| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: PC von heute auf morgen plötzlich langsam! Virus?Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
24.05.2015, 11:27
| #1 |
| |  PC von heute auf morgen plötzlich langsam! Virus? Hallo, ich arbeite an einem film für meine uni. dafür habe ich mir eine 30 tage testversion von dragonframe (stop motion programm) heruntergeladen. mein videobearbeitungsprogramm war leider auch zu schlecht, also habe ich mir lightworks gedownloadet. alles lief wunderbar, bis ich eine meldung über ein update für dragonframe bekommen habe. danach ging auch noch alles, aber am nächsten tag, als ich meinen pc wieder hochgefahren habe, dauerte es ewig dragonframe zu starten (mehrere minuten). auch eine verknüpfung auf dem desktop zu erstellen dauerte jetzt mehrere minuten. ich hatte sofort einen virus im verdacht und habe sämtliche antivirenprogramme durchlaufen lassen (eset, antimalwarebytes, adwcleaner und hijackthis), leider hat nichts geholfen. für hijack this habe ich auch eine logfile. zwischendurch bekam ich noch eine meldung von windows updater, dass wichtige updates fehlen. unter anderem auch eine software zur "bekämpfung schädlicher viren". dies wollte ich updaten, jedoch ging das nicht, da sich der updater nur noch aufgehängt hat. als nächstes wollte ich meinen pc auf ein früheres datum zurücksetzten, doch auch das funktionierte nicht, weil angeblich mein antivirenprogramm dies verhindert, obwohl ich es deaktiviert hatte. nächster versuch war eine zurücksetzung über das bios, doch auch da bekam ich die selbe fehlermeldung mit der antivirensoftware mit dem einzigen unterschied, dass mein pc auf einmal wieder funktionierte...leider nur 2 tage lang. ich konnte in dieser zeit alle programme ganz normal benutzen... heute morgen habe ich meinen pc wieder hochgefahren und ich hatte plötzlich wieder das selbe problem. dragonframe braucht lange zum starten, verknüpfungen erstellen dauert ebenfalls sehr lange und windwos movie player kann nur noch über "prozess beenden" beendet werde. um jedoch mit meinem film voran zu kommen, da ich ihn am dienstag abschicken muss, habe ich die daten auf eine externe festplatte kopiert, um am pc meiner freundin weiter zu abeiten. doch nun kann man zwar daten von der externen platte löschen, aber sie zeigt nicht an, dass mehr speicher zur verfügung ist. seltsam ist auch hierbei, dass viren normaler weise auf der festplatte, auf der windows installiert ist, zugreifen oder!? weil meine daten für den film auf einer anderen internen platte lagen. also eigentlich könnte der viru deshalb doch gar nicht auf die platte über gegangen sein oder??? ich bin echt am verzweifeln, ich habe keine ahnung, was ich jetzt noch machen soll.  ((meine festplatte ist auch nicht voll. von 3tb sind 700 gb belegt. mein system: cpu: i5-4690k 3,5 ghz graka: amd radeon r9 270 ram: 16gb Ich bedanke mich jetzt schon für eure Antworten!! Liebe Grüße NicNic hier die logfile: Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 22:50:02, on 22.05.2015 Platform: Windows 7 SP1 (WinNT 6.00.3505) MSIE: Internet Explorer v11.0 (11.00.9600.17801) Boot mode: Normal Running processes: C:\Program Files (x86)\Steam\Steam.exe C:\Program Files (x86)\Skype\Phone\Skype.exe C:\Users\Nicholas\AppData\Local\Akamai\netsession_win.exe C:\Users\Nicholas\AppData\Roaming\Spotify\SpotifyWebHelper.exe C:\Users\Nicholas\AppData\Roaming\Spotify\Spotify.exe C:\Users\Nicholas\AppData\Roaming\Dropbox\bin\Dropbox.exe C:\Program Files (x86)\Canon\EOS Utility\EOS Utility.exe C:\Program Files (x86)\Adobe\Reader 9.0\Reader\reader_sl.exe C:\Users\Nicholas\AppData\Local\Akamai\netsession_win.exe C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe C:\Users\Nicholas\AppData\Roaming\Spotify\SpotifyCrashService.exe C:\Program Files (x86)\Canon\EOS Utility\EOSUPNPSV.exe C:\Users\Nicholas\AppData\Roaming\Spotify\Spotify.exe C:\Users\Nicholas\AppData\Roaming\Spotify\Spotify.exe C:\Program Files (x86)\Steam\bin\steamwebhelper.exe C:\Users\Nicholas\AppData\Local\Autodesk\.AdskAppManager\R1\AdAppMgr.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Users\Nicholas\Downloads\HiJackThis204.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://go.microsoft.com/fwlink/p/?LinkId=255141 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/p/?LinkId=255141 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = F2 - REG:system.ini: UserInit=userinit.exe O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [HP Software Update] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [ADSKAppManager] "C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgr.exe" -showminimized -checkautorun O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\amd64\CLIStart.exe" MSRun O4 - HKCU\..\Run: [Steam] "C:\Program Files (x86)\Steam\steam.exe" -silent O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun O4 - HKCU\..\Run: [Akamai NetSession Interface] "C:\Users\Nicholas\AppData\Local\Akamai\netsession_win.exe" O4 - HKCU\..\Run: [Spotify Web Helper] "C:\Users\Nicholas\AppData\Roaming\Spotify\SpotifyWebHelper.exe" O4 - HKCU\..\Run: [Spotify] "C:\Users\Nicholas\AppData\Roaming\Spotify\Spotify.exe" -autostart -minimized O4 - Startup: Adobe Gamma.lnk = C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe O4 - Startup: Dropbox.lnk = C:\Users\Nicholas\AppData\Roaming\Dropbox\bin\Dropbox.exe O4 - Startup: EOS Utility.lnk = C:\Program Files (x86)\Canon\EOS Utility\EOS Utility.exe O8 - Extra context menu item: An OneNote s&enden - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105 O8 - Extra context menu item: Nach Microsoft E&xcel exportieren - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000 O9 - Extra button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll O9 - Extra 'Tools' menuitem: An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll O9 - Extra button: Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll O9 - Extra 'Tools' menuitem: Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL O23 - Service: Autodesk Application Manager Service (AdAppMgrSvc) - Autodesk Inc. - C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgrSvc.exe O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing) O23 - Service: EasyAntiCheat - EasyAntiCheat Ltd - C:\Windows\system32\EasyAntiCheat.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: FlexNet Licensing Service 64 - Flexera Software LLC - C:\Program Files\Common Files\Macrovision Shared\FlexNet Publisher\FNPLicensingService64.exe O23 - Service: Google Update-Dienst (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-Dienst (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing) O23 - Service: Intel(R) PROSet Monitoring Service - Unknown owner - C:\Windows\system32\IProsetMonitor.exe (file missing) O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: mental ray Satellite for Autodesk 3ds Max 2015 64-bit (mi-raysat_3dsmax2015_64) - Unknown owner - C:\Program Files\Autodesk\3ds Max 2015\NVIDIA\Satellite\raysat_3dsmax2015_64server.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Origin Client Service - Electronic Arts - C:\Program Files (x86)\Origin\OriginClientService.exe O23 - Service: Overwolf Updater Windows SCM (OverwolfUpdater) - Overwolf LTD - C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe O23 - Service: PnkBstrB - Unknown owner - C:\Windows\system32\PnkBstrB.exe O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) O23 - Service: WTService - Unknown owner - C:\Windows\system32\atwtusb.exe (file missing) -- End of file - 10037 bytes |
|
24.05.2015, 11:36
| #2 |
| /// the machine /// TB-Ausbilder    | PC von heute auf morgen plötzlich langsam! Virus? hi,
__________________Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:  FRST 32-Bit | FRST 64-Bit(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
__________________ |
|
24.05.2015, 20:34
| #3 |
| | PC von heute auf morgen plötzlich langsam! Virus? Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 24-05-2015
__________________Ran by Nicholas (administrator) on NICHOLAS-PC on 24-05-2015 12:56:18 Running from C:\Users\Nicholas\Downloads Loaded Profiles: Nicholas (Available Profiles: Nicholas) Platform: Windows 7 Professional Service Pack 1 (X64) OS Language: Deutsch (Deutschland) Internet Explorer Version 11 (Default browser: Chrome) Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: FRST Tutorial - How to use Farbar Recovery Scan Tool - Geeks to Go Forum ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (AMD) C:\Windows\System32\atiesrxx.exe (AMD) C:\Windows\System32\atieclxx.exe (Microsoft Corporation) C:\Windows\System32\wisptis.exe (Autodesk Inc.) C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgrSvc.exe (ESET) C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe (Intel Corporation) C:\Windows\System32\IPROSetMonitor.exe () C:\Windows\SysWOW64\PnkBstrA.exe () C:\Windows\SysWOW64\PnkBstrB.exe (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE () C:\Windows\System32\atwtusb.exe (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE () C:\Windows\System32\atwtusb.exe (Microsoft Corporation) C:\Windows\System32\wisptis.exe () C:\Windows\System32\AtwtusbIcon.exe (ESET) C:\Program Files\ESET\ESET Smart Security\egui.exe (Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe (Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe (Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe (Akamai Technologies, Inc.) C:\Users\Nicholas\AppData\Local\Akamai\netsession_win.exe (Spotify Ltd) C:\Users\Nicholas\AppData\Roaming\Spotify\SpotifyWebHelper.exe (Spotify Ltd) C:\Users\Nicholas\AppData\Roaming\Spotify\Spotify.exe (Akamai Technologies, Inc.) C:\Users\Nicholas\AppData\Local\Akamai\netsession_win.exe (Dropbox, Inc.) C:\Users\Nicholas\AppData\Roaming\Dropbox\bin\Dropbox.exe (Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe (Canon INC.) C:\Program Files (x86)\Canon\EOS Utility\EOS Utility.exe (Advanced Micro Devices Inc.) C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\MOM.exe (Spotify Ltd) C:\Users\Nicholas\AppData\Roaming\Spotify\Spotify.exe (Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe (ATI Technologies Inc.) C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\CCC.exe (Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe (Spotify Ltd) C:\Users\Nicholas\AppData\Roaming\Spotify\Spotify.exe (CANON INC.) C:\Program Files (x86)\Canon\EOS Utility\EOSUPNPSV.exe (Autodesk Inc.) C:\Users\Nicholas\AppData\Local\Autodesk\.AdskAppManager\R1\AdAppMgr.exe (Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\ink\InputPersonalization.exe () C:\Program Files (x86)\DZED\Dragonframe\Dragonframe.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Microsoft Corporation) C:\Program Files (x86)\Windows Live\Photo Gallery\MovieMaker.