Legends (x32 Version: 3.0.1 - Riot Games ) Hidden Left 4 Dead 2 (HKLM-x32\...\Steam App 550) (Version: - Valve) LG ODD Auto Firmware Update (HKLM-x32\...\{6179550A-3E7C-499E-BCC9-9E8113E0A285}) (Version: 10.01.0712.01 - ) Magicka: Wizard Wars (HKLM-x32\...\Steam App 202090) (Version: - Paradox North) Microsoft .NET Framework 4.5.2 (HKLM\...\{26784146-6E05-3FF9-9335-786C7C0FB5BE}) (Version: - ) Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation) Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation) Microsoft Office Home and Student 2013 - de-de (HKLM\...\HomeStudentRetail - de-de) (Version: 15.0.4675.1003 - Microsoft Corporation) Microsoft Office Word Viewer 2003 (HKLM-x32\...\{90850407-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation) Microsoft OneDrive (HKU\S-1-5-21-2490962840-1107168080-2429785914-1000\...\OneDriveSetup.exe) (Version: 17.3.1171.0714 - Microsoft Corporation) Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation) Microsoft Xbox 360 Accessories 1.2 (HKLM\...\{B3B750C0-8C22-439D-B7CE-67F3ED99CC2B}) (Version: - Microsoft) Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation) Might & Magic: Clash of Heroes (HKLM-x32\...\Steam App 61700) (Version: - Capybara Games) Monaco (HKLM-x32\...\Steam App 113020) (Version: - Pocketwatch Games) Movie Maker (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden Mozilla Firefox 33.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 33.0 (x86 de)) (Version: 33.0 - Mozilla) Mozilla Firefox 35.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 35.0.1 (x86 de)) (Version: 35.0.1 - Mozilla) Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 34.0 - Mozilla) My Game Long Name (HKLM\...\UDK-f659d4c9-5b61-4b79-a5b0-ba0aa43682aa) (Version: - Epic Games, Inc.) Nero 12 Kwik Burn Express Essentials (HKLM-x32\...\{0D343606-1662-45F7-BB3B-F7FC068BA0C5}) (Version: 12.1.00200 - Nero AG) Nether (HKLM-x32\...\Steam App 247730) (Version: - Phosphor Games) Nosgoth (HKLM-x32\...\Steam App 200110) (Version: 150120.100528 - Square Enix Ltd) NVIDIA 3D Vision Controller-Treiber 347.09 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 347.09 - NVIDIA Corporation) NVIDIA 3D Vision Treiber 347.25 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 347.25 - NVIDIA Corporation) NVIDIA GeForce Experience 2.2.2 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.2.2 - NVIDIA Corporation) NVIDIA Grafiktreiber 347.25 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 347.25 - NVIDIA Corporation) NVIDIA HD-Audiotreiber (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: - NVIDIA Corporation) NVIDIA PhysX-Systemsoftware 9.14.0702 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.14.0702 - NVIDIA Corporation) Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4675.1003 - Microsoft Corporation) Hidden Office 15 Click-to-Run Licensing Component (Version: 15.0.4675.1003 - Microsoft Corporation) Hidden Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4675.1003 - Microsoft Corporation) Hidden Open Broadcaster Software (HKLM-x32\...\Open Broadcaster Software) (Version: - ) OpenAL (HKLM-x32\...\OpenAL) (Version: - ) Origin (HKLM-x32\...\Origin) (Version: - Electronic Arts, Inc.) PlanetSide 2 (HKLM-x32\...\Steam App 218230) (Version: - Sony Online Entertainment) PLDS OEM Content (x32 Version: 12.0.0004 - Nero AG) Hidden Prerequisite installer (x32 Version: 12.0.0002 - Nero AG) Hidden Prison Architect (HKLM-x32\...\Steam App 233450) (Version: - Introversion Software) Project Zomboid (HKLM-x32\...\Steam App 108600) (Version: - The Indie Stone) PSE12 STI Installer (x32 Version: 12.0 - Adobe Systems Incorporated) Hidden PVZ Garden Warfare (HKLM-x32\...\{A5AC7D7B-C1D5-4AF9-8829-993DA335BE1B}) (Version: - Electronic Arts) Qualcomm Atheros Bandwidth Control Filter Driver (Version: - Qualcomm Atheros) Hidden Qualcomm Atheros Killer E220x Drivers (Version: - Qualcomm Atheros) Hidden Qualcomm Atheros Killer Network Manager Suite (HKLM-x32\...\{DD21E907-9A2A-44B8-A12E-13691E166664}) (Version: - Qualcomm Atheros) Qualcomm Atheros Network Manager (Version: - Qualcomm Atheros) Hidden Razer Cortex (HKLM-x32\...\Razer Cortex_is1) (Version: - Razer Inc.) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: - Realtek Semiconductor Corp.) RollerCoaster Tycoon: Deluxe (HKLM-x32\...\Steam App 285310) (Version: - Chris Sawyer Productions) RUNNING WITH RIFLES (HKLM-x32\...\Steam App 270150) (Version: - Modulaatio Games) SHIELD Streaming (Version: 4.0.1000 - NVIDIA Corporation) Hidden SHIELD Wireless Controller Driver (Version: 17.12.8 - NVIDIA Corporation) Hidden Skype™ 6.22 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 6.22.107 - Skype Technologies S.A.) Sound Blaster Cinema (HKLM-x32\...\{8801CA65-921A-4CCC-9D63-879D1D0BAA97}) (Version: 1.00.05 - Creative Technology Limited) Space Engineers (HKLM-x32\...\Steam App 244850) (Version: - Keen Software House) SpeedRunners (HKLM-x32\...\Steam App 207140) (Version: - DoubleDutch Games) Spotify (HKU\S-1-5-21-2490962840-1107168080-2429785914-1000\...\Spotify) (Version: - Spotify AB) Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.4.40 - Safer-Networking Ltd.) Steam (HKLM-x32\...\Steam) (Version: - Valve Corporation) Stranded Deep (HKLM-x32\...\Steam App 313120) (Version: - Beam Team Games) Super-Charger (HKLM-x32\...\{7CDF10DD-A9B5-4DA3-AB95-E193248D4369}_is1) (Version: 1.2.022 - MSI) System Requirements Lab CYRI (HKLM-x32\...\{F3FCB08B-E752-444D-86A0-0634A4F3B23D}) (Version: - Husdawg, LLC) TeamSpeak 3 Client (HKU\S-1-5-21-2490962840-1107168080-2429785914-1000\...\TeamSpeak 3 Client) (Version: 3.0.14 - TeamSpeak Systems GmbH) Terraria (HKLM-x32\...\Steam App 105600) (Version: - Re-Logic) The Elder Scrolls V: Skyrim (HKLM-x32\...\Steam App 72850) (Version: - Bethesda Game Studios) The Forest (HKLM-x32\...\Steam App 242760) (Version: - Endnight Games Ltd) The Stomping Land (HKLM-x32\...\Steam App 263440) (Version: - SuperCrit) The Walking Dead (HKLM-x32\...\Steam App 207610) (Version: - ) Uplay (HKLM-x32\...\Uplay) (Version: 4.0 - Ubisoft) VGA Boost (HKLM-x32\...\{809ACFAE-9A4D-4C60-9223-D8B615CD8CBA}}_is1) (Version: - MSI) Watch_Dogs (HKLM-x32\...\Steam App 243470) (Version: - Ubisoft) Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3508.0205 - Microsoft Corporation) WinRAR 5.20 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.20.0 - win.rar GmbH) World of Tanks (HKLM-x32\...\{1EAC1D02-C6AC-4FA6-9A44-96258C37C812EU}_is1) (Version: - Wargaming.net) World of Warcraft (HKLM-x32\...\World of Warcraft) (Version: - Blizzard Entertainment) ==================== Custom CLSID (selected items): ========================== (If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.) CustomCLSID: HKU\S-1-5-21-2490962840-1107168080-2429785914-1000_Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}\InprocServer32 -> C:\Users\Timo Doblinski\AppData\Local\Microsoft\SkyDrive\17.3.1171.0714\amd64\SkyDriveShell64.dll (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-2490962840-1107168080-2429785914-1000_Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}\InprocServer32 -> C:\Users\Timo Doblinski\AppData\Local\Microsoft\SkyDrive\17.3.1171.0714\amd64\SkyDriveShell64.dll (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-2490962840-1107168080-2429785914-1000_Classes\CLSID\{CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B}\InprocServer32 -> C:\Users\Timo Doblinski\AppData\Local\Microsoft\SkyDrive\17.3.1171.0714\amd64\SkyDriveShell64.dll (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-2490962840-1107168080-2429785914-1000_Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}\InprocServer32 -> C:\Users\Timo Doblinski\AppData\Local\Microsoft\SkyDrive\17.3.1171.0714\amd64\SkyDriveShell64.dll (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-2490962840-1107168080-2429785914-1000_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\Timo Doblinski\AppData\Local\Microsoft\SkyDrive\17.3.1171.0714\amd64\FileSyncApi64.dll (Microsoft Corporation) ==================== Restore Points ========================= 28-01-2015 03:39:30 Windows Update ==================== Hosts content: ========================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2009-07-14 03:34 - 2009-06-10 22:00 - 00000824 ____N C:\Windows\system32\Drivers\etc\hosts ==================== Scheduled Tasks (whitelisted) ============= (If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.) Task: {031CDABF-99D3-4C89-B37F-501AB415F277} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDImmunize.exe Task: {07B63D0E-DD7C-4AFA-88DA-707D56DFD5C7} - System32\Tasks\{ED4CB75C-5E8A-46B5-A78C-15EE4C395B03} => pcalua.exe -a E:\Setupx.exe -d E:\ Task: {0CBB5A53-2B63-40C6-B06D-0E5BF49CF10C} - System32\Tasks\{BC124D6D-AF19-4CFF-965A-55009F869EAD} => pcalua.exe -a D:\installer\installer.exe -d D:\installer Task: {101EE8AA-5B6A-4422-94EF-011582393118} - \SidebarExecute No Task File <==== ATTENTION Task: {226F050F-8AB8-45EC-B6DB-FACF73771798} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDScan.exe Task: {36728D81-CD27-482F-895D-5C85C0BAF5D3} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc Task: {397059E4-6D46-42FD-A525-47292086EC2B} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-10-23] (Piriform Ltd) Task: {65BA4747-3A74-452A-8CC6-0F35C5935505} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-04-16] (Google Inc.) Task: {7C1820CC-E1DE-4714-948F-36D8A874D42F} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-04-16] (Google Inc.) Task: {A7F7CF14-89AC-463A-B306-FBE442420FB4} - System32\Tasks\AdobeAAMUpdater-1.0-Ares-Timo Doblinski => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2014-09-19] (Adobe Systems Incorporated) Task: {DEA0D74B-86BC-438B-94E0-03735D67ED69} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe Task: {ED0126DD-14EA-4D11-AD6F-CA32CF73C69A} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-01-25] (Adobe Systems Incorporated) Task: {F7F1FF49-684C-4524-88E9-9168BE6A1CB0} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2014-11-04] (Microsoft Corporation) Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe ==================== Loaded Modules (whitelisted) ============= 2015-01-25 22:13 - 2015-01-10 00:29 - 00117392 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll 2013-08-01 16:31 - 2013-08-01 16:31 - 00198120 _____ () C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe 2013-08-01 16:31 - 2013-08-01 16:31 - 00054760 _____ () C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\NetworkHeuristic.dll 2013-08-01 16:31 - 2013-08-01 16:31 - 00034792 _____ () C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\ISCTNetMon.dll 2014-12-09 23:22 - 2014-12-09 23:22 - 00186048 _____ () C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe 2014-09-26 14:41 - 2014-09-26 14:41 - 01021088 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll 2014-04-16 19:52 - 2012-11-01 10:23 - 00089600 _____ () C:\Windows\SYSTEM32\CmdRtr64.DLL 2014-04-16 19:52 - 2012-11-01 10:21 - 00325120 _____ () C:\Windows\SYSTEM32\APOMgr64.DLL 2014-10-23 20:19 - 2014-10-23 20:19 - 00053248 _____ () C:\Program Files\CCleaner\lang\lang-1031.dll 2013-08-08 14:35 - 2013-08-08 14:35 - 00283648 _____ () C:\Program Files\Qualcomm Atheros\Network Manager\NetworkManager.exe 2014-10-11 13:06 - 2014-10-11 13:06 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll 2014-10-11 13:05 - 2014-10-11 13:05 - 01044776 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll 2014-04-16 19:51 - 2012-10-31 14:00 - 00991232 _____ () C:\Program Files (x86)\Creative\Sound Blaster Cinema\Sound Blaster Cinema\de-DE\SBCinema.resources.dll 2011-03-09 13:21 - 2011-03-09 13:21 - 00619816 _____ () C:\Program Files (x86)\CyberLink\Power2Go\CLMediaLibrary.dll 2011-03-09 13:21 - 2011-03-09 13:21 - 00013096 _____ () C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvcPS.dll 2015-01-25 22:25 - 2014-05-13 12:04 - 00109400 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlThirdParty150.bpl 2015-01-25 22:25 - 2014-05-13 12:04 - 00416600 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\DEC150.bpl 2015-01-25 22:25 - 2014-05-13 12:04 - 00167768 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlFileFormats150.bpl 2015-01-25 22:25 - 2012-08-23 10:38 - 00574840 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\sqlite3.dll 2015-01-25 22:25 - 2012-04-03 17:06 - 00565640 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\av\BDSmartDB.dll 2015-01-27 04:05 - 2015-01-27 04:05 - 03925104 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll 2014-04-16 19:53 - 2013-09-16 20:20 - 01242584 ____R () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll ==================== Alternate Data Streams (whitelisted) ========= (If an entry is included in the fixlist, only the Alternate Data Streams will be removed.) ==================== Safe Mode (whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) ==================== EXE Association (whitelisted) ============= (If an entry is included in the fixlist, the default will be restored. None default entries will be removed.) ==================== MSCONFIG/TASK MANAGER disabled items ========= (Currently there is no automatic fix for this section.) MSCONFIG\Services: ClickToRunSvc => 2 ========================= Accounts: ========================== Administrator (S-1-5-21-2490962840-1107168080-2429785914-500 - Administrator - Disabled) Gast (S-1-5-21-2490962840-1107168080-2429785914-501 - Limited - Disabled) HomeGroupUser$ (S-1-5-21-2490962840-1107168080-2429785914-1003 - Limited - Enabled) Timo Doblinski (S-1-5-21-2490962840-1107168080-2429785914-1000 - Administrator - Enabled) => C:\Users\Timo Doblinski ==================== Faulty Device Manager Devices ============= Name: Qualcomm Atheros Bandwidth Control Description: Qualcomm Atheros Bandwidth Control Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1} Manufacturer: Service: BfLwf Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24) Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed. Devices stay in this state if they have been prepared for removal. After you remove the device, this error disappears.Remove the device, and this error should be resolved. ==================== Event log errors: ========================= Application errors: ================== Error: (01/28/2015 00:29:57 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (01/27/2015 00:51:26 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (01/27/2015 04:09:11 AM) (Source: SideBySide) (EventID: 80) (User: ) Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest2" in Zeile C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest3. Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion. In Konflikt stehende Komponenten:. Komponente 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest. Komponente 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest. Error: (01/26/2015 00:41:16 PM) (Source: SideBySide) (EventID: 80) (User: ) Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest2" in Zeile C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest3. Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion. In Konflikt stehende Komponenten:. Komponente 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest. Komponente 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest. Error: (01/26/2015 00:36:48 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (01/26/2015 01:21:26 AM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (01/26/2015 01:07:08 AM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (01/25/2015 11:44:01 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (01/25/2015 10:31:17 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (01/25/2015 10:16:24 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 System errors: ============= Error: (01/28/2015 00:29:58 PM) (Source: Service Control Manager) (EventID: 7026) (User: ) Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen: BfLwf Error: (01/28/2015 00:29:56 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Der Dienst "Spybot-S&D 2 Scanner Service" wurde aufgrund folgenden Fehlers nicht gestartet: %%1053 Error: (01/28/2015 00:29:56 PM) (Source: Service Control Manager) (EventID: 7009) (User: ) Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Spybot-S&D 2 Scanner Service erreicht. Error: (01/28/2015 03:39:42 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT) Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80070643 fehlgeschlagen: Internet Explorer 10 für Windows 7 für x64-basierte Systeme Error: (01/28/2015 03:00:33 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT) Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80070643 fehlgeschlagen: Internet Explorer 10 für Windows 7 für x64-basierte Systeme Error: (01/27/2015 03:10:29 PM) (Source: volsnap) (EventID: 36) (User: ) Description: Die Schattenkopien von Volume "C:" wurden abgebrochen, weil der Schattenkopiespeicher nicht auf ein benutzerdefiniertes Limit vergrößert werden konnte. Error: (01/27/2015 00:51:58 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Der Dienst "Spybot-S&D 2 Scanner Service" wurde aufgrund folgenden Fehlers nicht gestartet: %%1053 Error: (01/27/2015 00:51:57 PM) (Source: Service Control Manager) (EventID: 7009) (User: ) Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Spybot-S&D 2 Scanner Service erreicht. Error: (01/27/2015 00:51:27 PM) (Source: Service Control Manager) (EventID: 7026) (User: ) Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen: BfLwf Error: (01/27/2015 00:51:26 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Der Dienst "Spybot-S&D 2 Scanner Service" wurde aufgrund folgenden Fehlers nicht gestartet: %%1053 Microsoft Office Sessions: ========================= Error: (01/28/2015 00:29:57 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (01/27/2015 00:51:26 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (01/27/2015 04:09:11 AM) (Source: SideBySide) (EventID: 80) (User: ) Description: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestc:\program files (x86)\Adobe\adobe creative cloud\Utils\Creative Cloud Uninstaller.exe Error: (01/26/2015 00:41:16 PM) (Source: SideBySide) (EventID: 80) (User: ) Description: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestc:\program files (x86)\Adobe\adobe creative cloud\Utils\Creative Cloud Uninstaller.exe Error: (01/26/2015 00:36:48 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (01/26/2015 01:21:26 AM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (01/26/2015 01:07:08 AM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (01/25/2015 11:44:01 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (01/25/2015 10:31:17 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (01/25/2015 10:16:24 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 CodeIntegrity Errors: =================================== Date: 2015-01-08 12:59:11.863 Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume4\Users\TIMODO~1\AppData\Local\Temp\EverestDriver.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert. Date: 2015-01-08 12:59:11.850 Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume4\Users\TIMODO~1\AppData\Local\Temp\EverestDriver.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert. Date: 2015-01-08 12:59:11.818 Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume1\EVEREST Home Edition\kerneld.amd64" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert. Date: 2015-01-08 12:59:11.805 Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume1\EVEREST Home Edition\kerneld.amd64" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert. Date: 2015-01-08 00:06:01.712 Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume4\Users\TIMODO~1\AppData\Local\Temp\EverestDriver.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert. Date: 2015-01-08 00:06:01.699 Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume4\Users\TIMODO~1\AppData\Local\Temp\EverestDriver.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert. Date: 2015-01-08 00:06:01.666 Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume1\EVEREST Home Edition\kerneld.amd64" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert. Date: 2015-01-08 00:06:01.652 Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume1\EVEREST Home Edition\kerneld.amd64" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert. ==================== Memory info =========================== Processor: Intel(R) Core(TM) i7-4770K CPU @ 3.50GHz Percentage of memory in use: 22% Total physical RAM: 16327.94 MB Available physical RAM: 12678.1 MB Total Pagefile: 32654.07 MB Available Pagefile: 28788.63 MB Total Virtual: 8192 MB Available Virtual: 8191.79 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:119.02 GB) (Free:20.25 GB) NTFS Drive d: (Volume) (Fixed) (Total:1863.01 GB) (Free:1552.1 GB) NTFS ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 1863 GB) (Disk ID: 2601E721) Partition 1: (Not Active) - (Size=1863 GB) - (Type=07 NTFS) ======================================================== Disk: 1 (MBR Code: Windows 7 or 8) (Size: 119.2 GB) (Disk ID: 00000000) Partition: GPT Partition Type. ==================== End Of Log ============================ |
![]() | #9 |
/// the machine /// TB-Ausbilder ![]() ![]() ![]() ![]() ![]() ![]() ![]() ![]() | ![]() FreeYoutube Converter Virus? Downloade Dir bitte ![]()
![]() | #10 |
