Plagegeister aller Art und deren Bekämpfung: Keine richtige Server-verbindungWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.
Hallo, Ich brauche Hilfe bei einem kleinen Problem mit meinem PC. Nachdem ich meinen PC einem Freund ausgeliehen habe funktioniert die Internetverbindung nicht so wie gewohnt. Ich habe meinen Freund darauf hingewiesen nichts zu downloaden, dies versicherte er mir bei dem Verleih und bei der Rückgabe das er nichts downloaden wird bzw. nichts gedownloadet hat. Jedoch als ich versucht habe mich in GTA 5 einzuloggen konnte ich dies nicht obwohl nach der Website alle Server online waren. Das gleiche hatte ich auch bei Minecraft und Rust. Ich kann auch keine Windows-Updates mehr machen. Ich zweifle nicht an einem Virus den mir mein Freund wahrscheinlich gedownloadet hat. Nun benötige ich bitte Hilfe und währe sehr erfreut wenn ich meinen PC wieder in vollem Ausmaß nutzen könnte.
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 22-05-2015 Ran by User (administrator) on USER-PC on 22-05-2015 15:44:54 Running from C:\Users\User\Downloads Loaded Profiles: User (Available profiles: User) Platform: Windows 7 Professional Service Pack 1 (X64) OS Language: Deutsch (Deutschland) Internet Explorer Version 11 (Default browser: Chrome) Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (G Data Software AG) C:\Program Files (x86)\Common Files\G Data\GDScan\GDScan.exe (G Data Software AG) C:\Program Files (x86)\G DATA\InternetSecurity\AVK\AVKWCtlx64.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (G Data Software AG) C:\Program Files (x86)\G DATA\InternetSecurity\AVKTray\AVKTray.exe (Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe (G Data Software AG) C:\Program Files (x86)\Common Files\G Data\AVKProxy\AVKProxy.exe (G Data Software AG) C:\Program Files (x86)\G DATA\InternetSecurity\AVK\AVKService.exe (G Data Software AG) C:\Program Files (x86)\Common Files\G Data\AVKProxy\GDKBFltExe32.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe (Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe (Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe (Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe (Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe (Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe (Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe (Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE (G Data Software AG) C:\Program Files (x86)\G DATA\InternetSecurity\Firewall\GDFwSvcx64.exe (G Data Software AG) C:\Program Files (x86)\Common Files\G Data\AVKProxy\AVKBap64.exe (Atheros Communications) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe (Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe (VIA Technologies, Inc.) C:\Program Files\VIA XHCI UASP Utility\usb3Monitor.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe (Valve Corporation) F:\Steam\Steam.exe (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (G Data Software AG) C:\Program Files (x86)\G DATA\InternetSecurity\AVK\AVK.exe (G DATA Software AG) C:\Program Files (x86)\G DATA\InternetSecurity\Firewall\GDFirewallTray.exe (Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe (Valve Corporation) F:\Steam\bin\steamwebhelper.exe (Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe (TeamSpeak Systems GmbH) C:\Program Files (x86)\TeamSpeak 3 Client\ts3client_win32.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe () C:\Users\User\Downloads\Defogger.exe (Farbar) C:\Users\User\Downloads\FRST64 (2).exe ==================== Registry (Whitelisted) ================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM-x32\...\Run: [AtherosBtStack] => C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [613024 2010-09-27] (Atheros Communications) HKLM-x32\...\Run: [AthBtTray] => C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe [379040 2010-09-27] (Atheros Commnucations) HKLM-x32\...\Run: [IgfxTray] => C:\Windows\system32\igfxtray.exe [166936 2010-10-07] (Intel Corporation) HKLM-x32\...\Run: [HotKeysCmds] => C:\Windows\system32\hkcmd.exe [391704 2010-10-07] (Intel Corporation) HKLM-x32\...\Run: [Persistence] => C:\Windows\system32\igfxpers.exe [416792 2010-10-07] (Intel Corporation) HKLM\...\Run: [VIAxHCUtl] => C:\Program Files\VIA XHCI UASP Utility\usb3Monitor HKLM-x32\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2685072 2015-05-01] (NVIDIA Corporation) HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [334896 2015-04-30] (Oracle Corporation) HKLM-x32\...\Run: [GDFirewallTray] => C:\Program Files (x86)\G DATA\InternetSecurity\Firewall\GDFirewallTray.exe [1855608 2015-02-20] (G DATA Software AG) HKLM-x32\...\Run: [SDTray] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [4101576 2014-06-24] (Safer-Networking Ltd.) HKLM\...\Winlogon: [Userinit] C:\Windows\system32\userinit.exe,C:\Program Files (x86)\G DATA\InternetSecurity\AVKTray\AVKTray.exe,c:\program files (x86)\g data\internetsecurity\avkkid\avkcks.exe Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation) Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X] HKU\S-1-5-19\...\Winlogon: [Shell] C:\Windows\explorer.exe [2871808 2011-02-25] (Microsoft Corporation) <==== ATTENTION HKU\S-1-5-20\...\Winlogon: [Shell] C:\Windows\explorer.exe [2871808 2011-02-25] (Microsoft Corporation) <==== ATTENTION HKU\S-1-5-21-3928150652-2756980015-3035233101-1000\...\Run: [Steam] => F:\Steam\steam.exe [2888384 2015-05-15] (Valve Corporation) HKU\S-1-5-21-3928150652-2756980015-3035233101-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8204056 2015-04-23] (Piriform Ltd) HKU\S-1-5-21-3928150652-2756980015-3035233101-1000\...\MountPoints2: {5f0edd4e-d0c2-11e4-bad8-806e6f6e6963} - D:\Setup.exe HKU\S-1-5-21-3928150652-2756980015-3035233101-1000\...\Winlogon: [Shell] C:\Windows\explorer.exe [2871808 2011-02-25] (Microsoft Corporation) <==== ATTENTION HKU\S-1-5-18\...\RunOnce: [SPReview] => C:\Windows\System32\SPReview\SPReview.exe [301568 2013-07-15] (Microsoft Corporation) HKU\S-1-5-18\...\Winlogon: [Shell] C:\Windows\explorer.exe [2871808 2011-02-25] (Microsoft Corporation) <==== ATTENTION BootExecute: autocheck autochk * sdnclean64.exe ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = HKU\S-1-5-21-3928150652-2756980015-3035233101-1000\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_45\bin\ssv.dll [2015-05-06] (Oracle Corporation) BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_45\bin\jp2ssv.dll [2015-05-06] (Oracle Corporation) BHO-x32: CIESpeechBHO Class -> {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} -> C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll [2010-09-27] (Atheros Commnucations) Winsock: Catalog9-x64 01 C:\Windows\system32\abengine64.dll File Not ' & $found1 & ' Winsock: Catalog9-x64 02 C:\Windows\system32\abengine64.dll File Not ' & $found1 & ' Winsock: Catalog9-x64 03 C:\Windows\system32\abengine64.dll File Not ' & $found1 & ' Winsock: Catalog9-x64 04 C:\Windows\system32\abengine64.dll File Not ' & $found1 & ' Winsock: Catalog9-x64 15 C:\Windows\system32\abengine64.dll File Not ' & $found1 & ' Tcpip\Parameters: [DhcpNameServer] FireFox: ======== FF ProfilePath: C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\175vkymt.default FF Plugin: @java.com/DTPlugin,version=11.45.2 -> C:\Program Files\Java\jre1.8.0_45\bin\dtplugin\npDeployJava1.dll [2015-05-06] (Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=11.45.2 -> C:\Program Files\Java\jre1.8.0_45\bin\plugin2\npjp2.dll [2015-05-06] (Oracle Corporation) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=3.5.29 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-05-16] (Intel Corporation) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-05-16] (Intel Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation) FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-04-08] (NVIDIA Corporation) FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-04-08] (NVIDIA Corporation) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\\npGoogleUpdate3.dll [2015-05-19] (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\\npGoogleUpdate3.dll [2015-05-19] (Google Inc.) FF Plugin HKU\S-1-5-21-3928150652-2756980015-3035233101-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\User\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2015-05-11] (Unity Technologies ApS) Chrome: ======= CHR Profile: C:\Users\User\AppData\Local\Google\Chrome\User Data\Default CHR Extension: (Google Docs) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-03-24] CHR Extension: (Google Drive) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-03-24] CHR Extension: (YouTube) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-03-24] CHR Extension: (Google Search) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-03-24] CHR Extension: (Bookmark Manager) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmlllbghnfkpflemihljekbapjopfjik [2015-05-06] CHR Extension: (Chrome Hotword Shared Module) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-05-06] CHR Extension: (Google Wallet) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-05-06] CHR Extension: (Bitdefender QuickScan) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\pdnkcidphdcakpkheohlhocaicfamjie [2015-05-17] CHR Extension: (Gmail) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-24] ==================== Services (Whitelisted) ================= (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [52896 2010-09-27] (Atheros Commnucations) [] R2 AVKProxy; C:\Program Files (x86)\Common Files\G Data\AVKProxy\AVKProxy.exe [2528888 2015-04-16] (G Data Software AG) R2 AVKService; C:\Program Files (x86)\G DATA\InternetSecurity\AVK\AVKService.exe [965240 2015-02-20] (G Data Software AG) R2 AVKWCtl; C:\Program Files (x86)\G DATA\InternetSecurity\AVK\AVKWCtlx64.exe [3672560 2015-04-07] (G Data Software AG) S3 EasyAntiCheat; C:\Windows\SysWOW64\EasyAntiCheat.exe [235744 2015-05-22] (EasyAntiCheat Ltd) R3 GDFwSvc; C:\Program Files (x86)\G DATA\InternetSecurity\Firewall\GDFwSvcx64.exe [3193080 2015-02-20] (G Data Software AG) R3 GDScan; C:\Program Files (x86)\Common Files\G Data\GDScan\GDScan.exe [789112 2015-03-04] (G Data Software AG) R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1152656 2015-05-01] (NVIDIA Corporation) R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [731648 2013-02-13] (Intel(R) Corporation) [] S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [820184 2013-02-13] (Intel(R) Corporation) R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [131544 2013-05-16] (Intel Corporation) R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-05-16] (Intel Corporation) S2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1080120 2015-04-14] (Malwarebytes Corporation) R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1884304 2015-05-01] (NVIDIA Corporation) S2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [22997648 2015-05-01] (NVIDIA Corporation) R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1738168 2014-06-24] (Safer-Networking Ltd.) R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2088408 2014-06-27] (Safer-Networking Ltd.) R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [171928 2014-04-25] (Safer-Networking Ltd.) R3 Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [837824 2015-05-15] (Valve Corporation) [] R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation) ==================== Drivers (Whitelisted) ==================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R0 GDBehave; C:\Windows\System32\drivers\GDBehave.sys [150016 2015-05-20] (G Data Software AG) R3 GDKBB; C:\Windows\system32\drivers\GDKBB64.sys [27648 2015-05-20] (G Data Software AG) R1 GDKBFlt; C:\Windows\system32\drivers\GDKBFlt64.sys [20992 2015-05-20] (G Data Software AG) R1 GDMnIcpt; C:\Windows\system32\drivers\MiniIcpt.sys [230400 2015-05-20] (G Data Software AG) R3 GDPkIcpt; C:\Windows\system32\drivers\PktIcpt.sys [75776 2015-05-20] (G Data Software AG) R1 gdwfpcd; C:\Windows\System32\drivers\gdwfpcd64.sys [64512 2015-05-20] (G Data Software AG) R1 GRD; C:\Windows\system32\drivers\GRD.sys [106272 2015-05-20] (G Data Software) R1 HookCentre; C:\Windows\system32\drivers\HookCentre.sys [124928 2015-05-20] (G Data Software AG) S3 L1c; C:\Windows\System32\DRIVERS\l1c51x64.sys [104600 2012-11-19] (Atheros Communications, Inc.) R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-04-14] (Malwarebytes Corporation) S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-04-14] (Malwarebytes Corporation) S3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [15416 2009-05-14] () S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19600 2015-05-01] (NVIDIA Corporation) R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [38032 2014-11-22] (NVIDIA Corporation) S3 rusb3xhc; C:\Windows\System32\DRIVERS\rusb3xhc.sys [230280 2012-08-27] (Renesas Electronics Corporation) R3 Sftfs; C:\Windows\System32\DRIVERS\Sftfswin7.sys [767648 2014-10-08] (Microsoft Corporation) R3 Sftplay; C:\Windows\System32\DRIVERS\Sftplaywin7.sys [273576 2014-10-08] (Microsoft Corporation) R3 Sftredir; C:\Windows\System32\DRIVERS\Sftredirwin7.sys [29864 2014-10-08] (Microsoft Corporation) R3 Sftvol; C:\Windows\System32\DRIVERS\Sftvolwin7.sys [23208 2014-10-08] (Microsoft Corporation) S3 VUSB3HUB; C:\Windows\System32\DRIVERS\ViaHub3.sys [225792 2013-09-25] (VIA Technologies, Inc.) S3 xhcdrv; C:\Windows\System32\DRIVERS\xhcdrv.sys [296960 2013-09-25] (VIA Technologies, Inc.) ==================== NetSvcs (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ==================== One Month Created files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2015-05-22 15:44 - 2015-05-22 15:44 - 00000242 _____ () C:\Users\User\Downloads\defogger_enable.log 2015-05-22 15:22 - 2015-05-22 15:44 - 00000470 _____ () C:\Users\User\Downloads\defogger_disable.log 2015-05-22 15:22 - 2015-05-22 15:44 - 00000000 _____ () C:\Users\User\defogger_reenable 2015-05-22 15:21 - 2015-05-22 15:21 - 02108416 _____ (Farbar) C:\Users\User\Downloads\FRST64 (2).exe 2015-05-22 15:21 - 2015-05-22 15:21 - 00050477 _____ () C:\Users\User\Downloads\Defogger.exe 2015-05-22 15:14 - 2015-05-22 15:14 - 00000103 _____ () C:\Users\User\Documents\Fixlist.txt 2015-05-22 14:42 - 2015-05-22 14:42 - 00235744 ____C (EasyAntiCheat Ltd) C:\Windows\SysWOW64\EasyAntiCheat.exe 2015-05-21 21:46 - 2015-05-22 15:35 - 00000000 ____D () C:\Users\User\AppData\Roaming\pszhthix 2015-05-20 20:49 - 2015-05-20 20:49 - 00000000 ____D () C:\Users\User\AppData\Roaming\icsnvjws 2015-05-20 18:48 - 2015-05-20 18:48 - 00000000 ____D () C:\Users\User\AppData\Roaming\tgcwurpt 2015-05-20 18:46 - 2015-05-20 18:46 - 00000000 ____D () C:\Users\User\AppData\Roaming\bqyjvsez 2015-05-20 18:39 - 2015-05-20 18:39 - 00000000 ____D () C:\Users\User\AppData\Roaming\fegmihbz 2015-05-20 18:18 - 2015-05-22 15:37 - 00008802 _____ () C:\Windows\WindowsUpdate.log 2015-05-20 18:16 - 2015-05-20 18:16 - 00106272 _____ (G Data Software) C:\Windows\system32\Drivers\GRD.sys 2015-05-20 18:16 - 2015-05-20 18:16 - 00018160 _____ (G Data Software) C:\Windows\system32\Drivers\GdPhyMem.sys 2015-05-20 18:13 - 2015-05-22 15:35 - 00001385 _____ () C:\Windows\setupact.log 2015-05-20 18:13 - 2015-05-20 18:13 - 00027648 _____ (G Data Software AG) C:\Windows\system32\Drivers\GDKBB64.sys 2015-05-20 18:13 - 2015-05-20 18:13 - 00002058 _____ () C:\Windows\DPINST.LOG 2015-05-20 18:13 - 2015-05-20 18:13 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\G DATA INTERNET SECURITY 2015-05-20 18:13 - 2015-05-20 18:13 - 00000000 _____ () C:\Windows\setuperr.log 2015-05-20 18:12 - 2015-05-20 18:22 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy 2015-05-20 18:12 - 2015-05-20 18:13 - 00000000 ___DC () C:\Program Files (x86)\Spybot - Search & Destroy 2 2015-05-20 18:12 - 2015-05-20 18:12 - 00001403 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk 2015-05-20 18:12 - 2015-05-20 18:12 - 00001391 _____ () C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk 2015-05-20 18:12 - 2015-05-20 18:12 - 00000656 _____ () C:\Windows\Tasks\Check for updates (Spybot - Search & Destroy).job 2015-05-20 18:12 - 2015-05-20 18:12 - 00000628 _____ () C:\Windows\Tasks\Refresh immunization (Spybot - Search & Destroy).job 2015-05-20 18:12 - 2015-05-20 18:12 - 00000458 _____ () C:\Windows\Tasks\Scan the system (Spybot - Search & Destroy).job 2015-05-20 18:12 - 2015-05-20 18:12 - 00000000 ____D () C:\Users\User\AppData\Roaming\vgvfclnb 2015-05-20 18:12 - 2015-05-20 18:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2 2015-05-20 18:12 - 2013-09-20 10:49 - 00021040 _____ (Safer Networking Limited) C:\Windows\system32\sdnclean64.exe 2015-05-20 18:11 - 2015-05-20 18:11 - 46525608 _____ (Safer-Networking Ltd. ) C:\Users\User\Downloads\spybot-2.4.exe 2015-05-20 18:08 - 2015-05-20 18:08 - 00000000 ____D () C:\Users\User\AppData\Local\F-Secure 2015-05-20 18:06 - 2015-05-20 18:06 - 00000000 ____D () C:\Users\User\AppData\Roaming\bgbjwraa 2015-05-20 17:57 - 2015-05-20 17:57 - 00000000 ____D () C:\Users\User\AppData\Roaming\vwgfcsjd 2015-05-20 17:54 - 2015-05-20 17:54 - 00724952 _____ () C:\Users\User\Downloads\avenger.zip 2015-05-20 17:54 - 2015-05-20 17:54 - 00000000 ____D () C:\Users\User\Downloads\avenger 2015-05-20 17:51 - 2015-05-20 17:51 - 00857360 _____ () C:\Users\User\Downloads\yet_another_cleaner_sk_95778.exe 2015-05-20 17:48 - 2015-05-20 17:48 - 08014872 _____ (Symantec Corporation) C:\Users\User\Downloads\SymHelp.exe 2015-05-20 17:28 - 2015-05-20 17:28 - 00000000 ____D () C:\Users\User\AppData\Roaming\nlwxtmlm 2015-05-20 17:26 - 2015-05-20 17:26 - 00416576 _____ (Kaspersky Lab) C:\Users\User\Downloads\de-de.setup.exe 2015-05-20 17:24 - 2015-05-20 17:24 - 00000000 ____D () C:\Users\User\AppData\Roaming\kfvvpjij 2015-05-20 17:22 - 2015-05-22 15:44 - 00017933 _____ () C:\Users\User\Downloads\FRST.txt 2015-05-20 17:22 - 2015-05-20 17:22 - 02209792 _____ () C:\Users\User\Downloads\AdwCleaner.exe 2015-05-20 17:22 - 2015-05-20 17:22 - 02107904 _____ (Farbar) C:\Users\User\Downloads\FRST64 (1).exe 2015-05-20 17:22 - 2015-05-20 17:22 - 00025079 _____ () C:\Users\User\Downloads\Addition.txt 2015-05-20 17:18 - 2015-05-20 18:04 - 00000000 ___DC () C:\Program Files (x86)\Trojan Remover 2015-05-20 17:18 - 2015-05-20 17:18 - 35218576 _____ (Simply Super Software ) C:\Users\User\Downloads\trjsetup692.exe 2015-05-20 17:09 - 2015-05-20 18:16 - 00075776 _____ (G Data Software AG) C:\Windows\system32\Drivers\PktIcpt.sys 2015-05-20 17:09 - 2015-05-20 18:13 - 00230400 _____ (G Data Software AG) C:\Windows\system32\Drivers\MiniIcpt.sys 2015-05-20 17:09 - 2015-05-20 18:13 - 00150016 _____ (G Data Software AG) C:\Windows\system32\Drivers\GDBehave.sys 2015-05-20 17:09 - 2015-05-20 18:13 - 00124928 _____ (G Data Software AG) C:\Windows\system32\Drivers\HookCentre.sys 2015-05-20 17:09 - 2015-05-20 18:13 - 00064512 _____ (G Data Software AG) C:\Windows\system32\Drivers\gdwfpcd64.sys 2015-05-20 17:09 - 2015-05-20 18:13 - 00020992 _____ (G Data Software AG) C:\Windows\system32\Drivers\GDKBFlt64.sys 2015-05-20 17:09 - 2015-05-20 18:13 - 00001986 _____ () C:\Users\Public\Desktop\G DATA INTERNET SECURITY.lnk 2015-05-20 17:03 - 2015-05-20 17:03 - 00000000 ____D () C:\Users\User\AppData\Roaming\fxaucbjy 2015-05-20 17:02 - 2015-05-20 17:02 - 00000000 ____D () C:\Users\User\AppData\Roaming\hafygrko 2015-05-20 17:01 - 2015-05-20 17:01 - 00000000 ____D () C:\Users\User\AppData\Roaming\gfqbkjrv 2015-05-20 17:00 - 2015-05-20 17:00 - 00000830 _____ () C:\Users\Public\Desktop\CCleaner.lnk 2015-05-20 17:00 - 2015-05-20 17:00 - 00000000 ___DC () C:\Program Files\CCleaner 2015-05-20 17:00 - 2015-05-20 17:00 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner 2015-05-20 16:59 - 2015-05-20 17:00 - 06484352 _____ (Piriform Ltd) C:\Users\User\Downloads\ccsetup505.exe 2015-05-20 16:59 - 2015-05-20 17:00 - 06484352 _____ (Piriform Ltd) C:\Users\User\Downloads\ccsetup505 (1).exe 2015-05-20 16:52 - 2015-05-20 16:52 - 00000000 ____D () C:\Users\User\AppData\Roaming\vboljhly 2015-05-20 16:50 - 2015-05-20 16:50 - 21546080 _____ (Malwarebytes Corporation ) C:\Users\User\Downloads\mbam-setup- (1).exe 2015-05-20 16:45 - 2015-05-20 16:45 - 00000000 ____D () C:\Users\User\AppData\Roaming\fxnqncoe 2015-05-19 21:39 - 2015-05-19 21:39 - 00000000 ____D () C:\Users\User\AppData\Roaming\veejdwsv 2015-05-19 18:52 - 2015-05-19 18:52 - 00302011 _____ () C:\Users\User\Downloads\WindowsUpdateDiagnostic.diagcab 2015-05-19 17:30 - 2015-05-19 17:30 - 00001106 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore1d09248cdfb0833.job 2015-05-18 20:45 - 2015-05-18 20:45 - 00000000 ____D () C:\Users\User\AppData\Roaming\qrjdtxhu 2015-05-17 22:19 - 2015-05-17 22:19 - 00000000 ____D () C:\Users\User\AppData\Roaming\ymsqhkfr 2015-05-17 20:28 - 2015-05-17 20:28 - 00000000 ____D () C:\Users\User\Downloads\FTBInfinity 2015-05-17 20:27 - 2015-05-17 20:28 - 06628862 _____ () C:\Users\User\Downloads\FTB_Launcher.exe 2015-05-17 18:04 - 2015-05-17 18:04 - 00003560 ____N () C:\bootsqm.dat 2015-05-17 17:41 - 2015-05-17 17:41 - 00000000 ____D () C:\Users\User\AppData\Roaming\pzoaumiu 2015-05-17 17:27 - 2015-05-22 15:44 - 00000000 ____D () C:\FRST 2015-05-17 17:26 - 2015-05-17 17:27 - 02107392 _____ (Farbar) C:\Users\User\Downloads\FRST64.exe 2015-05-17 17:15 - 2015-05-17 17:15 - 00000000 ____D () C:\RegBackup 2015-05-17 17:14 - 2015-05-20 17:23 - 00000000 ____D () C:\AdwCleaner 2015-05-17 17:14 - 2015-05-20 17:12 - 00136408 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys 2015-05-17 17:14 - 2015-05-17 17:14 - 02719698 _____ (Thisisu) C:\Users\User\Downloads\JRT.exe 2015-05-17 17:14 - 2015-05-17 17:14 - 02209792 _____ () C:\Users\User\Downloads\AdwCleaner_4.204.exe 2015-05-17 17:13 - 2015-05-17 17:13 - 21546080 _____ (Malwarebytes Corporation ) C:\Users\User\Downloads\mbam-setup- 2015-05-17 17:13 - 2015-05-17 17:13 - 00001114 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk 2015-05-17 17:13 - 2015-05-17 17:13 - 00000000 ___DC () C:\Program Files (x86)\ Malwarebytes Anti-Malware 2015-05-17 17:13 - 2015-05-17 17:13 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 2015-05-17 17:13 - 2015-05-17 17:13 - 00000000 ____D () C:\ProgramData\Malwarebytes 2015-05-17 17:13 - 2015-04-14 09:37 - 00107736 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys 2015-05-17 17:13 - 2015-04-14 09:37 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys 2015-05-17 17:13 - 2015-04-14 09:37 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys 2015-05-17 17:00 - 2015-05-20 18:09 - 00000000 ____D () C:\ProgramData\F-Secure 2015-05-17 16:59 - 2015-05-17 16:59 - 05124208 _____ (F-Secure Corporation) C:\Users\User\Downloads\F-SecureOnlineScanner-HC.exe 2015-05-17 16:45 - 2015-05-17 16:45 - 00000000 ____D () C:\Users\User\AppData\Roaming\xzdcczjs 2015-05-17 16:38 - 2015-05-17 16:38 - 00000000 ____D () C:\Users\User\AppData\Roaming\sbvjdnnr 2015-05-17 16:37 - 2015-05-17 16:37 - 00000000 ____D () C:\Users\User\AppData\Roaming\wxmibqwu 2015-05-17 16:34 - 2015-05-17 16:34 - 00000000 ____D () C:\Users\User\AppData\Roaming\mfaxaecv 2015-05-17 16:33 - 2015-05-17 16:33 - 00000000 ____D () C:\Users\User\AppData\Roaming\hrrpjihd 2015-05-17 16:32 - 2015-05-17 16:32 - 00000000 ____D () C:\Users\User\AppData\Roaming\qihlzqlw 