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe ==================== Registry (Whitelisted) ================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [AtwtusbIcon] => C:\Windows\system32\AtwtusbIcon.exe [3593728 2012-09-10] () HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET Smart Security\egui.exe [5595848 2015-01-28] (ESET) HKLM-x32\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [34672 2008-06-12] (Adobe Systems Incorporated) HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [49208 2011-10-28] (Hewlett-Packard) HKLM-x32\...\Run: [] => [X] HKLM-x32\...\Run: [ADSKAppManager] => C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgr.exe [493960 2014-12-05] (Autodesk Inc.) HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2014-11-20] (Advanced Micro Devices, Inc.) HKU\S-1-5-21-2275286783-360671132-1705877350-1000\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [2888384 2015-05-15] (Valve Corporation) HKU\S-1-5-21-2275286783-360671132-1705877350-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [31280256 2015-04-17] (Skype Technologies S.A.) HKU\S-1-5-21-2275286783-360671132-1705877350-1000\...\Run: [Akamai NetSession Interface] => C:\Users\Nicholas\AppData\Local\Akamai\netsession_win.exe [4673432 2014-10-29] (Akamai Technologies, Inc.) HKU\S-1-5-21-2275286783-360671132-1705877350-1000\...\Run: [Spotify Web Helper] => C:\Users\Nicholas\AppData\Roaming\Spotify\SpotifyWebHelper.exe [2022968 2015-05-22] (Spotify Ltd) HKU\S-1-5-21-2275286783-360671132-1705877350-1000\...\Run: [Spotify] => C:\Users\Nicholas\AppData\Roaming\Spotify\Spotify.exe [7298616 2015-05-22] (Spotify Ltd) HKU\S-1-5-21-2275286783-360671132-1705877350-1000\...\MountPoints2: {9906d047-d110-11e4-814f-806e6f6e6963} - D:\Welcome\Welcome.exe Startup: C:\Users\Nicholas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma.lnk [2015-04-03] ShortcutTarget: Adobe Gamma.lnk -> C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.) Startup: C:\Users\Nicholas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2015-04-09] ShortcutTarget: Dropbox.lnk -> C:\Users\Nicholas\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.) Startup: C:\Users\Nicholas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\EOS Utility.lnk [2015-05-09] ShortcutTarget: EOS Utility.lnk -> C:\Program Files (x86)\Canon\EOS Utility\EOS Utility.exe (Canon INC.) ShellIconOverlayIdentifiers: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Nicholas\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-04-02] (Dropbox, Inc.) ShellIconOverlayIdentifiers: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Nicholas\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-04-02] (Dropbox, Inc.) ShellIconOverlayIdentifiers: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Nicholas\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-04-02] (Dropbox, Inc.) ShellIconOverlayIdentifiers: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Nicholas\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-04-02] (Dropbox, Inc.) ShellIconOverlayIdentifiers: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Nicholas\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-04-02] (Dropbox, Inc.) ShellIconOverlayIdentifiers: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Nicholas\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-04-02] (Dropbox, Inc.) ShellIconOverlayIdentifiers: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Nicholas\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-04-02] (Dropbox, Inc.) ShellIconOverlayIdentifiers: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Nicholas\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-04-02] (Dropbox, Inc.) ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.) BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation) BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2008-06-11] (Adobe Systems Incorporated) BHO-x32: Microsoft-Konto-Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.) BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation) Tcpip\Parameters: [DhcpNameServer] 192.168.178.1 FireFox: ======== FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation) FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3508.0205 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2013-02-05] (Microsoft Corporation) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-16] (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-16] (Google Inc.) Chrome: ======= CHR Profile: C:\Users\Nicholas\AppData\Local\Google\Chrome\User Data\Default CHR Extension: (Sunset) - C:\Users\Nicholas\AppData\Local\Google\Chrome\User Data\Default\Extensions\aagfloaiblncmhfeghmcpcepjamnlcfd [2015-04-02] CHR Extension: (Google Drive) - C:\Users\Nicholas\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-04-02] CHR Extension: (AdBlock) - C:\Users\Nicholas\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2015-03-24] CHR Extension: (Bookmark Manager) - C:\Users\Nicholas\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmlllbghnfkpflemihljekbapjopfjik [2015-04-22] CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Nicholas\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-03-24] CHR Extension: (Google Wallet) - C:\Users\Nicholas\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-03-23] CHR Extension: (My Chrome Theme) - C:\Users\Nicholas\AppData\Local\Google\Chrome\User Data\Default\Extensions\oehpjpccmlcalbenfhnacjeocbjdonic [2015-04-02] ==================== Services (Whitelisted) ================= (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R2 AdAppMgrSvc; C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgrSvc.exe [599944 2014-12-05] (Autodesk Inc.) S3 Adobe LM Service; C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [72704 2015-04-03] (Adobe Systems) [] R2 DiagTrack; C:\Windows\system32\diagtrack.dll [1254400 2015-04-27] (Microsoft Corporation) S3 EasyAntiCheat; C:\Windows\SysWOW64\EasyAntiCheat.exe [237864 2015-03-24] (EasyAntiCheat Ltd) R2 ekrn; C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe [1349576 2015-01-28] (ESET) S3 mi-raysat_3dsmax2015_64; C:\Program Files\Autodesk\3ds Max 2015\NVIDIA\Satellite\raysat_3dsmax2015_64server.exe [86016 2011-09-15] () [] S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [1931632 2015-04-14] (Electronic Arts) S3 OverwolfUpdater; C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [999152 2015-05-04] (Overwolf LTD) R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [75136 2015-04-14] () R2 PnkBstrB; C:\Windows\SysWOW64\PnkBstrB.exe [189248 2015-04-14] () R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation) R2 WTService; C:\Windows\system32\atwtusb.exe [582144 2013-11-12] () [] ==================== Drivers (Whitelisted) ==================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R3 e1dexpress; C:\Windows\System32\DRIVERS\e1d62x64.sys [495376 2015-03-23] (Intel Corporation) R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [246000 2015-03-10] (ESET) U5 edevmon; C:\Windows\System32\Drivers\edevmon.sys [241880 2015-03-10] (ESET) R1 ehdrv; C:\Windows\System32\DRIVERS\ehdrv.sys [169792 2015-03-10] (ESET) R2 epfw; C:\Windows\System32\DRIVERS\epfw.sys [222280 2015-03-10] (ESET) R1 EpfwLWF; C:\Windows\System32\DRIVERS\EpfwLWF.sys [44632 2015-03-10] (ESET) R0 epfwwfp; C:\Windows\System32\DRIVERS\epfwwfp.sys [64208 2015-03-10] (ESET) R3 moufiltr; C:\Windows\System32\DRIVERS\moufiltr.sys [7680 2009-03-08] (Windows (R) Codename Longhorn DDK provider) R3 vhidmini; C:\Windows\System32\DRIVERS\walvhid.sys [7552 2009-08-26] (Windows (R) Win 7 DDK provider) S3 MBAMSwissArmy; \??\C:\Windows\system32\drivers\MBAMSwissArmy.sys [X] ==================== NetSvcs (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ==================== One Month Created files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2015-05-24 12:54 - 2015-05-24 12:54 - 00053478 _____ () C:\Users\Nicholas\Downloads\Addition.txt 2015-05-24 12:53 - 2015-05-24 12:56 - 00014277 _____ () C:\Users\Nicholas\Downloads\FRST.txt 2015-05-24 12:52 - 2015-05-24 12:56 - 00000000 ____D () C:\FRST 2015-05-24 12:51 - 2015-05-24 12:51 - 02108416 _____ (Farbar) C:\Users\Nicholas\Downloads\FRST64.exe 2015-05-24 11:58 - 2015-05-24 11:58 - 24202368 _____ (DZED Systems LLC) C:\Users\Nicholas\Downloads\Nicht bestätigt 749535.crdownload 2015-05-24 11:58 - 2015-05-24 11:58 - 02223104 _____ () C:\Users\Nicholas\Downloads\Nicht bestätigt 792012.crdownload 2015-05-24 11:58 - 2015-05-24 11:58 - 00520724 _____ () C:\Users\Nicholas\Downloads\Nicht bestätigt 421639.crdownload 2015-05-24 11:09 - 2015-05-24 11:09 - 00001706 _____ () C:\Users\Nicholas\Desktop\MovieMaker.lnk 2015-05-24 03:00 - 2015-05-24 03:00 - 00000000 ____D () C:\Users\Nicholas\AppData\Local\4kdownload.com 2015-05-24 02:59 - 2015-05-24 02:59 - 35191096 _____ () C:\Users\Nicholas\Downloads\4kvideotomp3_2.2.zip 2015-05-24 01:39 - 2015-05-24 03:30 - 00008704 _____ () C:\Users\Nicholas\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini 2015-05-24 00:48 - 2015-05-24 00:53 - 00000000 ____D () C:\Users\Nicholas\AppData\Roaming\gtk-2.0 2015-05-23 23:58 - 2015-05-24 00:07 - 00000000 ____D () C:\Users\Nicholas\AppData\Roaming\avidemux 2015-05-23 23:57 - 2015-05-23 23:58 - 20981895 _____ () C:\Users\Nicholas\Downloads\avidemux_2.5.0_full_win32.zip 2015-05-23 22:40 - 2015-05-23 22:40 - 00001374 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Photo Gallery.lnk 2015-05-23 22:40 - 2015-05-23 22:40 - 00001305 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Movie Maker.lnk 2015-05-23 22:40 - 2015-05-23 22:40 - 00000000 ____D () C:\Windows\de 2015-05-23 22:40 - 2015-05-23 22:40 - 00000000 ____D () C:\Program Files (x86)\Microsoft SQL Server Compact Edition 2015-05-23 22:39 - 2015-05-23 22:39 - 00000000 ____D () C:\Windows\PCHEALTH 2015-05-23 22:34 - 2015-05-23 22:35 - 142602520 _____ (Microsoft Corporation) C:\Users\Nicholas\Downloads\nw_6060_wlsetupallexe.exe 2015-05-23 20:14 - 2015-05-23 20:14 - 00001436 _____ () C:\Users\Public\Desktop\Free YouTube Download.lnk 2015-05-23 20:11 - 2015-05-23 20:12 - 34399472 _____ (DVDVideoSoft Ltd. ) C:\Users\Nicholas\Downloads\FreeYouTubeDownload.exe 2015-05-23 15:29 - 2015-05-23 22:39 - 00000000 ____D () C:\Program Files (x86)\Windows Live 2015-05-23 15:26 - 2015-05-23 22:35 - 00000000 ____D () C:\Users\Nicholas\AppData\Local\Windows Live 2015-05-23 15:25 - 2015-05-23 15:25 - 01245384 _____ (Microsoft Corporation) C:\Users\Nicholas\Downloads\wlsetup-web.exe 2015-05-22 22:50 - 2015-05-22 22:50 - 00010039 _____ () C:\Users\Nicholas\Downloads\hijackthis.log 2015-05-22 22:46 - 2015-05-22 22:46 - 00388608 _____ (Trend Micro Inc.) C:\Users\Nicholas\Downloads\HiJackThis204.exe 2015-05-22 21:12 - 2015-05-22 21:12 - 00001072 _____ () C:\Users\Public\Desktop\Dragonframe.lnk 2015-05-22 21:11 - 2015-05-23 00:02 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dragonframe 2015-05-22 21:11 - 2015-05-22 21:11 - 24202368 _____ (DZED Systems LLC) C:\Users\Nicholas\Downloads\Dragonframe_3.6.3-Setup (2).exe 2015-05-22 21:11 - 2015-05-22 21:11 - 00000000 ____D () C:\Users\Nicholas\AppData\Roaming\DZED 2015-05-22 21:11 - 2015-05-22 21:11 - 00000000 ____D () C:\Program Files (x86)\DZED 2015-05-22 21:07 - 2015-05-22 21:07 - 24202368 _____ (DZED Systems LLC) C:\Users\Nicholas\Downloads\Dragonframe_3.6.3-Setup.exe 2015-05-22 20:56 - 2015-05-22 20:56 - 00000000 ____D () C:\$WINDOWS.