![]() | ![]() FRST neuFRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 28-01-2015 Ran by Timo Doblinski (administrator) on ARES on 29-01-2015 14:39:28 Running from C:\Users\Timo Doblinski\Downloads Loaded Profiles: Timo Doblinski (Available profiles: Timo Doblinski) Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland) Internet Explorer Version 8 (Default browser: FF) Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (Logitech Inc.) C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (Avira Operations GmbH & Co. KG) D:\Avira\AntiVir Desktop\sched.exe (Adobe Systems Incorporated) D:\Photoshop Elements\Elements 12 Organizer\PhotoshopElementsFileAgent.exe (Avira Operations GmbH & Co. KG) D:\Avira\AntiVir Desktop\avguard.exe (Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (AVM Berlin) C:\Program Files (x86)\avmwlanstick\WLanNetService.exe (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe (Hi-Rez Studios) D:\HiPatchService.exe (Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe () C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe (MSI) C:\Program Files (x86)\MSI\Super-Charger\ChargeService.exe (MICRO-STAR INTERNATIONAL CO., LTD.) C:\Program Files (x86)\MSI\MSITrigger\MSI_Trigger_Service.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe (Qualcomm Atheros) C:\Program Files\Qualcomm Atheros\Network Manager\KillerService.exe () C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe (Razer Inc.) FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 24-01-2015 01
Ran by Timo Doblinski (administrator) on ARES on 28-01-2015 12:35:35
Running from C:\Users\Timo Doblinski\Downloads
Loaded Profiles: Timo Doblinski (Available profiles: Timo Doblinski)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 8 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.) HKLM\...\Run: [XboxStat] => C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe [825184 2009-09-30] (Microsoft Corporation) HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7202008 2013-10-17] (Realtek Semiconductor) HKLM\...\Run: [MBCfg64] => C:\Windows\system32\RunDLL32.exe C:\Windows\system32\MBCfg64.dll,RunDLLEntry MBCfg64 HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [557768 2014-09-19] (Adobe Systems Incorporated) HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2585928 2015-01-16] (NVIDIA Corporation) HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart HKLM-x32\...\Run: [avgnt] => D:\Avira\AntiVir Desktop\avgnt.exe [702768 2014-12-09] (Avira Operations GmbH & Co. KG) HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [292848 2013-04-26] (Intel Corporation) HKLM-x32\...\Run: [UpdReg] => C:\Windows\UpdReg.EXE [90112 2000-05-11] (Creative Technology Ltd.) HKLM-x32\...\Run: [Super-Charger] => C:\Program Files (x86)\MSI\Super-Charger\Super-Charger.exe [1047536 2013-11-12] (MSI) HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [271744 2014-09-26] (Oracle Corporation) HKLM-x32\...\Run: [Sound Blaster Cinema] => C:\Program Files (x86)\Creative\Sound Blaster Cinema\Sound Blaster Cinema\SBCinema.exe [711680 2013-08-16] (Creative Technology Ltd) HKLM-x32\...\Run: [RemoteControl10] => C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [95192 2013-03-08] (CyberLink Corp.) HKLM-x32\...\Run: [RazerCortex] => D:\Razer Cortex\RazerCortex.exe [60640 2014-12-06] (Razer Inc.) HKLM-x32\...\Run: [CLMLServer] => C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe [107816 2011-03-09] (CyberLink) HKLM-x32\...\Run: [BDRegion] => C:\Program Files (x86)\Cyberlink\Shared files\brs.exe [179976 2013-09-02] (cyberlink) HKLM-x32\...\Run: [AVMWlanClient] => C:\Program Files (x86)\avmwlanstick\wlangui.exe [2105344 2010-10-22] (AVM Berlin) HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2694320 2014-10-01] (Adobe Systems Incorporated) HKLM-x32\...\Run: [SDTray] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [4101576 2014-06-24] (Safer-Networking Ltd.) HKLM-x32\...\Run: [Avira Systray] => C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe [126712 2014-12-31] (Avira Operations GmbH & Co. KG) Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X] HKU\S-1-5-21-2490962840-1107168080-2429785914-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [6501656 2014-10-23] (Piriform Ltd) HKU\S-1-5-21-2490962840-1107168080-2429785914-1000\...\Run: [CAHeadless] => D:\Photoshop Elements\Elements 12 Organizer\CAHeadless\ElementsAutoAnalyzer.exe [1401040 2014-04-24] (Adobe Systems Incorporated) HKU\S-1-5-21-2490962840-1107168080-2429785914-1000\...\Run: [Akamai NetSession Interface] => C:\Users\Timo Doblinski\AppData\Local\Akamai\netsession_win.exe [4673432 2014-10-29] (Akamai Technologies, Inc.) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\ISCTSystray.lnk ShortcutTarget: ISCTSystray.lnk -> C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTsysTray8.exe (Intel Corporation) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Killer Network Manager.lnk ShortcutTarget: Killer Network Manager.lnk -> C:\Windows\Installer\{4E08CC97-912D-458B-8705-9A14C325532F}\NetworkManager.exe_130C27D738F34C89BDDF21BCFD74B56D.exe (Flexera Software LLC) ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll () ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll () ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll () BootExecute: autocheck autochk * sdnclean64.exe ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = about:blank HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = about:blank HKU\S-1-5-21-2490962840-1107168080-2429785914-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/ SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation) BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.) BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation) BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation) BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation) BHO-x32: Microsoft-Konto-Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.) BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\Office15\URLREDIR.DLL (Microsoft Corporation) BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) Toolbar: HKU\S-1-5-21-2490962840-1107168080-2429785914-1000 -> No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File Toolbar: HKU\S-1-5-21-2490962840-1107168080-2429785914-1000 -> No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL (Microsoft Corporation) Tcpip\Parameters: [DhcpNameServer] FireFox: ======== FF ProfilePath: C:\Users\Timo Doblinski\AppData\Roaming\Mozilla\Firefox\Profiles\10zfidt7.default-1418130938130 FF NewTab: chrome://unitedtb/content/newtab/newtab-page.xhtml FF Homepage: google.de FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_16_0_0_296.dll () FF Plugin: @esn/npbattlelog,version=2.5.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.5.1\npbattlelogx64.dll (EA Digital Illusions CE AB) FF Plugin: adobe.com/AdobeAAMDetect_x86_64 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems) FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_296.dll () FF Plugin-x32: @esn/npbattlelog,version=2.3.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.3.2\npbattlelog.dll No File FF Plugin-x32: @esn/npbattlelog,version=2.5.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.5.1\npbattlelog.dll (EA Digital Illusions CE AB) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation) FF Plugin-x32: @java.com/DTPlugin,version=10.71.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=10.71.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3508.0205 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF Plugin-x32: @Nero.com/KM -> C:\PROGRA~2\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL (Nero AG) FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation) FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\\npGoogleUpdate3.dll (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\\npGoogleUpdate3.dll (Google Inc.) FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll (Adobe Systems) FF Extension: Adblock Plus - C:\Users\Timo Doblinski\AppData\Roaming\Mozilla\Firefox\Profiles\10zfidt7.default-1418130938130\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-12-10] Chrome: ======= CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - No Path ==================== Services (Whitelisted) ================= (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R2 AdobeActiveFileMonitor12.0; D:\Photoshop Elements\Elements 12 Organizer\PhotoshopElementsFileAgent.exe [181152 2013-09-03] (Adobe Systems Incorporated) R2 AntiVirSchedulerService; D:\Avira\AntiVir Desktop\sched.exe [431920 2014-12-09] (Avira Operations GmbH & Co. KG) R2 AntiVirService; D:\Avira\AntiVir Desktop\avguard.exe [431920 2014-12-09] (Avira Operations GmbH & Co. KG) R2 Avira.OE.ServiceHost; C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe [178424 2014-12-31] (Avira Operations GmbH & Co. KG) R2 AVM WLAN Connection Service; C:\Program Files (x86)\avmwlanstick\WlanNetService.exe [376832 2010-10-22] (AVM Berlin) [File not signed] S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [448384 2014-12-03] () S4 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2449592 2014-11-12] (Microsoft Corporation) S2 CLKMSVC10_38F51D56; C:\Program Files (x86)\CyberLink\PowerDVD10\NavFilter\kmsvc.exe [243464 2013-09-02] (CyberLink) R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1148744 2015-01-16] (NVIDIA Corporation) U2 HiPatchService; D:\HiPatchService.exe [9216 2014-02-28] (Hi-Rez Studios) [File not signed] S3 IEEtwCollectorService; C:\Windows\system32\IEEtwCollector.exe [114688 2014-11-22] (Microsoft Corporation) [File not signed] R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-27] (Intel(R) Corporation) [File not signed] S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [828376 2013-08-27] (Intel(R) Corporation) R2 ISCTAgent; C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe [198120 2013-08-01] () R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-09-16] (Intel Corporation) R2 MSI_SuperCharger; C:\Program Files (x86)\MSI\Super-Charger\ChargeService.exe [161776 2013-09-09] (MSI) R2 MSI_Trigger_Service; C:\Program Files (x86)\MSI\MSITrigger\MSI_Trigger_Service.exe [30240 2013-09-26] (MICRO-STAR INTERNATIONAL CO., LTD.) R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1706312 2015-01-16] (NVIDIA Corporation) R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [21833544 2015-01-16] (NVIDIA Corporation) S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [1900400 2014-12-06] (Electronic Arts) R2 Qualcomm Atheros Killer Service V2; C:\Program Files\Qualcomm Atheros\Network Manager\KillerService.exe [343040 2013-08-08] (Qualcomm Atheros) [File not signed] R2 Razer Game Scanner Service; C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe [186048 2014-12-09] () R2 RzKLService; D:\Razer Cortex\RzKLService.exe [105448 2014-12-06] (Razer Inc.) R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1738168 2014-06-24] (Safer-Networking Ltd.) R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2088408 2014-06-27] (Safer-Networking Ltd.) R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [171928 2014-04-25] (Safer-Networking Ltd.) R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation) ==================== Drivers (Whitelisted) ==================== (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [119272 2014-10-09] (Avira Operations GmbH & Co. KG) R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [131608 2014-10-09] (Avira Operations GmbH & Co. KG) R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2014-05-09] (Avira Operations GmbH & Co. KG) S3 avmeject; C:\Windows\System32\drivers\avmeject.sys [14120 2010-10-04] (AVM Berlin) S1 BfLwf; C:\Windows\System32\DRIVERS\bflwfx64.sys [67888 2013-02-13] (Qualcomm Atheros, Inc.) R3 ikbevent; C:\Windows\System32\DRIVERS\ikbevent.sys [21408 2013-08-01] () R3 imsevent; C:\Windows\System32\DRIVERS\imsevent.sys [21920 2013-08-01] () R3 INETMON; C:\Windows\System32\Drivers\INETMON.sys [29088 2013-08-01] () R3 ISCT; C:\Windows\System32\DRIVERS\ISCTD64.sys [46568 2013-08-01] () R3 Ke2200; C:\Windows\System32\DRIVERS\e22w7x64.sys [154320 2013-03-20] (Qualcomm Atheros, Inc.) S3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [129752 2015-01-29] (Malwarebytes Corporation) R3 MEIx64; C:\Windows\System32\DRIVERS\TeeDriverx64.sys [99288 2013-09-16] (Intel Corporation) R3 NTIOLib_1_0_3; C:\Program Files (x86)\MSI\Super-Charger\NTIOLib_X64.sys [13368 2012-10-25] (MSI) R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19784 2015-01-16] (NVIDIA Corporation) R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [38032 2014-11-22] (NVIDIA Corporation) R0 PxHlpa64; C:\Windows\System32\drivers\PxHlpa64.sys [56336 2013-07-19] (Corel Corporation) R2 rzpmgrk; C:\Windows\system32\drivers\rzpmgrk.sys [37184 2014-12-09] (Razer, Inc.) ==================== NetSvcs (Whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.) ==================== One Month Created Files and Folders ======== (If an entry is included in the fixlist, the file\folder will be moved.) 2015-01-29 14:39 - 2015-01-29 14:39 - 02130432 _____ (Farbar) C:\Users\Timo Doblinski\Downloads\FRST64.exe 2015-01-29 14:39 - 2015-01-29 14:39 - 00021493 _____ () C:\Users\Timo Doblinski\Downloads\FRST.txt 2015-01-29 14:35 - 2015-01-29 14:35 - 00001013 _____ () C:\Users\Timo Doblinski\Desktop\JRT.txt 2015-01-29 14:34 - 2015-01-29 14:34 - 00000000 ____D () C:\Windows\ERUNT 2015-01-29 14:33 - 2015-01-29 14:33 - 01707939 _____ (Thisisu) C:\Users\Timo Doblinski\Downloads\JRT.exe 2015-01-29 14:27 - 2015-01-29 14:27 - 00001539 _____ () C:\Users\Timo Doblinski\Desktop\AdwCleaner[S0].txt 2015-01-29 14:27 - 2015-01-29 14:27 - 00000000 ____D () C:\Users\Timo Doblinski\Desktop\AntiMailware Stuff 2015-01-29 14:19 - 2015-01-29 14:24 - 00000000 ____D () C:\AdwCleaner 2015-01-29 14:17 - 2015-01-29 14:17 - 00003522 _____ () C:\Users\Timo Doblinski\Desktop\mbam.txt 2015-01-29 14:17 - 2015-01-29 14:17 - 00001137 _____ () C:\Users\Public\Desktop\Avira.lnk 2015-01-29 14:17 - 2015-01-29 14:17 - 00000000 __SHD () C:\Windows\SysWOW64\%APPDATA% 2015-01-29 13:50 - 2015-01-29 14:15 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys 2015-01-29 13:50 - 2015-01-29 13:50 - 00000619 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk 2015-01-29 13:50 - 2015-01-29 13:50 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 2015-01-29 13:50 - 2015-01-29 13:50 - 00000000 ____D () C:\ProgramData\Malwarebytes 2015-01-29 13:50 - 2014-11-21 06:14 - 00093400 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys 2015-01-29 13:50 - 2014-11-21 06:14 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys 2015-01-29 13:50 - 2014-11-21 06:14 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys 2015-01-28 12:33 - 2015-01-29 14:39 - 00000000 ____D () C:\FRST 2015-01-27 12:55 - 2015-01-27 12:55 - 00000000 ____D () C:\Users\Timo Doblinski\Desktop\League of Legends Soundtracks 2015-01-27 12:50 - 2015-01-29 14:26 - 00476617 _____ () C:\Windows\setupact.log 2015-01-27 12:50 - 2015-01-29 14:25 - 00002420 _____ () C:\Windows\PFRO.log 2015-01-27 12:50 - 2015-01-27 12:50 - 00000000 _____ () C:\Windows\setuperr.log 2015-01-27 04:04 - 2015-01-27 04:05 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox 2015-01-27 03:00 - 2015-01-29 04:36 - 00045108 _____ () C:\Windows\IE10_main.log 2015-01-25 23:42 - 2009-06-10 22:00 - 00000824 _____ () C:\Windows\system32\Drivers\etc\hosts.20150125-234201.backup 2015-01-25 22:43 - 2015-01-25 22:43 - 00000000 ____D () C:\Users\Timo Doblinski\AppData\Roaming\NVIDIA 2015-01-25 22:35 - 2009-06-10 22:00 - 00000824 _____ () C:\Windows\system32\Drivers\etc\hosts.20150125-223513.backup 2015-01-25 22:25 - 2015-01-25 22:32 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy 2015-01-25 22:25 - 2015-01-25 22:27 - 00000000 ____D () C:\Program Files (x86)\Spybot - Search & Destroy 2 2015-01-25 22:25 - 2015-01-25 22:25 - 00001395 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk 2015-01-25 22:25 - 2015-01-25 22:25 - 00001383 _____ () C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk 2015-01-25 22:25 - 2015-01-25 22:25 - 00000000 ____D () C:\Windows\System32\Tasks\Safer-Networking 2015-01-25 22:25 - 2015-01-25 22:25 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2 2015-01-25 22:25 - 2013-09-20 10:49 - 00021040 _____ (Safer Networking Limited) C:\Windows\system32\sdnclean64.exe 2015-01-25 22:14 - 2015-01-25 22:15 - 00000000 ____D () C:\Users\Timo Doblinski\AppData\Local\NVIDIA 2015-01-25 22:13 - 2015-01-29 14:25 - 00000000 ____D () C:\ProgramData\NVIDIA 2015-01-25 22:13 - 2015-01-25 22:15 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation 2015-01-25 22:13 - 2015-01-25 22:13 - 00001351 _____ () C:\Users\Public\Desktop\GeForce Experience.lnk 2015-01-25 22:13 - 2015-01-16 07:41 - 01756424 _____ (NVIDIA Corporation) C:\Windows\system32\nvspbridge64.dll 2015-01-25 22:13 - 2015-01-16 07:41 - 01514528 _____ (NVIDIA Corporation) C:\Windows\system32\nvspcap64.dll 2015-01-25 22:13 - 2015-01-16 07:41 - 01316184 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspbridge.dll 2015-01-25 22:13 - 2015-01-16 07:41 - 01278920 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspcap.dll 2015-01-25 22:13 - 2015-01-10 09:07 - 00073872 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll 2015-01-25 22:13 - 2015-01-10 09:07 - 00060744 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll 2015-01-25 22:13 - 2015-01-10 00:30 - 06860432 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll 2015-01-25 22:13 - 2015-01-10 00:30 - 03517256 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll 2015-01-25 22:13 - 2015-01-10 00:29 - 02558608 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll 2015-01-25 22:13 - 2015-01-10 00:29 - 00935056 _____ (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe 2015-01-25 22:13 - 2015-01-10 00:29 - 00385352 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll 2015-01-25 22:13 - 2015-01-10 00:29 - 00062608 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll 2015-01-25 22:13 - 2015-01-09 23:27 - 00621200 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe 2015-01-25 22:13 - 2015-01-09 20:47 - 04173527 _____ () C:\Windows\system32\nvcoproc.bin 2015-01-25 22:12 - 2015-01-13 05:15 - 01540240 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdagenco6420103.dll 2015-01-25 22:12 - 2015-01-13 05:15 - 00195728 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvhda64v.sys 2015-01-25 22:12 - 2015-01-13 05:15 - 00030536 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdap64.dll 2015-01-25 22:12 - 2015-01-10 09:07 - 32102544 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll 2015-01-25 22:12 - 2015-01-10 09:07 - 25459856 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll 2015-01-25 22:12 - 2015-01-10 09:07 - 24765584 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll 2015-01-25 22:12 - 2015-01-10 09:07 - 20465296 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll 2015-01-25 22:12 - 2015-01-10 09:07 - 18566296 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll 2015-01-25 22:12 - 2015-01-10 09:07 - 17250776 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll 2015-01-25 22:12 - 2015-01-10 09:07 - 16009120 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll 2015-01-25 22:12 - 2015-01-10 09:07 - 14115944 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll 2015-01-25 22:12 - 2015-01-10 09:07 - 13295552 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll 2015-01-25 22:12 - 2015-01-10 09:07 - 13210248 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll 2015-01-25 22:12 - 2015-01-10 09:07 - 10774544 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll 2015-01-25 22:12 - 2015-01-10 09:07 - 10714488 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll 2015-01-25 22:12 - 2015-01-10 09:07 - 10274448 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys 2015-01-25 22:12 - 2015-01-10 09:07 - 03607184 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll 2015-01-25 22:12 - 2015-01-10 09:07 - 03298816 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll 2015-01-25 22:12 - 2015-01-10 09:07 - 03245712 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll 2015-01-25 22:12 - 2015-01-10 09:07 - 02902456 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll 2015-01-25 22:12 - 2015-01-10 09:07 - 01895240 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6434725.dll 2015-01-25 22:12 - 2015-01-10 09:07 - 01556808 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6434725.dll 2015-01-25 22:12 - 2015-01-10 09:07 - 00994712 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshimx.dll 2015-01-25 22:12 - 2015-01-10 09:07 - 00969360 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll 2015-01-25 22:12 - 2015-01-10 09:07 - 00942736 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll 2015-01-25 22:12 - 2015-01-10 09:07 - 00929424 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll 2015-01-25 22:12 - 2015-01-10 09:07 - 00906384 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll 2015-01-25 22:12 - 2015-01-10 09:07 - 00877488 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll 2015-01-25 22:12 - 2015-01-10 09:07 - 00496456 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll 2015-01-25 22:12 - 2015-01-10 09:07 - 00399688 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll 2015-01-25 22:12 - 2015-01-10 09:07 - 00390472 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFROpenGL.dll 2015-01-25 22:12 - 2015-01-10 09:07 - 00353040 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll 2015-01-25 22:12 - 2015-01-10 09:07 - 00345744 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFROpenGL.dll 2015-01-25 22:12 - 2015-01-10 09:07 - 00305320 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll 2015-01-25 22:12 - 2015-01-10 09:07 - 00177624 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll 2015-01-25 22:12 - 2015-01-10 09:07 - 00164568 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll 2015-01-25 22:12 - 2015-01-10 09:07 - 00027441 _____ () C:\Windows\system32\nvinfo.pb 2015-01-25 22:12 - 2014-11-22 11:46 - 00038032 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad64v.sys 2015-01-25 