2015-05-17 16:28 - 2015-05-17 16:28 - 00000000 ____D () C:\Users\User\AppData\Roaming\yvgtcwhe 2015-05-17 16:25 - 2015-05-17 16:25 - 00000000 ____D () C:\Users\User\Downloads\runtime 2015-05-17 16:25 - 2015-05-17 16:25 - 00000000 ____D () C:\Users\User\Downloads\game 2015-05-17 16:24 - 2015-05-17 16:25 - 01294088 _____ (Mojang) C:\Users\User\Downloads\Minecraft.exe 2015-05-17 16:23 - 2015-05-17 16:23 - 00000000 ____D () C:\Users\User\AppData\Roaming\kgvvegxe 2015-05-17 16:20 - 2015-05-17 16:20 - 00000000 ____D () C:\Users\User\AppData\Roaming\ykqhlzpd 2015-05-17 16:12 - 2015-05-17 16:12 - 00000000 ____D () C:\Users\User\AppData\Roaming\waoyhalp 2015-05-17 16:09 - 2015-05-17 16:09 - 00000000 ____D () C:\Users\User\AppData\Roaming\vjadbjlv 2015-05-17 16:04 - 2015-05-17 16:04 - 00000000 ____D () C:\Users\User\AppData\Roaming\lsxaappu 2015-05-17 16:04 - 2015-05-17 16:04 - 00000000 ____D () C:\Users\User\AppData\Roaming\isxbtano 2015-05-17 16:03 - 2015-05-17 16:03 - 00000036 _____ () C:\Users\User\AppData\Local\housecall.guid.cache 2015-05-17 16:00 - 2015-05-17 16:00 - 00184192 _____ () C:\Users\User\Downloads\qsinstaller.exe 2015-05-17 16:00 - 2015-05-17 16:00 - 00000000 ____D () C:\Users\User\AppData\Roaming\QuickScan 2015-05-17 15:59 - 2015-05-17 15:59 - 00000000 ____D () C:\Users\User\AppData\Roaming\Canneverbe Limited 2015-05-17 15:59 - 2015-05-17 15:59 - 00000000 ____D () C:\ProgramData\Canneverbe Limited 2015-05-17 15:58 - 2015-05-17 15:58 - 00000000 ____D () C:\Users\User\AppData\Roaming\jwldojxd 2015-05-17 15:54 - 2015-05-17 15:54 - 00000000 ____D () C:\Users\User\AppData\Roaming\cwyythjl 2015-05-17 15:50 - 2015-05-17 15:50 - 00000000 ____D () C:\Users\User\AppData\Roaming\raizpxwv 2015-05-17 15:48 - 2015-05-17 15:48 - 00000000 ____D () C:\Users\User\AppData\Roaming\sknpjhqy 2015-05-17 15:45 - 2015-05-17 15:45 - 00000000 ____D () C:\Users\User\AppData\Local\G DATA 2015-05-17 14:34 - 2015-05-17 14:34 - 00000000 ____D () C:\Users\User\AppData\Roaming\ktdzquzr 2015-05-17 14:32 - 2015-05-17 14:32 - 00000000 ____D () C:\Users\User\AppData\Roaming\ujirjqkq 2015-05-17 14:29 - 2015-05-17 14:29 - 00000000 ____D () C:\Users\User\AppData\Roaming\ykyulezc 2015-05-17 14:15 - 2015-05-17 14:15 - 00000000 ____D () C:\Users\User\AppData\Roaming\vrlcnyak 2015-05-17 14:04 - 2015-05-17 14:04 - 00000000 ____D () C:\Users\User\AppData\Roaming\siihppce 2015-05-16 23:25 - 2015-05-16 23:25 - 00000000 ____D () C:\Users\User\AppData\Roaming\iolhesvv 2015-05-16 20:39 - 2015-05-16 20:39 - 00000000 ____D () C:\Users\User\AppData\Roaming\Unity 2015-05-16 20:24 - 2015-05-16 20:24 - 00000000 ____D () C:\Users\User\AppData\Local\Unity 2015-05-16 19:50 - 2015-05-16 19:50 - 00000000 ____D () C:\Users\User\AppData\Roaming\dbipmczp 2015-05-16 19:28 - 2015-05-16 19:28 - 00002780 _____ () C:\Users\User\AppData\Local\recently-used.xbel 2015-05-16 18:12 - 2015-05-16 18:12 - 00001174 _____ () C:\Users\Public\Desktop\TeamSpeak 3 Client.lnk 2015-05-16 18:12 - 2015-05-16 18:12 - 00000000 ___DC () C:\Program Files (x86)\TeamSpeak 3 Client 2015-05-16 18:12 - 2015-05-16 18:12 - 00000000 ____D () C:\Users\User\AppData\Roaming\fvfovmwq 2015-05-16 18:12 - 2015-05-16 18:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamSpeak 3 Client 2015-05-16 18:11 - 2015-05-21 21:32 - 00002183 _____ () C:\Users\Public\Desktop\Google Chrome.lnk 2015-05-16 18:11 - 2015-05-20 16:39 - 00001106 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2015-05-16 18:11 - 2015-05-17 17:16 - 00001106 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2015-05-16 18:11 - 2015-05-16 18:11 - 00004102 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA 2015-05-16 18:11 - 2015-05-16 18:11 - 00003850 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore 2015-05-16 18:11 - 2015-05-16 18:11 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome 2015-05-16 18:08 - 2015-05-16 18:08 - 00000000 ____D () C:\Windows\system32\appmgmt 2015-05-16 17:55 - 2015-05-16 17:55 - 00000000 ____D () C:\Users\User\AppData\Roaming\cjlsfjwp 2015-05-16 17:53 - 2015-05-16 17:53 - 00000000 ____D () C:\Users\User\AppData\Roaming\eipcjgms 2015-05-16 17:48 - 2015-05-16 17:48 - 00000000 ____D () C:\Users\User\AppData\Roaming\ioiarlhl 2015-05-16 17:18 - 2015-05-17 16:09 - 00000000 ____D () C:\Users\User\.gimp-2.8 2015-05-16 17:18 - 2015-05-16 17:18 - 00000000 ____D () C:\Users\User\AppData\Roaming\trfroouk 2015-05-16 17:18 - 2015-05-16 17:18 - 00000000 ____D () C:\Users\User\AppData\Local\gegl-0.2 2015-05-16 17:17 - 2015-05-16 17:17 - 00000644 _____ () C:\Users\Public\Desktop\GIMP 2.lnk 2015-05-16 17:17 - 2015-05-16 17:17 - 00000644 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GIMP 2.lnk 2015-05-16 17:03 - 2015-05-16 17:03 - 00000000 ____D () C:\Users\User\AppData\Roaming\zlnvcsbn 2015-05-16 17:02 - 2015-05-16 17:05 - 00000000 ___DC () C:\Program Files\WebBar 2015-05-16 17:01 - 2015-05-16 17:01 - 00003088 _____ () C:\Windows\System32\Tasks\iren3006 2015-05-16 16:58 - 2015-05-16 16:58 - 00000000 ____D () C:\Users\User\AppData\Roaming\TechSmith 2015-05-16 16:58 - 2015-05-16 16:58 - 00000000 ____D () C:\Users\User\AppData\Local\TechSmith 2015-05-16 15:35 - 2015-05-20 16:39 - 00000000 ____D () C:\Users\User\AppData\Roaming\OBS 2015-05-16 15:34 - 2015-05-16 15:34 - 00000947 _____ () C:\Users\User\Desktop\Open Broadcaster Software.lnk 2015-05-16 15:34 - 2015-05-16 15:34 - 00000000 ___DC () C:\Program Files\OBS 2015-05-16 15:34 - 2015-05-16 15:34 - 00000000 ___DC () C:\Program Files (x86)\OBS 2015-05-16 15:34 - 2015-05-16 15:34 - 00000000 ____D () C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Open Broadcaster Software 2015-05-13 14:24 - 2015-05-13 14:24 - 00124112 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll 2015-05-13 14:24 - 2015-05-13 14:24 - 00102608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll 2015-05-13 12:51 - 2015-05-13 14:26 - 24971776 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2015-05-13 12:51 - 2015-05-13 14:26 - 19691008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2015-05-13 12:51 - 2015-05-13 14:26 - 14401536 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2015-05-13 12:51 - 2015-05-13 14:26 - 12828672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2015-05-13 12:51 - 2015-05-13 14:26 - 06025728 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2015-05-13 12:51 - 2015-05-13 14:26 - 04305920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2015-05-13 12:51 - 2015-05-13 14:26 - 02885120 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2015-05-13 12:51 - 2015-05-13 14:26 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb 2015-05-13 12:51 - 2015-05-13 14:26 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2015-05-13 12:51 - 2015-05-13 14:26 - 02352128 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2015-05-13 12:51 - 2015-05-13 14:26 - 02278400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2015-05-13 12:51 - 2015-05-13 14:26 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl 2015-05-13 12:51 - 2015-05-13 14:26 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl 2015-05-13 12:51 - 2015-05-13 14:26 - 01882112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2015-05-13 12:51 - 2015-05-13 14:26 - 01547264 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2015-05-13 12:51 - 2015-05-13 14:26 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll 2015-05-13 12:51 - 2015-05-13 14:26 - 01310208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2015-05-13 12:51 - 2015-05-13 14:26 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll 2015-05-13 12:51 - 2015-05-13 14:26 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe 2015-05-13 12:51 - 2015-05-13 14:26 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll 2015-05-13 12:51 - 2015-05-13 14:26 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll 2015-05-13 12:51 - 2015-05-13 14:26 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2015-05-13 12:51 - 2015-05-13 14:26 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll 2015-05-13 12:51 - 2015-05-13 14:26 - 00720384 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe 2015-05-13 12:51 - 2015-05-13 14:26 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll 2015-05-13 12:51 - 2015-05-13 14:26 - 00688640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll 2015-05-13 12:51 - 2015-05-13 14:26 - 00664576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll 2015-05-13 12:51 - 2015-05-13 14:26 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll 2015-05-13 12:51 - 2015-05-13 14:26 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll 2015-05-13 12:51 - 2015-05-13 14:26 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll 2015-05-13 12:51 - 2015-05-13 14:26 - 00504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll 2015-05-13 12:51 - 2015-05-13 14:26 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll 2015-05-13 12:51 - 2015-05-13 14:26 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll 2015-05-13 12:51 - 2015-05-13 14:26 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll 2015-05-13 12:51 - 2015-05-13 14:26 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec 2015-05-13 12:51 - 2015-05-13 14:26 - 00389840 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll 2015-05-13 12:51 - 2015-05-13 14:26 - 00342736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll 2015-05-13 12:51 - 2015-05-13 14:26 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec 2015-05-13 12:51 - 2015-05-13 14:26 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll 2015-05-13 12:51 - 2015-05-13 14:26 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll 2015-05-13 12:51 - 2015-05-13 14:26 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll 2015-05-13 12:51 - 2015-05-13 14:26 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll 2015-05-13 12:51 - 2015-05-13 14:26 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe 2015-05-13 12:51 - 2015-05-13 14:26 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe 2015-05-13 12:51 - 2015-05-13 14:26 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe 2015-05-13 12:51 - 2015-05-13 14:26 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll 2015-05-13 12:51 - 2015-05-13 14:26 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll 2015-05-13 12:51 - 2015-05-13 14:26 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll 2015-05-13 12:51 - 2015-05-13 14:26 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll 2015-05-13 12:51 - 2015-05-13 14:26 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll 2015-05-13 12:51 - 2015-05-13 14:26 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll 2015-05-13 12:51 - 2015-05-13 14:26 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll 2015-05-13 12:51 - 2015-05-13 14:26 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll 2015-05-13 12:51 - 2015-05-13 14:26 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll 2015-05-13 12:51 - 2015-05-13 14:26 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll 2015-05-13 12:51 - 2015-05-13 14:26 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll 2015-05-13 12:51 - 2015-05-13 14:26 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll 2015-05-13 12:51 - 2015-05-13 14:26 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll 2015-05-13 12:51 - 2015-05-13 14:26 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll 2015-05-13 12:51 - 2015-05-13 14:26 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll 2015-05-13 12:46 - 2015-05-13 16:17 - 00142336 _____ (Microsoft Corporation) C:\Windows\system32\poqexec.exe 2015-05-13 12:46 - 2015-05-13 16:17 - 00123904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\poqexec.exe 2015-05-13 12:46 - 2015-05-13 14:26 - 03204608 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys 2015-05-13 12:46 - 2015-05-13 14:26 - 01647104 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll 2015-05-13 12:46 - 2015-05-13 14:26 - 01250816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll 2015-05-13 12:46 - 2015-05-13 14:26 - 01179136 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll 2015-05-13 12:46 - 2015-05-13 14:26 - 00328704 _____ (Microsoft Corporation) C:\Windows\system32\services.exe 2015-05-13 12:46 - 2015-05-13 14:26 - 00275456 _____ (Microsoft Corporation) C:\Windows\system32\InkEd.dll 2015-05-13 12:46 - 2015-05-13 14:26 - 00216064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\InkEd.dll 2015-05-13 12:46 - 2015-05-13 14:25 - 02543104 _____ (Microsoft Corporation) C:\Windows\system32\wpdshext.dll 2015-05-13 12:46 - 2015-05-13 14:25 - 02311168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wpdshext.dll 2015-05-13 12:46 - 2015-04-08 05:29 - 00024576 ____C (Microsoft Corporation) C:\Windows\system32\jnwmon.dll 2015-05-13 12:43 - 2015-05-13 14:24 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\apphelp.dll 2015-05-13 12:43 - 2015-05-13 14:24 - 00295936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apphelp.dll 2015-05-13 12:43 - 2015-05-13 14:24 - 00072192 _____ (Microsoft Corporation) C:\Windows\system32\aelupsvc.dll 2015-05-13 12:43 - 2015-05-13 14:24 - 00023552 _____ (Microsoft Corporation) C:\Windows\system32\sdbinst.exe 2015-05-13 12:43 - 2015-05-13 14:24 - 00020992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sdbinst.exe 2015-05-13 12:43 - 2015-05-13 14:24 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\shimeng.dll 2015-05-13 12:43 - 2015-05-13 14:24 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shimeng.dll 2015-05-10 20:32 - 2015-05-10 20:32 - 00000000 ____D () C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\THAUMCRAFT RESEARCH HELPER 2015-05-10 20:31 - 2015-05-14 12:45 - 00000000 ____D () C:\Users\User\AppData\Local\Deployment 2015-05-10 20:31 - 2015-05-10 20:31 - 00000000 ____D () C:\Users\User\AppData\Local\Apps\2.0 2015-05-09 21:24 - 2015-05-09 21:24 - 00000000 ____D () C:\Users\User\AppData\Roaming\Macromedia 2015-05-09 21:24 - 2015-05-09 21:24 - 00000000 ____D () C:\Users\User\AppData\Roaming\LolClient 2015-05-07 21:37 - 2015-05-07 21:37 - 00000000 ___DC () C:\Program Files (x86)\Microsoft ASP.NET 2015-05-07 16:45 - 2015-04-08 22:32 - 00560968 ____C (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe 2015-05-07 16:44 - 2015-04-09 02:58 - 31570064 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll 2015-05-07 16:44 - 2015-04-09 02:58 - 30397072 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll 2015-05-07 16:44 - 2015-04-09 02:58 - 25375048 ____C (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll 2015-05-07 16:44 - 2015-04-09 02:58 - 24053576 ____C (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll 2015-05-07 16:44 - 2015-04-09 02:58 - 15716232 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll 2015-05-07 16:44 - 2015-04-09 02:58 - 14617288 ____C (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll 2015-05-07 16:44 - 2015-04-09 02:58 - 14006752 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll 2015-05-07 16:44 - 2015-04-09 02:58 - 12852784 ____C (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll 2015-05-07 16:44 - 2015-04-09 02:58 - 11380728 ____C (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll 2015-05-07 16:44 - 2015-04-09 02:58 - 10423952 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys 2015-05-07 16:44 - 2015-04-09 02:58 - 02935416 ____C (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll 2015-05-07 16:44 - 2015-04-09 02:58 - 02896528 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll 2015-05-07 16:44 - 2015-04-09 02:58 - 02573456 ____C (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll 2015-05-07 16:44 - 2015-04-09 02:58 - 01895568 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6435012.dll 2015-05-07 16:44 - 2015-04-09 02:58 - 01557648 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6435012.dll 2015-05-07 16:44 - 2015-04-09 02:58 - 01540240 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdagenco6420103.dll 2015-05-07 16:44 - 2015-04-09 02:58 - 01086424 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshimx.dll 2015-05-07 16:44 - 2015-04-09 02:58 - 01047368 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll 2015-05-07 16:44 - 2015-04-09 02:58 - 01037640 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll 2015-05-07 16:44 - 2015-04-09 02:58 - 00970568 ____C (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll 2015-05-07 16:44 - 2015-04-09 02:58 - 00962192 ____C (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll 2015-05-07 16:44 - 2015-04-09 02:58 - 00927440 ____C (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll 2015-05-07 16:44 - 2015-04-09 02:58 - 00499344 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll 2015-05-07 16:44 - 2015-04-09 02:58 - 00402576 ____C (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll 2015-05-07 16:44 - 2015-04-09 02:58 - 00390472 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFROpenGL.dll 2015-05-07 16:44 - 2015-04-09 02:58 - 00346256 ____C (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFROpenGL.dll 2015-05-07 16:44 - 2015-04-09 02:58 - 00195728 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvhda64v.sys 2015-05-07 16:44 - 2015-04-09 02:58 - 00175880 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll 2015-05-07 16:44 - 2015-04-09 02:58 - 00154256 ____C (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll 2015-05-07 16:44 - 2015-04-09 02:58 - 00150648 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll 2015-05-07 16:44 - 2015-04-09 02:58 - 00128512 ____C (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll 2015-05-07 16:44 - 2015-04-09 02:58 - 00030536 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdap64.dll 2015-05-07 16:41 - 2015-05-07 16:41 - 00000000 ____D () C:\Users\User\AppData\Roaming\.mono 2015-05-07 16:41 - 2015-05-07 16:41 - 00000000 ____D () C:\Users\User\AppData\Local\Colossal Order 2015-05-07 16:41 - 2015-05-07 16:41 - 00000000 ____D () C:\ProgramData\.mono 2015-05-06 22:52 - 2015-05-22 13:47 - 00000080 _____ () C:\Users\User\AppData\Local剜捯獫慴慇敭屳呇⁁屖湥楴汴浥湥湩潦 2015-05-06 22:52 - 2015-05-17 14:26 - 00000000 ___DC () C:\Program Files\Rockstar Games 2015-05-06 22:52 - 2015-05-17 14:26 - 00000000 ___DC () C:\Program Files (x86)\Rockstar Games 2015-05-06 22:52 - 2015-05-06 22:52 - 00000000 ____D () C:\Users\User\Documents\Rockstar Games 2015-05-06 22:52 - 2015-05-06 22:52 - 00000000 ____D () C:\Users\User\AppData\Local\Rockstar Games 2015-05-06 22:49 - 2015-05-06 22:49 - 00000568 _____ () C:\Users\Public\Desktop\Grand Theft Auto V.lnk 2015-05-06 22:49 - 2015-05-06 22:49 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Rockstar Games 2015-05-06 19:21 - 2015-05-16 16:16 - 00000000 ____D () C:\Users\User\Documents\My Games 2015-05-06 19:21 - 2010-06-02 04:55 - 00527192 ____C (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_7.dll 2015-05-06 19:21 - 2010-06-02 04:55 - 00518488 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_7.dll 2015-05-06 19:21 - 2010-06-02 04:55 - 00239960 ____C (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_7.dll 2015-05-06 19:21 - 2010-06-02 04:55 - 00176984 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_7.dll 2015-05-06 19:21 - 2010-06-02 04:55 - 00077656 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_5.dll 2015-05-06 19:21 - 2010-06-02 04:55 - 00074072 ____C (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_5.dll 2015-05-06 19:21 - 2010-05-26 11:41 - 02526056 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_43.dll 2015-05-06 19:21 - 2010-05-26 11:41 - 02106216 ____C (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_43.dll 2015-05-06 19:21 - 2010-05-26 11:41 - 01907552 _____ (Microsoft Corporation) C:\Windows\system32\d3dcsx_43.dll 2015-05-06 19:21 - 2010-05-26 11:41 - 01868128 ____C (Microsoft Corporation) C:\Windows\SysWOW64\d3dcsx_43.dll 2015-05-06 19:21 - 2010-02-04 10:01 - 00530776 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_6.dll 2015-05-06 19:21 - 2010-02-04 10:01 - 00528216 ____C (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_6.dll 2015-05-06 19:21 - 2010-02-04 10:01 - 00238936 ____C (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_6.dll 2015-05-06 19:21 - 2010-02-04 10:01 - 00176984 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_6.dll 2015-05-06 19:21 - 2010-02-04 10:01 - 00078680 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_4.dll 2015-05-06 19:21 - 2010-02-04 10:01 - 00074072 ____C (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_4.dll 2015-05-06 19:21 - 2010-02-04 10:01 - 00024920 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_7.dll 2015-05-06 19:21 - 2010-02-04 10:01 - 00022360 ____C (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_7.dll 2015-05-06 19:21 - 2009-09-04 17:44 - 00517960 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_5.dll 2015-05-06 19:21 - 2009-09-04 17:44 - 00515416 ____C (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_5.dll 2015-05-06 19:21 - 2009-09-04 17:44 - 00238936 ____C (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_5.dll 2015-05-06 19:21 - 2009-09-04 17:44 - 00176968 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_5.dll 2015-05-06 19:21 - 2009-09-04 17:44 - 00073544 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_3.dll 2015-05-06 19:21 - 2009-09-04 17:44 - 00069464 ____C (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_3.dll 2015-05-06 19:21 - 2009-09-04 17:29 - 05554512 _____ (Microsoft Corporation) C:\Windows\system32\d3dcsx_42.dll 2015-05-06 19:21 - 2009-09-04 17:29 - 05501792 ____C (Microsoft Corporation) C:\Windows\SysWOW64\d3dcsx_42.dll 2015-05-06 19:21 - 2009-09-04 17:29 - 02582888 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_42.dll 2015-05-06 19:21 - 2009-09-04 17:29 - 02475352 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_42.dll 2015-05-06 19:21 - 2009-09-04 17:29 - 01974616 ____C (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_42.dll 2015-05-06 19:21 - 2009-09-04 17:29 - 01892184 ____C (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_42.dll 2015-05-06 19:21 - 2009-09-04 17:29 - 00523088 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_42.dll 2015-05-06 19:21 - 2009-09-04 17:29 - 00453456 ____C (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_42.dll 2015-05-06 19:21 - 2009-09-04 17:29 - 00285024 _____ (Microsoft Corporation) C:\Windows\system32\d3dx11_42.dll 2015-05-06 19:21 - 2009-09-04 17:29 - 00235344 ____C (Microsoft Corporation) C:\Windows\SysWOW64\d3dx11_42.dll 2015-05-06 19:21 - 2009-03-16 14:18 - 00521560 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_4.dll 2015-05-06 19:21 - 2009-03-16 14:18 - 00517448 ____C (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_4.dll 2015-05-06 19:21 - 2009-03-16 14:18 - 00235352 ____C (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_4.dll 2015-05-06 19:21 - 2009-03-16 14:18 - 00174936 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_4.dll 2015-05-06 19:21 - 2009-03-16 14:18 - 00024920 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_6.dll 2015-05-06 19:21 - 2009-03-16 14:18 - 00022360 ____C (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_6.dll 2015-05-06 19:21 - 2009-03-09 15:27 - 05425496 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_41.dll 