~BT 2015-05-22 20:42 - 2015-05-22 20:42 - 00347424 _____ (Microsoft Corporation) C:\Users\Nicholas\Downloads\MicrosoftFixit.wu.Run.exe 2015-05-22 20:39 - 2015-05-22 21:05 - 00002618 _____ () C:\Windows\diagwrn.xml 2015-05-22 20:39 - 2015-05-22 21:05 - 00001908 _____ () C:\Windows\diagerr.xml 2015-05-22 20:30 - 2015-05-22 20:30 - 15549025 _____ () C:\Users\Nicholas\Downloads\Microsoft_Fix-it-Paket.zip 2015-05-22 20:30 - 2015-05-22 20:30 - 00985600 _____ () C:\Users\Nicholas\Downloads\MicrosoftFixit50123.msi 2015-05-22 20:27 - 2015-05-22 20:27 - 02223104 _____ () C:\Users\Nicholas\Downloads\adwcleaner_4.205 (1).exe 2015-05-22 20:19 - 2015-05-22 20:20 - 00000000 ____D () C:\AdwCleaner 2015-05-22 20:17 - 2015-05-22 20:17 - 24202368 _____ (DZED Systems LLC) C:\Users\Nicholas\Downloads\Dragonframe_3.6.3-Setup (1).exe 2015-05-22 19:34 - 2015-05-23 00:02 - 00000000 ____D () C:\7db75fb0666c7e308b51578a9201 2015-05-22 19:34 - 2015-05-22 19:34 - 00000000 ____D () C:\Windows\system32\MRT 2015-05-22 19:34 - 2015-04-30 10:07 - 140425016 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe 2015-05-22 19:29 - 2015-05-22 20:19 - 02223104 _____ () C:\Users\Nicholas\Downloads\adwcleaner_4.205.exe 2015-05-22 19:29 - 2015-05-22 19:29 - 00000000 ____D () C:\ProgramData\Malwarebytes 2015-05-22 19:28 - 2015-05-22 19:28 - 21546080 _____ (Malwarebytes Corporation ) C:\Users\Nicholas\Downloads\mbam-setup-2.1.6.1022.exe 2015-05-22 19:20 - 2015-05-22 19:20 - 00000000 ____D () C:\Users\Nicholas\AppData\Local\UnrealEngineLauncher 2015-05-21 23:45 - 2015-05-21 23:45 - 00000000 ____D () C:\Users\Nicholas\.MCTranscodingSDK 2015-05-21 23:44 - 2015-05-23 00:02 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lightworks 2015-05-21 23:44 - 2015-05-21 23:48 - 00000000 ____D () C:\Users\Public\Documents\Lightworks 2015-05-21 23:44 - 2015-05-21 23:44 - 00000000 ____D () C:\ProgramData\Geevs 2015-05-21 23:43 - 2015-05-22 23:11 - 00000000 ____D () C:\Program Files\Lightworks 2015-05-21 23:41 - 2015-05-21 23:41 - 78740016 _____ (Lightworks) C:\Users\Nicholas\Downloads\lightworks_v12.0.2_full_64bit_setup (1).exe 2015-05-17 13:18 - 2015-05-17 13:18 - 00000000 ____D () C:\Users\Nicholas\Dragonframe 2015-05-17 13:08 - 2015-05-23 00:02 - 00000000 ____D () C:\ProgramData\DZED 2015-05-17 12:57 - 2015-05-17 12:57 - 24179184 _____ (DZED Systems LLC) C:\Users\Nicholas\Downloads\Dragonframe_3.6.2-Setup.exe 2015-05-14 16:43 - 2015-05-23 00:02 - 00000000 ____D () C:\Users\Nicholas\AppData\Local\René's Homepage 2015-05-14 16:43 - 2015-05-14 16:43 - 00437645 _____ () C:\Users\Nicholas\Downloads\SnippingToolPlusv3-4-1-0.zip 2015-05-14 16:43 - 2015-05-14 16:43 - 00000000 ____D () C:\Users\Nicholas\AppData\Roaming\René's Homepage 2015-05-14 16:43 - 2015-05-14 16:43 - 00000000 ____D () C:\ProgramData\René's Homepage 2015-05-13 21:15 - 2015-05-01 15:17 - 00124112 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll 2015-05-13 21:15 - 2015-05-01 15:16 - 00102608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll 2015-05-13 14:11 - 2015-05-05 03:29 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll 2015-05-13 14:11 - 2015-05-05 03:12 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll 2015-05-13 14:11 - 2015-04-22 04:28 - 00389840 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll 2015-05-13 14:11 - 2015-04-22 03:48 - 00342736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll 2015-05-13 14:11 - 2015-04-21 19:14 - 24971776 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2015-05-13 14:11 - 2015-04-21 19:08 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2015-05-13 14:11 - 2015-04-21 19:07 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll 2015-05-13 14:11 - 2015-04-21 18:51 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll 2015-05-13 14:11 - 2015-04-21 18:50 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll 2015-05-13 14:11 - 2015-04-21 18:50 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec 2015-05-13 14:11 - 2015-04-21 18:50 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll 2015-05-13 14:11 - 2015-04-21 18:49 - 02885120 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2015-05-13 14:11 - 2015-04-21 18:48 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll 2015-05-13 14:11 - 2015-04-21 18:41 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll 2015-05-13 14:11 - 2015-04-21 18:40 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll 2015-05-13 14:11 - 2015-04-21 18:37 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll 2015-05-13 14:11 - 2015-04-21 18:35 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll 2015-05-13 14:11 - 2015-04-21 18:35 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe 2015-05-13 14:11 - 2015-04-21 18:35 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe 2015-05-13 14:11 - 2015-04-21 18:34 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll 2015-05-13 14:11 - 2015-04-21 18:31 - 06025728 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2015-05-13 14:11 - 2015-04-21 18:26 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe 2015-05-13 14:11 - 2015-04-21 18:25 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb 2015-05-13 14:11 - 2015-04-21 18:24 - 19691008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2015-05-13 14:11 - 2015-04-21 18:22 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll 2015-05-13 14:11 - 2015-04-21 18:14 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll 2015-05-13 14:11 - 2015-04-21 18:11 - 00504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll 2015-05-13 14:11 - 2015-04-21 18:11 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll 2015-05-13 14:11 - 2015-04-21 18:10 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll 2015-05-13 14:11 - 2015-04-21 18:09 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec 2015-05-13 14:11 - 2015-04-21 18:09 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll 2015-05-13 14:11 - 2015-04-21 18:08 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll 2015-05-13 14:11 - 2015-04-21 18:08 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll 2015-05-13 14:11 - 2015-04-21 18:05 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll 2015-05-13 14:11 - 2015-04-21 18:04 - 02278400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2015-05-13 14:11 - 2015-04-21 18:03 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll 2015-05-13 14:11 - 2015-04-21 18:02 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll 2015-05-13 14:11 - 2015-04-21 18:00 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll 2015-05-13 14:11 - 2015-04-21 17:58 - 00664576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll 2015-05-13 14:11 - 2015-04-21 17:58 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe 2015-05-13 14:11 - 2015-04-21 17:57 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll 2015-05-13 14:11 - 2015-04-21 17:49 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2015-05-13 14:11 - 2015-04-21 17:49 - 00720384 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe 2015-05-13 14:11 - 2015-04-21 17:48 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll 2015-05-13 14:11 - 2015-04-21 17:47 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll 2015-05-13 14:11 - 2015-04-21 17:46 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl 2015-05-13 14:11 - 2015-04-21 17:43 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll 2015-05-13 14:11 - 2015-04-21 17:40 - 14401536 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2015-05-13 14:11 - 2015-04-21 17:39 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll 2015-05-13 14:11 - 2015-04-21 17:38 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll 2015-05-13 14:11 - 2015-04-21 17:36 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll 2015-05-13 14:11 - 2015-04-21 17:31 - 04305920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2015-05-13 14:11 - 2015-04-21 17:27 - 02352128 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2015-05-13 14:11 - 2015-04-21 17:26 - 00688640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll 2015-05-13 14:11 - 2015-04-21 17:25 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl 2015-05-13 14:11 - 2015-04-21 17:24 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll 2015-05-13 14:11 - 2015-04-21 17:17 - 12828672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2015-05-13 14:11 - 2015-04-21 17:15 - 01547264 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2015-05-13 14:11 - 2015-04-21 17:03 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll 2015-05-13 14:11 - 2015-04-21 17:02 - 01882112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2015-05-13 14:11 - 2015-04-21 16:58 - 01310208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2015-05-13 14:11 - 2015-04-21 16:56 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll 2015-05-13 14:11 - 2015-04-18 05:10 - 00460800 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll 2015-05-13 14:11 - 2015-04-18 04:56 - 00342016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll 2015-05-13 14:10 - 2015-04-27 21:28 - 05569984 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe 2015-05-13 14:10 - 2015-04-27 21:28 - 00155584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys 2015-05-13 14:10 - 2015-04-27 21:28 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys 2015-05-13 14:10 - 2015-04-27 21:26 - 01728960 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll 2015-05-13 14:10 - 2015-04-27 21:23 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll 2015-05-13 14:10 - 2015-04-27 21:23 - 01254400 _____ (Microsoft Corporation) C:\Windows\system32\diagtrack.dll 2015-05-13 14:10 - 2015-04-27 21:23 - 01162752 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll 2015-05-13 14:10 - 2015-04-27 21:23 - 00879104 _____ (Microsoft Corporation) C:\Windows\system32\tdh.dll 2015-05-13 14:10 - 2015-04-27 21:23 - 00879104 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll 2015-05-13 14:10 - 2015-04-27 21:23 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll 2015-05-13 14:10 - 2015-04-27 21:23 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll 2015-05-13 14:10 - 2015-04-27 21:23 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll 2015-05-13 14:10 - 2015-04-27 21:23 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll 2015-05-13 14:10 - 2015-04-27 21:23 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll 2015-05-13 14:10 - 2015-04-27 21:23 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll 2015-05-13 14:10 - 2015-04-27 21:23 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll 2015-05-13 14:10 - 2015-04-27 21:23 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll 2015-05-13 14:10 - 2015-04-27 21:23 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll 2015-05-13 14:10 - 2015-04-27 21:23 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll 2015-05-13 14:10 - 2015-04-27 21:23 - 00113664 _____ (Microsoft Corporation) C:\Windows\system32\sechost.dll 2015-05-13 14:10 - 2015-04-27 21:23 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll 2015-05-13 14:10 - 2015-04-27 21:23 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll 2015-05-13 14:10 - 2015-04-27 21:23 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll 2015-05-13 14:10 - 2015-04-27 21:23 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll 2015-05-13 14:10 - 2015-04-27 21:23 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll 2015-05-13 14:10 - 2015-04-27 21:23 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll 2015-05-13 14:10 - 2015-04-27 21:23 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll 2015-05-13 14:10 - 2015-04-27 21:23 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll 2015-05-13 14:10 - 2015-04-27 21:22 - 00404992 _____ (Microsoft Corporation) C:\Windows\system32\tracerpt.exe 2015-05-13 14:10 - 2015-04-27 21:22 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe 2015-05-13 14:10 - 2015-04-27 21:22 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe 2015-05-13 14:10 - 2015-04-27 21:22 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe 2015-05-13 14:10 - 2015-04-27 21:22 - 00104448 _____ (Microsoft Corporation) C:\Windows\system32\logman.exe 2015-05-13 14:10 - 2015-04-27 21:22 - 00047104 _____ (Microsoft Corporation) C:\Windows\system32\typeperf.exe 2015-05-13 14:10 - 2015-04-27 21:22 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\relog.exe 2015-05-13 14:10 - 2015-04-27 21:22 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe 2015-05-13 14:10 - 2015-04-27 21:22 - 00019456 _____ (Microsoft Corporation) C:\Windows\system32\diskperf.exe 2015-05-13 14:10 - 2015-04-27 21:21 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe 2015-05-13 14:10 - 2015-04-27 21:18 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll 2015-05-13 14:10 - 2015-04-27 21:18 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll 2015-05-13 14:10 - 2015-04-27 21:16 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll 2015-05-13 14:10 - 2015-04-27 21:16 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll 2015-05-13 14:10 - 2015-04-27 21:16 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll 2015-05-13 14:10 - 2015-04-27 21:16 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll 2015-05-13 14:10 - 2015-04-27 21:16 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll 2015-05-13 14:10 - 2015-04-27 21:16 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll 2015-05-13 14:10 - 2015-04-27 21:16 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll 2015-05-13 14:10 - 2015-04-27 21:16 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll 2015-05-13 14:10 - 2015-04-27 21:16 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll 2015-05-13 14:10 - 2015-04-27 21:16 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll 2015-05-13 14:10 - 2015-04-27 21:16 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll 2015-05-13 14:10 - 2015-04-27 21:16 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll 2015-05-13 14:10 - 2015-04-27 21:16 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll 2015-05-13 14:10 - 2015-04-27 21:16 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll 2015-05-13 14:10 - 2015-04-27 21:16 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll 2015-05-13 14:10 - 2015-04-27 21:16 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll 2015-05-13 14:10 - 2015-04-27 21:16 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll 2015-05-13 14:10 - 2015-04-27 21:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll 2015-05-13 14:10 - 2015-04-27 21:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll 2015-05-13 14:10 - 2015-04-27 21:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll 2015-05-13 14:10 - 2015-04-27 21:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll 2015-05-13 14:10 - 2015-04-27 21:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll 2015-05-13 14:10 - 2015-04-27 21:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll 2015-05-13 14:10 - 2015-04-27 21:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll 2015-05-13 14:10 - 2015-04-27 21:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll 2015-05-13 14:10 - 2015-04-27 21:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll 2015-05-13 14:10 - 2015-04-27 21:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll 2015-05-13 14:10 - 2015-04-27 21:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll 2015-05-13 14:10 - 2015-04-27 21:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll 2015-05-13 14:10 - 2015-04-27 21:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll 2015-05-13 14:10 - 2015-04-27 21:11 - 03989440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe 2015-05-13 14:10 - 2015-04-27 21:11 - 03934144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe 2015-05-13 14:10 - 2015-04-27 21:08 - 01310744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll 2015-05-13 14:10 - 2015-04-27 21:05 - 00635392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdh.dll 2015-05-13 14:10 - 2015-04-27 21:05 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll 2015-05-13 14:10 - 2015-04-27 21:05 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll 2015-05-13 14:10 - 2015-04-27 21:05 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll 2015-05-13 14:10 - 2015-04-27 21:05 - 00092160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sechost.dll 2015-05-13 14:10 - 2015-04-27 21:05 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll 2015-05-13 14:10 - 2015-04-27 21:05 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll 2015-05-13 14:10 - 2015-04-27 21:05 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll 2015-05-13 14:10 - 2015-04-27 21:05 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll 2015-05-13 14:10 - 2015-04-27 21:04 - 00641536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll 2015-05-13 14:10 - 2015-04-27 21:04 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll 2015-05-13 14:10 - 2015-04-27 21:04 - 00364544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tracerpt.exe 2015-05-13 14:10 - 2015-04-27 21:04 - 00082944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\logman.exe 2015-05-13 14:10 - 2015-04-27 21:04 - 00040448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\typeperf.exe 2015-05-13 14:10 - 2015-04-27 21:04 - 00037888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\relog.exe 2015-05-13 14:10 - 2015-04-27 21:04 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe 2015-05-13 14:10 - 2015-04-27 21:04 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll 2015-05-13 14:10 - 2015-04-27 21:03 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll 2015-05-13 14:10 - 2015-04-27 21:03 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll 2015-05-13 14:10 - 2015-04-27 21:03 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll 2015-05-13 14:10 - 2015-04-27 21:03 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe 2015-05-13 14:10 - 2015-04-27 21:03 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\diskperf.exe 2015-05-13 14:10 - 2015-04-27 21:03 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll 2015-05-13 14:10 - 2015-04-27 21:01 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll 2015-05-13 14:10 - 2015-04-27 21:01 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll 2015-05-13 14:10 - 2015-04-27 20:59 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll 2015-05-13 14:10 - 2015-04-27 20:59 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll 2015-05-13 14:10 - 2015-04-27 20:59 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll 2015-05-13 14:10 - 2015-04-27 20:59 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll 2015-05-13 14:10 - 2015-04-27 20:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll 2015-05-13 14:10 - 2015-04-27 20:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll 2015-05-13 14:10 - 2015-04-27 20:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll 2015-05-13 14:10 - 2015-04-27 20:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll 2015-05-13 14:10 - 2015-04-27 20:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll 2015-05-13 14:10 - 2015-04-27 20:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll 2015-05-13 14:10 - 2015-04-27 20:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll 2015-05-13 14:10 - 2015-04-27 20:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll 2015-05-13 14:10 - 2015-04-27 20:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll 2015-05-13 14:10 - 2015-04-27 20:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll 2015-05-13 14:10 - 2015-04-27 20:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll 2015-05-13 14:10 - 2015-04-27 20:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll 2015-05-13 14:10 - 2015-04-27 20:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll 2015-05-13 14:10 - 2015-04-27 20:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll 2015-05-13 14:10 - 2015-04-27 20:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll 2015-05-13 14:10 - 2015-04-27 20:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll 2015-05-13 14:10 - 2015-04-27 20:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll 2015-05-13 14:10 - 2015-04-27 20:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll 2015-05-13 14:10 - 2015-04-27 20:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll 2015-05-13 14:10 - 2015-04-27 20:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll 2015-05-13 14:10 - 2015-04-27 20:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll 2015-05-13 14:10 - 2015-04-27 20:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll 2015-05-13 14:10 - 2015-04-27 20:06 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\UtcResources.dll 2015-05-13 14:10 - 2015-04-27 19:57 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe 2015-05-13 14:10 - 2015-04-27 19:57 