22:12 - 2014-11-22 11:46 - 00035472 _____ (NVIDIA Corporation) C:\Windows\system32\nvaudcap64v.dll 2015-01-25 22:12 - 2014-11-22 11:46 - 00032400 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvaudcap32v.dll 2015-01-25 21:58 - 2015-01-25 21:58 - 00003528 ____N () C:\bootsqm.dat 2015-01-25 21:15 - 2015-01-25 21:15 - 01732032 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll 2015-01-25 21:15 - 2015-01-25 21:15 - 01292192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll 2015-01-25 21:15 - 2015-01-25 21:15 - 00878080 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll 2015-01-25 21:15 - 2015-01-25 21:15 - 00859648 _____ (Microsoft Corporation) C:\Windows\system32\tdh.dll 2015-01-25 21:15 - 2015-01-25 21:15 - 00640512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll 2015-01-25 21:15 - 2015-01-25 21:15 - 00619520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdh.dll 2015-01-25 20:59 - 2014-10-03 10:02 - 103265616 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe 2015-01-24 12:48 - 2015-01-24 12:53 - 00000000 ____D () C:\ProgramData\E1864A66-75E3-486a-BD95-D1B7D99A84A7 2015-01-24 12:47 - 2015-01-24 12:53 - 00000000 ____D () C:\Program Files\Common Files\Apple 2015-01-24 12:47 - 2015-01-24 12:47 - 00002519 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk 2015-01-24 12:47 - 2015-01-24 12:47 - 00000000 ____D () C:\Program Files\Bonjour 2015-01-24 12:47 - 2015-01-24 12:47 - 00000000 ____D () C:\Program Files (x86)\Bonjour 2015-01-24 12:47 - 2015-01-24 12:47 - 00000000 ____D () C:\Program Files (x86)\Apple Software Update 2015-01-24 12:08 - 2015-01-24 12:08 - 00003088 _____ () C:\Windows\System32\Tasks\{BC124D6D-AF19-4CFF-965A-55009F869EAD} 2015-01-24 11:56 - 2015-01-24 12:39 - 00000000 ____D () C:\Windows\pss 2015-01-20 12:30 - 2014-11-11 04:08 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll 2015-01-20 12:30 - 2014-11-11 04:08 - 00241152 _____ (Microsoft Corporation) C:\Windows\system32\pku2u.dll 2015-01-20 12:30 - 2014-11-11 03:44 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll 2015-01-20 12:30 - 2014-11-11 03:44 - 00186880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pku2u.dll 2015-01-20 12:30 - 2014-05-30 07:45 - 00497152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys 2015-01-20 12:30 - 2014-03-04 10:44 - 00722944 _____ (Microsoft Corporation) C:\Windows\system32\objsel.dll 2015-01-20 12:30 - 2014-03-04 10:44 - 00424960 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll 2015-01-20 12:30 - 2014-03-04 10:44 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\wincredprovider.dll 2015-01-20 12:30 - 2014-03-04 10:43 - 00057344 _____ (Microsoft Corporation) C:\Windows\system32\cngprovider.dll 2015-01-20 12:30 - 2014-03-04 10:43 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\adprovider.dll 2015-01-20 12:30 - 2014-03-04 10:43 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\capiprovider.dll 2015-01-20 12:30 - 2014-03-04 10:43 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\dpapiprovider.dll 2015-01-20 12:30 - 2014-03-04 10:43 - 00044544 _____ (Microsoft Corporation) C:\Windows\system32\dimsroam.dll 2015-01-20 12:30 - 2014-03-04 10:17 - 00538112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\objsel.dll 2015-01-20 12:30 - 2014-03-04 10:17 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cngprovider.dll 2015-01-20 12:30 - 2014-03-04 10:17 - 00049664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adprovider.dll 2015-01-20 12:30 - 2014-03-04 10:17 - 00048128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\capiprovider.dll 2015-01-20 12:30 - 2014-03-04 10:17 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpapiprovider.dll 2015-01-20 12:30 - 2014-03-04 10:17 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dimsroam.dll 2015-01-20 12:30 - 2014-03-04 10:17 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wincredprovider.dll 2015-01-20 12:30 - 2014-03-04 10:16 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll 2015-01-20 12:30 - 2013-10-19 03:18 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\imagehlp.dll 2015-01-20 12:30 - 2013-10-19 02:36 - 00159232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imagehlp.dll 2015-01-20 12:30 - 2013-07-03 05:05 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidclass.sys 2015-01-20 12:30 - 2013-07-03 05:05 - 00032896 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidparse.sys 2015-01-20 03:02 - 2012-03-01 07:46 - 00023408 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fs_rec.sys 2015-01-20 03:02 - 2012-03-01 07:28 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\wmi.dll 2015-01-20 03:02 - 2012-03-01 06:29 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmi.dll 2015-01-20 03:00 - 2014-06-30 23:24 - 00008856 _____ (Microsoft Corporation) C:\Windows\system32\icardres.dll 2015-01-20 03:00 - 2014-06-30 23:14 - 00008856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardres.dll 2015-01-20 03:00 - 2014-06-06 07:16 - 00035480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TsWpfWrp.exe 2015-01-20 03:00 - 2014-06-06 07:12 - 00035480 _____ (Microsoft Corporation) C:\Windows\system32\TsWpfWrp.exe 2015-01-20 03:00 - 2014-03-09 22:48 - 01389208 _____ (Microsoft Corporation) C:\Windows\system32\icardagt.exe 2015-01-20 03:00 - 2014-03-09 22:48 - 00171160 _____ (Microsoft Corporation) C:\Windows\system32\infocardapi.dll 2015-01-20 03:00 - 2014-03-09 22:47 - 00619672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardagt.exe 2015-01-20 03:00 - 2014-03-09 22:47 - 00099480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\infocardapi.dll 2015-01-19 12:33 - 2011-04-09 07:58 - 00142336 _____ (Microsoft Corporation) C:\Windows\system32\poqexec.exe 2015-01-19 12:33 - 2011-04-09 06:56 - 00123904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\poqexec.exe 2015-01-19 12:32 - 2014-12-19 04:06 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll 2015-01-19 12:32 - 2014-12-11 18:47 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\TSWbPrxy.exe 2015-01-19 12:32 - 2014-12-06 05:17 - 00303616 _____ (Microsoft Corporation) C:\Windows\system32\nlasvc.dll 2015-01-19 12:32 - 2014-12-06 04:50 - 00156672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncsi.dll 2015-01-19 12:32 - 2014-12-06 04:50 - 00052224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nlaapi.dll 2015-01-19 12:32 - 2014-11-21 12:35 - 01188864 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2015-01-19 12:32 - 2014-11-21 12:34 - 12289024 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2015-01-19 12:32 - 2014-11-21 12:34 - 09058816 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2015-01-19 12:32 - 2014-11-21 12:34 - 02467328 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2015-01-19 12:32 - 2014-11-21 12:34 - 01541632 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2015-01-19 12:32 - 2014-11-21 12:34 - 00735232 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2015-01-19 12:32 - 2014-11-21 12:34 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll 2015-01-19 12:32 - 2014-11-21 12:34 - 00134144 _____ (Microsoft Corporation) C:\Windows\system32\url.dll 2015-01-19 12:32 - 2014-11-21 12:34 - 00097280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll 2015-01-19 12:32 - 2014-11-21 12:34 - 00082944 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll 2015-01-19 12:32 - 2014-11-21 12:34 - 00065024 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll 2015-01-19 12:32 - 2014-11-21 12:33 - 00495616 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll 2015-01-19 12:32 - 2014-11-21 12:33 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll 2015-01-19 12:32 - 2014-11-21 12:33 - 00174592 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe 2015-01-19 12:32 - 2014-11-21 12:33 - 00047616 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe 2015-01-19 12:32 - 2014-11-21 12:33 - 00016896 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe 2015-01-19 12:32 - 2014-11-21 12:32 - 01538048 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl 2015-01-19 12:32 - 2014-11-21 11:44 - 00981504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2015-01-19 12:32 - 2014-11-21 11:43 - 06026240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2015-01-19 12:32 - 2014-11-21 11:43 - 01267712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2015-01-19 12:32 - 2014-11-21 11:43 - 00627712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll 2015-01-19 12:32 - 2014-11-21 11:43 - 00132096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll 2015-01-19 12:32 - 2014-11-21 11:43 - 00067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll 2015-01-19 12:32 - 2014-11-21 11:43 - 00064512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll 2015-01-19 12:32 - 2014-11-21 11:43 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll 2015-01-19 12:32 - 2014-11-21 11:42 - 11019264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2015-01-19 12:32 - 2014-11-21 11:42 - 02086912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2015-01-19 12:32 - 2014-11-21 11:42 - 00345600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll 2015-01-19 12:32 - 2014-11-21 11:42 - 00216064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll 2015-01-19 12:32 - 2014-11-21 11:42 - 00176640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll 2015-01-19 12:32 - 2014-11-21 11:41 - 01466368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl 2015-01-19 12:32 - 2014-11-21 11:41 - 00142848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe 2015-01-19 12:32 - 2014-11-21 11:41 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe 2015-01-19 12:32 - 2014-11-21 11:41 - 00016384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe 2015-01-19 12:32 - 2014-11-21 11:23 - 00482816 _____ (Microsoft Corporation) C:\Windows\system32\html.iec 2015-01-19 12:32 - 2014-11-21 10:28 - 00386048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec 2015-01-19 12:32 - 2014-11-21 09:55 - 01638912 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2015-01-19 12:32 - 2014-11-21 08:53 - 01638912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb 2015-01-19 12:32 - 2014-10-14 03:16 - 00155064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys 2015-01-19 12:32 - 2014-10-14 03:13 - 00683520 _____ (Microsoft Corporation) C:\Windows\system32\termsrv.dll 2015-01-19 12:32 - 2014-10-14 03:12 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll 2015-01-19 12:32 - 2014-10-14 03:09 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll 2015-01-19 12:32 - 2014-10-14 03:07 - 00681984 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll 2015-01-19 12:32 - 2014-10-14 02:50 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll 2015-01-19 12:32 - 2014-10-14 02:49 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll 2015-01-19 12:32 - 2014-10-14 02:47 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll 2015-01-19 12:32 - 2014-10-14 02:46 - 00681984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll 2015-01-19 12:32 - 2014-06-18 23:23 - 01943696 _____ (Microsoft Corporation) C:\Windows\system32\dfshim.dll 2015-01-19 12:32 - 2014-06-18 23:23 - 01131664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dfshim.dll 2015-01-19 12:32 - 2014-06-18 23:23 - 00156824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscorier.dll 2015-01-19 12:32 - 2014-06-18 23:23 - 00156312 _____ (Microsoft Corporation) C:\Windows\system32\mscorier.dll 2015-01-19 12:32 - 2014-06-18 23:23 - 00081560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscories.dll 2015-01-19 12:32 - 2014-06-18 23:23 - 00073880 _____ (Microsoft Corporation) C:\Windows\system32\mscories.dll 2015-01-19 12:32 - 2014-04-25 03:34 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\usp10.dll 2015-01-19 12:32 - 2014-04-25 03:06 - 00626688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usp10.dll 2015-01-19 12:32 - 2014-04-12 03:22 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys 2015-01-19 12:32 - 2014-04-12 03:19 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll 2015-01-19 12:32 - 2014-04-12 03:19 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe 2015-01-19 12:32 - 2014-04-12 03:19 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll 2015-01-19 12:32 - 2014-04-12 03:19 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll 2015-01-19 12:32 - 2014-04-05 03:47 - 01903552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys 2015-01-19 12:32 - 2014-04-05 03:47 - 00288192 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS 2015-01-19 12:32 - 2014-03-26 15:44 - 02002432 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll 2015-01-19 12:32 - 2014-03-26 15:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml6r.dll 2015-01-19 12:32 - 2014-03-26 15:27 - 01389056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll 2015-01-19 12:32 - 2014-03-26 15:25 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6r.dll 2015-01-19 12:32 - 2014-03-25 03:43 - 14175744 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll 2015-01-19 12:32 - 2014-03-25 03:09 - 12874240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll 2015-01-19 12:32 - 2014-01-29 03:32 - 00484864 _____ (Microsoft Corporation) C:\Windows\system32\wer.dll 2015-01-19 12:32 - 2014-01-29 03:06 - 00381440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wer.dll 2015-01-19 12:32 - 2013-11-26 12:40 - 00376768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys 2015-01-19 12:32 - 2013-10-05 21:25 - 01474048 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll 2015-01-19 12:32 - 2013-10-05 20:57 - 01168384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll 2015-01-19 12:32 - 2013-07-09 06:52 - 00224256 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll 2015-01-19 12:32 - 2013-07-09 06:46 - 00184320 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll 2015-01-19 12:32 - 2013-07-09 06:46 - 00139776 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll 2015-01-19 12:32 - 2013-07-09 05:52 - 00175104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll 2015-01-19 12:32 - 2013-07-09 05:46 - 00140288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll 2015-01-19 12:32 - 2013-07-09 05:46 - 00103936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll 2015-01-19 12:32 - 2013-07-04 13:50 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\comctl32.dll 2015-01-19 12:32 - 2013-07-04 12:50 - 00530432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comctl32.dll 2015-01-19 12:32 - 2013-04-12 15:45 - 01656680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys 2015-01-19 12:32 - 2012-10-03 18:44 - 00216576 _____ (Microsoft Corporation) C:\Windows\system32\ncsi.dll 2015-01-19 12:32 - 2012-10-03 18:44 - 00070656 _____ (Microsoft Corporation) C:\Windows\system32\nlaapi.dll 2015-01-19 12:32 - 2011-11-17 07:35 - 00395776 _____ (Microsoft Corporation) C:\Windows\system32\webio.dll 2015-01-19 12:32 - 2011-11-17 06:35 - 00314880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webio.dll 2015-01-19 12:32 - 2011-10-26 06:25 - 01572864 _____ (Microsoft Corporation) C:\Windows\system32\quartz.dll 2015-01-19 12:32 - 2011-10-26 06:25 - 00366592 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll 2015-01-19 12:32 - 2011-10-26 05:32 - 01328128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\quartz.dll 2015-01-19 12:32 - 2011-10-26 05:32 - 00514560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qdvd.dll 2015-01-19 12:32 - 2011-07-09 03:46 - 00288768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys 2015-01-19 12:32 - 2011-06-15 11:02 - 00212992 _____ (Microsoft Corporation) C:\Windows\system32\odbctrac.dll 2015-01-19 12:32 - 2011-06-15 11:02 - 00163840 _____ (Microsoft Corporation) C:\Windows\system32\odbccp32.dll 2015-01-19 12:32 - 2011-06-15 11:02 - 00106496 _____ (Microsoft Corporation) C:\Windows\system32\odbccu32.dll 2015-01-19 12:32 - 2011-06-15 11:02 - 00106496 _____ (Microsoft Corporation) C:\Windows\system32\odbccr32.dll 2015-01-19 12:32 - 2011-06-15 09:55 - 00319488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\odbcjt32.dll 2015-01-19 12:32 - 2011-06-15 09:55 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\odbctrac.dll 2015-01-19 12:32 - 2011-06-15 09:55 - 00122880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\odbccp32.dll 2015-01-19 12:32 - 2011-06-15 09:55 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\odbccu32.dll 2015-01-19 12:32 - 2011-06-15 09:55 - 00081920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\odbccr32.dll 2015-01-19 12:32 - 2011-04-27 03:40 - 00158208 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys 2015-01-19 12:32 - 2011-04-27 03:39 - 00128000 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys 2015-01-19 12:32 - 2010-12-23 11:42 - 01118720 _____ (Microsoft Corporation) C:\Windows\system32\sbe.dll 2015-01-19 12:32 - 2010-12-23 11:42 - 00961024 _____ (Microsoft Corporation) C:\Windows\system32\CPFilters.dll 2015-01-19 12:32 - 2010-12-23 11:36 - 00259072 _____ (Microsoft Corporation) C:\Windows\system32\mpg2splt.ax 2015-01-19 12:32 - 2010-12-23 06:54 - 00850944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sbe.dll 2015-01-19 12:32 - 2010-12-23 06:54 - 00642048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CPFilters.dll 2015-01-19 12:32 - 2010-12-23 06:50 - 00199680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mpg2splt.ax 2015-01-19 12:31 - 2014-12-19 02:46 - 00141312 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys 2015-01-19 12:31 - 2014-12-12 06:35 - 05553592 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe 2015-01-19 12:31 - 2014-12-12 06:31 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll 2015-01-19 12:31 - 2014-12-12 06:31 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe 2015-01-19 12:31 - 2014-12-12 06:31 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll 2015-01-19 12:31 - 2014-12-12 06:11 - 03971512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe 2015-01-19 12:31 - 2014-12-12 06:11 - 03916728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe 2015-01-19 12:31 - 2014-12-12 06:07 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll 2015-01-19 12:31 - 2014-11-11 04:09 - 01190912 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll 2015-01-19 12:31 - 2014-11-11 03:44 - 01011200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll 2015-01-19 12:31 - 2014-10-30 03:04 - 00610304 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll 2015-01-19 12:31 - 2014-10-30 02:46 - 00428544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll 2015-01-19 12:31 - 2014-10-03 03:12 - 00500224 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll 2015-01-19 12:31 - 2014-10-03 03:11 - 00680960 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll 2015-01-19 12:31 - 2014-10-03 03:11 - 00440832 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll 2015-01-19 12:31 - 2014-10-03 03:11 - 00296448 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll 2015-01-19 12:31 - 2014-10-03 03:11 - 00284672 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll 2015-01-19 12:31 - 2014-10-03 02:44 - 00442880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AUDIOKSE.dll 2015-01-19 12:31 - 2014-10-03 02:44 - 00374784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioEng.dll 2015-01-19 12:31 - 2014-10-03 02:44 - 00195584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll 2015-01-19 12:31 - 2014-09-19 10:42 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll 2015-01-19 12:31 - 2014-09-04 06:23 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\rastls.dll 2015-01-19 12:31 - 2014-09-04 06:04 - 00372736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rastls.dll 2015-01-19 12:31 - 2014-08-21 07:43 - 01882624 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll 2015-01-19 12:31 - 2014-08-21 07:40 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll 2015-01-19 12:31 - 2014-08-21 07:26 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll 2015-01-19 12:31 - 2014-08-21 07:23 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll 2015-01-19 12:31 - 2014-08-12 03:02 - 00878080 _____ (Microsoft Corporation) C:\Windows\system32\IMJP10K.DLL 2015-01-19 12:31 - 2014-08-12 02:36 - 00701440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IMJP10K.DLL 2015-01-19 12:31 - 2014-06-18 03:18 - 00692736 _____ (Microsoft Corporation) C:\Windows\system32\osk.exe 2015-01-19 12:31 - 2014-06-18 02:51 - 00646144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\osk.exe 2015-01-19 12:31 - 2014-06-16 03:10 - 00985536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys 2015-01-19 12:31 - 2014-06-06 11:10 - 00624128 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll 2015-01-19 12:31 - 2014-06-06 10:44 - 00509440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll 2015-01-19 12:31 - 2014-06-03 11:02 - 03241984 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll 2015-01-19 12:31 - 2014-06-03 11:02 - 01941504 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll 2015-01-19 12:31 - 2014-06-03 11:02 - 00504320 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll 2015-01-19 12:31 - 2014-06-03 11:02 - 00112064 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe 2015-01-19 12:31 - 2014-06-03 10:29 - 02363392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll 2015-01-19 12:31 - 2014-06-03 10:29 - 01805824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll 2015-01-19 12:31 - 2014-06-03 10:29 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll 2015-01-19 12:31 - 2013-11-27 02:41 - 00343040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys 2015-01-19 12:31 - 2013-11-27 02:41 - 00325120 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys 2015-01-19 12:31 - 2013-11-27 