2015-05-06 19:21 - 2009-03-09 15:27 - 04178264 ____C (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_41.dll 2015-05-06 19:21 - 2009-03-09 15:27 - 02430312 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_41.dll 2015-05-06 19:21 - 2009-03-09 15:27 - 01846632 ____C (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_41.dll 2015-05-06 19:21 - 2009-03-09 15:27 - 00520544 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_41.dll 2015-05-06 19:21 - 2009-03-09 15:27 - 00453456 ____C (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_41.dll 2015-05-06 19:21 - 2008-10-27 10:04 - 00518480 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_3.dll 2015-05-06 19:21 - 2008-10-27 10:04 - 00514384 ____C (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_3.dll 2015-05-06 19:21 - 2008-10-27 10:04 - 00235856 ____C (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_3.dll 2015-05-06 19:21 - 2008-10-27 10:04 - 00175440 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_3.dll 2015-05-06 19:21 - 2008-10-27 10:04 - 00074576 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_2.dll 2015-05-06 19:21 - 2008-10-27 10:04 - 00070992 ____C (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_2.dll 2015-05-06 19:21 - 2008-10-27 10:04 - 00025936 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_5.dll 2015-05-06 19:21 - 2008-10-27 10:04 - 00023376 ____C (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_5.dll 2015-05-06 19:21 - 2008-10-15 06:22 - 05631312 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_40.dll 2015-05-06 19:21 - 2008-10-15 06:22 - 04379984 ____C (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_40.dll 2015-05-06 19:21 - 2008-10-15 06:22 - 02605920 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_40.dll 2015-05-06 19:21 - 2008-10-15 06:22 - 02036576 ____C (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_40.dll 2015-05-06 19:21 - 2008-10-15 06:22 - 00519000 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_40.dll 2015-05-06 19:21 - 2008-10-15 06:22 - 00452440 ____C (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_40.dll 2015-05-06 19:21 - 2008-07-31 10:41 - 00238088 ____C (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_2.dll 2015-05-06 19:21 - 2008-07-31 10:41 - 00177672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_2.dll 2015-05-06 19:21 - 2008-07-31 10:41 - 00072200 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_1.dll 2015-05-06 19:21 - 2008-07-31 10:40 - 00513544 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_2.dll 2015-05-06 19:21 - 2008-07-10 11:00 - 04992520 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_39.dll 2015-05-06 19:21 - 2008-07-10 11:00 - 01942552 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_39.dll 2015-05-06 19:21 - 2008-07-10 11:00 - 00540688 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_39.dll 2015-05-06 19:21 - 2008-05-30 14:19 - 00511496 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_1.dll 2015-05-06 19:21 - 2008-05-30 14:19 - 00507400 ____C (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_1.dll 2015-05-06 19:21 - 2008-05-30 14:18 - 00238088 ____C (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_1.dll 2015-05-06 19:21 - 2008-05-30 14:18 - 00177672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_1.dll 2015-05-06 19:21 - 2008-05-30 14:17 - 00068104 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_0.dll 2015-05-06 19:21 - 2008-05-30 14:17 - 00065032 ____C (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_0.dll 2015-05-06 19:21 - 2008-05-30 14:17 - 00025608 ____C (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_4.dll 2015-05-06 19:21 - 2008-05-30 14:16 - 00028168 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_4.dll 2015-05-06 19:21 - 2008-05-30 14:11 - 04991496 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_38.dll 2015-05-06 19:21 - 2008-05-30 14:11 - 03850760 ____C (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_38.dll 2015-05-06 19:21 - 2008-05-30 14:11 - 01941528 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_38.dll 2015-05-06 19:21 - 2008-05-30 14:11 - 01491992 ____C (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_38.dll 2015-05-06 19:21 - 2008-05-30 14:11 - 00540688 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_38.dll 2015-05-06 19:21 - 2008-05-30 14:11 - 00467984 ____C (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_38.dll 2015-05-06 19:21 - 2008-03-05 16:04 - 00489480 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_0.dll 2015-05-06 19:21 - 2008-03-05 16:03 - 00479752 ____C (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_0.dll 2015-05-06 19:21 - 2008-03-05 16:03 - 00238088 ____C (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_0.dll 2015-05-06 19:21 - 2008-03-05 16:03 - 00177672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_0.dll 2015-05-06 19:21 - 2008-03-05 16:00 - 00028168 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_3.dll 2015-05-06 19:21 - 2008-03-05 16:00 - 00025608 ____C (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_3.dll 2015-05-06 19:21 - 2008-03-05 15:56 - 04910088 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_37.dll 2015-05-06 19:21 - 2008-03-05 15:56 - 03786760 ____C (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_37.dll 2015-05-06 19:21 - 2008-03-05 15:56 - 01860120 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_37.dll 2015-05-06 19:21 - 2008-03-05 15:56 - 01420824 ____C (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_37.dll 2015-05-06 19:21 - 2008-02-05 23:07 - 00529424 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_37.dll 2015-05-06 19:21 - 2008-02-05 23:07 - 00462864 ____C (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_37.dll 2015-05-06 19:21 - 2007-10-22 03:40 - 00411656 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_10.dll 2015-05-06 19:21 - 2007-10-22 03:39 - 00267272 ____C (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_10.dll 2015-05-06 19:21 - 2007-10-22 03:37 - 00021000 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_2.dll 2015-05-06 19:21 - 2007-10-22 03:37 - 00017928 ____C (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_2.dll 2015-05-06 19:21 - 2007-10-12 15:14 - 05081608 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_36.dll 2015-05-06 19:21 - 2007-10-12 15:14 - 03734536 ____C (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_36.dll 2015-05-06 19:21 - 2007-10-12 15:14 - 02006552 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_36.dll 2015-05-06 19:21 - 2007-10-12 15:14 - 01374232 ____C (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_36.dll 2015-05-06 19:21 - 2007-10-02 09:56 - 00508264 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_36.dll 2015-05-06 19:21 - 2007-10-02 09:56 - 00444776 ____C (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_36.dll 2015-05-06 19:21 - 2007-07-20 00:57 - 00411496 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_9.dll 2015-05-06 19:21 - 2007-07-20 00:57 - 00267112 ____C (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_9.dll 2015-05-06 19:21 - 2007-07-19 18:14 - 05073256 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_35.dll 2015-05-06 19:21 - 2007-07-19 18:14 - 03727720 ____C (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_35.dll 2015-05-06 19:21 - 2007-07-19 18:14 - 01985904 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_35.dll 2015-05-06 19:21 - 2007-07-19 18:14 - 01358192 ____C (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_35.dll 2015-05-06 19:21 - 2007-07-19 18:14 - 00508264 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_35.dll 2015-05-06 19:21 - 2007-07-19 18:14 - 00444776 ____C (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_35.dll 2015-05-06 19:21 - 2007-06-20 20:49 - 00409960 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_8.dll 2015-05-06 19:21 - 2007-06-20 20:46 - 00266088 ____C (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_8.dll 2015-05-06 19:21 - 2007-05-16 16:45 - 04496232 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_34.dll 2015-05-06 19:21 - 2007-05-16 16:45 - 03497832 ____C (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_34.dll 2015-05-06 19:21 - 2007-05-16 16:45 - 01401200 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_34.dll 2015-05-06 19:21 - 2007-05-16 16:45 - 01124720 ____C (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_34.dll 2015-05-06 19:21 - 2007-05-16 16:45 - 00506728 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_34.dll 2015-05-06 19:21 - 2007-05-16 16:45 - 00443752 ____C (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_34.dll 2015-05-06 19:21 - 2007-04-04 18:55 - 00403304 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_7.dll 2015-05-06 19:21 - 2007-04-04 18:55 - 00261480 ____C (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_7.dll 2015-05-06 19:21 - 2007-04-04 18:54 - 00107368 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_3.dll 2015-05-06 19:21 - 2007-04-04 18:53 - 00081768 ____C (Microsoft Corporation) C:\Windows\SysWOW64\xinput1_3.dll 2015-05-06 19:21 - 2007-03-15 16:57 - 00506728 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_33.dll 2015-05-06 19:21 - 2007-03-15 16:57 - 00443752 ____C (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_33.dll 2015-05-06 19:21 - 2007-03-12 16:42 - 04494184 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_33.dll 2015-05-06 19:21 - 2007-03-12 16:42 - 03495784 ____C (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_33.dll 2015-05-06 19:21 - 2007-03-12 16:42 - 01400176 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_33.dll 2015-05-06 19:21 - 2007-03-12 16:42 - 01123696 ____C (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_33.dll 2015-05-06 19:21 - 2007-03-05 12:42 - 00017688 _____ (Microsoft Corporation) C:\Windows\system32\x3daudio1_1.dll 2015-05-06 19:21 - 2007-03-05 12:42 - 00015128 ____C (Microsoft Corporation) C:\Windows\SysWOW64\x3daudio1_1.dll 2015-05-06 19:21 - 2007-01-24 15:27 - 00393576 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_6.dll 2015-05-06 19:21 - 2007-01-24 15:27 - 00255848 ____C (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_6.dll 2015-05-06 19:21 - 2006-12-08 12:02 - 00251672 ____C (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_5.dll 2015-05-06 19:21 - 2006-12-08 12:00 - 00390424 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_5.dll 2015-05-06 19:21 - 2006-11-29 13:06 - 04398360 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_32.dll 2015-05-06 19:21 - 2006-11-29 13:06 - 03426072 ____C (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_32.dll 2015-05-06 19:21 - 2006-11-29 13:06 - 00469264 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10.dll 2015-05-06 19:21 - 2006-11-29 13:06 - 00440080 ____C (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10.dll 2015-05-06 19:21 - 2006-09-28 16:05 - 03977496 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_31.dll 2015-05-06 19:21 - 2006-09-28 16:05 - 02414360 ____C (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_31.dll 2015-05-06 19:21 - 2006-09-28 16:05 - 00237848 ____C (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_4.dll 2015-05-06 19:21 - 2006-09-28 16:04 - 00364824 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_4.dll 2015-05-06 19:21 - 2006-07-28 09:31 - 00083736 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_2.dll 2015-05-06 19:21 - 2006-07-28 09:30 - 00363288 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_3.dll 2015-05-06 19:21 - 2006-07-28 09:30 - 00236824 ____C (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_3.dll 