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe 2015-05-13 14:10 - 2015-04-27 19:55 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll 2015-05-13 14:10 - 2015-04-27 19:55 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll 2015-05-13 14:10 - 2015-04-27 19:55 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll 2015-05-13 14:10 - 2015-04-27 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll 2015-05-13 14:10 - 2015-04-20 05:17 - 01647104 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll 2015-05-13 14:10 - 2015-04-20 05:17 - 01179136 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll 2015-05-13 14:10 - 2015-04-20 04:56 - 01250816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll 2015-05-13 14:10 - 2015-04-20 04:11 - 03204608 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys 2015-05-13 14:10 - 2015-04-13 05:28 - 00328704 _____ (Microsoft Corporation) C:\Windows\system32\services.exe 2015-05-13 14:10 - 2015-04-08 05:29 - 00275456 _____ (Microsoft Corporation) C:\Windows\system32\InkEd.dll 2015-05-13 14:10 - 2015-04-08 05:29 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\jnwmon.dll 2015-05-13 14:10 - 2015-04-08 05:14 - 00216064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\InkEd.dll 2015-05-13 14:10 - 2015-03-04 06:41 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\apphelp.dll 2015-05-13 14:10 - 2015-03-04 06:41 - 00072192 _____ (Microsoft Corporation) C:\Windows\system32\aelupsvc.dll 2015-05-13 14:10 - 2015-03-04 06:41 - 00023552 _____ (Microsoft Corporation) C:\Windows\system32\sdbinst.exe 2015-05-13 14:10 - 2015-03-04 06:41 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\shimeng.dll 2015-05-13 14:10 - 2015-03-04 06:11 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shimeng.dll 2015-05-13 14:10 - 2015-03-04 06:10 - 00295936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apphelp.dll 2015-05-13 14:10 - 2015-03-04 06:10 - 00020992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sdbinst.exe 2015-05-13 14:10 - 2015-02-18 09:06 - 00123904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\poqexec.exe 2015-05-13 14:10 - 2015-02-18 09:04 - 00142336 _____ (Microsoft Corporation) C:\Windows\system32\poqexec.exe 2015-05-13 14:10 - 2015-01-29 05:19 - 02543104 _____ (Microsoft Corporation) C:\Windows\system32\wpdshext.dll 2015-05-13 14:10 - 2015-01-29 05:02 - 02311168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wpdshext.dll 2015-05-11 16:45 - 2015-05-11 16:45 - 00520724 _____ () C:\Users\Nicholas\Downloads\milkdrop_104.exe 2015-05-11 16:45 - 2015-05-11 16:45 - 00520724 _____ () C:\Users\Nicholas\Downloads\milkdrop_104 (1).exe 2015-05-11 16:45 - 2015-05-11 16:45 - 00000000 ____D () C:\Users\Nicholas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Winamp 2015-05-11 16:34 - 2015-05-11 16:34 - 36088824 _____ (DVDVideoSoft Ltd. ) C:\Users\Nicholas\Downloads\FreeYouTubeToMP3Converter_3.12.59.505.exe 2015-05-10 12:41 - 2015-05-10 12:41 - 00289110 _____ () C:\Windows\msxml4-KB973688-enu.LOG 2015-05-10 12:40 - 2015-05-10 12:41 - 00292902 _____ () C:\Windows\msxml4-KB954430-enu.LOG 2015-05-10 12:40 - 2015-05-10 12:40 - 00000000 ____D () C:\Program Files (x86)\MSXML 4.0 2015-05-09 18:44 - 2015-05-09 20:28 - 00000000 ____D () C:\Users\Nicholas\Desktop\Screenshots 2015-05-09 18:43 - 2015-05-19 19:53 - 00000000 ___RD () C:\Users\Nicholas\Desktop\Programme 2015-05-09 18:35 - 2015-05-09 18:35 - 06237419 _____ () C:\Users\Nicholas\Downloads\HP_Dock_Icon_Set_by_MediaDesign.zip 2015-05-09 18:17 - 2015-05-09 18:17 - 00000000 ____D () C:\Users\Nicholas\Documents\Pinnacle Studio 2015-05-09 18:16 - 2015-05-09 18:16 - 00001194 _____ () C:\Users\Nicholas\Desktop\Pinnacle Studio 12.lnk 2015-05-09 18:16 - 2015-05-09 18:16 - 00000000 ____D () C:\Users\Nicholas\AppData\Local\Downloaded Installations 2015-05-09 18:16 - 2015-05-09 18:16 - 00000000 ____D () C:\ProgramData\Pinnacle Studio 2015-05-09 18:16 - 2015-05-09 18:16 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Pinnacle Studio 12 2015-05-09 18:15 - 2015-05-23 00:02 - 00000000 ____D () C:\Users\Public\Documents\Pinnacle 2015-05-09 18:15 - 2015-05-09 18:15 - 00000000 ____D () C:\Users\Public\Documents\My Projects 2015-05-09 18:15 - 2015-05-09 18:15 - 00000000 ____D () C:\ProgramData\Studio 12 2015-05-09 18:15 - 2015-05-09 18:15 - 00000000 ____D () C:\ProgramData\Pinnacle Studio Plus 2015-05-09 18:15 - 2015-05-09 18:15 - 00000000 ____D () C:\Program Files (x86)\Pinnacle 2015-05-09 18:11 - 2015-05-24 11:00 - 00000349 _____ () C:\Users\Public\Documents\PCLECHAL.INI 2015-05-09 18:10 - 2015-05-09 18:15 - 00000000 ____D () C:\ProgramData\Pinnacle 2015-05-09 17:28 - 2015-05-09 17:28 - 00000000 ____D () C:\Users\Nicholas\AppData\Roaming\MonkeyJam 2015-05-09 17:27 - 2015-05-09 17:27 - 01397331 _____ (GiantScreamingRobotMonkeys ) C:\Users\Nicholas\Downloads\MonkeyJamSetup_3.0.exe 2015-05-09 17:27 - 2015-05-09 17:27 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MonkeyJam 2015-05-09 17:27 - 2015-05-09 17:27 - 00000000 ____D () C:\Program Files (x86)\MonkeyJam 2015-05-09 17:27 - 2005-02-27 17:11 - 00424960 _____ () C:\Windows\SysWOW64\wavdest.ax 2015-05-09 17:19 - 2015-05-23 00:02 - 00000000 ____D () C:\Users\Nicholas\AppData\Local\CANON_INC 2015-05-09 17:19 - 2015-05-09 17:19 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_User_WpdMtpDr_01_09_00.Wdf 2015-05-09 17:13 - 2015-05-09 17:13 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon Utilities 2015-05-09 17:13 - 2015-05-09 17:13 - 00000000 ____D () C:\Program Files (x86)\Canon 2015-05-09 17:10 - 2015-05-09 17:22 - 00000000 ____D () C:\Users\Nicholas\AppData\Roaming\canon 2015-05-09 17:09 - 2015-05-09 17:09 - 00000000 ____D () C:\ProgramData\Canon_Inc_IC 2015-05-09 16:42 - 2015-05-09 17:02 - 189130990 _____ () C:\Users\Nicholas\Downloads\ksd291a_installer.zip 2015-05-09 16:38 - 2015-05-09 16:39 - 99114785 _____ () C:\Users\Nicholas\Downloads\euw2.14.20-updater.zip 2015-05-09 16:29 - 2015-05-09 16:38 - 17655158 _____ () C:\Users\Nicholas\Downloads\64bit_Tablet_Drvr_Win7_v3.46.zip 2015-05-08 17:56 - 2015-05-24 11:03 - 00000000 ____D () C:\Users\Nicholas\AppData\Roaming\Spotify 2015-05-08 17:56 - 2015-05-24 10:59 - 00000000 ____D () C:\Users\Nicholas\AppData\Local\Spotify 2015-05-08 17:56 - 2015-05-08 17:56 - 00155296 _____ (Spotify Ltd) C:\Users\Nicholas\Downloads\SpotifySetup.exe 2015-05-08 17:56 - 2015-05-08 17:56 - 00001782 _____ () C:\Users\Nicholas\Desktop\Spotify.lnk 2015-05-08 17:56 - 2015-05-08 17:56 - 00001768 _____ () C:\Users\Nicholas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Spotify.lnk 2015-05-07 19:59 - 2015-05-07 19:59 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ESET 2015-05-07 19:59 - 2015-05-07 19:59 - 00000000 ____D () C:\ProgramData\ESET 2015-05-07 19:59 - 2015-05-07 19:59 - 00000000 ____D () C:\Program Files\ESET 2015-04-30 14:52 - 2015-04-30 14:52 - 00003142 _____ () C:\Windows\System32\Tasks\{3F85D897-4F26-4E10-B7A6-52A686301753} 2015-04-30 14:52 - 2015-04-30 14:52 - 00000000 ____D () C:\Program Files\PSCS2 2015-04-30 14:49 - 2015-04-30 14:49 - 12447744 _____ () C:\Users\Nicholas\Downloads\ps902.exe 2015-04-28 14:34 - 2015-04-28 14:34 - 00000000 ____D () C:\Users\Default\AppData\Local\Microsoft Help 2015-04-28 14:34 - 2015-04-28 14:34 - 00000000 ____D () C:\Users\Default User\AppData\Local\Microsoft Help ==================== One Month Modified files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2015-05-24 12:56 - 2015-04-02 18:06 - 00000000 ____D () C:\Users\Nicholas\AppData\Roaming\Skype 2015-05-24 12:32 - 2015-03-23 23:17 - 00001110 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2015-05-24 11:40 - 2011-04-12 09:43 - 00699092 _____ () C:\Windows\system32\perfh007.dat 2015-05-24 11:40 - 2011-04-12 09:43 - 00149232 _____ () C:\Windows\system32\perfc007.dat 2015-05-24 11:40 - 2009-07-14 07:13 - 01619284 _____ () C:\Windows\system32\PerfStringBackup.INI 2015-05-24 11:18 - 2009-07-14 06:45 - 00021984 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2015-05-24 11:18 - 2009-07-14 06:45 - 00021984 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2015-05-24 11:14 - 2015-03-23 22:52 - 01965751 _____ () C:\Windows\WindowsUpdate.log 2015-05-24 11:13 - 2015-04-09 19:38 - 00000000 ___RD () C:\Users\Nicholas\Dropbox 2015-05-24 11:13 - 2015-04-09 19:32 - 00000000 ____D () C:\Users\Nicholas\AppData\Roaming\Dropbox 2015-05-24 10:58 - 2015-03-24 01:00 - 00000000 ____D () C:\Program Files (x86)\Steam 2015-05-24 10:58 - 2015-03-23 23:17 - 00001106 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2015-05-24 10:58 - 2009-07-14 04:34 - 00000418 _____ () C:\Windows\win.ini 2015-05-24 10:57 - 2010-11-21 05:47 - 00042678 _____ () C:\Windows\PFRO.log 2015-05-24 10:57 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT 2015-05-24 10:57 - 2009-07-14 06:51 - 00003213 _____ () C:\Windows\setupact.log 2015-05-23 22:39 - 2009-07-14 05:20 - 00000000 ____D () C:\Program Files\Common Files\Microsoft Shared 2015-05-23 22:37 - 2015-03-24 01:11 - 00046143 _____ () C:\Windows\DirectX.log 2015-05-23 20:14 - 2015-04-02 18:06 - 00001241 _____ () C:\Users\Public\Desktop\DVDVideoSoft Free Studio.lnk 2015-05-23 20:14 - 2015-04-02 18:06 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft 2015-05-23 20:14 - 2015-04-02 18:05 - 00000000 ____D () C:\Users\Nicholas\AppData\Roaming\DVDVideoSoft 2015-05-23 20:14 - 2015-04-02 18:05 - 00000000 ____D () C:\Program Files (x86)\Free Codec Pack 2015-05-23 20:14 - 2015-04-02 18:05 - 00000000 ____D () C:\Program Files (x86)\DVDVideoSoft 2015-05-23 20:08 - 2015-03-29 22:54 - 00003954 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{BB441867-D8F6-4A6A-ACF0-D65699A09A29} 2015-05-23 00:02 - 2015-04-04 14:45 - 00000000 ___SD () C:\Windows\SysWOW64\GWX 2015-05-23 00:02 - 2015-04-04 14:45 - 00000000 ___SD () C:\Windows\system32\GWX 2015-05-23 00:02 - 2015-04-03 12:38 - 00000000 ____D () C:\Users\Nicholas\AppData\Local\Akamai 2015-05-23 00:02 - 2015-04-03 12:26 - 00000000 ____D () C:\Users\Nicholas\AppData\Roaming\Autodesk 2015-05-23 00:02 - 2015-04-03 10:39 - 00000000 ____D () C:\ProgramData\Tablet 2015-05-23 00:02 - 2015-03-24 00:58 - 00000000 ____D () C:\Users\Nicholas\AppData\Roaming\Winamp 2015-05-23 00:02 - 2015-03-23 23:17 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome 2015-05-23 00:02 - 2015-03-23 22:52 - 00000000 ____D () C:\Users\Nicholas\AppData\Local\VirtualStore 2015-05-23 00:02 - 2015-03-23 22:52 - 00000000 ____D () C:\Users\Nicholas 2015-05-22 22:31 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\registration 2015-05-22 21:22 - 2015-04-14 15:17 - 00000080 _____ () C:\Users\Nicholas\AppData\Local剜捯獫慴慇敭屳呇⁁屖湥楴汴浥湥湩潦 2015-05-22 21:16 - 2015-03-24 00:39 - 00000000 ____D () C:\Windows\system32\appmgmt 2015-05-22 20:39 - 2009-07-14 06:51 - 00000000 _____ () C:\Windows\setuperr.log 2015-05-22 19:20 - 2015-03-24 01:11 - 00000000 ____D () C:\ProgramData\Epic 2015-05-22 18:34 - 2015-03-23 23:17 - 00002175 _____ () C:\Users\Public\Desktop\Google Chrome.lnk 2015-05-18 23:39 - 2015-04-07 19:26 - 00000000 ____D () C:\Users\Nicholas\AppData\Roaming\TS3Client 2015-05-18 18:28 - 2015-03-24 01:59 - 00000000 ___RD () C:\Users\Nicholas\Desktop\Games 2015-05-16 14:27 - 2015-03-23 23:17 - 00004106 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA 2015-05-16 14:27 - 2015-03-23 23:17 - 00003854 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore 2015-05-14 15:50 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache 2015-05-14 11:41 - 2009-07-14 06:45 - 00409912 _____ () C:\Windows\system32\FNTCACHE.DAT 2015-05-14 11:39 - 2011-04-12 09:55 - 00000000 ____D () C:\Program Files\Windows Journal 2015-05-14 11:39 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\AdvancedInstallers 2015-05-13 21:18 - 2015-04-06 15:12 - 00000000 ____D () C:\ProgramData\Microsoft Help 2015-05-12 15:26 - 2015-04-09 19:33 - 00000988 _____ () C:\Users\Nicholas\Desktop\Dropbox.lnk 2015-05-12 15:26 - 2015-04-09 19:33 - 00000000 ____D () C:\Users\Nicholas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox 2015-05-11 16:45 - 2015-03-24 00:58 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Winamp 2015-05-11 16:45 - 2015-03-24 00:58 - 00000000 ____D () C:\Program Files (x86)\Winamp 2015-05-11 16:35 - 2015-04-02 18:06 - 00001532 _____ () C:\Users\Public\Desktop\Free YouTube to MP3 Converter.lnk 2015-05-09 18:17 - 2015-03-23 23:16 - 00117456 _____ () C:\Users\Nicholas\AppData\Local\GDIPFONTCACHEV1.DAT 2015-05-07 19:27 - 2015-04-02 19:27 - 00000000 ____D () C:\Program Files (x86)\Overwolf 2015-05-03 21:19 - 2015-04-02 18:06 - 00000000 ____D () C:\ProgramData\Skype 2015-04-30 14:52 - 2015-03-23 23:24 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information ==================== Files in the root of some directories ======= 2015-05-24 01:39 - 2015-05-24 03:30 - 0008704 _____ () C:\Users\Nicholas\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini 2015-03-31 18:56 - 2015-03-31 18:56 - 0002647 _____ () C:\Users\Nicholas\AppData\Local\recently-used.xbel 2015-04-01 16:14 - 2015-04-01 16:14 - 0000057 _____ () C:\ProgramData\Ament.ini Some files in TEMP: ==================== C:\Users\Nicholas\AppData\Local\Temp\AcDeltree.exe C:\Users\Nicholas\AppData\Local\Temp\drm_dialogs.dll C:\Users\Nicholas\AppData\Local\Temp\drm_dyndata_7390006.dll C:\Users\Nicholas\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpgpu6n0.dll C:\Users\Nicholas\AppData\Local\Temp\FNP_ACT_InstallerCA.dll C:\Users\Nicholas\AppData\Local\Temp\InstHelper.exe C:\Users\Nicholas\AppData\Local\Temp\ose00000.exe C:\Users\Nicholas\AppData\Local\Temp\Quarantine.exe C:\Users\Nicholas\AppData\Local\Temp\raptrpatch.exe C:\Users\Nicholas\AppData\Local\Temp\raptr_stub.exe C:\Users\Nicholas\AppData\Local\Temp\sqlite3.dll C:\Users\Nicholas\AppData\Local\Temp\tmpD651.exe ==================== Bamital & volsnap Check ================= (There is no automatic fix for files that do not pass verification.) C:\Windows\System32\winlogon.exe => File is digitally signed C:\Windows\System32\wininit.exe => File is digitally signed C:\Windows\SysWOW64\wininit.exe => File is digitally signed C:\Windows\explorer.exe => File is digitally signed C:\Windows\SysWOW64\explorer.exe => File is digitally signed C:\Windows\System32\svchost.exe => File is digitally signed C:\Windows\SysWOW64\svchost.exe => File is digitally signed C:\Windows\System32\services.exe => File is digitally signed C:\Windows\System32\User32.dll => File is digitally signed C:\Windows\SysWOW64\User32.dll => File is digitally signed C:\Windows\System32\userinit.exe => File is digitally signed C:\Windows\SysWOW64\userinit.exe => File is digitally signed C:\Windows\System32\rpcss.dll => File is digitally signed C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2015-05-14 15:42 ==================== End of log ============================kann die addition.txt leider nicht durchführen. während dem scan steht irgendwann keine rückmeldung mehr beim frst. Additional scan result of Farbar Recovery Scan Tool (x64) Version: 24-05-2015 Ran by Nicholas at 2015-05-24 21:32:44 Running from C:\Users\Nicholas\Downloads Boot Mode: Normal ========================================================== ==================== Accounts: ============================= Administrator (S-1-5-21-2275286783-360671132-1705877350-500 - Administrator - Disabled) Gast (S-1-5-21-2275286783-360671132-1705877350-501 - Limited - Disabled) Nicholas (S-1-5-21-2275286783-360671132-1705877350-1000 - Administrator - Enabled) => C:\Users\Nicholas ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: ESET Smart Security 8.0 (Enabled - Up to date) {19259FAE-8396-A113-46DB-15B0E7DFA289} AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: ESET Smart Security 8.0 (Enabled - Up to date) {A2447E4A-A5AC-AE9D-7C6B-2EC29C58E834} FW: ESET Personal Firewall (Enabled) {211E1E8B-C9F9-A04B-6D84-BC85190CE5F2} ==================== Installed Programs ====================== (Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 1.0.4990 - Adobe Systems Inc.) Adobe Photoshop CS2 (HKLM-x32\...\Adobe Photoshop CS2 - {236BB7C4-4419-42FD-0407-1E257A25E34D}) (Version: 9.0 - Adobe Systems, Inc.) Adobe Reader 9 (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-A90000000001}) (Version: 9.0.0 - Adobe Systems Incorporated) Akamai NetSession Interface (HKU\S-1-5-21-2275286783-360671132-1705877350-1000\...\Akamai) (Version: - Akamai Technologies, Inc) AMD Catalyst Install Manager (HKLM\...\{F2A7CE36-57BF-5C86-952D-90DBF3746D82}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.) Autodesk 3ds Max 2015 (HKLM\...\Autodesk 3ds Max 2015) (Version: 17.1.149.0 - Autodesk) Autodesk 3ds Max 2015 (Version: 17.1.149.0 - Autodesk) Hidden Autodesk 3ds Max 2015 Populate Data (HKLM\...\{57E92DED-DC6C-41E5-B9E1-76D83BD2EABE}) (Version: 17.0.0.0 - Autodesk) Autodesk 3ds Max 2015 SP1 (HKLM\...\Autodesk 3ds Max 2015 SP1) (Version: 17.1.149.0 - Autodesk) Autodesk Application Manager (HKLM-x32\...\Autodesk Application Manager) (Version: 4.0.69.0 - Autodesk) Autodesk Backburner 2015 (HKLM-x32\...\{8C5F38D2-8EFE-49A4-B3F5-BF3210FED168}) (Version: 15.0.0.0 - Autodesk) Autodesk DirectConnect 2015 64-bit (HKLM\...\Autodesk DirectConnect 2015 64-bit) (Version: 9.0.56.4 - Autodesk) Autodesk DirectConnect 2015 64-bit (Version: 9.0.56.4 - Autodesk) Hidden Autodesk DirectConnect 2015 64-bit Hotfix1 (HKLM\...\Autodesk DirectConnect 2015 64-bit_9001) (Version: 9.0.56.4 - Autodesk) Autodesk Inventor Server Engine for 3ds Max 2015 (HKLM\...\{9167CA34-4E48-49E3-8892-3C439739D2D3}) (Version: 17.0.2 - Autodesk) Autodesk Material Library 2015 (HKLM-x32\...\{427F733F-4D6C-45BC-9324-EB743104C321}) (Version: 5.2.9.100 - Autodesk) Autodesk Material Library Base Resolution Image Library 2015 (HKLM-x32\...\{ABE2F70B-8D94-44E9-AA04-F0DB35063D62}) (Version: 5.2.9.100 - Autodesk) Autodesk Material Library Medium Resolution Image Library 2015 (HKLM-x32\...\{9F6466D9-6EFC-4A10-B931-C72D1A3F1763}) (Version: 5.2.9.100 - Autodesk) Autodesk Revit Interoperability for 3ds Max 2015 (HKLM\...\Autodesk Revit Interoperability for 3ds Max 2015) (Version: 15.0.166.0 - Autodesk) Autodesk Revit Interoperability for 3ds Max 2015 (Version: 15.0.166.0 - Autodesk) Hidden Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment) Battlefield 3™ (HKLM-x32\...\{76285C16-411A-488A-BCE3-C83CB933D8CF}) (Version: 1.6.0.0 - Electronic Arts) Blender (HKLM\...\Blender) (Version: 2.73a - Blender Foundation) Canon Utilities Digital Photo Professional (HKLM-x32\...\Digital Photo Professional) (Version: 3.14.40.0 - Canon Inc.) Canon Utilities EOS Utility 2 (HKLM-x32\...\EOS Utility 2) (Version: 2.14.10.2 - Canon Inc.) Crazybump (remove only) (HKLM-x32\...\Crazybump) (Version: - ) D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden Dragonframe (HKLM-x32\...\{C304B867-DF9F-4F30-8CCE-ACB9815BB1A2}) (Version: 3.6.3 - DZED Systems LLC) Dropbox (HKU\S-1-5-21-2275286783-360671132-1705877350-1000\...\Dropbox) (Version: 3.4.6 - Dropbox, Inc.) Epic Games Launcher (HKLM\...\{325AC861-EDAF-440B-97DD-259906E216D3}) (Version: 1.1.24.0 - Epic Games, Inc.) ESET Smart Security (HKLM\...\{7BB8ADC6-BA3A-4757-9BE8-4485C651C99C}) (Version: 8.0.312.3 - ESET, spol s r. o.) Fotogalerie (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden Free YouTube Download version 3.2.58.505 (HKLM-x32\...\Free YouTube Download_is1) (Version: 3.2.58.505 - DVDVideoSoft Ltd.) Free YouTube to MP3 Converter version 3.12.59.505 (HKLM-x32\...\Free YouTube to MP3 Converter_is1) (Version: 3.12.59.505 - DVDVideoSoft Ltd.) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 43.0.2357.65 - Google Inc.) Google Update Helper (x32 Version: 1.3.21.115 - Google Inc.) Hidden Google Update Helper (x32 Version: 1.3.27.5 - Google Inc.) Hidden Grand Theft Auto V (HKLM-x32\...\{E01FA564-2094-4833-8F2F-1FFEC6AFCC46}) (Version: "1.00.0000" - Rockstar Games) HP Officejet 6600 - Grundlegende Software für das Gerät (HKLM\...\{F58934BD-F483-43EB-B307-CFFD88B18455}) (Version: 28.0.1315.0 - Hewlett-Packard Co.) HP Update (HKLM-x32\...\{6F1C00D2-25C2-4CBA-8126-AE9A6E2E9CD5}) (Version: 5.003.003.001 - Hewlett-Packard) I.R.I.S. OCR (HKLM-x32\...\{CA6BCA2F-EDEB-408F-850B-31404BE16A61}) (Version: 12.3.4.0 - HP) Intel(R) Network Connections 18.5.54.0 (HKLM\...\PROSetDX) (Version: 18.5.54.0 - Intel) Microsoft .NET Framework 4.5 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50709 - Microsoft Corporation) Microsoft Office Home and Student 2010 (HKLM-x32\...\Office14.SingleImage) (Version: 14.0.7015.1000 - Microsoft Corporation) Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation) Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation) MilkDrop for Winamp 2x (remove only) (HKLM-x32\...\vis_milk.dllWinamp) (Version: - ) MonkeyJam 3_050529 (HKLM-x32\...\MonkeyJam_is1) (Version: - GiantScreamingRobotMonkeys) Movie Maker (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation) MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation) Origin (HKLM-x32\...\Origin) (Version: 9.5.5.2850 - Electronic Arts, Inc.) Overwolf (HKLM-x32\...\Overwolf) (Version: 0.85.190.0 - Overwolf Ltd.) Pinnacle Studio 12 (HKLM-x32\...\{D041EB9E-890A-4098-8F94-51DA194AC72A}) (Version: 12.1.3.6605 - Pinnacle Systems) Pinnacle Video Treiber (HKLM\...\{6DE721A5-5E89-4D74-994C-652BB3C0672E}) (Version: 12.1.0.029 - Pinnacle Systems) PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.991 - Even Balance, Inc.) Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group) Robocraft (HKLM-x32\...