02:41 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys 2015-01-19 12:31 - 2013-11-27 02:41 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys 2015-01-19 12:31 - 2013-11-27 02:41 - 00007808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys 2015-01-19 12:31 - 2013-10-04 03:16 - 00116736 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\drmk.sys 2015-01-19 12:31 - 2013-10-04 02:36 - 00230400 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\portcls.sys 2015-01-19 12:31 - 2013-08-02 03:12 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll 2015-01-19 12:31 - 2013-08-02 03:12 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll 2015-01-19 12:31 - 2013-08-02 02:48 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll 2015-01-19 12:31 - 2013-08-02 01:59 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe 2015-01-19 12:31 - 2013-07-26 03:24 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\shdocvw.dll 2015-01-19 12:31 - 2013-07-26 02:55 - 00180224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shdocvw.dll 2015-01-19 12:31 - 2013-07-25 10:25 - 01888768 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL 2015-01-19 12:31 - 2013-07-25 09:57 - 01620992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVDECOD.DLL 2015-01-19 12:31 - 2013-07-20 11:33 - 00124112 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll 2015-01-19 12:31 - 2013-07-20 11:33 - 00102608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll 2015-01-19 12:31 - 2013-07-12 11:41 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbcir.sys 2015-01-19 12:31 - 2013-07-12 11:40 - 00109824 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBAUDIO.sys 2015-01-19 12:31 - 2013-06-25 23:55 - 00785624 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Wdf01000.sys 2015-01-19 12:31 - 2013-06-06 06:50 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll 2015-01-19 12:31 - 2013-06-06 06:49 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll 2015-01-19 12:31 - 2013-06-06 06:49 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll 2015-01-19 12:31 - 2013-06-06 06:47 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll 2015-01-19 12:31 - 2013-06-06 05:57 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll 2015-01-19 12:31 - 2013-06-06 05:51 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll 2015-01-19 12:31 - 2013-06-06 05:50 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll 2015-01-19 12:31 - 2013-06-06 04:30 - 00368128 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll 2015-01-19 12:31 - 2013-06-06 04:01 - 00295424 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll 2015-01-19 12:31 - 2013-06-06 04:01 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll 2015-01-19 12:31 - 2013-04-26 06:51 - 00751104 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll 2015-01-19 12:31 - 2013-04-26 05:55 - 00492544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\win32spl.dll 2015-01-19 12:31 - 2013-04-10 07:01 - 00265064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms1.sys 2015-01-19 12:31 - 2013-02-27 06:47 - 00070144 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll 2015-01-19 12:31 - 2013-02-12 05:12 - 00019968 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usb8023.sys 2015-01-19 12:31 - 2012-11-23 04:13 - 00068608 _____ (Microsoft Corporation) C:\Windows\system32\taskhost.exe 2015-01-19 12:31 - 2012-11-02 06:59 - 00478208 _____ (Microsoft Corporation) C:\Windows\system32\dpnet.dll 2015-01-19 12:31 - 2012-11-02 06:11 - 00376832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpnet.dll 2015-01-19 12:31 - 2012-09-25 23:47 - 00078336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\synceng.dll 2015-01-19 12:31 - 2012-09-25 23:46 - 00095744 _____ (Microsoft Corporation) C:\Windows\system32\synceng.dll 2015-01-19 12:31 - 2012-06-16 06:15 - 00911360 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll 2015-01-19 12:31 - 2012-06-16 05:26 - 00717824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll 2015-01-19 12:31 - 2012-03-17 08:58 - 00075120 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\partmgr.sys 2015-01-19 12:31 - 2011-08-17 06:26 - 00613888 _____ (Microsoft Corporation) C:\Windows\system32\psisdecd.dll 2015-01-19 12:31 - 2011-08-17 06:25 - 00108032 _____ (Microsoft Corporation) C:\Windows\system32\psisrndr.ax 2015-01-19 12:31 - 2011-08-17 05:24 - 00465408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\psisdecd.dll 2015-01-19 12:31 - 2011-08-17 05:19 - 00075776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\psisrndr.ax 2015-01-19 12:31 - 2011-05-24 12:42 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\umpnpmgr.dll 2015-01-19 12:31 - 2011-05-24 11:40 - 00064512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\devobj.dll 2015-01-19 12:31 - 2011-05-24 11:40 - 00044544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\devrtl.dll 2015-01-19 12:31 - 2011-05-24 11:39 - 00145920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cfgmgr32.dll 2015-01-19 12:31 - 2011-05-24 11:37 - 00252928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drvinst.exe 2015-01-19 12:31 - 2011-04-29 04:06 - 00467456 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv.sys 2015-01-19 12:31 - 2011-04-29 04:05 - 00410112 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys 2015-01-19 12:31 - 2011-04-29 04:05 - 00168448 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys 2015-01-19 12:31 - 2011-03-11 07:34 - 01395712 _____ (Microsoft Corporation) C:\Windows\system32\mfc42.dll 2015-01-19 12:31 - 2011-03-11 07:34 - 01359872 _____ (Microsoft Corporation) C:\Windows\system32\mfc42u.dll 2015-01-19 12:31 - 2011-03-11 06:33 - 01164288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc42u.dll 2015-01-19 12:31 - 2011-03-11 06:33 - 01137664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc42.dll 2015-01-19 12:31 - 2011-03-03 07:24 - 00357888 _____ (Microsoft Corporation) C:\Windows\system32\dnsapi.dll 2015-01-19 12:31 - 2011-03-03 07:24 - 00183296 _____ (Microsoft Corporation) C:\Windows\system32\dnsrslvr.dll 2015-01-19 12:31 - 2011-03-03 07:21 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\dnscacheugc.exe 2015-01-19 12:31 - 2011-03-03 06:38 - 00270336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dnsapi.dll 2015-01-19 12:31 - 2011-03-03 06:36 - 00028672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dnscacheugc.exe 2015-01-19 12:31 - 2011-02-05 18:10 - 00642944 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi 2015-01-19 12:31 - 2011-02-05 18:10 - 00020352 _____ (Microsoft Corporation) C:\Windows\system32\kdusb.dll 2015-01-19 12:31 - 2011-02-05 18:10 - 00019328 _____ (Microsoft Corporation) C:\Windows\system32\kd1394.dll 2015-01-19 12:31 - 2011-02-05 18:10 - 00017792 _____ (Microsoft Corporation) C:\Windows\system32\kdcom.dll 2015-01-19 12:31 - 2011-02-05 18:06 - 00605552 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe 2015-01-19 12:31 - 2011-02-05 18:06 - 00566208 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi 2015-01-19 12:31 - 2011-02-05 18:06 - 00518672 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe 2015-01-19 12:31 - 2011-02-03 12:25 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\cdd.dll 2015-01-19 12:30 - 2014-10-25 02:57 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\packager.dll 2015-01-19 12:30 - 2014-10-25 02:32 - 00067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\packager.dll 2015-01-19 12:30 - 2014-10-18 03:05 - 00861696 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll 2015-01-19 12:30 - 2014-10-18 02:33 - 00571904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll 2015-01-19 12:30 - 2014-10-10 01:57 - 03198976 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys 2015-01-19 12:30 - 2014-09-19 10:42 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll 2015-01-19 12:30 - 2014-09-19 10:42 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll 2015-01-19 12:30 - 2014-09-19 10:42 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll 2015-01-19 12:30 - 2014-09-19 10:42 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll 2015-01-19 12:30 - 2014-09-19 10:42 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll 2015-01-19 12:30 - 2014-09-19 10:23 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll 2015-01-19 12:30 - 2014-09-19 10:23 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll 2015-01-19 12:30 - 2014-09-19 10:23 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll 2015-01-19 12:30 - 2014-09-19 10:23 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll 2015-01-19 12:30 - 2014-09-19 10:23 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll 2015-01-19 12:30 - 2014-09-19 10:23 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll 2015-01-19 12:30 - 2014-08-23 03:07 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll 2015-01-19 12:30 - 2014-08-23 02:45 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll 2015-01-19 12:30 - 2014-07-17 03:07 - 03722240 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll 2015-01-19 12:30 - 2014-07-17 03:07 - 01118720 _____ (Microsoft Corporation) C:\Windows\system32\mstsc.exe 2015-01-19 12:30 - 2014-07-17 03:07 - 00455168 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe 2015-01-19 12:30 - 2014-07-17 03:07 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\winsta.dll 2015-01-19 12:30 - 2014-07-17 03:07 - 00150528 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorekmts.dll 2015-01-19 12:30 - 2014-07-17 02:40 - 00157696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winsta.dll 2015-01-19 12:30 - 2014-07-17 02:39 - 03221504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll 2015-01-19 12:30 - 2014-07-17 02:39 - 01051136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstsc.exe 2015-01-19 12:30 - 2014-07-17 02:39 - 00131584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aaclient.dll 2015-01-19 12:30 - 2014-07-17 02:21 - 00212480 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpwd.sys 2015-01-19 12:30 - 2014-07-17 02:21 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys 2015-01-19 12:30 - 2014-07-14 03:02 - 01216000 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll 2015-01-19 12:30 - 2014-07-14 02:40 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll 2015-01-19 12:30 - 2014-03-04 10:44 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll 2015-01-19 12:30 - 2014-03-04 10:44 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll 2015-01-19 12:30 - 2014-03-04 10:44 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll 2015-01-19 12:30 - 2014-03-04 10:44 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll 2015-01-19 12:30 - 2014-03-04 10:44 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll 2015-01-19 12:30 - 2014-03-04 10:17 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll 2015-01-19 12:30 - 2014-03-04 10:16 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll 2015-01-19 12:30 - 2014-03-04 10:16 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe 2015-01-19 12:30 - 2014-03-04 10:16 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll 2015-01-19 12:30 - 2014-03-04 09:09 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe 2015-01-19 12:30 - 2014-03-04 09:09 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe 2015-01-19 12:30 - 2013-10-12 03:32 - 00150016 _____ (Microsoft Corporation) C:\Windows\system32\wshom.ocx 2015-01-19 12:30 - 2013-10-12 03:31 - 00202752 _____ (Microsoft Corporation) C:\Windows\system32\scrrun.dll 2015-01-19 12:30 - 2013-10-12 03:30 - 00830464 _____ (Microsoft Corporation) C:\Windows\system32\nshwfp.dll 2015-01-19 12:30 - 2013-10-12 03:29 - 00859648 _____ (Microsoft Corporation) C:\Windows\system32\IKEEXT.DLL 2015-01-19 12:30 - 2013-10-12 03:29 - 00324096 _____ (Microsoft Corporation) C:\Windows\system32\FWPUCLNT.DLL 2015-01-19 12:30 - 2013-10-12 03:04 - 00121856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wshom.ocx 2015-01-19 12:30 - 2013-10-12 03:03 - 00656896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nshwfp.dll 2015-01-19 12:30 - 2013-10-12 03:03 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scrrun.dll 2015-01-19 12:30 - 2013-10-12 03:01 - 00216576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FWPUCLNT.DLL 2015-01-19 12:30 - 2013-10-12 02:33 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\wscript.exe 2015-01-19 12:30 - 2013-10-12 02:33 - 00156160 _____ (Microsoft Corporation) C:\Windows\system32\cscript.exe 2015-01-19 12:30 - 2013-10-12 02:15 - 00141824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wscript.exe 2015-01-19 12:30 - 2013-10-12 02:15 - 00126976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cscript.exe 2015-01-19 12:30 - 2013-08-27 10:01 - 01545728 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll 2015-01-19 12:30 - 2013-08-27 10:01 - 01143296 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll 2015-01-19 12:30 - 2013-08-27 09:21 - 01077760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll 2015-01-19 12:30 - 2013-08-02 03:14 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll 2015-01-19 12:30 - 2013-08-02 03:12 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll 2015-01-19 12:30 - 2013-08-02 03:12 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll 2015-01-19 12:30 - 2013-08-02 03:12 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll 2015-01-19 12:30 - 2013-08-02 03:12 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll 2015-01-19 12:30 - 2013-08-02 03:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll 2015-01-19 12:30 - 2013-08-02 03:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll 2015-01-19 12:30 - 2013-08-02 03:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll 2015-01-19 12:30 - 2013-08-02 03:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll 2015-01-19 12:30 - 2013-08-02 03:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll 2015-01-19 12:30 - 2013-08-02 03:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll 2015-01-19 12:30 - 2013-08-02 03:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll 2015-01-19 12:30 - 2013-08-02 03:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll 2015-01-19 12:30 - 2013-08-02 03:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll 2015-01-19 12:30 - 2013-08-02 03:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll 2015-01-19 12:30 - 2013-08-02 03:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll 2015-01-19 12:30 - 2013-08-02 03:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll 2015-01-19 12:30 - 2013-08-02 03:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll 2015-01-19 12:30 - 2013-08-02 03:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll 2015-01-19 12:30 - 2013-08-02 03:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll 2015-01-19 12:30 - 2013-08-02 03:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll 2015-01-19 12:30 - 2013-08-02 03:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll 2015-01-19 12:30 - 2013-08-02 03:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll 2015-01-19 12:30 - 2013-08-02 03:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll 2015-01-19 12:30 - 2013-08-02 03:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll 2015-01-19 12:30 - 2013-08-02 03:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll 2015-01-19 12:30 - 2013-08-02 03:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll 2015-01-19 12:30 - 2013-08-02 03:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll 2015-01-19 12:30 - 2013-08-02 03:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll 2015-01-19 12:30 - 2013-08-02 02:48 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll 2015-01-19 12:30 - 2013-08-02 02:48 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll 2015-01-19 12:30 - 2013-08-02 02:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll 2015-01-19 12:30 - 2013-08-02 02:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll 2015-01-19 12:30 - 2013-08-02 02:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll 2015-01-19 12:30 - 2013-08-02 02:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll 2015-01-19 12:30 - 2013-08-02 02:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll 2015-01-19 12:30 - 2013-08-02 02:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll 2015-01-19 12:30 - 2013-08-02 02:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll 2015-01-19 12:30 - 2013-08-02 02:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll 2015-01-19 12:30 - 2013-08-02 02:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll 2015-01-19 12:30 - 2013-08-02 02:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll 2015-01-19 12:30 - 2013-08-02 02:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll 2015-01-19 12:30 - 2013-08-02 02:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll 2015-01-19 12:30 - 2013-08-02 02:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll 2015-01-19 12:30 - 2013-08-02 02:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll 2015-01-19 12:30 - 2013-08-02 02:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll 2015-01-19 12:30 - 2013-08-02 02:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll 2015-01-19 12:30 - 2013-08-02 02:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll 2015-01-19 12:30 - 2013-08-02 02:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll 2015-01-19 12:30 - 2013-08-02 02:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll 2015-01-19 12:30 - 2013-08-02 02:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll 2015-01-19 12:30 - 2013-08-02 02:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll 2015-01-19 12:30 - 2013-08-02 02:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll 2015-01-19 12:30 - 2013-08-02 02:09 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe 2015-01-19 12:30 - 2013-08-02 01:43 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll 2015-01-19 12:30 - 2013-08-02 01:43 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll 2015-01-19 12:30 - 2013-08-02 01:43 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll 2015-01-19 12:30 - 2013-08-02 01:43 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll 2015-01-19 12:30 - 2013-07-04 13:18 - 00458712 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys 2015-01-19 12:30 - 2013-05-13 06:50 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\certenc.dll 2015-01-19 12:30 - 2013-05-13 04:43 - 01192448 _____ (Microsoft Corporation) C:\Windows\system32\certutil.exe 2015-01-19 12:30 - 2013-05-13 04:08 - 00903168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certutil.exe 2015-01-19 12:30 - 2013-05-13 04:08 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certenc.dll 2015-01-19 12:30 - 2013-02-15 07:08 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\tsgqec.dll 2015-01-19 12:30 - 2013-02-15 07:02 - 00158720 _____ (Microsoft Corporation) C:\Windows\system32\aaclient.dll 2015-01-19 12:30 - 2013-02-15 04:25 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tsgqec.dll 2015-01-19 12:30 - 2012-07-04 23:16 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\netapi32.dll 2015-01-19 12:30 - 2012-07-04 23:13 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\browser.dll 2015-01-19 12:30 - 2012-07-04 23:13 - 00059392 _____ (Microsoft Corporation) C:\Windows\system32\browcli.dll 2015-01-19 12:30 - 2012-07-04 22:16 - 00057344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netapi32.dll 2015-01-19 12:30 - 2012-07-04 22:14 - 00041984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\browcli.dll 2015-01-19 12:30 - 2012-06-06 07:02 - 01133568 _____ (Microsoft Corporation) C:\Windows\system32\cdosys.dll 2015-01-19 12:30 - 2012-06-06 06:03 - 00805376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cdosys.dll 2015-01-19 12:30 - 2012-05-14 06:26 - 00956928 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll 2015-01-19 12:30 - 2012-04-26 06:41 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\rdpwsx.dll 2015-01-19 12:30 - 2012-04-26 06:34 - 00009216 _____ (Microsoft Corporation) C:\Windows\system32\rdrmemptylst.exe 2015-01-19 12:30 - 2011-12-16 09:46 - 00634880 _____ (Microsoft Corporation) C:\Windows\system32\msvcrt.dll 2015-01-19 12:30 - 2011-12-16 08:52 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcrt.dll 2015-01-19 12:30 - 2011-10-15 07:31 - 00723456 _____ (Microsoft Corporation) C:\Windows\system32\EncDec.dll 2015-01-19 12:30 - 2011-10-15 06:38 - 00534528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\EncDec.dll 2015-01-19 12:30 - 2011-08-27 06:37 - 00331776 _____ (Microsoft Corporation) C:\Windows\system32\oleacc.dll 2015-01-19 12:30 - 2011-08-27 05:26 - 00233472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleacc.dll 2015-01-19 12:30 - 2011-05-03 06:29 - 00976896 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll 2015-01-19 12:30 - 2011-05-03 05:30 - 00741376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll 2015-01-19 12:30 - 2011-02-23 05:55 - 00090624 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bowser.sys 2015-01-19 12:30 - 2011-02-12 12:34 - 00267776 _____ (Microsoft Corporation) C:\Windows\system32\FXSCOVER.exe 2015-01-18 20:26 - 2012-02-17 07:38 - 01031680 _____ (Microsoft Corporation) C:\Windows\system32\rdpcore.dll 2015-01-18 20:26 - 2012-02-17 06:34 - 00826880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdpcore.dll 2015-01-18 20:26 - 2012-02-17 05:57 - 00023552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdtcp.sys 2015-01-18 20:12 - 2015-01-18 20:12 - 01597660 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI 2015-01-18 20:11 - 2015-01-18 20:11 - 00077832 _____ () C:\Users\Timo Doblinski\AppData\Local\GDIPFONTCACHEV1.DAT 2015-01-18 20:10 - 2015-01-18 20:10 - 00000020 ___SH () C:\Users\Timo Doblinski\ntuser.ini 2015-01-18 20:10 - 2015-01-18 20:10 - 00000000 _SHDL () C:\Users\Public\Documents\Eigene Musik 2015-01-18 20:10 - 2015-01-18 20:10 - 00000000 _SHDL () C:\Users\Public\Documents\Eigene Bilder 2015-01-18 20:10 - 2015-01-18 20:10 - 00000000 _SHDL () C:\Users\Default\Vorlagen 2015-01-18 20:10 - 2015-01-18 20:10 - 00000000 _SHDL () C:\Users\Default\Startmenü 2015-01-18 20:10 - 2015-01-18 20:10 - 00000000 _SHDL () C:\Users\Default\Netzwerkumgebung 2015-01-18 20:10 - 2015-01-18 20:10 - 00000000 _SHDL () C:\Users\Default\Lokale Einstellungen 2015-01-18 20:10 - 2015-01-18 20:10 - 00000000 _SHDL () C:\Users\Default\Eigene Dateien 2015-01-18 20:10 - 2015-01-18 20:10 - 00000000 _SHDL () C:\Users\Default\Druckumgebung 2015-01-18 20:10 - 2015-01-18 20:10 - 00000000 _SHDL () C:\Users\Default\Documents\Eigene Musik 2015-01-18 20:10 - 2015-01-18 20:10 - 00000000 _SHDL () C:\Users\Default\Documents\Eigene Bilder 2015-01-18 20:10 - 2015-01-18 20:10 - 00000000 _SHDL () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programme 2015-01-18 20:10 - 2015-01-18 20:10 - 00000000 _SHDL () C:\Users\Default\AppData\Local\Verlauf 2015-01-18 20:10 - 2015-01-18 20:10 - 00000000 _SHDL () C:\Users\Default\AppData\Local\Anwendungsdaten 2015-01-18 20:10 - 2015-01-18 20:10 - 00000000 _SHDL () C:\Users\Default\Anwendungsdaten 2015-01-18 20:10 - 2015-01-18 20:10 - 00000000 _SHDL () C:\Users\Default User\Documents\Eigene Musik 2015-01-18 20:10 - 2015-01-18 20:10 - 00000000 _SHDL () C:\Users\Default User\Documents\Eigene Bilder 2015-01-18 20:10 - 2015-01-18 20:10 - 00000000 _SHDL () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programme 2015-01-18 20:10 - 2015-01-18 20:10 - 00000000 _SHDL () C:\Users\Default User\AppData\Local\Verlauf 2015-01-18 20:10 - 2015-01-18 20:10 - 00000000 _SHDL () C:\Users\Default User\AppData\Local\Anwendungsdaten 2015-01-18 20:10 - 2015-01-18 20:10 - 00000000 _SHDL () C:\ProgramData\Vorlagen 2015-01-18 20:10 - 2015-01-18 20:10 - 00000000 _SHDL () C:\ProgramData\Startmenü 2015-01-18 20:10 - 2015-01-18 20:10 - 00000000 _SHDL () C:\ProgramData\Microsoft\Windows\Start Menu\Programme 2015-01-18 20:10 - 2015-01-18 20:10 - 00000000 _SHDL () C:\ProgramData\Favoriten 2015-01-18 20:10 - 2015-01-18 20:10 - 00000000 _SHDL () C:\ProgramData\Dokumente 2015-01-18 20:10 - 2015-01-18 20:10 - 00000000 _SHDL () C:\ProgramData\Anwendungsdaten 2015-01-18 20:10 - 2015-01-18 20:10 - 00000000 _SHDL () C:\Program Files\Gemeinsame Dateien 2015-01-18 20:09 - 2014-05-14 17:23 - 02477536 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll 2015-01-18 20:09 - 2014-05-14 17:23 - 00700384 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll 2015-01-18 20:09 - 2014-05-14 17:23 - 00581600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll 2015-01-18 20:09 - 2014-05-14 17:23 - 00058336 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe 2015-01-18 20:09 - 2014-05-14 17:23 - 00044512 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll 2015-01-18 20:09 - 2014-05-14 17:23 - 00038880 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll 2015-01-18 20:09 - 2014-05-14 17:23 - 00036320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll 2015-01-18 20:09 - 2014-05-14 17:21 - 02620928 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll 2015-01-18 20:09 - 2014-05-14 17:20 - 00097792 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll 2015-01-18 20:09 - 2014-05-14 17:17 - 00092672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll 2015-01-18 20:09 - 2014-05-14 09:23 - 00198600 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll 2015-01-18 20:09 - 2014-05-14 09:23 - 00179656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll 2015-01-18 20:09 - 2014-05-14 09:20 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe 2015-01-18 20:09 - 2014-05-14 09:17 - 00033792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe 2015-01-18 20:08 - 2012-07-26 05:55 - 00054376 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdfLdr.sys 2015-01-18 20:08 - 2012-07-26 03:36 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\Wdfres.dll 2015-01-18 20:08 - 2012-06-02 15:35 - 00000003 _____ () C:\Windows\system32\Drivers\MsftWdf_Kernel_01011_Inbox_Critical.Wdf 2015-01-18 20:05 - 2015-01-18 20:05 - 00022960 _____ () C:\Windows\system32\emptyregdb.dat 2015-01-18 20:04 - 2015-01-18 20:04 - 00000000 ____D () C:\Users\Default\AppData\Roaming\Macromedia 2015-01-18 20:04 - 2015-01-18 20:04 - 00000000 ____D () C:\Users\Default User\AppData\Roaming\Macromedia 2015-01-18 19:58 - 2015-01-26 23:53 - 00000000 ____D () C:\Users\Timo Doblinski 2015-01-18 19:58 - 2015-01-18 19:58 - 00001345 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk 2015-01-18 19:58 - 2015-01-18 19:58 - 00001326 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk 2015-01-18 19:58 - 2015-01-18 19:58 - 00000000 _SHDL () C:\Users\Timo Doblinski\Vorlagen 2015-01-18 19:58 - 2015-01-18 19:58 - 00000000 _SHDL () C:\Users\Timo Doblinski\Startmenü 2015-01-18 19:58 - 2015-01-18 19:58 - 00000000 _SHDL () C:\Users\Timo Doblinski\Netzwerkumgebung 2015-01-18 19:58 - 2015-01-18 19:58 - 00000000 _SHDL () C:\Users\Timo Doblinski\Lokale Einstellungen 2015-01-18 19:58 - 2015-01-18 19:58 - 00000000 _SHDL () C:\Users\Timo Doblinski\Eigene Dateien 2015-01-18 19:58 - 2015-01-18 19:58 - 00000000 _SHDL () C:\Users\Timo Doblinski\Druckumgebung 2015-01-18 19:58 - 2015-01-18 19:58 - 00000000 _SHDL () C:\Users\Timo Doblinski\Documents\Eigene Musik 2015-01-18 19:58 - 2015-01-18 19:58 - 00000000 _SHDL () C:\Users\Timo Doblinski\Documents\Eigene Bilder 2015-01-18 19:58 - 2015-01-18 19:58 - 00000000 _SHDL () C:\Users\Timo Doblinski\AppData\Roaming\Microsoft\Windows\Start Menu\Programme 2015-01-18 19:58 - 2015-01-18 19:58 - 00000000 _SHDL () C:\Users\Timo Doblinski\AppData\Local\Verlauf 2015-01-18 19:58 - 2015-01-18 19:58 - 00000000 _SHDL () C:\Users\Timo Doblinski\AppData\Local\Anwendungsdaten 2015-01-18 19:58 - 2015-01-18 19:58 - 00000000 _SHDL () C:\Users\Timo Doblinski\Anwendungsdaten 2015-01-18 19:58 - 2009-07-14 05:54 - 00000000 ___RD () C:\Users\Timo Doblinski\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories 2015-01-18 19:58 - 2009-07-14 05:49 - 00000000 ___RD () C:\Users\Timo Doblinski\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance 2015-01-18 19:57 - 2015-01-25 22:15 - 00000000 ____D () C:\ProgramData\NVIDIA Corporation 2015-01-18 19:57 - 2015-01-25 22:13 - 00000000 ____D () C:\Program Files\NVIDIA Corporation 2015-01-18 19:57 - 2015-01-25 22:13 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation 2015-01-18 19:57 - 2015-01-18 20:10 - 00009277 _____ () C:\Windows\system32\lvcoinst.log 2015-01-18 19:57 - 2015-01-18 19:57 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_xusb21_01009.Wdf 2015-01-18 19:57 - 2015-01-18 19:57 - 00000000 ____D () C:\Program Files\Common Files\logishrd 2015-01-18 19:56 - 2015-01-29 14:30 - 01985704 _____ () C:\Windows\WindowsUpdate.log 2015-01-18 19:56 - 2015-01-18 19:56 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_User_WpdFs_01_09_00.Wdf 2015-01-18 19:56 - 2015-01-18 19:56 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_iusb3hcs_01009.Wdf 2015-01-18 19:56 - 2015-01-18 19:56 - 00000000 ____D () C:\Windows\SysWOW64\RTCOM 2015-01-18 19:56 - 2015-01-18 19:56 - 00000000 ____D () C:\Program Files\Realtek 2015-01-18 19:54 - 2015-01-18 19:54 - 00262144 _____ () C:\Windows\system32\config\userdiff 2015-01-17 23:53 - 2015-01-27 05:52 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox.bak 2015-01-11 21:16 - 2015-01-18 20:00 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MSI 2015-01-11 21:16 - 2015-01-11 21:16 - 00002067 _____ () C:\Users\Public\Desktop\Super-Charger.lnk 2015-01-11 21:16 - 2015-01-11 21:16 - 00000000 ___HD () C:\SuperChargerProfile 2015-01-11 21:15 - 2015-01-18 20:00 - 00000000 ____D () C:\ProgramData\Qualcomm 2015-01-11 21:15 - 2015-01-18 20:00 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Qualcomm Atheros 2015-01-11 21:15 - 2015-01-18 19:59 - 00000000 ____D () C:\Program Files\Qualcomm Atheros 2015-01-11 21:15 - 2015-01-11 21:15 - 00002783 _____ () C:\Users\Public\Desktop\Killer Network Manager.lnk 2015-01-08 12:50 - 2015-01-08 12:50 - 00021712 _____ (Phoenix Technologies) C:\Windows\SysWOW64\Drivers\DrvAgent64.SYS 2015-01-08 12:47 - 2015-01-18 20:00 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CPUID 2015-01-06 20:13 - 2015-01-18 20:03 - 00000000 ____D () C:\Users\Timo Doblinski\Desktop\Ultimate Twitch Bot 2015-01-06 15:40 - 2015-01-06 15:41 - 25956855 _____ () C:\Users\Timo Doblinski\Desktop\intro stream.mp4 2015-01-06 14:36 - 2015-01-26 01:10 - 00000000 ____D () C:\Program Files (x86)\Free Codec Pack 2015-01-06 00:48 - 2015-01-18 20:03 - 00000000 ____D () C:\Users\Timo Doblinski\Desktop\clrbrowser4_repack 2015-01-05 03:33 - 2015-01-18 20:03 - 00000000 ____D () C:\Users\Timo Doblinski\AppData\Roaming\WinRAR 2015-01-05 03:32 - 2015-01-18 20:03 - 00000000 ____D () C:\Users\Timo Doblinski\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR 2015-01-05 03:32 - 2015-01-18 20:00 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR 2015-01-05 03:32 - 2015-01-18 19:59 - 00000000 ____D () C:\Program Files\WinRAR ==================== One Month Modified Files and Folders ======= (If an entry is included in the fixlist, the file\folder will be moved.) 2015-01-29 14:33 - 2009-07-14 05:45 - 00028720 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2015-01-29 14:33 - 2009-07-14 05:45 - 00028720 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2015-01-29 14:32 - 2011-04-12 08:43 - 00698688 _____ () C:\Windows\system32\perfh007.dat 2015-01-29 14:32 - 2011-04-12 08:43 - 00148828 _____ () C:\Windows\system32\perfc007.dat 2015-01-29 14:32 - 2009-07-14 06:13 - 01618320 _____ () C:\Windows\system32\PerfStringBackup.INI 2015-01-29 14:25 - 2014-04-16 19:52 - 00001106 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2015-01-29 14:25 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT 2015-01-29 14:20 - 2014-04-16 20:18 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job 2015-01-29 14:17 - 2014-10-16 11:42 - 00000000 ____D () C:\Program Files (x86)\Avira 2015-01-29 14:17 - 2014-06-19 00:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira 2015-01-29 14:17 - 2014-04-17 08:25 - 00000000 ____D () C:\ProgramData\Package Cache 2015-01-29 14:11 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\LiveKernelReports 2015-01-29 03:41 - 2014-04-16 19:52 - 00001110 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2015-01-29 03:19 - 2014-04-16 20:06 - 00000000 ____D () C:\Users\Timo Doblinski\AppData\Roaming\TS3Client 2015-01-29 02:00 - 2014-04-16 20:01 - 00000000 ____D () C:\Users\Timo Doblinski\AppData\Local\Adobe 2015-01-27 22:11 - 2014-11-16 16:09 - 00000000 ____D () C:\Users\Timo Doblinski\AppData\Roaming\Spotify 2015-01-27 13:05 - 2014-11-11 03:06 - 00000000 ____D () C:\Users\Timo Doblinski\AppData\Roaming\OBS 2015-01-27 12:50 - 2014-04-16 20:00 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service 2015-01-27 02:07 - 2014-06-13 11:03 - 00000000 ____D () C:\Users\Timo Doblinski\Desktop\Dobs 2015-01-26 17:53 - 2014-11-16 16:09 - 00000000 ____D () C:\Users\Timo Doblinski\AppData\Local\Spotify 2015-01-26 17:00 - 2014-11-16 18:31 - 00000132 _____ () C:\Users\Timo Doblinski\AppData\Roaming\Adobe CS5-Voreinstellungen für PNG-Format 2015-01-26 01:10 - 2014-12-29 17:06 - 00000000 ____D () C:\Users\Timo Doblinski\AppData\Roaming\DVDVideoSoft 2015-01-25 22:46 - 2014-05-12 16:53 - 00000000 ____D () C:\Users\Timo Doblinski\AppData\Roaming\.minecraft 2015-01-25 22:15 - 2014-04-16 20:57 - 00000000 ____D () C:\Users\Timo Doblinski\AppData\Local\NVIDIA Corporation 2015-01-25 22:13 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\Help 2015-01-25 21:00 - 2014-04-18 11:45 - 00000000 ____D () C:\Windows\system32\MRT 2015-01-25 15:34 - 2014-05-19 22:45 - 00000000 ____D () C:\Users\Timo Doblinski\AppData\Roaming\Skype 2015-01-25 14:20 - 2014-04-16 20:18 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater 2015-01-25 14:20 - 2014-04-16 20:01 - 00701616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2015-01-25 14:20 - 2014-04-16 20:01 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2015-01-24 18:48 - 2014-11-11 03:06 - 00000000 ____D () C:\Program Files (x86)\OBS 2015-01-24 17:12 - 2014-04-23 21:03 - 00000000 ____D () C:\Users\Timo Doblinski\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam 2015-01-24 13:49 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\rescache 2015-01-24 12:48 - 2014-08-17 23:41 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69 2015-01-24 12:47 - 2014-07-17 17:14 - 00000000 ____D () C:\ProgramData\Apple 2015-01-24 12:32 - 2011-04-12 08:54 - 00000000 ___RD () C:\Users\Public\Recorded TV 2015-01-24 12:03 - 2014-04-17 00:58 - 00000000 ____D () C:\ProgramData\Oracle 2015-01-23 11:10 - 2014-04-28 23:18 - 00000000 ____D () C:\Users\Timo Doblinski\Documents\My Games 2015-01-23 10:59 - 2014-04-16 19:52 - 00000000 ____D () C:\Users\Timo Doblinski\AppData\Local\Google 2015-01-22 04:39 - 2014-04-25 22:06 - 00000000 ____D () C:\Users\Timo Doblinski\AppData\Local\CrashDumps 2015-01-20 12:23 - 2009-07-14 05:45 - 00394368 _____ () C:\Windows\system32\FNTCACHE.DAT 2015-01-20 03:33 - 2011-04-12 08:55 - 00000000 ____D () C:\Program Files\Windows Journal 2015-01-20 03:33 - 2009-07-14 06:32 - 00000000 ____D () C:\Program Files\Windows Defender 2015-01-20 03:33 - 2009-07-14 06:32 - 00000000 ____D () C:\Program Files (x86)\Windows Defender 2015-01-20 03:33 - 2009-07-14 04:20 - 00000000 ____D () C:\Program Files\Common Files\System 2015-01-19 17:48 - 2014-04-17 14:36 - 00000000 ____D () C:\Users\Timo Doblinski\AppData\Local\DayZ 2015-01-18 20:20 - 2009-07-14 05:57 - 00001547 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk 2015-01-18 20:10 - 2014-04-14 18:28 - 00000000 __SHD () C:\Recovery 2015-01-18 20:10 - 2009-07-14 04:20 - 00000000 __RHD () C:\Users\Public\Libraries 2015-01-18 20:10 - 2009-07-14 04:20 - 00000000 __RHD () C:\Users\Default 2015-01-18 20:10 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\Recovery 2015-01-18 20:10 - 2009-07-14 04:20 - 00000000 ____D () C:\Program Files\Windows NT 2015-01-18 20:09 - 2009-07-14 06:32 - 00000000 ____D () C:\Windows\system32\restore 2015-01-18 20:06 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\Registration 2015-01-18 20:05 - 2014-10-31 12:28 - 00000000 ____D () C:\Windows\System32\Tasks\OfficeSoftwareProtectionPlatform 2015-01-18 20:04 - 2014-10-25 16:59 - 00000000 ____D () C:\Users\Timo Doblinski\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games 2015-01-18 20:04 - 2009-07-14 04:20 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance 2015-01-18 20:04 - 2009-07-14 04:20 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories 2015-01-18 20:04 - 2009-07-14 04:20 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance 2015-01-18 20:04 - 2009-07-14 04:20 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories 2015-01-18 20:03 - 2014-12-24 09:18 - 00000000 ____D () C:\Users\Timo Doblinski\AppData\Local\Razer 2015-01-18 20:03 - 2014-12-18 22:26 - 00000000 ____D () C:\Users\Timo Doblinski\Documents\SavedGames 2015-01-18 20:03 - 2014-12-18 19:17 - 00000000 ____D () C:\Users\Timo Doblinski\AppData\Roaming\SpaceEngineers 2015-01-18 20:03 - 2014-12-18 01:40 - 00000000 ____D () C:\Users\Timo Doblinski\AppData\Roaming\Cubic 2015-01-18 20:03 - 2014-12-11 20:07 - 00000000 ____D () C:\Users\Timo Doblinski\Desktop\YouTube AresLPS 2015-01-18 20:03 - 2014-12-02 16:25 - 00000000 ____D () C:\Users\Timo Doblinski\Documents\TeeBoard 2015-01-18 20:03 - 2014-12-02 16:25 - 00000000 ____D () C:\Users\Timo Doblinski\AppData\Roaming\be.gip.twitch.TeeBoard 2015-01-18 20:03 - 2014-11-29 12:58 - 00000000 ____D () C:\Users\Timo Doblinski\AppData\Roaming\dekovir 2015-01-18 20:03 - 2014-11-17 22:01 - 00000000 ____D () C:\Users\Timo Doblinski\Documents\Streamtip 2015-01-18 20:03 - 2014-11-17 22:01 - 00000000 ____D () C:\Users\Timo Doblinski\AppData\Local\streamtip-alerter 2015-01-18 20:03 - 2014-11-14 21:44 - 00000000 ____D () C:\Users\Timo Doblinski\Documents\telltale games 2015-01-18 20:03 - 2014-11-13 15:47 - 00000000 ____D () C:\Users\Timo Doblinski\AppData\Roaming\TideSDK 2015-01-18 20:03 - 2014-11-11 23:35 - 00000000 ____D () C:\Users\Timo Doblinski\AppData\Roaming\Tunngle 2015-01-18 20:03 - 2014-11-11 03:06 - 00000000 ____D () C:\Users\Timo Doblinski\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Open Broadcaster Software 2015-01-18 20:03 - 2014-11-07 00:00 - 00000000 ____D () C:\Users\Timo Doblinski\Zomboid 2015-01-18 20:03 - 2014-09-02 21:53 - 00000000 ____D () C:\Users\Timo Doblinski\Documents\My Curse 2015-01-18 20:03 - 2014-09-02 21:53 - 00000000 ____D () C:\Users\Timo Doblinski\AppData\Roaming\Curse Advertising 2015-01-18 20:03 - 2014-08-16 21:17 - 00000000 ____D () C:\Users\Timo Doblinski\Documents\Electronic Arts 2015-01-18 20:03 - 2014-08-14 20:57 - 00000000 ____D () C:\Users\Timo Doblinski\AppData\Roaming\Oracle 2015-01-18 20:03 - 2014-07-25 18:14 - 00000000 ____D () C:\Users\Timo Doblinski\Desktop\GAMES 2015-01-18 20:03 - 2014-07-17 17:15 - 00000000 ____D () C:\Users\Timo Doblinski\AppData\Roaming\Apple Computer 2015-01-18 20:03 - 2014-07-10 21:45 - 00000000 ____D () C:\Users\Timo Doblinski\AVM_Driver 2015-01-18 20:03 - 2014-07-06 20:50 - 00000000 ____D () C:\Users\Timo Doblinski\Documents\PVZ Garden Warfare 2015-01-18 20:03 - 2014-06-27 20:14 - 00000000 ____D () C:\Users\Timo Doblinski\Documents\Dungeon of the Endless 2015-01-18 20:03 - 2014-06-26 14:17 - 00000000 ____D () C:\Users\Timo Doblinski\AppData\Roaming\WizardWars 2015-01-18 20:03 - 2014-06-23 17:09 - 00000000 ____D () C:\Users\Timo Doblinski\AppData\Roaming\PDAppFlex 2015-01-18 20:03 - 2014-06-23 16:49 - 00000000 ___RD () C:\Users\Timo Doblinski\Creative Cloud Files 2015-01-18 20:03 - 2014-06-23 16:44 - 00000000 ____D () C:\Users\Timo Doblinski\AppData\Local\Windows Live 2015-01-18 20:03 - 2014-06-19 00:54 - 00000000 ____D () C:\Users\Timo Doblinski\AppData\Roaming\Avira 2015-01-18 20:03 - 2014-05-19 22:45 - 00000000 ____D () C:\Users\Timo Doblinski\AppData\Local\Skype 2015-01-18 20:03 - 2014-05-12 17:33 - 00000000 ____D () C:\Users\Timo Doblinski\Desktop\Minecraft 2015-01-18 20:03 - 2014-05-11 22:23 - 00000000 ____D () C:\Users\Timo Doblinski\AppData\Local\SCE 2015-01-18 20:03 - 2014-05-10 12:43 - 00000000 ____D () C:\Users\Timo Doblinski\Documents\CyberLink 2015-01-18 20:03 - 2014-05-06 22:31 - 00000000 ____D () C:\Users\Timo Doblinski\Documents\7 Days To Die 2015-01-18 20:03 - 2014-05-06 21:49 - 00000000 ____D () C:\Users\Timo Doblinski\Documents\Adobe 2015-01-18 20:03 - 2014-04-30 20:29 - 00000000 ____D () C:\Users\Timo Doblinski\Documents\Klei 2015-01-18 20:03 - 2014-04-28 23:18 - 00000000 ____D () C:\Users\Timo Doblinski\AppData\Local\Skyrim 2015-01-18 20:03 - 2014-04-28 00:41 - 00000000 ____D () C:\Users\Timo Doblinski\AppData\Roaming\Running with rifles 2015-01-18 20:03 - 2014-04-25 20:55 - 00000000 ____D () C:\Users\Timo Doblinski\AppData\Roaming\Audacity 2015-01-18 20:03 - 2014-04-24 14:52 - 00000000 ____D () C:\Users\Timo Doblinski\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ubisoft 2015-01-18 20:03 - 2014-04-24 14:52 - 00000000 ____D () C:\Users\Timo Doblinski\AppData\Local\Ubisoft Game Launcher 2015-01-18 20:03 - 2014-04-24 14:51 - 00000000 ____D () C:\Users\Timo Doblinski\Documents\Assassin's Creed IV Black Flag 2015-01-18 20:03 - 2014-04-24 14:08 - 00000000 ____D () C:\Users\Timo Doblinski\AppData\Roaming\No Company Name 2015-01-18 20:03 - 2014-04-23 16:43 - 00000000 ____D () C:\Users\Timo Doblinski\AppData\Local\TechSmith 2015-01-18 20:03 - 2014-04-23 15:37 - 00000000 ____D () C:\Users\Timo Doblinski\Desktop\AresLPS 2015-01-18 20:03 - 2014-04-23 14:48 - 00000000 ____D () C:\Users\Timo Doblinski\Documents\Camtasia Studio 2015-01-18 20:03 - 2014-04-23 14:48 - 00000000 ____D () C:\Users\Timo Doblinski\AppData\Roaming\TechSmith 2015-01-18 20:03 - 2014-04-19 10:07 - 00000000 ____D () C:\Users\Timo Doblinski\AppData\Roaming\LolClient 2015-01-18 20:03 - 2014-04-19 09:41 - 00000000 ____D () C:\Users\Timo Doblinski\AppData\Roaming\Riot Games 2015-01-18 20:03 - 2014-04-18 14:18 - 00000000 ____D () C:\Users\Timo Doblinski\AppData\Local\PunkBuster 2015-01-18 20:03 - 2014-04-17 22:19 - 00000000 ____D () C:\Users\Timo Doblinski\AppData\Roaming\Wargaming.net 2015-01-18 20:03 - 2014-04-17 14:36 - 00000000 ____D () C:\Users\Timo Doblinski\Documents\DayZ 2015-01-18 20:03 - 2014-04-17 10:41 - 00000000 ____D () C:\Users\Timo Doblinski\AppData\Local\Power2Go 2015-01-18 20:03 - 2014-04-17 08:50 - 00000000 ____D () C:\Users\Timo Doblinski\Documents\Battlefield 4 2015-01-18 20:03 - 2014-04-16 22:32 - 00000000 ____D () C:\Users\Timo Doblinski\Documents\Diablo III 2015-01-18 20:03 - 2014-04-16 22:14 - 00000000 ____D () C:\Users\Timo Doblinski\AppData\Roaming\Origin 2015-01-18 20:03 - 2014-04-16 22:14 - 00000000 ____D () C:\Users\Timo Doblinski\AppData\Local\Origin 2015-01-18 20:03 - 2014-04-16 21:22 - 00000000 ____D () C:\Users\Timo Doblinski\AppData\Roaming\CyberLink 2015-01-18 20:03 - 2014-04-16 21:19 - 00000000 ____D () C:\Users\Timo Doblinski\AppData\Roaming\Battle.net 2015-01-18 20:03 - 2014-04-16 20:19 - 00000000 ____D () C:\Users\Timo Doblinski\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TeamSpeak 3 Client 2015-01-18 20:03 - 2014-04-16 20:19 - 00000000 ____D () C:\Users\Timo Doblinski\AppData\Local\TeamSpeak 3 Client 2015-01-18 20:03 - 2014-04-16 20:12 - 00000000 ____D () C:\Users\Timo Doblinski\AppData\Roaming\Macromedia 2015-01-18 20:03 - 2014-04-16 20:12 - 00000000 ____D () C:\Users\Timo Doblinski\AppData\Roaming\Adobe 2015-01-18 20:03 - 2014-04-16 20:00 - 00000000 ____D () C:\Users\Timo Doblinski\AppData\Roaming\Mozilla 2015-01-18 20:03 - 2014-04-16 20:00 - 00000000 ____D () C:\Users\Timo Doblinski\AppData\Local\Mozilla 2015-01-18 20:02 - 2014-09-02 21:53 - 00000000 ____D () C:\Users\Timo Doblinski\AppData\Local\Apps\2.0 2015-01-18 20:02 - 2014-08-08 02:59 - 00000000 ____D () C:\Users\Timo Doblinski\AppData\Local\LogMeIn 2015-01-18 20:02 - 2014-07-30 11:14 - 00000000 ____D () C:\Users\Timo Doblinski\AppData\Local\Blizzard 2015-01-18 20:02 - 2014-07-17 17:15 - 00000000 ____D () C:\Users\Timo Doblinski\AppData\Local\Apple Computer 2015-01-18 20:02 - 2014-07-17 17:15 - 00000000 ____D () C:\Users\Timo Doblinski\AppData\Local\Apple 2015-01-18 20:02 - 2014-06-23 18:43 - 00000000 ____D () C:\Users\Timo Doblinski\AppData\Local\Akamai 2015-01-18 20:02 - 2014-04-30 15:57 - 00000000 ____D () C:\Users\Timo Doblinski\AppData\Local\Introversion 2015-01-18 20:02 - 2014-04-17 08:50 - 00000000 ____D () C:\Users\Timo Doblinski\AppData\Local\ESN 2015-01-18 20:02 - 2014-04-16 22:29 - 00000000 ____D () C:\Users\Timo Doblinski\AppData\Local\Microsoft Games 2015-01-18 20:02 - 2014-04-16 21:35 - 00000000 ____D () C:\Users\Timo Doblinski\AppData\Local\Creative 2015-01-18 20:02 - 2014-04-16 21:34 - 00000000 ____D () C:\Users\Timo Doblinski\AppData\Local\Intel_Corporation 2015-01-18 20:02 - 2014-04-16 21:22 - 00000000 ____D () C:\Users\Timo Doblinski\AppData\Local\CyberLink 2015-01-18 20:02 - 2014-04-16 21:19 - 00000000 ____D () C:\Users\Timo Doblinski\AppData\Local\Blizzard Entertainment 2015-01-18 20:02 - 2014-04-16 21:19 - 00000000 ____D () C:\Users\Timo Doblinski\AppData\Local\Battle.net 2015-01-18 20:02 - 2014-04-16 20:18 - 00000000 ____D () C:\Users\Timo Doblinski\AppData\Local\Macromedia 2015-01-18 20:00 - 2014-12-24 09:18 - 00000000 ____D () C:\ProgramData\Razer 2015-01-18 20:00 - 2014-12-24 09:18 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Razer 2015-01-18 20:00 - 2014-12-24 09:18 - 00000000 ____D () C:\Program Files (x86)\Razer 2015-01-18 20:00 - 2014-12-18 22:54 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Xbox 360 Accessories 2015-01-18 20:00 - 2014-12-12 22:35 - 00000000 ____D () C:\Program Files (x86)\Microsoft XNA 2015-01-18 20:00 - 2014-12-11 08:54 - 00000000 ____D () C:\Windows\system32\appraiser 2015-01-18 20:00 - 2014-12-09 13:56 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype 2015-01-18 20:00 - 2014-11-04 12:38 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner 2015-01-18 20:00 - 2014-11-03 03:00 - 00000000 ____D () C:\Program Files (x86)\Microsoft ASP.NET 2015-01-18 20:00 - 2014-10-31 12:32 - 00000000 ____D () C:\Program Files (x86)\Microsoft OneDrive 2015-01-18 20:00 - 2014-10-31 12:28 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013 2015-01-18 20:00 - 2014-10-29 23:03 - 00000000 ____D () C:\Windows\Sun 2015-01-18 20:00 - 2014-10-29 23:02 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java 2015-01-18 20:00 - 2014-10-29 23:02 - 00000000 ____D () C:\Program Files (x86)\Java 2015-01-18 20:00 - 2014-10-17 20:36 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Fraps 2015-01-18 20:00 - 2014-09-04 19:58 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Die Sims 4 2015-01-18 20:00 - 2014-08-08 02:59 - 00000000 ____D () C:\ProgramData\LogMeIn 2015-01-18 20:00 - 2014-08-07 00:04 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\World of Warcraft 2015-01-18 20:00 - 2014-07-30 11:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hearthstone 2015-01-18 20:00 - 2014-07-17 17:15 - 00000000 ____D () C:\ProgramData\Apple Computer 2015-01-18 20:00 - 2014-07-16 17:57 - 00000000 ____D () C:\ProgramData\Riot Games 2015-01-18 20:00 - 2014-07-10 21:45 - 00000000 ____D () C:\Windows\AVM_Driver 2015-01-18 20:00 - 2014-07-10 21:45 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FRITZ!WLAN 2015-01-18 20:00 - 2014-07-06 20:22 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PVZ Garden Warfare 2015-01-18 20:00 - 2014-06-24 18:41 - 00000000 ____D () C:\Program Files (x86)\Microsoft Office 2015-01-18 20:00 - 2014-06-24 18:40 - 00000000 ____D () C:\Program Files (x86)\MSECache 2015-01-18 20:00 - 2014-06-23 16:45 - 00000000 ____D () C:\Windows\de 2015-01-18 20:00 - 2014-06-23 16:45 - 00000000 ____D () C:\Program Files (x86)\Microsoft SQL Server Compact Edition 2015-01-18 20:00 - 2014-06-23 16:44 - 00000000 ____D () C:\Program Files (x86)\Windows Live 2015-01-18 20:00 - 2014-06-19 00:52 - 00000000 ____D () C:\ProgramData\Avira 2015-01-18 20:00 - 2014-06-18 00:57 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hi-Rez Studios 2015-01-18 20:00 - 2014-06-18 00:57 - 00000000 ____D () C:\ProgramData\Hi-Rez Studios 2015-01-18 20:00 - 2014-05-29 02:18 - 00000000 ____D () C:\ProgramData\SystemRequirementsLab 2015-01-18 20:00 - 2014-05-29 02:18 - 00000000 ____D () C:\Program Files (x86)\SystemRequirementsLab 2015-01-18 20:00 - 2014-05-19 22:45 - 00000000 ___RD () C:\Program Files (x86)\Skype 2015-01-18 20:00 - 2014-05-19 22:45 - 00000000 ____D () C:\ProgramData\Skype 2015-01-18 20:00 - 2014-05-06 23:04 - 00000000 ___SD () C:\Windows\system32\CompatTel 2015-01-18 20:00 - 2014-04-28 00:41 - 00000000 ____D () C:\Program Files (x86)\OpenAL 2015-01-18 20:00 - 2014-04-24 14:52 - 00000000 ____D () C:\Program Files (x86)\Ubisoft 2015-01-18 20:00 - 2014-04-23 19:43 - 00000000 ____D () C:\ProgramData\regid.1986-12.com.adobe 2015-01-18 20:00 - 2014-04-23 19:42 - 00000000 ____D () C:\ProgramData\Adobe 2015-01-18 20:00 - 2014-04-23 14:48 - 00000000 ____D () C:\ProgramData\TechSmith 2015-01-18 20:00 - 2014-04-23 14:48 - 00000000 ____D () C:\ProgramData\regid.1995-08.com.techsmith 2015-01-18 20:00 - 2014-04-23 14:48 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TechSmith 2015-01-18 20:00 - 2014-04-23 14:48 - 00000000 ____D () C:\Program Files (x86)\QuickTime 2015-01-18 20:00 - 2014-04-19 09:43 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\League of Legends 2015-01-18 20:00 - 2014-04-19 09:42 - 00000000 ____D () C:\Program Files (x86)\Pando Networks 2015-01-18 20:00 - 2014-04-17 21:26 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\World of Tanks 2015-01-18 20:00 - 2014-04-17 10:48 - 00000000 ____D () C:\ProgramData\Nero 2015-01-18 20:00 - 2014-04-17 10:48 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nero 2015-01-18 20:00 - 2014-04-17 10:48 - 00000000 ____D () C:\Program Files (x86)\Nero 2015-01-18 20:00 - 2014-04-17 08:25 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battlefield 4 2015-01-18 20:00 - 2014-04-17 00:58 - 00000000 ____D () C:\ProgramData\Sun 2015-01-18 20:00 - 2014-04-16 22:15 - 00000000 ____D () C:\Program Files (x86)\Origin Games 2015-01-18 20:00 - 2014-04-16 22:05 - 00000000 ____D () C:\ProgramData\Origin 2015-01-18 20:00 - 2014-04-16 22:05 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Origin 2015-01-18 20:00 - 2014-04-16 22:05 - 00000000 ____D () C:\ProgramData\Electronic Arts 2015-01-18 20:00 - 2014-04-16 22:05 - 00000000 ____D () C:\Program Files (x86)\Origin 2015-01-18 20:00 - 2014-04-16 21:44 - 00000000 ____D () C:\Users\Public\CyberLink 2015-01-18 20:00 - 2014-04-16 21:28 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LG Tool Kit 2015-01-18 20:00 - 2014-04-16 21:28 - 00000000 ____D () C:\Program Files (x86)\lg_fwupdate 2015-01-18 20:00 - 2014-04-16 21:22 - 00000000 ____D () C:\ProgramData\install_clap 2015-01-18 20:00 - 2014-04-16 21:21 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Diablo III 2015-01-18 20:00 - 2014-04-16 21:20 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink Media Suite 2015-01-18 20:00 - 2014-04-16 21:20 - 00000000 ____D () C:\ProgramData\CLSK 2015-01-18 20:00 - 2014-04-16 21:20 - 00000000 ____D () C:\Program Files (x86)\CyberLink 2015-01-18 20:00 - 2014-04-16 21:19 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battle.net 2015-01-18 20:00 - 2014-04-16 21:19 - 00000000 ____D () C:\ProgramData\Blizzard Entertainment 2015-01-18 20:00 - 2014-04-16 21:18 - 00000000 ____D () C:\ProgramData\CyberLink 2015-01-18 20:00 - 2014-04-16 21:18 - 00000000 ____D () C:\ProgramData\Battle.net 2015-01-18 20:00 - 2014-04-16 21:17 - 00000000 ____D () C:\ProgramData\Temp 2015-01-18 20:00 - 2014-04-16 20:22 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam 2015-01-18 20:00 - 2014-04-16 20:01 - 00000000 ____D () C:\Windows\SysWOW64\Macromed 2015-01-18 20:00 - 2014-04-16 20:01 - 00000000 ____D () C:\Windows\system32\Macromed 2015-01-18 20:00 - 2014-04-16 20:00 - 00000000 ____D () C:\ProgramData\Mozilla 2015-01-18 20:00 - 2014-04-16 19:55 - 00000000 ____D () C:\ProgramData\Norton 2015-01-18 20:00 - 2014-04-16 19:55 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel 2015-01-18 20:00 - 2014-04-16 19:53 - 00000000 ____D () C:\ProgramData\Intel 2015-01-18 20:00 - 2014-04-16 19:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome 2015-01-18 20:00 - 2014-04-16 19:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Creative 2015-01-18 20:00 - 2014-04-16 19:52 - 00000000 ____D () C:\ProgramData\Creative 2015-01-18 20:00 - 2014-04-16 19:52 - 00000000 ____D () C:\Program Files (x86)\Google 2015-01-18 20:00 - 2014-04-16 19:37 - 00000000 ____D () C:\Program Files (x86)\Realtek 2015-01-18 20:00 - 2014-04-16 19:36 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information 2015-01-18 20:00 - 2014-04-16 19:36 - 00000000 ____D () C:\ProgramData\Downloaded Installations 2015-01-18 20:00 - 2014-04-16 19:35 - 00000000 ____D () C:\Program Files (x86)\MSI 2015-01-18 20:00 - 2014-04-16 19:35 - 00000000 ____D () C:\Program Files (x86)\Intel 2015-01-18 20:00 - 2009-07-14 06:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games 2015-01-18 20:00 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\SysWOW64\zh-HK 2015-01-18 20:00 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\SysWOW64\tr-TR 2015-01-18 20:00 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\zh-HK 2015-01-18 20:00 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\tr-TR 2015-01-18 20:00 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\NDF 2015-01-18 20:00 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\Cursors 2015-01-18 20:00 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\AppCompat 2015-01-18 19:59 - 2014-12-18 22:54 - 00000000 ____D () C:\Program Files\Microsoft Xbox 360 Accessories 2015-01-18 19:59 - 2014-12-02 16:25 - 00000000 ____D () C:\Program Files (x86)\Air 2015-01-18 19:59 - 2014-11-11 03:06 - 00000000 ____D () C:\Program Files\OBS 2015-01-18 19:59 - 2014-11-04 12:38 - 00000000 ____D () C:\Program Files\CCleaner 2015-01-18 19:59 - 2014-10-31 12:26 - 00000000 ____D () C:\Program Files\Microsoft Office 15 2015-01-18 19:59 - 2014-07-10 21:45 - 00000000 ____D () C:\Program Files (x86)\avmwlanstick 2015-01-18 19:59 - 2014-06-23 17:00 - 00000000 ____D () C:\Program Files\Adobe 2015-01-18 19:59 - 2014-06-23 16:48 - 00000000 ____D () C:\Program Files (x86)\Adobe 2015-01-18 19:59 - 2014-04-23 19:45 - 00000000 ____D () C:\Program Files\Common Files\Adobe 2015-01-18 19:59 - 2014-04-17 08:25 - 00000000 ____D () C:\Program Files (x86)\Battlelog Web Plugins 2015-01-18 19:59 - 2014-04-16 21:19 - 00000000 ____D () C:\Program Files (x86)\Battle.net 2015-01-18 19:59 - 2014-04-16 19:53 - 00000000 ____D () C:\Program Files\Intel 2015-01-18 19:59 - 2014-04-16 19:51 - 00000000 ____D () C:\Program Files (x86)\Creative 2015-01-18 19:59 - 2009-07-14 04:20 - 00000000 ____D () C:\Program Files\Common Files\Microsoft Shared 2015-01-18 19:58 - 2009-07-14 04:20 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories 2015-01-18 19:58 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\sysprep 2015-01-18 19:55 - 2009-07-14 06:38 - 00025600 ___SH () C:\Windows\system32\config\BCD-Template.LOG 2015-01-18 19:55 - 2009-07-14 06:32 - 00028672 _____ () C:\Windows\system32\config\BCD-Template 2015-01-18 19:55 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\oobe 2015-01-18 19:28 - 2014-06-23 18:48 - 00002544 _____ () C:\Windows\diagwrn.xml 2015-01-18 19:28 - 2014-06-23 18:48 - 00001890 _____ () C:\Windows\diagerr.xml 2015-01-08 09:55 - 2010-11-21 04:27 - 00298120 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe 2015-01-06 14:36 - 2014-12-23 03:29 - 03533800 _____ (DVDVideoSoft Ltd. ) C:\Users\Timo ==================== Files in the root of some directories ======= 2014-11-16 18:31 - 2015-01-26 17:00 - 0000132 _____ () C:\Users\Timo Doblinski\AppData\Roaming\Adobe CS5-Voreinstellungen für PNG-Format 2014-12-18 22:26 - 2015-01-12 22:23 - 0001474 _____ () C:\Users\Timo Doblinski\AppData\Roaming\SpeedRunnersLog.txt Some content of TEMP: ==================== C:\Users\Timo Doblinski\AppData\Local\Temp\avgnt.exe C:\Users\Timo Doblinski\AppData\Local\Temp\Quarantine.exe C:\Users\Timo Doblinski\AppData\Local\Temp\sqlite3.dll ==================== Bamital & volsnap Check ================= (There is no automatic fix for files that do not pass verification.) C:\Windows\System32\winlogon.exe => File is digitally signed C:\Windows\System32\wininit.exe => File is digitally signed C:\Windows\SysWOW64\wininit.exe => File is digitally signed C:\Windows\explorer.exe => File is digitally signed C:\Windows\SysWOW64\explorer.exe => File is digitally signed C:\Windows\System32\svchost.exe => File is digitally signed C:\Windows\SysWOW64\svchost.exe => File is digitally signed C:\Windows\System32\services.exe => File is digitally signed C:\Windows\System32\User32.dll => File is digitally signed C:\Windows\SysWOW64\User32.dll => File is digitally signed C:\Windows\System32\userinit.exe => File is digitally signed C:\Windows\SysWOW64\userinit.exe => File is digitally signed C:\Windows\System32\rpcss.dll => File is digitally signed C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2015-01-24 13:42 ==================== End Of Log ============================ |
![]() | #11 |
![]() | ![]() Addition neu FRST Additions Logfile: Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x64) Version: 28-01-2015 Ran by Timo Doblinski at 2015-01-29 14:39:42 Running from C:\Users\Timo Doblinski\Downloads Boot Mode: Normal ========================================================== ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: Avira Desktop (Disabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859} AS: Avira Desktop (Disabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4} AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Spybot - Search and Destroy (Enabled - Up to date) {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0} ==================== Installed Programs ====================== (Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) 7 Days to Die (HKLM-x32\...\Steam App 251570) (Version: - The Fun Pimps) Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: - Adobe Systems Incorporated) Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: - Adobe Systems Incorporated) Adobe Flash Player 16 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: - Adobe Systems Incorporated) Adobe Flash Player 16 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: - Adobe Systems Incorporated) Adobe Photoshop CC 2014 (HKLM-x32\...\{D7A4F897-B20A-42D0-862D-CB5F6DB7391D}) (Version: 15.1 - Adobe Systems Incorporated) Adobe Photoshop Elements 12 (HKLM-x32\...\Adobe Photoshop Elements 12) (Version: - Adobe Systems Incorporated) Akamai NetSession Interface (HKU\S-1-5-21-2490962840-1107168080-2429785914-1000\...\Akamai) (Version: - Akamai Technologies, Inc) Apple Application Support (HKLM-x32\...\{83CAF0DE-8D3B-4C37-A631-2B8F16EC3031}) (Version: 3.1 - Apple Inc.) Apple Mobile Device Support (HKLM\...\{BDD99690-3541-4619-9D2A-3CDDB3E15F9E}) (Version: - Apple Inc.) Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: - Apple Inc.) Assassin's Creed IV Black Flag (HKLM-x32\...\Steam App 242050) (Version: - Ubisoft Montreal) Audacity 2.0.5 (HKLM-x32\...\Audacity_is1) (Version: 2.0.5 - Audacity Team) Avira (HKLM-x32\...\{2c18809c-4097-4b51-a4d0-3deade730ef3}) (Version: - Avira Operations & Co. KG) Avira (x32 Version: - Avira Operations & Co. KG) Hidden Avira Free Antivirus (HKLM-x32\...\Avira AntiVir Desktop) (Version: - Avira) AVM FRITZ!WLAN (HKLM-x32\...\AVMWLANCLI) (Version: - AVM Berlin) Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment) Battlefield 4™ (HKLM-x32\...\{ABADE36E-EC37-413B-8179-B432AD3FACE7}) (Version: - Electronic Arts) Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: - Apple Inc.) Borderlands 2 (HKLM-x32\...\Steam App 49520) (Version: - Gearbox Software) Broforce (HKLM-x32\...\Steam App 274190) (Version: - Free Lives) Camtasia Studio 8 (HKLM-x32\...\{F5C9BE9A-04C3-4A72-8CD0-BB67C722D608}) (Version: - TechSmith Corporation) CCleaner (HKLM\...\CCleaner) (Version: 4.19 - Piriform) Cliqz (HKLM-x32\...\{5A0C0737-6AFE-4DC6-A8B4-6DFE509ACD75}_is1) (Version: 0.5.22 - Cliqz.com) Company of Heroes 2 (HKLM-x32\...\Steam App 231430) (Version: - Relic Entertainment) Compatibility Pack für 2007 Office System (HKLM-x32\...\{90120000-0020-0407-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation) CPUID CPU-Z 1.71.1 (HKLM\...\CPUID CPU-Z_is1) (Version: - ) Craft The World (HKLM-x32\...\Steam App 248390) (Version: - Dekovir Entertainment) CyberLink BD_3D Advisor 2.0 (HKLM-x32\...\{2D2D8FE2-605C-4D3C-B706-36E981E7EEF0}) (Version: 2.0.6410 - CyberLink Corp.) CyberLink Media Suite 10 (HKLM-x32\...\InstallShield_{8F14AA37-5193-4A14-BD5B-BDF9B361AEF7}) (Version: 10.0 - CyberLink Corp.) D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden DayZ (HKLM-x32\...\Steam App 221100) (Version: - Bohemia Interactive) Deadlight (HKLM-x32\...\Steam App 211400) (Version: - Tequila Works, S.L.) Diablo III (HKLM-x32\...\Diablo III) (Version: - Blizzard Entertainment) Die Sims™ 4 (HKLM-x32\...\{48EBEBBF-B9F8-4520-A3CF-89A730721917}) (Version: - Electronic Arts Inc.) Don't Starve (HKLM-x32\...\Steam App 219740) (Version: - Klei Entertainment) Don't Starve Together Beta (HKLM-x32\...\Steam App 322330) (Version: - Klei Entertainment) Dungeon of the Endless (HKLM-x32\...\Steam App 249050) (Version: - AMPLITUDE Studios) Elements 12 Organizer (x32 Version: 12.0 - Ihr Firmenname) Hidden EVEREST Home Edition v2.20 (HKLM-x32\...\EVEREST Home Edition_is1) (Version: 2.20 - Lavalys Inc) Fallen Enchantress: Legendary Heroes (HKLM-x32\...\Steam App 228260) (Version: - Stardock Entertainment) Fotogalerie (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden Fraps (HKLM-x32\...\Fraps) (Version: - ) Garry's Mod (HKLM-x32\...\Steam App 4000) (Version: - Facepunch Studios) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 40.0.2214.93 - Google Inc.) Google Update Helper (x32 Version: - Google Inc.) Hidden Hammerwatch (HKLM-x32\...\Steam App 239070) (Version: - Crackshell) Hearthstone (HKLM-x32\...\Hearthstone) (Version: - Blizzard Entertainment) Heroes & Generals (HKLM-x32\...\Steam App 227940) (Version: - Reto-Moto) How to Survive (HKLM-x32\...\Steam App 250400) (Version: - ) Insurgency (HKLM-x32\...\Steam App 222880) (Version: - New World Interactive) Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: - Intel Corporation) Intel(R) Smart Connect Technology (HKLM\...\{B1AC3709-3E98-4F2C-A84E-4BCA2A452E64}) (Version: - Intel Corporation) Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: - Intel Corporation) Java 7 Update 71 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217071FF}) (Version: 7.0.710 - Oracle) League of Legends (HKLM-x32\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games ) League of Legends (x32 Version: 3.0.1 - Riot Games ) Hidden Left 4 Dead 2 (HKLM-x32\...\Steam App 550) (Version: - Valve) LG ODD Auto Firmware Update (HKLM-x32\...\{6179550A-3E7C-499E-BCC9-9E8113E0A285}) (Version: 10.01.0712.01 - ) Magicka: Wizard Wars (HKLM-x32\...\Steam App 202090) (Version: - Paradox North) Malwarebytes Anti-Malware Version (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: - Malwarebytes Corporation) Microsoft .NET Framework 4.5.2 (HKLM\...\{26784146-6E05-3FF9-9335-786C7C0FB5BE}) (Version: - ) Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation) Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation) Microsoft Office Home and Student 2013 - de-de (HKLM\...\HomeStudentRetail - de-de) (Version: 15.0.4675.1003 - Microsoft Corporation) Microsoft Office Word Viewer 2003 (HKLM-x32\...\{90850407-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation) Microsoft OneDrive (HKU\S-1-5-21-2490962840-1107168080-2429785914-1000\...\OneDriveSetup.exe) (Version: 17.3.1171.0714 - Microsoft Corporation) Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation) Microsoft Xbox 360 Accessories 1.2 (HKLM\...\{B3B750C0-8C22-439D-B7CE-67F3ED99CC2B}) (Version: - Microsoft) Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation) Might & Magic: Clash of Heroes (HKLM-x32\...\Steam App 61700) (Version: - Capybara Games) Monaco (HKLM-x32\...\Steam App 113020) (Version: - Pocketwatch Games) Movie Maker (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden Mozilla Firefox 33.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 33.0 (x86 de)) (Version: 33.0 - Mozilla) Mozilla Firefox 35.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 35.0.1 (x86 de)) (Version: 35.0.1 - Mozilla) Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 34.0 - Mozilla) My Game Long Name (HKLM\...\UDK-f659d4c9-5b61-4b79-a5b0-ba0aa43682aa) (Version: - Epic Games, Inc.) Nero 12 Kwik Burn Express Essentials (HKLM-x32\...\{0D343606-1662-45F7-BB3B-F7FC068BA0C5}) (Version: 12.1.00200 - Nero AG) Nether (HKLM-x32\...\Steam App 247730) (Version: - Phosphor Games) Nosgoth (HKLM-x32\...