2015-05-06 19:21 - 2006-07-28 09:30 - 00062744 ____C (Microsoft Corporation) C:\Windows\SysWOW64\xinput1_2.dll 2015-05-06 19:21 - 2006-05-31 07:24 - 00230168 ____C (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_2.dll 2015-05-06 19:21 - 2006-05-31 07:22 - 00354072 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_2.dll 2015-05-06 19:21 - 2006-03-31 12:41 - 03927248 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_30.dll 2015-05-06 19:21 - 2006-03-31 12:40 - 02388176 ____C (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_30.dll 2015-05-06 19:21 - 2006-03-31 12:40 - 00352464 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_1.dll 2015-05-06 19:21 - 2006-03-31 12:39 - 00229584 ____C (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_1.dll 2015-05-06 19:21 - 2006-03-31 12:39 - 00083664 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_1.dll 2015-05-06 19:21 - 2006-03-31 12:39 - 00062672 ____C (Microsoft Corporation) C:\Windows\SysWOW64\xinput1_1.dll 2015-05-06 19:21 - 2006-02-03 08:43 - 03830992 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_29.dll 2015-05-06 19:21 - 2006-02-03 08:43 - 02332368 ____C (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_29.dll 2015-05-06 19:21 - 2006-02-03 08:42 - 00355536 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_0.dll 2015-05-06 19:21 - 2006-02-03 08:42 - 00230096 ____C (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_0.dll 2015-05-06 19:21 - 2006-02-03 08:41 - 00016592 _____ (Microsoft Corporation) C:\Windows\system32\x3daudio1_0.dll 2015-05-06 19:21 - 2006-02-03 08:41 - 00014032 ____C (Microsoft Corporation) C:\Windows\SysWOW64\x3daudio1_0.dll 2015-05-06 19:21 - 2005-12-05 18:09 - 03815120 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_28.dll 2015-05-06 19:21 - 2005-12-05 18:09 - 02323664 ____C (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_28.dll 2015-05-06 19:21 - 2005-07-22 19:59 - 03807440 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_27.dll 2015-05-06 19:21 - 2005-07-22 19:59 - 02319568 ____C (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_27.dll 2015-05-06 19:21 - 2005-05-26 15:34 - 03767504 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_26.dll 2015-05-06 19:21 - 2005-05-26 15:34 - 02297552 ____C (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_26.dll 2015-05-06 19:21 - 2005-03-18 17:19 - 03823312 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_25.dll 2015-05-06 19:21 - 2005-03-18 17:19 - 02337488 ____C (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_25.dll 2015-05-06 19:21 - 2005-02-05 19:45 - 03544272 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_24.dll 2015-05-06 19:21 - 2005-02-05 19:45 - 02222800 ____C (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_24.dll 2015-05-06 18:48 - 2015-05-13 12:40 - 00000000 ____D () C:\Users\User\AppData\Local\ftblauncher 2015-05-06 18:48 - 2015-05-06 18:48 - 00110688 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll 2015-05-06 18:48 - 2015-05-06 18:48 - 00000000 ___DC () C:\Program Files\Java 2015-05-06 18:48 - 2015-05-06 18:48 - 00000000 ____D () C:\Users\User\AppData\Roaming\ftblauncher 2015-05-06 18:48 - 2015-05-06 18:48 - 00000000 ____D () C:\ProgramData\Sun 2015-05-06 18:48 - 2015-05-06 18:48 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java 2015-05-06 18:47 - 2015-05-06 18:47 - 00000000 ____D () C:\ProgramData\Oracle 2015-05-06 18:40 - 2015-05-06 18:40 - 00000000 ____D () C:\ProgramData\Riot Games 2015-05-06 18:38 - 2015-05-06 18:38 - 00001319 _____ () C:\Users\Public\Desktop\League of Legends.lnk 2015-05-06 18:38 - 2008-07-31 10:41 - 00068616 ____C (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_1.dll 2015-05-06 18:38 - 2008-07-31 10:40 - 00509448 ____C (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_2.dll 2015-05-06 18:38 - 2008-07-12 08:18 - 03851784 ____C (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_39.dll 2015-05-06 18:38 - 2008-07-12 08:18 - 01493528 ____C (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_39.dll 2015-05-06 18:38 - 2008-07-12 08:18 - 00467984 ____C (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_39.dll 2015-05-06 18:37 - 2015-05-06 18:39 - 00000000 ____D () C:\Users\User\AppData\Roaming\Riot Games 2015-05-06 18:32 - 2015-05-06 18:32 - 00000000 ____D () C:\Users\User\AppData\Local\Steam 2015-05-06 18:31 - 2015-05-06 18:31 - 00000518 _____ () C:\Users\Public\Desktop\Steam.lnk 2015-05-06 18:31 - 2015-05-06 18:31 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam 2015-05-06 18:27 - 2015-05-06 18:27 - 00000000 ____D () C:\Users\User\AppData\Roaming\WinRAR 2015-05-06 18:26 - 2015-05-06 18:26 - 00000000 ___DC () C:\Program Files\WinRAR 2015-05-06 18:26 - 2015-05-06 18:26 - 00000000 ____D () C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR 2015-05-06 18:26 - 2015-05-06 18:26 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR 2015-05-06 18:18 - 2015-05-06 18:18 - 00000472 _____ () C:\Users\User\Desktop\Volume (F) - Verknüpfung.lnk 2015-05-06 18:18 - 2015-05-06 18:18 - 00000000 ____D () C:\Users\User\AppData\Roaming\NVIDIA 2015-05-06 18:17 - 2015-05-06 18:46 - 00000000 ____D () C:\Users\User\AppData\Roaming\.minecraft 2015-05-06 18:17 - 2015-05-06 18:17 - 00000000 ____D () C:\Users\User\AppData\Roaming\java 2015-05-06 18:05 - 2015-05-22 15:36 - 00000000 ____D () C:\Users\User\AppData\Roaming\TS3Client 2015-05-06 17:51 - 2015-05-17 13:57 - 00000000 ____D () C:\Users\User\Desktop\Wichtig 2015-05-06 17:46 - 2015-05-07 16:45 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation 2015-05-06 17:46 - 2015-05-06 17:54 - 00119296 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdx.sys 2015-05-06 17:46 - 2015-05-06 17:54 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\TSWbPrxy.exe 2015-05-06 17:46 - 2015-05-06 17:46 - 00000000 ____D () C:\Users\User\AppData\Local\NVIDIA Corporation 2015-05-06 17:46 - 2015-05-06 17:46 - 00000000 ____D () C:\Users\User\AppData\Local\NVIDIA 2015-05-06 17:46 - 2015-05-01 18:51 - 01316184 ____C (NVIDIA Corporation) C:\Windows\SysWOW64\nvspcap.dll 2015-05-06 17:46 - 2015-05-01 18:51 - 01316000 ____C (NVIDIA Corporation) C:\Windows\SysWOW64\nvspbridge.dll 2015-05-06 17:46 - 2015-05-01 18:50 - 01756424 _____ (NVIDIA Corporation) C:\Windows\system32\nvspbridge64.dll 2015-05-06 17:46 - 2015-05-01 18:50 - 01570672 _____ (NVIDIA Corporation) C:\Windows\system32\nvspcap64.dll 2015-05-06 17:46 - 2014-11-22 12:46 - 00038032 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad64v.sys 2015-05-06 17:46 - 2014-11-22 12:46 - 00035472 _____ (NVIDIA Corporation) C:\Windows\system32\nvaudcap64v.dll 2015-05-06 17:46 - 2014-11-22 12:46 - 00032400 ____C (NVIDIA Corporation) C:\Windows\SysWOW64\nvaudcap32v.dll 2015-05-06 17:46 - 2010-05-26 11:41 - 02401112 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_43.dll 2015-05-06 17:46 - 2010-05-26 11:41 - 01998168 ____C (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_43.dll 2015-05-06 17:46 - 2010-05-26 11:41 - 00511328 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_43.dll 2015-05-06 17:46 - 2010-05-26 11:41 - 00470880 ____C (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_43.dll 2015-05-06 17:46 - 2010-05-26 11:41 - 00276832 _____ (Microsoft Corporation) C:\Windows\system32\d3dx11_43.dll 2015-05-06 17:46 - 2010-05-26 11:41 - 00248672 ____C (Microsoft Corporation) C:\Windows\SysWOW64\d3dx11_43.dll ==================== One Month Modified files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2015-05-22 15:42 - 2009-07-14 06:45 - 00027184 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2015-05-22 15:42 - 2009-07-14 06:45 - 00027184 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2015-05-22 15:41 - 2009-07-14 19:58 - 02051556 _____ () C:\Windows\system32\perfh007.dat 2015-05-22 15:41 - 2009-07-14 19:58 - 00569206 _____ () C:\Windows\system32\perfc007.dat 2015-05-22 15:41 - 2009-07-14 07:13 - 00006532 _____ () C:\Windows\system32\PerfStringBackup.INI 2015-05-22 15:35 - 2013-11-28 03:14 - 00000000 ____D () C:\ProgramData\NVIDIA 2015-05-22 15:35 - 2011-06-26 22:08 - 00000035 _____ () C:\Users\Public\Documents\AtherosServiceConfig.ini 2015-05-22 15:35 - 2009-07-14 07:08 - 00032632 _____ () C:\Windows\Tasks\SCHEDLGU.TXT 2015-05-22 15:35 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT 2015-05-20 18:49 - 2015-03-24 04:15 - 00000000 ____D () C:\ProgramData\G Data 2015-05-20 17:10 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\NDF 2015-05-20 17:09 - 2015-03-24 04:16 - 00001558 _____ () C:\Users\User\AppData\Roaming\gdscan.log 2015-05-20 17:09 - 2015-03-24 04:16 - 00000000 ___DC () C:\Program Files (x86)\G DATA 2015-05-20 17:06 - 2009-07-14 05:20 - 00000000 ___DC () C:\Windows\SysWOW64\Setup 2015-05-20 17:06 - 2009-07-14 05:20 - 00000000 ___DC () C:\Windows\SysWOW64\oobe 2015-05-20 17:06 - 2009-07-14 05:20 - 00000000 ___DC () C:\Windows\SysWOW64\MUI 2015-05-20 17:06 - 2009-07-14 05:20 - 00000000 ___DC () C:\Windows\SysWOW64\com 2015-05-20 17:01 - 2015-03-24 04:42 - 00000000 ____D () C:\Users\User\AppData\Local\CrashDumps 2015-05-20 17:01 - 2013-07-15 11:49 - 00000000 ____D () C:\Windows\Minidump 2015-05-20 17:01 - 2011-05-25 05:15 - 00000000 ____D () C:\Windows\Panther 2015-05-19 18:58 - 2011-05-25 04:18 - 00000000 ___DC () C:\Windows\softwaredistribution.bak 2015-05-17 14:13 - 2012-04-22 04:15 - 00000000 ____D () C:\Users\User\AppData\Local\VirtualStore 2015-05-16 18:11 - 2015-03-24 18:40 - 00000000 ___DC () C:\Program Files (x86)\Google 2015-05-16 17:04 - 2015-03-24 04:11 - 00000000 ____D () C:\Users\User\AppData\Roaming\SoftGrid Client 2015-05-13 16:16 - 2009-07-14 06:45 - 00267816 _____ () C:\Windows\system32\FNTCACHE.DAT 2015-05-13 16:15 - 2009-07-14 20:18 - 00000000 ___DC () C:\Program Files\Windows Journal 2015-05-13 16:15 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\AdvancedInstallers 2015-05-13 14:26 - 2013-07-15 13:29 - 00000000 ____D () C:\Windows\system32\MRT 2015-05-13 14:26 - 2013-04-02 10:12 - 00000000 ___DC () C:\Program Files (x86)\Microsoft Application Virtualization Client 2015-05-13 14:25 - 2013-07-14 17:33 - 140425016 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe 2015-05-07 16:45 - 2013-11-28 03:11 - 00000000 ___DC () C:\Program Files (x86)\NVIDIA Corporation 2015-05-07 16:45 - 2013-11-28 03:11 - 00000000 ____D () C:\ProgramData\NVIDIA Corporation 2015-05-07 16:44 - 2013-11-28 03:11 - 00000000 ___DC () C:\Program Files\NVIDIA Corporation 2015-05-06 21:10 - 2011-05-25 04:25 - 00000000 __HDC () C:\Program Files (x86)\InstallShield Installation Information 2015-05-06 17:58 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\tracing 2015-05-06 17:54 - 2015-03-24 04:08 - 00950272 _____ (Microsoft Corporation) C:\Windows\system32\perftrack.dll 2015-05-06 17:54 - 2015-03-24 04:08 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\wdi.dll 2015-05-06 17:54 - 2015-03-24 04:08 - 00076800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdi.dll 2015-05-06 17:54 - 2015-03-24 04:08 - 00029696 _____ (Microsoft Corporation) C:\Windows\system32\powertracker.dll 2015-05-06 17:44 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\AppCompat ==================== Files in the root of some directories ======= 2015-03-24 04:16 - 2015-03-24 04:16 - 0000000 _____ () C:\Users\User\AppData\Roaming\gdfw.log 2015-03-24 04:16 - 2015-05-20 17:09 - 0001558 _____ () C:\Users\User\AppData\Roaming\gdscan.log 2015-05-17 16:03 - 2015-05-17 16:03 - 0000036 _____ () C:\Users\User\AppData\Local\housecall.guid.cache 2015-05-16 19:28 - 2015-05-16 19:28 - 0002780 _____ () C:\Users\User\AppData\Local\recently-used.xbel ==================== Bamital & volsnap Check ================= (There is no automatic fix for files that do not pass verification.) C:\Windows\System32\winlogon.exe => File is digitally signed C:\Windows\System32\wininit.exe => File is digitally signed C:\Windows\SysWOW64\wininit.exe => File is digitally signed C:\Windows\explorer.exe => File is digitally signed C:\Windows\SysWOW64\explorer.exe => File is digitally signed C:\Windows\System32\svchost.exe => File is digitally signed C:\Windows\SysWOW64\svchost.exe => File is digitally signed C:\Windows\System32\services.exe => File is digitally signed C:\Windows\System32\User32.dll => File is digitally signed C:\Windows\SysWOW64\User32.dll => File is digitally signed C:\Windows\System32\userinit.exe => File is digitally signed C:\Windows\SysWOW64\userinit.exe => File is digitally signed C:\Windows\System32\rpcss.dll => File is digitally signed C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2015-05-06 20:55 ==================== End of log ============================ |