\Steam App 200110) (Version: 150120.100528 - Square Enix Ltd) NVIDIA 3D Vision Controller-Treiber 347.09 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 347.09 - NVIDIA Corporation) NVIDIA 3D Vision Treiber 347.25 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 347.25 - NVIDIA Corporation) NVIDIA GeForce Experience 2.2.2 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.2.2 - NVIDIA Corporation) NVIDIA Grafiktreiber 347.25 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 347.25 - NVIDIA Corporation) NVIDIA HD-Audiotreiber (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: - NVIDIA Corporation) NVIDIA PhysX-Systemsoftware 9.14.0702 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.14.0702 - NVIDIA Corporation) Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4675.1003 - Microsoft Corporation) Hidden Office 15 Click-to-Run Licensing Component (Version: 15.0.4675.1003 - Microsoft Corporation) Hidden Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4675.1003 - Microsoft Corporation) Hidden Open Broadcaster Software (HKLM-x32\...\Open Broadcaster Software) (Version: - ) OpenAL (HKLM-x32\...\OpenAL) (Version: - ) Origin (HKLM-x32\...\Origin) (Version: - Electronic Arts, Inc.) PlanetSide 2 (HKLM-x32\...\Steam App 218230) (Version: - Sony Online Entertainment) PLDS OEM Content (x32 Version: 12.0.0004 - Nero AG) Hidden Prerequisite installer (x32 Version: 12.0.0002 - Nero AG) Hidden Prison Architect (HKLM-x32\...\Steam App 233450) (Version: - Introversion Software) Project Zomboid (HKLM-x32\...\Steam App 108600) (Version: - The Indie Stone) PSE12 STI Installer (x32 Version: 12.0 - Adobe Systems Incorporated) Hidden PVZ Garden Warfare (HKLM-x32\...\{A5AC7D7B-C1D5-4AF9-8829-993DA335BE1B}) (Version: - Electronic Arts) Qualcomm Atheros Bandwidth Control Filter Driver (Version: - Qualcomm Atheros) Hidden Qualcomm Atheros Killer E220x Drivers (Version: - Qualcomm Atheros) Hidden Qualcomm Atheros Killer Network Manager Suite (HKLM-x32\...\{DD21E907-9A2A-44B8-A12E-13691E166664}) (Version: - Qualcomm Atheros) Qualcomm Atheros Network Manager (Version: - Qualcomm Atheros) Hidden Razer Cortex (HKLM-x32\...\Razer Cortex_is1) (Version: - Razer Inc.) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: - Realtek Semiconductor Corp.) RollerCoaster Tycoon: Deluxe (HKLM-x32\...\Steam App 285310) (Version: - Chris Sawyer Productions) RUNNING WITH RIFLES (HKLM-x32\...\Steam App 270150) (Version: - Modulaatio Games) SHIELD Streaming (Version: 4.0.1000 - NVIDIA Corporation) Hidden SHIELD Wireless Controller Driver (Version: 17.12.8 - NVIDIA Corporation) Hidden Skype™ 6.22 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 6.22.107 - Skype Technologies S.A.) Sound Blaster Cinema (HKLM-x32\...\{8801CA65-921A-4CCC-9D63-879D1D0BAA97}) (Version: 1.00.05 - Creative Technology Limited) Space Engineers (HKLM-x32\...\Steam App 244850) (Version: - Keen Software House) SpeedRunners (HKLM-x32\...\Steam App 207140) (Version: - DoubleDutch Games) Spotify (HKU\S-1-5-21-2490962840-1107168080-2429785914-1000\...\Spotify) (Version: - Spotify AB) Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.4.40 - Safer-Networking Ltd.) Steam (HKLM-x32\...\Steam) (Version: - Valve Corporation) Stranded Deep (HKLM-x32\...\Steam App 313120) (Version: - Beam Team Games) Super-Charger (HKLM-x32\...\{7CDF10DD-A9B5-4DA3-AB95-E193248D4369}_is1) (Version: 1.2.022 - MSI) System Requirements Lab CYRI (HKLM-x32\...\{F3FCB08B-E752-444D-86A0-0634A4F3B23D}) (Version: - Husdawg, LLC) TeamSpeak 3 Client (HKU\S-1-5-21-2490962840-1107168080-2429785914-1000\...\TeamSpeak 3 Client) (Version: 3.0.14 - TeamSpeak Systems GmbH) Terraria (HKLM-x32\...\Steam App 105600) (Version: - Re-Logic) The Elder Scrolls V: Skyrim (HKLM-x32\...\Steam App 72850) (Version: - Bethesda Game Studios) The Forest (HKLM-x32\...\Steam App 242760) (Version: - Endnight Games Ltd) The Stomping Land (HKLM-x32\...\Steam App 263440) (Version: - SuperCrit) The Walking Dead (HKLM-x32\...\Steam App 207610) (Version: - ) Uplay (HKLM-x32\...\Uplay) (Version: 4.0 - Ubisoft) VGA Boost (HKLM-x32\...\{809ACFAE-9A4D-4C60-9223-D8B615CD8CBA}}_is1) (Version: - MSI) Watch_Dogs (HKLM-x32\...\Steam App 243470) (Version: - Ubisoft) Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3508.0205 - Microsoft Corporation) WinRAR 5.20 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.20.0 - win.rar GmbH) World of Tanks (HKLM-x32\...\{1EAC1D02-C6AC-4FA6-9A44-96258C37C812EU}_is1) (Version: - Wargaming.net) World of Warcraft (HKLM-x32\...\World of Warcraft) (Version: - Blizzard Entertainment) ==================== Custom CLSID (selected items): ========================== (If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.) CustomCLSID: HKU\S-1-5-21-2490962840-1107168080-2429785914-1000_Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}\InprocServer32 -> C:\Users\Timo Doblinski\AppData\Local\Microsoft\SkyDrive\17.3.1171.0714\amd64\SkyDriveShell64.dll (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-2490962840-1107168080-2429785914-1000_Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}\InprocServer32 -> C:\Users\Timo Doblinski\AppData\Local\Microsoft\SkyDrive\17.3.1171.0714\amd64\SkyDriveShell64.dll (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-2490962840-1107168080-2429785914-1000_Classes\CLSID\{CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B}\InprocServer32 -> C:\Users\Timo Doblinski\AppData\Local\Microsoft\SkyDrive\17.3.1171.0714\amd64\SkyDriveShell64.dll (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-2490962840-1107168080-2429785914-1000_Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}\InprocServer32 -> C:\Users\Timo Doblinski\AppData\Local\Microsoft\SkyDrive\17.3.1171.0714\amd64\SkyDriveShell64.dll (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-2490962840-1107168080-2429785914-1000_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\Timo Doblinski\AppData\Local\Microsoft\SkyDrive\17.3.1171.0714\amd64\FileSyncApi64.dll (Microsoft Corporation) ==================== Restore Points ========================= 29-01-2015 04:35:55 Windows Update ==================== Hosts content: ========================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2009-07-14 03:34 - 2009-06-10 22:00 - 00000824 ____N C:\Windows\system32\Drivers\etc\hosts ==================== Scheduled Tasks (whitelisted) ============= (If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.) Task: {031CDABF-99D3-4C89-B37F-501AB415F277} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDImmunize.exe Task: {07B63D0E-DD7C-4AFA-88DA-707D56DFD5C7} - System32\Tasks\{ED4CB75C-5E8A-46B5-A78C-15EE4C395B03} => pcalua.exe -a E:\Setupx.exe -d E:\ Task: {0CBB5A53-2B63-40C6-B06D-0E5BF49CF10C} - System32\Tasks\{BC124D6D-AF19-4CFF-965A-55009F869EAD} => pcalua.exe -a D:\installer\installer.exe -d D:\installer Task: {101EE8AA-5B6A-4422-94EF-011582393118} - \SidebarExecute No Task File <==== ATTENTION Task: {226F050F-8AB8-45EC-B6DB-FACF73771798} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDScan.exe Task: {36728D81-CD27-482F-895D-5C85C0BAF5D3} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc Task: {397059E4-6D46-42FD-A525-47292086EC2B} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-10-23] (Piriform Ltd) Task: {65BA4747-3A74-452A-8CC6-0F35C5935505} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-04-16] (Google Inc.) Task: {7C1820CC-E1DE-4714-948F-36D8A874D42F} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-04-16] (Google Inc.) Task: {A7F7CF14-89AC-463A-B306-FBE442420FB4} - System32\Tasks\AdobeAAMUpdater-1.0-Ares-Timo Doblinski => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2014-09-19] (Adobe Systems Incorporated) Task: {DEA0D74B-86BC-438B-94E0-03735D67ED69} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe Task: {ED0126DD-14EA-4D11-AD6F-CA32CF73C69A} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-01-25] (Adobe Systems Incorporated) Task: {F7F1FF49-684C-4524-88E9-9168BE6A1CB0} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2014-11-04] (Microsoft Corporation) Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe ==================== Loaded Modules (whitelisted) ============= 2015-01-25 22:13 - 2015-01-10 00:29 - 00117392 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll 2013-08-01 16:31 - 2013-08-01 16:31 - 00198120 _____ () C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe 2013-08-01 16:31 - 2013-08-01 16:31 - 00054760 _____ () C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\NetworkHeuristic.dll 2013-08-01 16:31 - 2013-08-01 16:31 - 00034792 _____ () C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\ISCTNetMon.dll 2014-12-09 23:22 - 2014-12-09 23:22 - 00186048 _____ () C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe 2013-08-08 14:35 - 2013-08-08 14:35 - 00283648 _____ () C:\Program Files\Qualcomm Atheros\Network Manager\NetworkManager.exe 2014-09-26 14:41 - 2014-09-26 14:41 - 01021088 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll 2014-10-11 13:06 - 2014-10-11 13:06 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll 2014-10-11 13:05 - 2014-10-11 13:05 - 01044776 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll 2014-04-16 19:51 - 2012-10-31 14:00 - 00991232 _____ () C:\Program Files (x86)\Creative\Sound Blaster Cinema\Sound Blaster Cinema\de-DE\SBCinema.resources.dll 2011-03-09 13:21 - 2011-03-09 13:21 - 00619816 _____ () C:\Program Files (x86)\CyberLink\Power2Go\CLMediaLibrary.dll 2011-03-09 13:21 - 2011-03-09 13:21 - 00013096 _____ () C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvcPS.dll 2015-01-25 22:25 - 2014-05-13 12:04 - 00109400 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlThirdParty150.bpl 2015-01-25 22:25 - 2014-05-13 12:04 - 00416600 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\DEC150.bpl 2015-01-25 22:25 - 2014-05-13 12:04 - 00167768 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlFileFormats150.bpl 2015-01-25 22:25 - 2012-08-23 10:38 - 00574840 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\sqlite3.dll 2015-01-25 22:25 - 2012-04-03 17:06 - 00565640 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\av\BDSmartDB.dll 2014-04-16 19:53 - 2013-09-16 20:20 - 01242584 ____R () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll 2015-01-27 04:05 - 2015-01-27 04:05 - 03925104 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll ==================== Alternate Data Streams (whitelisted) ========= (If an entry is included in the fixlist, only the Alternate Data Streams will be removed.) ==================== Safe Mode (whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) ==================== EXE Association (whitelisted) ============= (If an entry is included in the fixlist, the default will be restored. None default entries will be removed.) ==================== MSCONFIG/TASK MANAGER disabled items ========= (Currently there is no automatic fix for this section.) MSCONFIG\Services: ClickToRunSvc => 2 ========================= Accounts: ========================== Administrator (S-1-5-21-2490962840-1107168080-2429785914-500 - Administrator - Disabled) Gast (S-1-5-21-2490962840-1107168080-2429785914-501 - Limited - Disabled) HomeGroupUser$ (S-1-5-21-2490962840-1107168080-2429785914-1003 - Limited - Enabled) Timo Doblinski (S-1-5-21-2490962840-1107168080-2429785914-1000 - Administrator - Enabled) => C:\Users\Timo Doblinski ==================== Faulty Device Manager Devices ============= Name: Qualcomm Atheros Bandwidth Control Description: Qualcomm Atheros Bandwidth Control Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1} Manufacturer: Service: BfLwf Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24) Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed. Devices stay in this state if they have been prepared for removal. After you remove the device, this error disappears.Remove the device, and this error should be resolved. ==================== Event log errors: ========================= Application errors: ================== System errors: ============= Microsoft Office Sessions: ========================= CodeIntegrity Errors: =================================== Date: 2015-01-08 12:59:11.863 Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume4\Users\TIMODO~1\AppData\Local\Temp\EverestDriver.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert. Date: 2015-01-08 12:59:11.850 Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume4\Users\TIMODO~1\AppData\Local\Temp\EverestDriver.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert. Date: 2015-01-08 12:59:11.818 Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume1\EVEREST Home Edition\kerneld.amd64" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert. Date: 2015-01-08 12:59:11.805 Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume1\EVEREST Home Edition\kerneld.amd64" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert. Date: 2015-01-08 00:06:01.712 Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume4\Users\TIMODO~1\AppData\Local\Temp\EverestDriver.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert. Date: 2015-01-08 00:06:01.699 Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume4\Users\TIMODO~1\AppData\Local\Temp\EverestDriver.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert. Date: 2015-01-08 00:06:01.666 Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume1\EVEREST Home Edition\kerneld.amd64" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert. Date: 2015-01-08 00:06:01.652 Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume1\EVEREST Home Edition\kerneld.amd64" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert. ==================== Memory info =========================== Processor: Intel(R) Core(TM) i7-4770K CPU @ 3.50GHz Percentage of memory in use: 17% Total physical RAM: 16327.94 MB Available physical RAM: 13414.08 MB Total Pagefile: 32654.07 MB Available Pagefile: 29396.56 MB Total Virtual: 8192 MB Available Virtual: 8191.8 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:119.02 GB) (Free:20.2 GB) NTFS Drive d: (Volume) (Fixed) (Total:1863.01 GB) (Free:1551.87 GB) NTFS ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 1863 GB) (Disk ID: 2601E721) Partition 1: (Not Active) - (Size=1863 GB) - (Type=07 NTFS) ======================================================== Disk: 1 (MBR Code: Windows 7 or 8) (Size: 119.2 GB) (Disk ID: 00000000) Partition: GPT Partition Type. ==================== End Of Log ============================ Malwarebytes Anti-Malware www.malwarebytes.org Suchlauf Datum: 29.01.2015 Suchlauf-Zeit: 13:51:29 Logdatei: mbam.txt Administrator: Ja Version: Malware Datenbank: v2015.01.29.06 Rootkit Datenbank: v2015.01.14.01 Lizenz: Kostenlos Malware Schutz: Deaktiviert Bösartiger Webseiten Schutz: Deaktiviert Selbstschutz: Deaktiviert Betriebssystem: Windows 7 Service Pack 1 CPU: x64 Dateisystem: NTFS Benutzer: Timo Doblinski Suchlauf-Art: Bedrohungs-Suchlauf Ergebnis: Abgeschlossen Durchsuchte Objekte: 338535 Verstrichene Zeit: 4 Min, 53 Sek Speicher: Aktiviert Autostart: Aktiviert Dateisystem: Aktiviert Archive: Aktiviert Rootkits: Deaktiviert Heuristik: Aktiviert PUP: Aktiviert PUM: Aktiviert Prozesse: 0 (Keine schädliche Elemente erkannt) Module: 0 (Keine schädliche Elemente erkannt) Registrierungsschlüssel: 2 PUP.Optional.WindowsProtectManger.A, HKLM\SOFTWARE\WOW6432NODE\supWindowsProtectManger, In Quarantäne, [54d6eb12becb42f422ec119054af7987], PUP.Optional.FastStart.A, HKU\S-1-5-21-2490962840-1107168080-2429785914-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MOZILLA\EXTENDS, Löschen bei Neustart, [c763788533569c9ac81a4052e81bbb45], Registrierungswerte: 2 PUP.Optional.FastStart.A, HKLM\SOFTWARE\WOW6432NODE\MOZILLA\FIREFOX\EXTENSIONS|faststartff@gmail.com, C:\Users\Timo Doblinski\AppData\Roaming\Mozilla\Firefox\Profiles\06kd259v.default\extensions\faststartff@gmail.com, In Quarantäne, [69c113ea88011125f7f7b1489e66d729] PUP.Optional.FastStart.A, HKU\S-1-5-21-2490962840-1107168080-2429785914-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MOZILLA\EXTENDS|appid, faststartff@gmail.com, Löschen bei Neustart, [c763788533569c9ac81a4052e81bbb45] Registrierungsdaten: 3 PUP.Optional.Qone8, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES|DefaultScope, {33BB0A4E-99AF-4226-BDF6-49120163DE86}, Gut: ({0633EE93-D776-472f-A0FF-E1416B8B2E3A}), Schlecht: ({33BB0A4E-99AF-4226-BDF6-49120163DE86}),Ersetzt,[d2581ae33158e551f7edeabfbc4938c8] PUP.Optional.Qone8, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES|DefaultScope, {33BB0A4E-99AF-4226-BDF6-49120163DE86}, Gut: ({0633EE93-D776-472f-A0FF-E1416B8B2E3A}), Schlecht: ({33BB0A4E-99AF-4226-BDF6-49120163DE86}),Ersetzt,[1c0ecd3071188fa715cf4b5eef1647b9] PUP.Optional.SweetPage.A, HKU\S-1-5-21-2490962840-1107168080-2429785914-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Default_Page_URL, hxxp://www.sweet-page.com/?type=hp&ts=1403632136&from=wld&uid=ST2000DM001-1CH164_Z1E6X6L8XXXXZ1E6X6L8, Gut: (www.google.com), Schlecht: (hxxp://www.sweet-page.com/?type=hp&ts=1403632136&from=wld&uid=ST2000DM001-1CH164_Z1E6X6L8XXXXZ1E6X6L8),Löschen bei Neustart,[35f5b94460298aace26209a13acbca36] Ordner: 3 PUP.Optional.WPM.A, C:\ProgramData\WindowsProtectManger, In Quarantäne, [e644ad50494081b57e68baa06d96fb05], PUP.Optional.WPM.A, C:\ProgramData\WindowsProtectManger\log, In Quarantäne, [e644ad50494081b57e68baa06d96fb05], PUP.Optional.WPM.A, C:\ProgramData\WindowsProtectManger\update, In Quarantäne, [e644ad50494081b57e68baa06d96fb05], Dateien: 2 PUP.Optional.WPM.A, C:\ProgramData\WindowsProtectManger\log\wprotectmanager_2014-06-24[19-49-08-512].log, In Quarantäne, [e644ad50494081b57e68baa06d96fb05], PUP.Optional.WPM.A, C:\ProgramData\WindowsProtectManger\update\conf, In Quarantäne, [e644ad50494081b57e68baa06d96fb05], Physische Sektoren: 0 (Keine schädliche Elemente erkannt) (end) AdwCleaner Logfile: Code:
ATTFilter # AdwCleaner v4.109 - Bericht erstellt am 29/01/2015 um 14:24:31 # Aktualisiert 24/01/2015 von Xplode # Database : 2015-01-26.1 [Live] # Betriebssystem : Windows 7 Home Premium Service Pack 1 (64 bits) # Benutzername : Timo Doblinski - ARES # Gestartet von : C:\Users\Timo Doblinski\Downloads\AdwCleaner_4.109.exe # Option : Löschen ***** [ Dienste ] ***** ***** [ Dateien / Ordner ] ***** Ordner Gelöscht : C:\Users\Timo Doblinski\AppData\Local\eSupport.com ***** [ Tasks ] ***** ***** [ Verknüpfungen ] ***** ***** [ Registrierungsdatenbank ] ***** Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{00B11DA2-75ED-4364-ABA5-9A95B1F5E946} Schlüssel Gelöscht : HKCU\Software\eSupport.com Schlüssel Gelöscht : HKCU\Software\OCS Daten Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs] - C:\PROGRA~2\SupTab\SEARCH~2.DLL Daten Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings [ProxyOverride] - <local>;*.local ***** [ Browser ] ***** -\\ Internet Explorer v8.0.7601.18667 -\\ Mozilla Firefox v35.0.1 (x86 de) [10zfidt7.default-1418130938130\prefs.js] - Zeile gelöscht : user_pref("browser.newtab.url", "chrome://unitedtb/content/newtab/newtab-page.xhtml"); -\\ Google Chrome v40.0.2214.93 ************************* AdwCleaner[R0].txt - [1570 octets] - [29/01/2015 14:20:05] AdwCleaner[S0].txt - [1395 octets] - [29/01/2015 14:24:31] ########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [1455 octets] ########## ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Junkware Removal Tool (JRT) by Thisisu Version: 6.4.1 (12.28.2014:1) OS: Windows 7 Home Premium x64 Ran by Timo Doblinski on 29.01.2015 at 14:34:08,79 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~~ Services ~~~ Registry Values ~~~ Registry Keys ~~~ Files ~~~ Folders Successfully deleted: [Folder] "C:\Windows\syswow64\ai_recyclebin" ~~~ FireFox Successfully deleted: [Folder] C:\Users\Timo Doblinski\AppData\Roaming\mozilla\firefox\profiles\10zfidt7.default-1418130938130\extensions\toolbar@web.de Emptied folder: C:\Users\Timo Doblinski\AppData\Roaming\mozilla\firefox\profiles\10zfidt7.default-1418130938130\minidumps [13 files] ~~~ Event Viewer Logs were cleared ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Scan was completed on 29.01.2015 at 14:35:42,99 End of JRT log ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Ich möchte Dir schon einmal im Voraus danken! ![]() Es ist mal sehr interessant zu sehn, was man alles machen muss um so etwas zu bereinigen und es ist auch sehr interessant zu sehen wie umfangreich das alles hier ist. Ich danke dir für deine große Anteilnahme & Hilfe! LG Ares ![]() PS: Bin froh, wenn diese Bugs endlich weg sind! ![]() |
![]() | #12 |
/// the machine /// TB-Ausbilder ![]() ![]() ![]() ![]() ![]() ![]() ![]() ![]() | ![]() FreeYoutube Converter Virus? nur noch Kontrollscans ![]() ESET Online Scanner
Downloade Dir bitte ![]()
und ein frisches FRST log bitte. Noch Probleme? ![]()
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
![]() | #13 |
ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=
# OnlineScanner.ocx=
# api_version=3.0.2
# EOSSerial=dcd1e9db9378db4fb0b91a2f0044fecb
# engine=22209
# end=finished
# remove_checked=false
# archives_checked=false
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2015-01-29 06:43:16
# local_time=2015-01-29 07:43:16 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# lang=1031
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode_1='Avira Desktop'
# compatibility_mode=1810 16777213 100 100 24801 22929994 0 0
# compatibility_mode_1=''
# compatibility_mode=5893 16776573 100 94 21902 174186846 0 0
# scanned=407133
# found=0
# cleaned=0
# scan_time=2949

Results of screen317's Security Check version 0.99.95
Windows 7 Service Pack 1 x64 (UAC is disabled!)
``````````````Antivirus/Firewall Check:``````````````
Avira Desktop
Antivirus up to date!
`````````Anti-malware/Other Utilities Check:`````````
Spybot - Search & Destroy
Java 7 Update 71
Java 64-bit 8 Update 31
Adobe Flash Player
Mozilla Firefox (35.0.1)
Google Chrome (40.0.2214.91)
Google Chrome (40.0.2214.93)
````````Process Check: objlist.exe by Laurent````````
Spybot Teatimer.exe is disabled!