/// the machine /// TB-Ausbilder

Keine richtige Server-verbindung

hi,
Addition.txt fehlt noch
EDIT Sry
![]() | #3 |
EDIT Sry
__________________![]() Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x64) Version: 19-05-2015 Ran by User at 2015-05-20 17:22:38 Running from C:\Users\User\Downloads Boot Mode: Normal ========================================================== ==================== Accounts: ============================= Administrator (S-1-5-21-3928150652-2756980015-3035233101-500 - Administrator - Disabled) Gast (S-1-5-21-3928150652-2756980015-3035233101-501 - Limited - Disabled) User (S-1-5-21-3928150652-2756980015-3035233101-1000 - Administrator - Enabled) => C:\Users\User ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: G DATA INTERNET SECURITY (Enabled - Up to date) {545C8713-0744-B079-87F8-349A6D5C8CF0} AS: G DATA INTERNET SECURITY (Enabled - Up to date) {EF3D66F7-217E-BFF7-BD48-0FE816DBC64D} AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} FW: G DATA Personal Firewall (Enabled) {6C670636-4D2B-B121-ACA7-9DAF938FCB8B} ==================== Installed Programs ====================== (Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) Besiege (HKLM-x32\...\Steam App 346010) (Version: - Spiderling Studios) Bluetooth Win7 Suite (64) (HKLM\...\{230D1595-57DA-4933-8C4E-375797EBB7E1}) (Version: - Atheros Communications) CCleaner (HKLM\...\CCleaner) (Version: 5.05 - Piriform) CDBurnerXP (HKLM\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: - CDBurnerXP) Cities: Skylines (HKLM-x32\...\Steam App 255710) (Version: - Colossal Order Ltd.) Dungeon Defenders (HKLM-x32\...\Steam App 65800) (Version: - Trendy Entertainment) G DATA INTERNET SECURITY (HKLM-x32\...\{85203592-3610-4FB9-AA11-15B2255B5A12}) (Version: - G DATA Software AG) GIMP 2.8.14 (HKLM\...\GIMP-2_is1) (Version: 2.8.14 - The GIMP Team) Goat Simulator (HKLM-x32\...\Steam App 265930) (Version: - Coffee Stain Studios) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 42.0.2311.152 - Google Inc.) Google Update Helper (x32 Version: - Google Inc.) Hidden Grand Theft Auto V (HKLM-x32\...\{E01FA564-2094-4833-8F2F-1FFEC6AFCC46}) (Version: "1.00.0000" - Rockstar Games) Intel(R) Graphics Media Accelerator Driver (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: - Intel Corporation) Intel(R) Manageability Engine Firmware Recovery Agent (HKLM-x32\...\{A6C48A9F-694A-4234-B3AA-62590B668927}) (Version: - Intel Corporation) Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: - Intel Corporation) ITE Infrared Transceiver (HKLM-x32\...\{40580068-9B10-40B5-9548-536CE88AB23C}) (Version: 1.00.0000 - ITE) Java 8 Update 45 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418045F0}) (Version: 8.0.450 - Oracle Corporation) League of Legends (HKLM-x32\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games ) League of Legends (x32 Version: 3.0.1 - Riot Games ) Hidden Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation) Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation) Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation) Microsoft Office Klick-und-Los 2010 (HKLM-x32\...\Office14.Click2Run) (Version: 14.0.6122.5000 - Microsoft Corporation) Microsoft Office Starter 2010 - Deutsch (HKLM-x32\...\{90140011-0066-0407-0000-0000000FF1CE}) (Version: 14.0.6129.5001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation) Mozilla Firefox 31.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 31.0 (x86 de)) (Version: 31.0 - Mozilla) Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 31.0 - Mozilla) NVIDIA 3D Vision Controller-Treiber 349.95 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 349.95 - NVIDIA Corporation) NVIDIA 3D Vision Treiber 350.12 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 350.12 - NVIDIA Corporation) NVIDIA GeForce Experience (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: - NVIDIA Corporation) NVIDIA Grafiktreiber 350.12 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 350.12 - NVIDIA Corporation) NVIDIA HD-Audiotreiber (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: - NVIDIA Corporation) NVIDIA PhysX-Systemsoftware 9.15.0324 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0324 - NVIDIA Corporation) Open Broadcaster Software (HKLM-x32\...\Open Broadcaster Software) (Version: - ) Platform (x32 Version: 1.40 - VIA Technologies, Inc.) Hidden Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.65.1025.2012 - Realtek) Renesas Electronics USB 3.0 Host Controller Driver (HKLM-x32\...\InstallShield_{5442DAB8-7177-49E1-8B22-09A049EA5996}) (Version: - Renesas Electronics Corporation) Renesas Electronics USB 3.0 Host Controller Driver (x32 Version: - Renesas Electronics Corporation) Hidden Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: - Rockstar Games) SHIELD Streaming (Version: 4.1.1000 - NVIDIA Corporation) Hidden SHIELD Wireless Controller Driver (Version: - NVIDIA Corporation) Hidden Steam (HKLM-x32\...\Steam) (Version: - Valve Corporation) TCSS (HKU\S-1-5-21-3928150652-2756980015-3035233101-1000\...\c3174b629303c191) (Version: - THAUMCRAFT RESEARCH HELPER) TeamSpeak 3 Client (HKLM-x32\...\TeamSpeak 3 Client) (Version: 3.0.16 - TeamSpeak Systems GmbH) The Binding of Isaac: Rebirth (HKLM-x32\...\Steam App 250900) (Version: - Nicalis, Inc.) Trojan Remover (HKLM-x32\...\Trojan Remover_is1) (Version: - Simply Super Software) Unity Web Player (HKU\S-1-5-21-3928150652-2756980015-3035233101-1000\...\UnityWebPlayer) (Version: 5.0.2f1 - Unity Technologies ApS) VIA Plattform-Geräte-Manager (HKLM-x32\...\InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}) (Version: 1.40 - VIA Technologies, Inc.) WinRAR 5.21 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH) ==================== Custom CLSID (selected items): ========================== (If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.) ==================== Restore Points ========================= ==================== Hosts content: ========================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2009-07-14 04:34 - 2015-05-16 16:59 - 00002120 ____A C:\Windows\system32\Drivers\etc\hosts ==================== Scheduled Tasks (Whitelisted) ============= (If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.) Task: {10F3DEB4-B40F-4364-ADAA-58D6C2098579} - System32\Tasks\Microsoft\Windows\Setup\gwx\launchtrayprocess => C:\Windows\system32\GWX\GWX.exe [2015-03-24] (Microsoft Corporation) Task: {21B1F005-8405-484C-A734-BAFA294ED322} - System32\Tasks\ASUS\RunDAOD => C:\Windows\DAODx.exe [2009-03-30] () Task: {253807B0-7506-458F-BCFD-F88B1BC1345B} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfig => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-24] (Microsoft Corporation) Task: {422EF52D-E020-46FF-B7E0-A0B59818D0E7} - System32\Tasks\Microsoft\Windows\Setup\gwx\runappraiser => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-24] (Microsoft Corporation) Task: {64666200-5267-433B-A5EB-D79BDB4D5EC4} - System32\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe [2013-03-07] (Intel Corporation) Task: {9D759583-D093-4D62-8787-AA5A33B65F8F} - \ASUS\i-Setup042718 No Task File <==== ATTENTION Task: {B2C63364-DB97-471C-B079-E369AC9BF351} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxcontent => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-24] (Microsoft Corporation) Task: {B69CF9B4-E1DA-4E2D-83FB-AE04D3F16F54} - System32\Tasks\iren3006 => C:\PROGRA~2\HIGHLI~1\iren3006.exe <==== ATTENTION Task: {BEB9F3DF-A715-437B-9A6F-7A63BF36C6A2} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-05-16] (Google Inc.) Task: {E142A72E-EBA1-42E6-AEC8-CBB84F42078C} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-05-16] (Google Inc.) Task: {F90EC079-7E0D-4783-B46C-DD8A58F84E5E} - System32\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe [2013-03-07] (Intel Corporation) Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore1d09248cdfb0833.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe ==================== Loaded Modules (Whitelisted) ============== 2013-11-28 03:11 - 2015-04-08 23:30 - 00116552 ____C () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll 2014-05-20 03:38 - 2014-05-20 03:38 - 00340088 ____C () C:\Program Files (x86)\Common Files\G Data\AVKProxy\PktIcpt2x64.dll 2015-04-08 21:53 - 2015-04-08 21:53 - 00057344 ____C () C:\Program Files\CCleaner\lang\lang-1031.dll 2015-05-06 17:46 - 2015-05-01 18:52 - 00011920 ____C () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll 2015-05-06 18:31 - 2015-04-16 19:40 - 00776192 _____ () F:\Steam\SDL2.dll 2015-05-06 18:31 - 2015-04-23 04:16 - 04962816 _____ () F:\Steam\v8.dll 2015-05-06 18:31 - 2015-04-23 04:16 - 01556992 _____ () F:\Steam\icui18n.dll 2015-05-06 18:31 - 2015-04-23 04:16 - 01187840 _____ () F:\Steam\icuuc.dll 2015-05-06 18:31 - 2015-05-15 03:58 - 02396352 _____ () F:\Steam\video.dll 2015-05-06 18:31 - 2014-12-01 23:31 - 02396672 _____ () F:\Steam\libavcodec-56.dll 2015-05-06 18:31 - 2014-12-01 23:31 - 00442880 _____ () F:\Steam\libavutil-54.dll 2015-05-06 18:31 - 2014-12-01 23:31 - 00479744 _____ () F:\Steam\libavformat-56.dll 2015-05-06 18:31 - 2014-12-01 23:31 - 00332800 _____ () F:\Steam\libavresample-2.dll 2015-05-06 18:31 - 2014-12-01 23:31 - 00485888 _____ () F:\Steam\libswscale-3.dll 2015-05-06 18:31 - 2015-05-15 03:57 - 00703168 _____ () F:\Steam\bin\chromehtml.DLL 2015-05-20 17:03 - 2015-05-20 17:03 - 00140800 _____ () C:\Users\User\AppData\Roaming\fxaucbjy\encecal.dll 2015-05-06 18:31 - 2015-05-11 21:01 - 36302728 _____ () F:\Steam\bin\libcef.dll 2015-05-16 18:11 - 2015-05-05 06:06 - 01252680 ____C () C:\Program Files (x86)\Google\Chrome\Application\42.0.2311.152\libglesv2.dll 2015-05-16 18:11 - 2015-05-05 06:06 - 00080712 ____C () C:\Program Files (x86)\Google\Chrome\Application\42.0.2311.152\libegl.dll 2015-03-22 20:41 - 2013-05-16 17:06 - 01199576 ____C () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll ==================== Alternate Data Streams (Whitelisted) ========= (If an entry is included in the fixlist, only the Alternate Data Streams will be removed.) ==================== Safe Mode (Whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) ==================== EXE Association (Whitelisted) =============== (If an entry is included in the fixlist, the default will be restored. None default entries will be removed.) ==================== Internet Explorer trusted/restricted =============== (If an entry is included in the fixlist, the associated entry will be removed from the registry.) ==================== Other Areas ============================ (Currently there