Avira Antivir avgnt.exe
Avira Antivir avguard.exe
`````````````````System Health check`````````````````
Total Fragmentation on Drive C:
````````````````````End of Log``````````````````````

FRST Logfile:
FRST Logfile:
FRST Logfile:
Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 28-01-2015 Ran by Timo Doblinski (administrator) on ARES on 29-01-2015 19:49:15 Running from C:\Users\Timo Doblinski\Downloads Loaded Profiles: Timo Doblinski (Available profiles: Timo Doblinski) Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland) Internet Explorer Version 8 (Default browser: FF) Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (Logitech Inc.) C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (Avira Operations GmbH & Co. KG) D:\Avira\AntiVir Desktop\sched.exe (Adobe Systems Incorporated) D:\Photoshop Elements\Elements 12 Organizer\PhotoshopElementsFileAgent.exe (Avira Operations GmbH & Co. KG) D:\Avira\AntiVir Desktop\avguard.exe (Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (AVM Berlin) C:\Program Files (x86)\avmwlanstick\WLanNetService.exe (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe (Hi-Rez Studios) D:\HiPatchService.exe (Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe () C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe (MSI) C:\Program Files (x86)\MSI\Super-Charger\ChargeService.exe (MICRO-STAR INTERNATIONAL CO., LTD.) C:\Program Files (x86)\MSI\MSITrigger\MSI_Trigger_Service.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe (Qualcomm Atheros) C:\Program Files\Qualcomm Atheros\Network Manager\KillerService.exe () C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe (Razer Inc.) D:\Razer Cortex\RzKLService.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe (Avira Operations GmbH & Co. KG) D:\Avira\AntiVir Desktop\avshadow.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe (Microsoft Corporation) C:\Program Files\Microsoft Xbox 360 Accessories\XBoxStat.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe (Microsoft Corporation) C:\Windows\System32\rundll32.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe (Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe (Akamai Technologies, Inc.) C:\Users\Timo Doblinski\AppData\Local\Akamai\netsession_win.exe (Intel Corporation) C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTsysTray8.exe () C:\Program Files\Qualcomm Atheros\Network Manager\NetworkManager.exe (Akamai Technologies, Inc.) C:\Users\Timo Doblinski\AppData\Local\Akamai\netsession_win.exe (Avira Operations GmbH & Co. KG) D:\Avira\AntiVir Desktop\avgnt.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe (MSI) C:\Program Files (x86)\MSI\Super-Charger\Super-Charger.exe (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (Creative Technology Ltd) C:\Program Files (x86)\Creative\Sound Blaster Cinema\Sound Blaster Cinema\SBCinema.exe (CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe (CyberLink) C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe (cyberlink) C:\Program Files (x86)\CyberLink\Shared files\brs.exe (AVM Berlin) C:\Program Files (x86)\avmwlanstick\WLanGUI.exe (Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe (Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE (Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe (TeamSpeak Systems GmbH) C:\Users\Timo Doblinski\AppData\Local\TeamSpeak 3 Client\ts3client_win32.exe (Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe ==================== Registry (Whitelisted) ================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [XboxStat] => C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe [825184 2009-09-30] (Microsoft Corporation) HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7202008 2013-10-17] (Realtek Semiconductor) HKLM\...\Run: [MBCfg64] => C:\Windows\system32\RunDLL32.exe C:\Windows\system32\MBCfg64.dll,RunDLLEntry MBCfg64 HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [557768 2014-09-19] (Adobe Systems Incorporated) HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2585928 2015-01-16] (NVIDIA Corporation) HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart HKLM-x32\...\Run: [avgnt] => D:\Avira\AntiVir Desktop\avgnt.exe [702768 2014-12-09] (Avira Operations GmbH & Co. KG) HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [292848 2013-04-26] (Intel Corporation) HKLM-x32\...\Run: [UpdReg] => C:\Windows\UpdReg.EXE [90112 2000-05-11] (Creative Technology Ltd.) HKLM-x32\...\Run: [Super-Charger] => C:\Program Files (x86)\MSI\Super-Charger\Super-Charger.exe [1047536 2013-11-12] (MSI) HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [271744 2014-09-26] (Oracle Corporation) HKLM-x32\...\Run: [Sound Blaster Cinema] => C:\Program Files (x86)\Creative\Sound Blaster Cinema\Sound Blaster Cinema\SBCinema.exe [711680 2013-08-16] (Creative Technology Ltd) HKLM-x32\...\Run: [RemoteControl10] => C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [95192 2013-03-08] (CyberLink Corp.) HKLM-x32\...\Run: [RazerCortex] => D:\Razer Cortex\RazerCortex.exe [60640 2014-12-06] (Razer Inc.) HKLM-x32\...\Run: [CLMLServer] => C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe [107816 2011-03-09] (CyberLink) HKLM-x32\...\Run: [BDRegion] => C:\Program Files (x86)\Cyberlink\Shared files\brs.exe [179976 2013-09-02] (cyberlink) HKLM-x32\...\Run: [AVMWlanClient] => C:\Program Files (x86)\avmwlanstick\wlangui.exe [2105344 2010-10-22] (AVM Berlin) HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2694320 2014-10-01] (Adobe Systems Incorporated) HKLM-x32\...\Run: [SDTray] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [4101576 2014-06-24] (Safer-Networking Ltd.) HKLM-x32\...\Run: [Avira Systray] => C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe [126712 2014-12-31] (Avira Operations GmbH & Co. KG) Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X] HKU\S-1-5-21-2490962840-1107168080-2429785914-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [6501656 2014-10-23] (Piriform Ltd) HKU\S-1-5-21-2490962840-1107168080-2429785914-1000\...\Run: [CAHeadless] => D:\Photoshop Elements\Elements 12 Organizer\CAHeadless\ElementsAutoAnalyzer.exe [1401040 2014-04-24] (Adobe Systems Incorporated) HKU\S-1-5-21-2490962840-1107168080-2429785914-1000\...\Run: [Akamai NetSession Interface] => C:\Users\Timo Doblinski\AppData\Local\Akamai\netsession_win.exe [4673432 2014-10-29] (Akamai Technologies, Inc.) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\ISCTSystray.lnk ShortcutTarget: ISCTSystray.lnk -> C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTsysTray8.exe (Intel Corporation) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Killer Network Manager.lnk ShortcutTarget: Killer Network Manager.lnk -> C:\Windows\Installer\{4E08CC97-912D-458B-8705-9A14C325532F}\NetworkManager.exe_130C27D738F34C89BDDF21BCFD74B56D.exe (Flexera Software LLC) ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll () ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll () ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll () BootExecute: autocheck autochk * sdnclean64.exe ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = about:blank HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = about:blank HKU\S-1-5-21-2490962840-1107168080-2429785914-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/ SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation) BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.) BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation) BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation) BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation) BHO-x32: Microsoft-Konto-Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.) BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\Office15\URLREDIR.DLL (Microsoft Corporation) BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) Toolbar: HKU\S-1-5-21-2490962840-1107168080-2429785914-1000 -> No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File Toolbar: HKU\S-1-5-21-2490962840-1107168080-2429785914-1000 -> No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL (Microsoft Corporation) Tcpip\Parameters: [DhcpNameServer] FireFox: ======== FF ProfilePath: C:\Users\Timo Doblinski\AppData\Roaming\Mozilla\Firefox\Profiles\10zfidt7.default-1418130938130 FF NewTab: chrome://unitedtb/content/newtab/newtab-page.xhtml FF Homepage: google.de FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_16_0_0_296.dll () FF Plugin: @esn/npbattlelog,version=2.5.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.5.1\npbattlelogx64.dll (EA Digital Illusions CE AB) FF Plugin: adobe.com/AdobeAAMDetect_x86_64 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems) FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_296.dll () FF Plugin-x32: @esn/npbattlelog,version=2.3.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.3.2\npbattlelog.dll No File FF Plugin-x32: @esn/npbattlelog,version=2.5.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.5.1\npbattlelog.dll (EA Digital Illusions CE AB) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation) FF Plugin-x32: @java.com/DTPlugin,version=10.71.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=10.71.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3508.0205 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF Plugin-x32: @Nero.com/KM -> C:\PROGRA~2\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL (Nero AG) FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation) FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\\npGoogleUpdate3.dll (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\\npGoogleUpdate3.dll (Google Inc.) FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll (Adobe Systems) FF Extension: Adblock Plus - C:\Users\Timo Doblinski\AppData\Roaming\Mozilla\Firefox\Profiles\10zfidt7.default-1418130938130\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-12-10] Chrome: ======= CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - No Path ==================== Services (Whitelisted) ================= (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R2 AdobeActiveFileMonitor12.0; D:\Photoshop Elements\Elements 12 Organizer\PhotoshopElementsFileAgent.exe [181152 2013-09-03] (Adobe Systems Incorporated) R2 AntiVirSchedulerService; D:\Avira\AntiVir Desktop\sched.exe [431920 2014-12-09] (Avira Operations GmbH & Co. KG) R2 AntiVirService; D:\Avira\AntiVir Desktop\avguard.exe [431920 2014-12-09] (Avira Operations GmbH & Co. KG) R2 Avira.OE.ServiceHost; C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe [178424 2014-12-31] (Avira Operations GmbH & Co. KG) R2 AVM WLAN Connection Service; C:\Program Files (x86)\avmwlanstick\WlanNetService.exe [376832 2010-10-22] (AVM Berlin) [File not signed] S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [448384 2014-12-03] () S4 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2449592 2014-11-12] (Microsoft Corporation) S2 CLKMSVC10_38F51D56; C:\Program Files (x86)\CyberLink\PowerDVD10\NavFilter\kmsvc.exe [243464 2013-09-02] (CyberLink) R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1148744 2015-01-16] (NVIDIA Corporation) U2 HiPatchService; D:\HiPatchService.exe [9216 2014-02-28] (Hi-Rez Studios) [File not signed] S3 IEEtwCollectorService; C:\Windows\system32\IEEtwCollector.exe [114688 2014-11-22] (Microsoft Corporation) [File not signed] R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-27] (Intel(R) Corporation) [File not signed] S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [828376 2013-08-27] (Intel(R) Corporation) R2 ISCTAgent; C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe [198120 2013-08-01] () R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-09-16] (Intel Corporation) R2 MSI_SuperCharger; C:\Program Files (x86)\MSI\Super-Charger\ChargeService.exe [161776 2013-09-09] (MSI) R2 MSI_Trigger_Service; C:\Program Files (x86)\MSI\MSITrigger\MSI_Trigger_Service.exe [30240 2013-09-26] (MICRO-STAR INTERNATIONAL CO., LTD.) R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1706312 2015-01-16] (NVIDIA Corporation) R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [21833544 2015-01-16] (NVIDIA Corporation) S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [1900400 2014-12-06] (Electronic Arts) R2 Qualcomm Atheros Killer Service V2; C:\Program Files\Qualcomm Atheros\Network Manager\KillerService.exe [343040 2013-08-08] (Qualcomm Atheros) [File not signed] R2 Razer Game Scanner Service; C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe [186048 2014-12-09] () R2 RzKLService; D:\Razer Cortex\RzKLService.exe [105448 2014-12-06] (Razer Inc.) S2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1738168 2014-06-24] (Safer-Networking Ltd.) R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2088408 2014-06-27] (Safer-Networking Ltd.) R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [171928 2014-04-25] (Safer-Networking Ltd.) R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation) ==================== Drivers (Whitelisted) ==================== (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [119272 2014-10-09] (Avira Operations GmbH & Co. KG) R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [131608 2014-10-09] (Avira Operations GmbH & Co. KG) R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2014-05-09] (Avira Operations GmbH & Co. KG) S3 avmeject; C:\Windows\System32\drivers\avmeject.sys [14120 2010-10-04] (AVM Berlin) S1 BfLwf; C:\Windows\System32\DRIVERS\bflwfx64.sys [67888 2013-02-13] (Qualcomm Atheros, Inc.) R3 ikbevent; C:\Windows\System32\DRIVERS\ikbevent.sys [21408 2013-08-01] () R3 imsevent; C:\Windows\System32\DRIVERS\imsevent.sys [21920 2013-08-01] () R3 INETMON; C:\Windows\System32\Drivers\INETMON.sys [29088 2013-08-01] () R3 ISCT; C:\Windows\System32\DRIVERS\ISCTD64.sys [46568 2013-08-01] () R3 Ke2200; C:\Windows\System32\DRIVERS\e22w7x64.sys [154320 2013-03-20] (Qualcomm Atheros, Inc.) S3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [129752 2015-01-29] (Malwarebytes Corporation) R3 MEIx64; C:\Windows\System32\DRIVERS\TeeDriverx64.sys [99288 2013-09-16] (Intel Corporation) R3 NTIOLib_1_0_3; C:\Program Files (x86)\MSI\Super-Charger\NTIOLib_X64.sys [13368 2012-10-25] (MSI) R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19784 2015-01-16] (NVIDIA Corporation) R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [38032 2014-11-22] (NVIDIA Corporation) R0 PxHlpa64; C:\Windows\System32\drivers\PxHlpa64.sys [56336 2013-07-19] (Corel Corporation) R2 rzpmgrk; C:\Windows\system32\drivers\rzpmgrk.sys [37184 2014-12-09] (Razer, Inc.) ==================== NetSvcs (Whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.) ==================== One Month Created Files and Folders ======== (If an entry is included in the fixlist, the file\folder will be moved.) 2015-01-29 19:49 - 2015-01-29 19:49 - 00021618 _____ () C:\Users\Timo Doblinski\Downloads\FRST.txt 2015-01-29 19:46 - 2015-01-29 19:46 - 00852573 _____ () C:\Users\Timo Doblinski\Downloads\SecurityCheck.exe 2015-01-29 18:51 - 2015-01-29 18:51 - 02347384 _____ (ESET) C:\Users\Timo Doblinski\Downloads\esetsmartinstaller_deu.exe 2015-01-29 18:51 - 2015-01-29 18:51 - 00000000 ____D () C:\Program Files (x86)\ESET 2015-01-29 17:03 - 2015-01-29 17:18 - 00000000 ____D () C:\Users\Timo Doblinski\Desktop\Wichtiges 2015-01-29 14:39 - 2015-01-29 14:39 - 02130432 _____ (Farbar) C:\Users\Timo Doblinski\Downloads\FRST64.exe 2015-01-29 14:34 - 2015-01-29 14:34 - 00000000 ____D () C:\Windows\ERUNT 2015-01-29 14:33 - 2015-01-29 14:33 - 01707939 _____ (Thisisu) C:\Users\Timo Doblinski\Downloads\JRT.exe 2015-01-29 14:27 - 2015-01-29 17:20 - 00000000 ____D () C:\Users\Timo Doblinski\Desktop\AntiMailware Stuff 2015-01-29 14:19 - 2015-01-29 14:24 - 00000000 ____D () C:\AdwCleaner 2015-01-29 14:17 - 2015-01-29 14:17 - 00001137 _____ () C:\Users\Public\Desktop\Avira.lnk 2015-01-29 14:17 - 2015-01-29 14:17 - 00000000 __SHD () C:\Windows\SysWOW64\%APPDATA% 2015-01-29 13:50 - 2015-01-29 14:15 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys 2015-01-29 13:50 - 2015-01-29 13:50 - 00000619 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk 2015-01-29 13:50 - 2015-01-29 13:50 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 2015-01-29 13:50 - 2015-01-29 13:50 - 00000000 ____D () C:\ProgramData\Malwarebytes 2015-01-29 13:50 - 2014-11-21 06:14 - 00093400 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys 2015-01-29 13:50 - 2014-11-21 06:14 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys 2015-01-29 13:50 - 2014-11-21 06:14 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys 2015-01-28 12:33 - 2015-01-29 19:49 - 00000000 ____D () C:\FRST 2015-01-27 12:55 - 2015-01-27 12:55 - 00000000 ____D () C:\Users\Timo Doblinski\Desktop\League of Legends Soundtracks 2015-01-27 12:50 - 2015-01-29 17:54 - 00579711 _____ () C:\Windows\setupact.log 2015-01-27 12:50 - 2015-01-29 14:25 - 00002420 _____ () C:\Windows\PFRO.log 2015-01-27 12:50 - 2015-01-27 12:50 - 00000000 _____ () C:\Windows\setuperr.log 2015-01-27 04:04 - 2015-01-27 04:05 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox 2015-01-27 03:00 - 2015-01-29 15:15 - 00051552 _____ () C:\Windows\IE10_main.log 2015-01-25 23:42 - 2009-06-10 22:00 - 00000824 _____ () C:\Windows\system32\Drivers\etc\hosts.20150125-234201.backup 2015-01-25 22:43 - 2015-01-25 22:43 - 00000000 ____D () C:\Users\Timo Doblinski\AppData\Roaming\NVIDIA 2015-01-25 22:35 - 2009-06-10 22:00 - 00000824 _____ () C:\Windows\system32\Drivers\etc\hosts.20150125-223513.backup 2015-01-25 22:25 - 2015-01-25 22:32 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy 2015-01-25 22:25 - 2015-01-25 22:27 - 00000000 ____D () C:\Program Files (x86)\Spybot - Search & Destroy 2 2015-01-25 22:25 - 2015-01-25 22:25 - 00001395 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk 2015-01-25 22:25 - 2015-01-25 22:25 - 00001383 _____ () C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk 2015-01-25 22:25 - 2015-01-25 22:25 - 00000000 ____D () C:\Windows\System32\Tasks\Safer-Networking 2015-01-25 22:25 - 2015-01-25 22:25 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2 2015-01-25 22:25 - 2013-09-20 10:49 - 00021040 _____ (Safer Networking Limited) C:\Windows\system32\sdnclean64.exe 2015-01-25 22:14 - 2015-01-25 22:15 - 00000000 ____D () C:\Users\Timo Doblinski\AppData\Local\NVIDIA 2015-01-25 22:13 - 2015-01-29 16:23 - 00000000 ____D () C:\ProgramData\NVIDIA 2015-01-25 22:13 - 2015-01-25 22:15 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation 2015-01-25 22:13 - 2015-01-25 22:13 - 00001351 _____ () C:\Users\Public\Desktop\GeForce Experience.lnk 2015-01-25 22:13 - 2015-01-16 07:41 - 01756424 _____ (NVIDIA Corporation) C:\Windows\system32\nvspbridge64.dll 2015-01-25 22:13 - 2015-01-16 07:41 - 01514528 _____ (NVIDIA Corporation) C:\Windows\system32\nvspcap64.dll 2015-01-25 22:13 - 2015-01-16 07:41 - 01316184 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspbridge.dll 2015-01-25 22:13 - 2015-01-16 07:41 - 01278920 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspcap.dll 2015-01-25 22:13 - 2015-01-10 09:07 - 00073872 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll 2015-01-25 22:13 - 2015-01-10 09:07 - 00060744 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll 2015-01-25 22:13 - 2015-01-10 00:30 - 06860432 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll 2015-01-25 22:13 - 2015-01-10 00:30 - 03517256 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll 2015-01-25 22:13 - 2015-01-10 00:29 - 02558608 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll 2015-01-25 22:13 - 2015-01-10 00:29 - 00935056 _____ (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe 2015-01-25 22:13 - 2015-01-10 00:29 - 00385352 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll 2015-01-25 22:13 - 2015-01-10 00:29 - 00062608 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll 2015-01-25 22:13 - 2015-01-09 23:27 - 00621200 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe 2015-01-25 22:13 - 2015-01-09 20:47 - 04173527 _____ () C:\Windows\system32\nvcoproc.bin 2015-01-25 22:12 - 2015-01-13 05:15 - 01540240 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdagenco6420103.dll 2015-01-25 22:12 - 2015-01-13 05:15 - 00195728 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvhda64v.sys 2015-01-25 22:12 - 2015-01-13 05:15 - 00030536 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdap64.dll 2015-01-25 22:12 - 2015-01-10 09:07 - 32102544 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll 2015-01-25 22:12 - 2015-01-10 09:07 - 25459856 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll 2015-01-25 22:12 - 2015-01-10 09:07 - 24765584 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll 2015-01-25 22:12 - 2015-01-10 09:07 - 20465296 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll 2015-01-25 22:12 - 2015-01-10 09:07 - 18566296 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll 2015-01-25 22:12 - 2015-01-10 09:07 - 17250776 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll 2015-01-25 22:12 - 2015-01-10 09:07 - 16009120 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll 2015-01-25 22:12 - 2015-01-10 09:07 - 14115944 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll 2015-01-25 22:12 - 2015-01-10 09:07 - 13295552 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll 2015-01-25 22:12 - 2015-01-10 09:07 - 13210248 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll 2015-01-25 22:12 - 2015-01-10 09:07 - 10774544 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll 2015-01-25 22:12 - 2015-01-10 09:07 - 10714488 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll 2015-01-25 22:12 - 2015-01-10 09:07 - 10274448 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys 2015-01-25 22:12 - 2015-01-10 09:07 - 03607184 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll 2015-01-25 22:12 - 2015-01-10 09:07 - 03298816 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll 2015-01-25 22:12 - 2015-01-10 09:07 - 03245712 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll 2015-01-25 22:12 - 2015-01-10 09:07 - 02902456 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll 2015-01-25 22:12 - 2015-01-10 09:07 - 01895240 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6434725.dll 2015-01-25 22:12 - 2015-01-10 09:07 - 01556808 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6434725.dll 2015-01-25 22:12 - 2015-01-10 09:07 - 00994712 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshimx.dll 2015-01-25 22:12 - 2015-01-10 09:07 - 00969360 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll 2015-01-25 22:12 - 2015-01-10 09:07 - 00942736 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll 2015-01-25 22:12 - 2015-01-10 09:07 - 00929424 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll 2015-01-25 22:12 - 2015-01-10 09:07 - 00906384 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll 2015-01-25 22:12 - 2015-01-10 09:07 - 00877488 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll 2015-01-25 22:12 - 2015-01-10 09:07 - 00496456 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll 2015-01-25 22:12 - 2015-01-10 09:07 - 00399688 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll 2015-01-25 22:12 - 2015-01-10 09:07 - 00390472 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFROpenGL.dll 2015-01-25 22:12 - 2015-01-10 09:07 - 00353040 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll 2015-01-25 22:12 - 2015-01-10 09:07 - 00345744 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFROpenGL.dll 2015-01-25 22:12 - 2015-01-10 09:07 - 00305320 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll 2015-01-25 22:12 - 2015-01-10 09:07 - 00177624 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll 2015-01-25 22:12 - 2015-01-10 09:07 - 00164568 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll 2015-01-25 22:12 - 2015-01-10 09:07 - 00027441 _____ () C:\Windows\system32\nvinfo.pb 2015-01-25 22:12 - 2014-11-22 11:46 - 00038032 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad64v.sys 2015-01-25 22:12 - 2014-11-22 11:46 - 00035472 _____ (NVIDIA Corporation) C:\Windows\system32\nvaudcap64v.dll 2015-01-25 22:12 - 2014-11-22 11:46 - 00032400 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvaudcap32v.dll 2015-01-25 21:58 - 2015-01-25 21:58 - 00003528 ____N () C:\bootsqm.dat 2015-01-25 21:15 - 2015-01-25 21:15 - 01732032 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll 2015-01-25 21:15 - 2015-01-25 21:15 - 01292192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll 2015-01-25 21:15 - 2015-01-25 21:15 - 00878080 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll 2015-01-25 21:15 - 2015-01-25 21:15 - 00859648 _____ (Microsoft Corporation) C:\Windows\system32\tdh.dll 2015-01-25 21:15 - 2015-01-25 21:15 - 00640512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll 2015-01-25 21:15 - 2015-01-25 21:15 - 00619520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdh.dll 2015-01-25 20:59 - 2014-10-03 10:02 - 103265616 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe 2015-01-24 12:48 - 2015-01-24 12:53 - 00000000 ____D () C:\ProgramData\E1864A66-75E3-486a-BD95-D1B7D99A84A7 2015-01-24 12:47 - 2015-01-24 12:53 - 00000000 ____D () C:\Program Files\Common Files\Apple 2015-01-24 12:47 - 2015-01-24 12:47 - 00002519 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk 2015-01-24 12:47 - 2015-01-24 12:47 - 00000000 ____D () C:\Program Files\Bonjour 2015-01-24 12:47 - 2015-01-24 12:47 - 00000000 ____D () C:\Program Files (x86)\Bonjour 2015-01-24 12:47 - 2015-01-24 12:47 - 00000000 ____D () C:\Program Files (x86)\Apple Software Update 2015-01-24 12:08 - 2015-01-24 12:08 - 00003088 _____ () C:\Windows\System32\Tasks\{BC124D6D-AF19-4CFF-965A-55009F869EAD} 2015-01-24 11:56 - 2015-01-24 12:39 - 00000000 ____D () C:\Windows\pss 2015-01-20 12:30 - 2014-11-11 04:08 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll 2015-01-20 12:30 - 2014-11-11 04:08 - 00241152 _____ (Microsoft Corporation) C:\Windows\system32\pku2u.dll 2015-01-20 12:30 - 2014-11-11 03:44 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll 2015-01-20 12:30 - 2014-11-11 03:44 - 00186880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pku2u.dll 2015-01-20 12:30 - 2014-05-30 07:45 - 00497152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys 2015-01-20 12:30 - 2014-03-04 10:44 - 00722944 _____ (Microsoft Corporation) C:\Windows\system32\objsel.dll 2015-01-20 12:30 - 2014-03-04 10:44 - 00424960 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll 2015-01-20 12:30 - 2014-03-04 10:44 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\wincredprovider.dll 2015-01-20 12:30 - 2014-03-04 10:43 - 00057344 _____ (Microsoft Corporation) C:\Windows\system32\cngprovider.dll 2015-01-20 12:30 - 2014-03-04 10:43 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\adprovider.dll 2015-01-20 12:30 - 2014-03-04 10:43 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\capiprovider.dll 2015-01-20 12:30 - 2014-03-04 10:43 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\dpapiprovider.dll 2015-01-20 12:30 - 2014-03-04 10:43 - 00044544 _____ (Microsoft Corporation) C:\Windows\system32\dimsroam.dll 2015-01-20 12:30 - 2014-03-04 10:17 - 00538112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\objsel.dll 2015-01-20 12:30 - 2014-03-04 10:17 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cngprovider.dll 2015-01-20 12:30 - 2014-03-04 10:17 - 00049664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adprovider.dll 2015-01-20 12:30 - 2014-03-04 10:17 - 00048128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\capiprovider.dll 2015-01-20 12:30 - Themen zu FreeYoutube Converter Virus? |
antivir, ccleaner, converter, downloaden, erneut, festplatte, festplatten, folge, free, installation, mailware, mp3, platte, programm, spybot, spybot search and destroy, spyware, system, taskmanager, update, updaten, virus, virus?, windows, windows 7, youtube, öffnet |