is no automatic fix for this section.) HKU\S-1-5-21-3928150652-2756980015-3035233101-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\User\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg DNS Servers: ==================== MSCONFIG/TASK MANAGER disabled items == (Currently there is no automatic fix for this section.) ==================== FirewallRules (Whitelisted) =============== (If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.) FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe FirewallRules: [{5FCD04FF-39BD-471B-B430-A195DCC4FC4D}] => (Allow) F:\Steam\Steam.exe FirewallRules: [{58C98C3D-1C91-44ED-993C-86EE53DC6240}] => (Allow) F:\Steam\Steam.exe ==================== Faulty Device Manager Devices ============= ==================== Event log errors: ========================= Application errors: ================== Error: (05/20/2015 05:17:16 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3011) (User: NT-AUTORITÄT) Description: Fehler beim Herunterladen der Zeichenfolgen der Leistungsindikatoren für Dienst "WmiApRpl" (WmiApRpl). Der Fehlercode ist das erste DWORD im Datenbereich. Error: (05/20/2015 05:17:16 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT-AUTORITÄT) Description: Die Zeichenfolgen der Leistungsindikatoren in der Leistungsindikatorenregistrierung werden beschädigt wenn der Prozess "Performance" auf dem Erweiterungsleistungsindikator-Anbieter ausgeführt wird. Der Wert "BaseIndex" aus der Leistungsregistrierung ist das erste DWORD im Datenbereich, der Wert "LastCounter" ist das zweite DWORD im Datenbereich und der Werte "LastHelp" ist das dritte DWORD im Datenbereich. Error: (05/20/2015 05:17:16 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT-AUTORITÄT) Description: Die Zeichenfolgen der Leistungsindikatoren in der Leistungsindikatorenregistrierung werden beschädigt wenn der Prozess "Performance" auf dem Erweiterungsleistungsindikator-Anbieter ausgeführt wird. Der Wert "BaseIndex" aus der Leistungsregistrierung ist das erste DWORD im Datenbereich, der Wert "LastCounter" ist das zweite DWORD im Datenbereich und der Werte "LastHelp" ist das dritte DWORD im Datenbereich. Error: (05/20/2015 05:11:36 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Name der fehlerhaften Anwendung: nvstreamsvc.exe, Version: 4.1.1953.6972, Zeitstempel: 0x5541bef1 Name des fehlerhaften Moduls: nvstreamsvc.exe, Version: 4.1.1953.6972, Zeitstempel: 0x5541bef1 Ausnahmecode: 0x40000015 Fehleroffset: 0x000000000044d4ca ID des fehlerhaften Prozesses: 0x814 Startzeit der fehlerhaften Anwendung: 0xnvstreamsvc.exe0 Pfad der fehlerhaften Anwendung: nvstreamsvc.exe1 Pfad des fehlerhaften Moduls: nvstreamsvc.exe2 Berichtskennung: nvstreamsvc.exe3 Error: (05/20/2015 05:11:20 PM) (Source: Schedule) (EventID: 0) (User: ) Description: Schedule error: 10106Initialize call failed, bailing out Error: (05/20/2015 05:07:46 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Name der fehlerhaften Anwendung: nvstreamsvc.exe, Version: 4.1.1953.6972, Zeitstempel: 0x5541bef1 Name des fehlerhaften Moduls: nvstreamsvc.exe, Version: 4.1.1953.6972, Zeitstempel: 0x5541bef1 Ausnahmecode: 0x40000015 Fehleroffset: 0x000000000044d4ca ID des fehlerhaften Prozesses: 0x664 Startzeit der fehlerhaften Anwendung: 0xnvstreamsvc.exe0 Pfad der fehlerhaften Anwendung: nvstreamsvc.exe1 Pfad des fehlerhaften Moduls: nvstreamsvc.exe2 Berichtskennung: nvstreamsvc.exe3 Error: (05/20/2015 05:07:30 PM) (Source: Schedule) (EventID: 0) (User: ) Description: Schedule error: 10106Initialize call failed, bailing out Error: (05/20/2015 05:05:29 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Name der fehlerhaften Anwendung: Explorer.EXE, Version: 6.1.7601.17567, Zeitstempel: 0x4d672ee4 Name des fehlerhaften Moduls: SHLWAPI.dll, Version: 6.1.7601.17514, Zeitstempel: 0x4ce7c9ab Ausnahmecode: 0xc0000005 Fehleroffset: 0x00000000000072f7 ID des fehlerhaften Prozesses: 0x738 Startzeit der fehlerhaften Anwendung: 0xExplorer.EXE0 Pfad der fehlerhaften Anwendung: Explorer.EXE1 Pfad des fehlerhaften Moduls: Explorer.EXE2 Berichtskennung: Explorer.EXE3 Error: (05/20/2015 04:51:39 PM) (Source: CVHSVC) (EventID: 100) (User: ) Description: Nur zur Information. Error: Initialization failed 0x80080005 Type: 88::UnexpectedError. Error: (05/20/2015 04:46:48 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3011) (User: NT-AUTORITÄT) Description: Fehler beim Herunterladen der Zeichenfolgen der Leistungsindikatoren für Dienst "WmiApRpl" (WmiApRpl). Der Fehlercode ist das erste DWORD im Datenbereich. System errors: ============= Error: (05/20/2015 05:22:23 PM) (Source: Schannel) (EventID: 4120) (User: NT-AUTORITÄT) Description: Es wurde eine schwerwiegende Warnung generiert: 40. Der interne Fehlerstatus lautet: 252. Error: (05/20/2015 05:22:23 PM) (Source: Schannel) (EventID: 4120) (User: NT-AUTORITÄT) Description: Es wurde eine schwerwiegende Warnung generiert: 40. Der interne Fehlerstatus lautet: 252. Error: (05/20/2015 05:22:23 PM) (Source: Schannel) (EventID: 4120) (User: NT-AUTORITÄT) Description: Es wurde eine schwerwiegende Warnung generiert: 40. Der interne Fehlerstatus lautet: 252. Error: (05/20/2015 05:22:23 PM) (Source: Schannel) (EventID: 4120) (User: NT-AUTORITÄT) Description: Es wurde eine schwerwiegende Warnung generiert: 40. Der interne Fehlerstatus lautet: 252. Error: (05/20/2015 05:22:23 PM) (Source: Schannel) (EventID: 4120) (User: NT-AUTORITÄT) Description: Es wurde eine schwerwiegende Warnung generiert: 40. Der interne Fehlerstatus lautet: 252. Error: (05/20/2015 05:22:23 PM) (Source: Schannel) (EventID: 4120) (User: NT-AUTORITÄT) Description: Es wurde eine schwerwiegende Warnung generiert: 40. Der interne Fehlerstatus lautet: 252. Error: (05/20/2015 05:22:23 PM) (Source: Schannel) (EventID: 4120) (User: NT-AUTORITÄT) Description: Es wurde eine schwerwiegende Warnung generiert: 40. Der interne Fehlerstatus lautet: 252. Error: (05/20/2015 05:22:22 PM) (Source: Service Control Manager) (EventID: 7024) (User: ) Description: Der Dienst "Intelligenter Hintergrundübertragungsdienst" wurde mit folgendem dienstspezifischem Fehler beendet: %%-2147014790. Error: (05/20/2015 05:22:22 PM) (Source: Microsoft-Windows-Bits-Client) (EventID: 16392) (User: NT-AUTORITÄT) Description: Fehler beim Starten des BITS-Dienstes. Fehler: 2147952506. Error: (05/20/2015 05:21:59 PM) (Source: Schannel) (EventID: 4120) (User: NT-AUTORITÄT) Description: Es wurde eine schwerwiegende Warnung generiert: 40. Der interne Fehlerstatus lautet: 252. Microsoft Office Sessions: ========================= Error: (05/20/2015 05:17:16 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3011) (User: NT-AUTORITÄT) Description: WmiApRplWmiApRpl8F20300004D070000 Error: (05/20/2015 05:17:16 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT-AUTORITÄT) Description: Performance1637070000000000000000000009030000 Error: (05/20/2015 05:17:16 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT-AUTORITÄT) Description: Performance1637070000000000000000000009030000 Error: (05/20/2015 05:11:36 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: nvstreamsvc.exe4.1.1953.69725541bef1nvstreamsvc.exe4.1.1953.69725541bef140000015000000000044d4ca81401d0930f3ad2e309C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exeC:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe819de7e9-ff02-11e4-a45f-b8975ab1587c Error: (05/20/2015 05:11:20 PM) (Source: Schedule) (EventID: 0) (User: ) Description: Schedule error: 10106Initialize call failed, bailing out Error: (05/20/2015 05:07:46 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: nvstreamsvc.exe4.1.1953.69725541bef1nvstreamsvc.exe4.1.1953.69725541bef140000015000000000044d4ca66401d0930eb15550ddC:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exeC:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exef815499c-ff01-11e4-9a66-b8975ab1587c Error: (05/20/2015 05:07:30 PM) (Source: Schedule) (EventID: 0) (User: ) Description: Schedule error: 10106Initialize call failed, bailing out Error: (05/20/2015 05:05:29 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Explorer.EXE6.1.7601.175674d672ee4SHLWAPI.dll6.1.7601.175144ce7c9abc000000500000000000072f773801d0930acca650abC:\Windows\Explorer.EXEC:\Windows\system32\SHLWAPI.dlla699e90b-ff01-11e4-abba-b8975ab1587c Error: (05/20/2015 04:51:39 PM) (Source: CVHSVC) (EventID: 100) (User: ) Description: Error: Initialization failed 0x80080005 Type: 88::UnexpectedError. Error: (05/20/2015 04:46:48 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3011) (User: NT-AUTORITÄT) Description: WmiApRplWmiApRpl8F20300004D070000 CodeIntegrity Errors: =================================== Date: 2014-03-23 15:30:23.649 Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\Sftfslh.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert. Date: 2014-03-23 15:30:23.555 Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\Sftfslh.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert. ==================== Memory info =========================== Processor: Intel(R) Core(TM) i7-4790K CPU @ 4.00GHz Percentage of memory in use: 21% Total physical RAM: 16339.54 MB Available physical RAM: 12758.54 MB Total Pagefile: 32677.27 MB Available Pagefile: 28570.77 MB Total Virtual: 8192 MB Available Virtual: 8191.84 MB ==================== Drives ================================ Drive c: (Windows7) (Fixed) (Total:238.37 GB) (Free:183.18 GB) NTFS Drive d: (Disk1) (CDROM) (Total:7.95 GB) (Free:0 GB) UDF Drive f: (Volume) (Fixed) (Total:1863.01 GB) (Free:1783.16 GB) NTFS ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 238.5 GB) (Disk ID: 0DA7C2E8) Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=238.4 GB) - (Type=07 NTFS) ======================================================== Disk: 1 (MBR Code: Windows 7 or 8) (Size: 1863 GB) (Disk ID: A47E9B53) Partition 1: (Not Active) - (Size=1863 GB) - (Type=07 NTFS) ==================== End Of Log ============================ |
/// the machine /// TB-Ausbilder

Keine richtige Server-verbindung

hi,

Scan mit Combofix
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
![]() | #5 |
| ![]() Alles weg Hallo, Ich habe alle Schritte befolgt und nun kam eine Fehlermeldung das irgend etwas kaputt gegangen sein kann. Jetzt kann ich keine Programme mehr ausführen denn dafür wird keine Datei gefunden um das Programm zu starten. Ich schreibe in diesem Moment von einem anderen PC aus und bitte so schnellst möglich um Hilfe. |
/// the machine /// TB-Ausbilder

Keine richtige Server-verbindung

Du hast meine Anleitung aber schon gelesen oder?

Zitat:
WARNUNG für die MITLESER: Combofix sollte ausschließlich ausgeführt werden, wenn dies von einem Teammitglied angewiesen wurde!
__________________ --> Keine richtige Server-verbindung |
![]() | #7 |
| ![]() Ich habe alles befolgt Ich habe alle Anweisungen befolgt und meinen PC danach auch neugestartet ich habe ein bischen herum probiert und habe nun festgestellt das sich Programme nurnoch als Administrator ausführen lassen. Gruß Marc51 |
/// the machine /// TB-Ausbilder

Keine richtige Server-verbindung

Meinst Du mit Rechtsklick als Admin? Auch im Adminkonto nur so?

Poste mal das Log von Combofix und/oder ein frisches FRST log.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
Themen zu Keine richtige Server-verbindung

.dll, administrator, browser, ccsetup, defender, desktop, explorer, firewall, google, grand theft auto, installation, kaspersky, mozilla, problem, refresh, registry, rundll, safer networking, security, server, software, super, svchost.exe, symantec, system, teamspeak, trojan, trojaner, usb, virus, windows 7, winlogon.exe