\Steam App 301520) (Version: - Freejam) Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.1.5.8 - Rockstar Games) Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft) Skype™ 7.4 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.4.102 - Skype Technologies S.A.) Spotify (HKU\S-1-5-21-2275286783-360671132-1705877350-1000\...\Spotify) (Version: 1.0.5.186.ga9c24d6a - Spotify AB) StarCraft II (HKLM-x32\...\StarCraft II) (Version: - Blizzard Entertainment) Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation) TAP-Windows 9.9.2 (HKLM\...\TAP-Windows) (Version: 9.9.2 - ) TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.16 - TeamSpeak Systems GmbH) The Forest (HKLM-x32\...\Steam App 242760) (Version: - Endnight Games Ltd) Uplay (HKLM-x32\...\Uplay) (Version: 5.1 - Ubisoft) USB Tablet Manager (HKLM\...\RmTablet) (Version: 5.05 - ) VC_CRT_x64 (Version: 1.02.0000 - Intel Corporation) Hidden Winamp (HKLM-x32\...\Winamp) (Version: 5.666 - Nullsoft, Inc) Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3508.0205 - Microsoft Corporation) WinRAR 5.21 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH) ==================== Custom CLSID (Whitelisted): ========================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) CustomCLSID: HKU\S-1-5-21-2275286783-360671132-1705877350-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Nicholas\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-2275286783-360671132-1705877350-1000_Classes\CLSID\{073CB204-6B29-46FC-AB98-451F1D068741}\InprocServer32 -> C:\Program Files\Autodesk\3ds Max 2015\Inventor Server\Bin\TestServer.dll No File CustomCLSID: HKU\S-1-5-21-2275286783-360671132-1705877350-1000_Classes\CLSID\{8C23B656-4E6E-4B45-9920-9617168D39A3}\InprocServer32 -> C:\Program Files\Autodesk\3ds Max 2015\Inventor Server\Bin\TestServer.dll No File CustomCLSID: HKU\S-1-5-21-2275286783-360671132-1705877350-1000_Classes\CLSID\{AB246BE9-1623-4A84-ABDA-CFF4D4A273CB}\InprocServer32 -> C:\Windows\system32\kernel32.dll (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-2275286783-360671132-1705877350-1000_Classes\CLSID\{D45F043D-F17F-4e8a-8435-70971D9FA46D}\InprocServer32 -> C:\Program Files\Blender Foundation\Blender\BlendThumb64.dll () CustomCLSID: HKU\S-1-5-21-2275286783-360671132-1705877350-1000_Classes\CLSID\{E5B0515D-48D2-4F04-906D-0192ED65A2DD}\InprocServer32 -> C:\Program Files\Autodesk\3ds Max 2015\Inventor Server\Bin\TestServer.dll No File CustomCLSID: HKU\S-1-5-21-2275286783-360671132-1705877350-1000_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\Nicholas\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-2275286783-360671132-1705877350-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Nicholas\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-2275286783-360671132-1705877350-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Nicholas\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-2275286783-360671132-1705877350-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Nicholas\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-2275286783-360671132-1705877350-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Nicholas\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-2275286783-360671132-1705877350-1000_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Nicholas\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-2275286783-360671132-1705877350-1000_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Nicholas\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-2275286783-360671132-1705877350-1000_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Nicholas\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-2275286783-360671132-1705877350-1000_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Nicholas\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.) ==================== Restore Points ========================= 20-05-2015 23:12:10 Windows Update 21-05-2015 22:55:49 Installed Dragonframe 22-05-2015 19:16:20 Installed Dragonframe 22-05-2015 19:25:47 Removed Dragonframe 22-05-2015 19:33:36 Windows Update 22-05-2015 20:25:12 Removed Dragonframe 22-05-2015 20:30:46 Installed Microsoft Fix it 50123 22-05-2015 21:11:41 Installed Dragonframe 22-05-2015 21:15:53 Removed Dragonframe 22-05-2015 21:49:46 Wiederherstellungsvorgang 23-05-2015 15:26:49 Windows Live Essentials 23-05-2015 15:27:07 DirectX wurde installiert 23-05-2015 15:28:05 DirectX wurde installiert 23-05-2015 15:28:38 DirectX wurde installiert 23-05-2015 15:29:45 WLSetup 23-05-2015 15:32:50 Windows Live Essentials 23-05-2015 15:33:02 WLSetup 23-05-2015 20:12:36 DVDVideoSoftRestorePoint 23-05-2015 22:35:46 Windows Live Essentials 23-05-2015 22:36:27 DirectX wurde installiert 23-05-2015 22:37:07 DirectX wurde installiert 23-05-2015 22:37:44 DirectX wurde installiert 23-05-2015 22:38:53 WLSetup ==================== Hosts content: =============================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts ==================== Scheduled Tasks (Whitelisted) ============= (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) Task: {248F9694-408B-43F1-A814-5E76BA799165} - System32\Tasks\Microsoft\Windows\TabletPC\InputPersonalization => C:\Program Files\Common Files\Microsoft Shared\Ink\InputPersonalization.exe [2009-07-14] (Microsoft Corporation) Task: {4FE9F68F-1F59-488E-AA45-66DCFAA61E05} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfig => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-05-07] (Microsoft Corporation) Task: {741FCC7E-D208-44DA-BB81-01E8EF3093DF} - System32\Tasks\{3F85D897-4F26-4E10-B7A6-52A686301753} => pcalua.exe -a C:\Users\Nicholas\Downloads\ps902.exe -d C:\Users\Nicholas\Downloads Task: {95969D2A-8984-4C8B-96FB-941FA8EB8126} - System32\Tasks\Microsoft\Windows\Setup\gwx\launchtrayprocess => C:\Windows\system32\GWX\GWX.exe [2015-05-07] (Microsoft Corporation) Task: {A2EC7513-849E-4D10-9EC3-F181D6AD2CAF} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-03-23] (Google Inc.) Task: {C4A81694-1746-4C71-842C-9790DA6FF042} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-03-23] (Google Inc.) Task: {CE47A793-852D-4C54-AFA9-84A0C4F3F83B} - System32\Tasks\Overwolf Updater Task => C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [2015-05-04] (Overwolf LTD) Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe ==================== Loaded Modules (Whitelisted) ============== 2015-04-01 17:46 - 2015-04-14 17:49 - 00075136 _____ () C:\Windows\SysWOW64\PnkBstrA.exe 2015-04-01 17:46 - 2015-04-14 17:49 - 00189248 _____ () C:\Windows\SysWOW64\PnkBstrB.exe 2015-04-03 10:39 - 2013-11-12 16:47 - 00582144 _____ () C:\Windows\system32\atwtusb.exe 2015-04-03 10:39 - 2012-09-10 15:54 - 03593728 _____ () C:\Windows\System32\AtwtusbIcon.exe 2015-04-03 13:33 - 2014-12-05 04:27 - 00055688 _____ () C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\QtSolutions_Service-head.dll 2015-04-03 13:33 - 2014-12-05 04:27 - 00104328 _____ () C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\qjson0.dll 2015-03-24 01:02 - 2015-04-16 19:40 - 00776192 _____ () C:\Program Files (x86)\Steam\SDL2.dll 2015-03-24 01:01 - 2015-04-23 04:16 - 04962816 _____ () C:\Program Files (x86)\Steam\v8.dll 2015-03-24 01:01 - 2015-04-23 04:16 - 01556992 _____ () C:\Program Files (x86)\Steam\icui18n.dll 2015-03-24 01:01 - 2015-04-23 04:16 - 01187840 _____ () C:\Program Files (x86)\Steam\icuuc.dll 2015-03-24 01:02 - 2015-05-15 03:58 - 02396352 _____ () C:\Program Files (x86)\Steam\video.dll 2015-03-24 01:01 - 2014-12-01 23:31 - 02396672 _____ () C:\Program Files (x86)\Steam\libavcodec-56.dll 2015-03-24 01:01 - 2014-12-01 23:31 - 00442880 _____ () C:\Program Files (x86)\Steam\libavutil-54.dll 2015-03-24 01:01 - 2014-12-01 23:31 - 00479744 _____ () C:\Program Files (x86)\Steam\libavformat-56.dll 2015-03-24 01:01 - 2014-12-01 23:31 - 00332800 _____ () C:\Program Files (x86)\Steam\libavresample-2.dll 2015-03-24 01:01 - 2014-12-01 23:31 - 00485888 _____ () C:\Program Files (x86)\Steam\libswscale-3.dll 2015-03-24 01:01 - 2015-05-15 03:57 - 00703168 _____ () C:\Program Files (x86)\Steam\bin\chromehtml.DLL 2015-05-08 17:56 - 2015-05-22 20:24 - 41287224 _____ () C:\Users\Nicholas\AppData\Roaming\Spotify\libcef.dll 2015-05-24 21:31 - 2015-05-24 21:31 - 00043008 _____ () c:\users\nicholas\appdata\local\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpc9xwhw.dll 2015-03-04 23:45 - 2015-03-04 23:45 - 00750080 _____ () C:\Users\Nicholas\AppData\Roaming\Dropbox\bin\libGLESv2.dll 2015-03-04 23:45 - 2015-03-04 23:45 - 00047616 _____ () C:\Users\Nicholas\AppData\Roaming\Dropbox\bin\libEGL.dll 2015-03-04 23:45 - 2015-03-04 23:45 - 00865280 _____ () C:\Users\Nicholas\AppData\Roaming\Dropbox\bin\plugins\platforms\qwindows.dll 2015-03-04 23:45 - 2015-03-04 23:45 - 00200704 _____ () C:\Users\Nicholas\AppData\Roaming\Dropbox\bin\plugins\imageformats\qjpeg.dll 2015-03-04 23:45 - 2015-03-04 23:45 - 00010240 _____ () C:\Users\Nicholas\AppData\Roaming\Dropbox\bin\QtQuick.2\qtquick2plugin.dll 2015-03-04 23:45 - 2015-03-04 23:45 - 00726016 _____ () C:\Users\Nicholas\AppData\Roaming\Dropbox\bin\QtQuick\Controls\qtquickcontrolsplugin.dll 2015-03-04 23:45 - 2015-03-04 23:45 - 00010240 _____ () C:\Users\Nicholas\AppData\Roaming\Dropbox\bin\QtQuick\Window.2\windowplugin.dll 2014-08-19 10:41 - 2014-08-19 10:41 - 00507904 _____ () C:\Program Files (x86)\Canon\EOS Utility\EDSDK.dll 2015-05-08 17:56 - 2015-05-22 20:24 - 01488440 _____ () C:\Users\Nicholas\AppData\Roaming\Spotify\libglesv2.dll 2015-05-08 17:56 - 2015-05-22 20:24 - 00079928 _____ () C:\Users\Nicholas\AppData\Roaming\Spotify\libegl.dll 2015-03-24 01:01 - 2015-05-11 21:01 - 36302728 _____ () C:\Program Files (x86)\Steam\bin\libcef.dll 2015-05-24 21:31 - 2014-12-05 04:27 - 00104328 _____ () C:\Users\Nicholas\AppData\Local\Autodesk\.AdskAppManager\R1\qjson0.dll ==================== Alternate Data Streams (Whitelisted) ========= (If an entry is included in the fixlist, only the ADS will be removed.) ==================== Safe Mode (Whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) ==================== EXE Association (Whitelisted) =============== (If an entry is included in the fixlist, the registry item will be restored to default or removed.) ==================== Internet Explorer trusted/restricted =============== (If an entry is included in the fixlist, it will be removed from the registry.) ==================== Other Areas ============================ (Currently there is no automatic fix for this section.) HKU\S-1-5-21-2275286783-360671132-1705877350-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Nicholas\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg DNS Servers: 192.168.178.1 ==================== MSCONFIG/TASK MANAGER Error getting == (Currently there is no automatic fix for this section.) ==================== FirewallRules (Whitelisted) =============== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe FirewallRules: [{F1F4EA72-0B1B-4507-924D-129342440CF7}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe FirewallRules: [{8B92C2A5-C7FD-4185-9ACD-54A18F3A8062}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe FirewallRules: [{C9A4F2DB-D0F1-45CB-803D-AE95AC40B77E}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe FirewallRules: [{36FCC4EB-D2EA-40AA-8F4F-243F7418E117}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe FirewallRules: [{87DCFA4B-250C-45DC-83A9-1B22AD055A82}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe FirewallRules: [{23B78726-33E8-45BC-8407-98364884A746}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe FirewallRules: [{392132BB-1791-404E-A579-0110854CC4FE}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Robocraft\Robocraft.exe FirewallRules: [{863F98F0-782C-4562-B83D-1FE1D6C02E98}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Robocraft\Robocraft.exe FirewallRules: [{8779E9A7-9249-4FE8-B6BA-3BFA64BBCD04}] => (Allow) C:\Program Files (x86)\Crazybump\CrazyBump.exe FirewallRules: [{625D3667-7153-4E55-B386-F6CA862444C9}] => (Allow) C:\Program Files (x86)\Crazybump\CrazyBump.exe FirewallRules: [{4843C6B0-48F3-4F68-ABE9-1CF266CE6505}] => (Allow) C:\Program Files\HP\HP Officejet 6600\bin\FaxApplications.exe FirewallRules: [{B6F386C9-F7F3-4535-8F06-D5BFAEA22B95}] => (Allow) C:\Program Files\HP\HP Officejet 6600\bin\DigitalWizards.exe FirewallRules: [{DA16AF2D-979A-4C41-87DE-A15DC4CDD182}] => (Allow) C:\Program Files\HP\HP Officejet 6600\bin\SendAFax.exe FirewallRules: [{B5AF0729-7751-44FB-9DB0-C1049D664547}] => (Allow) C:\Program Files\HP\HP Officejet 6600\Bin\DeviceSetup.exe FirewallRules: [{8444DDEE-E3B7-4BB7-9631-8A9AA4183F09}] => (Allow) C:\Program Files\HP\HP Officejet 6600\Bin\HPNetworkCommunicator.exe FirewallRules: [{6A73469A-E9EE-4D82-8140-AE2C0293BA0E}] => (Allow) C:\Program Files\HP\HP Officejet 6600\Bin\HPNetworkCommunicatorCom.exe FirewallRules: [{D1F6E24E-65EC-48D1-AB00-BC3F6D5FCFCF}] => (Allow) C:\Program Files (x86)\Activision\Wolfenstein Lite Server\Wolf2MPLite.exe FirewallRules: [{083B04B1-D3E7-427A-9A3D-D96ABA3E9595}] => (Allow) C:\Program Files (x86)\Activision\Wolfenstein Lite Server\Wolf2MPLite.exe FirewallRules: [{8B433CFF-B8F0-40E3-A756-09F145E1D9F7}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe FirewallRules: [{C4EF89FC-6EC8-423B-B0EF-7415A2C4BD00}] => (Allow) C:\Program Files\Autodesk\3ds Max 2015\NVIDIA\Satellite\raysat_3dsmax2015_64server.exe FirewallRules: [{B03ABA76-17F0-4596-9381-0905BA4BCC9C}] => (Allow) C:\Program Files\Autodesk\3ds Max 2015\NVIDIA\Satellite\raysat_3dsmax2015_64server.exe FirewallRules: [{C12E5683-9F8A-4B5D-B3EE-7E96123403E3}] => (Allow) C:\Program Files\Autodesk\3ds Max 2015\NVIDIA\Satellite\raysat_3dsmax2015_64.exe FirewallRules: [{BB1A8BBC-7F45-49BA-8C7A-2F31FB73C4BF}] => (Allow) C:\Program Files\Autodesk\3ds Max 2015\NVIDIA\Satellite\raysat_3dsmax2015_64.exe FirewallRules: [{76198788-4D9F-4284-AC86-78A04562ECAD}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe FirewallRules: [{05626E79-4E39-424A-949E-680730BBC0F3}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe FirewallRules: [{82B11037-3E7A-4DEB-9859-FA013F0DB1F8}] => (Allow) C:\Program Files (x86)\StarCraft II\StarCraft II.exe FirewallRules: [{FBEA6801-54A6-41F6-A1D7-671CA172A7D4}] => (Allow) C:\Program Files (x86)\StarCraft II\StarCraft II.exe FirewallRules: [{3EDC1D8C-0AFD-45EB-8263-9515912DCE6A}] => (Allow) C:\Program Files (x86)\StarCraft II\StarCraft II Public Test.exe FirewallRules: [{E4009726-B639-458C-B86A-5A29EE618D58}] => (Allow) C:\Program Files (x86)\StarCraft II\StarCraft II Public Test.exe FirewallRules: [{FD4E92CC-CEA3-40CE-8380-E6CA3CEB277D}] => (Allow) C:\Program Files (x86)\Raptr\raptr.exe FirewallRules: [{1556E863-16DA-4B74-A14B-2B9E163F615A}] => (Allow) C:\Program Files (x86)\Raptr\raptr.exe FirewallRules: [{F7843ED3-F406-4D32-B232-392D90940478}] => (Allow) C:\Program Files (x86)\Raptr\raptr_im.exe FirewallRules: [{329B536B-E040-4381-B1E8-9D7025ED5376}] => (Allow) C:\Program Files (x86)\Raptr\raptr_im.exe FirewallRules: [{37426397-2EB7-499F-9171-C21C45A8596A}] => (Allow) C:\Users\Nicholas\AppData\Roaming\Dropbox\bin\Dropbox.exe FirewallRules: [{BA53B6CE-3024-4D77-9D93-B93EFC99D871}] => (Allow) C:\Users\Nicholas\AppData\Roaming\Dropbox\bin\Dropbox.exe FirewallRules: [TCP Query User{587F3EFB-C10F-4401-9415-9EC668CD5225}C:\users\nicholas\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\nicholas\appdata\local\akamai\netsession_win.exe FirewallRules: [UDP Query User{B5FD1E4B-4BBA-41A1-BA7F-3202C67CC7ED}C:\users\nicholas\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\nicholas\appdata\local\akamai\netsession_win.exe FirewallRules: [{4F21C2B0-1DF4-404B-8689-F8A174140098}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe FirewallRules: [{3F5AA335-E892-419B-B0CC-AF065D347B1C}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe FirewallRules: [{017A39BC-26E2-40FA-8182-BC82F55FE8F9}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe FirewallRules: [{E7123098-D24B-4A18-9C5D-B44E9AE01D89}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe FirewallRules: [{F39FC580-D37F-41DF-B8C2-1F9AC2848B7E}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 3\bf3.exe FirewallRules: [{AE9F3649-A81C-4920-8E84-8FDC8C0BD901}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 3\bf3.exe FirewallRules: [{CDFCF6BF-40FE-4E8A-8DD1-DA18B8F75670}] => (Allow) C:\Program Files (x86)\Canon\EOS Utility\EOSUPNPSV.exe FirewallRules: [{5E788DA5-C401-44E2-80D8-244AD1D35240}] => (Allow) C:\Program Files (x86)\Canon\EOS Utility\EOSUPNPSV.exe FirewallRules: [{A9B2A7AB-014A-4EBB-9D09-B0C555656EF3}] => (Allow) C:\Program Files (x86)\Pinnacle\Studio 12\Programs\RM.exe FirewallRules: [{E8E55E4E-88F8-423A-8970-206F84EF517F}] => (Allow) C:\Program Files (x86)\Pinnacle\Studio 12\Programs\RM.exe FirewallRules: [{A0C162EB-46C6-4619-B001-B75F90F3B05D}] => (Allow) C:\Program Files (x86)\Pinnacle\Studio 12\Programs\Studio.exe FirewallRules: [{5A86343E-9940-49C8-87B1-C060F3DE48F6}] => (Allow) C:\Program Files (x86)\Pinnacle\Studio 12\Programs\Studio.exe FirewallRules: [{F0765D18-C2A2-4FC4-86A7-EA2E10F447B0}] => (Allow) C:\Program Files (x86)\Pinnacle\Studio 12\Programs\umi.exe FirewallRules: [{07C31804-637D-42BA-8EE8-252479398440}] => (Allow) C:\Program Files (x86)\Pinnacle\Studio 12\Programs\umi.exe FirewallRules: [{27ED2DA9-6790-4CBB-BDF0-5C9B36112ED0}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Forest\TheForest.exe FirewallRules: [{7368FDE4-3421-4047-A89D-BCF8EB439FE6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Forest\TheForest.exe FirewallRules: [{3BE3AD25-AC04-4DA3-8F26-7BB11B2B695E}] => (Allow) C:\Program Files\Lightworks\ntcardvt.exe FirewallRules: [{E3692A44-F38E-4A58-9363-CCDD2849B14F}] => (Allow) C:\Program Files\Lightworks\ntcardvt.exe FirewallRules: [{C88BC301-2128-44D3-AD4B-BB99AC0924C0}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe FirewallRules: [{B84CD34E-542C-456C-BDC7-B77BD6726830}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe FirewallRules: [{1DA88AB0-5701-460A-9BE5-1899B8C020B9}] => (Allow) LPort=2869 FirewallRules: [{AF5E60D2-AAB1-4F77-9F62-B71BE8E8EB70}] => (Allow) LPort=1900 ==================== Faulty Device Manager Devices ============= Name: Description: Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. Name: USB (Universal Serial Bus)-Controller Description: USB (Universal Serial Bus)-Controller Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. Name: TAP-Windows Adapter V9 Description: TAP-Windows Adapter V9 Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318} Manufacturer: TAP-Windows Provider V9 Service: tap0901 Problem: : This device is disabled. (Code 22) Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions. Name: SM-Bus-Controller Description: SM-Bus-Controller Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. ==================== Event log errors: ========================= Application errors: ================== Error: (05/24/2015 09:32:45 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (05/24/2015 08:46:41 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: Programm wmplayer.exe, Version 12.0.7601.18741 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen. Prozess-ID: 1ce4 Startzeit: 01d096516cad8e56 Endzeit: 61 Anwendungspfad: C:\Program Files (x86)\Windows Media Player\wmplayer.exe Berichts-ID: Error: (05/24/2015 08:33:44 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: Programm wmplayer.exe, Version 12.0.7601.18741 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen. Prozess-ID: 1e9c Startzeit: 01d0964fea24728e Endzeit: 58 Anwendungspfad: C:\Program Files (x86)\Windows Media Player\wmplayer.exe Berichts-ID: Error: (05/24/2015 08:31:34 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: Programm wmplayer.exe, Version 12.0.7601.18741 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen. Prozess-ID: 89c Startzeit: 01d0964f529b07a7 Endzeit: 74 Anwendungspfad: C:\Program Files (x86)\Windows Media Player\wmplayer.exe Berichts-ID: Error: (05/24/2015 08:24:09 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: Programm wmplayer.exe, Version 12.0.7601.18741 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen. Prozess-ID: 1f78 Startzeit: 01d0964e9b9f39a0 Endzeit: 60000 Anwendungspfad: C:\Program Files (x86)\Windows Media Player\wmplayer.exe Berichts-ID: Error: (05/24/2015 08:19:42 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: Programm wmplayer.exe, Version 12.0.7601.18741 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen. Prozess-ID: 1a58 Startzeit: 01d0964de5d894bf Endzeit: 60000 Anwendungspfad: C:\Program Files (x86)\Windows Media Player\wmplayer.exe Berichts-ID: Error: (05/24/2015 08:17:28 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: Programm wmplayer.exe, Version 12.0.7601.18741 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen. Prozess-ID: 1d60 Startzeit: 01d0964d165aeb3b Endzeit: 96 Anwendungspfad: C:\Program Files (x86)\Windows Media Player\wmplayer.exe Berichts-ID: Error: (05/24/2015 08:10:51 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: Programm wmplayer.exe, Version 12.0.7601.18741 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen. Prozess-ID: 1fe0 Startzeit: 01d0964cb9249f64 Endzeit: 60000 Anwendungspfad: C:\Program Files (x86)\Windows Media Player\wmplayer.exe Berichts-ID: Error: (05/24/2015 08:10:40 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: Programm FRST64.exe, Version 24.5.2015.0 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen. Prozess-ID: 540 Startzeit: 01d096492708d328 Endzeit: 2 Anwendungspfad: C:\Users\Nicholas\Downloads\FRST64.exe Berichts-ID: 2b46cc02-0240-11e5-8f6e-d050992e231d Error: (05/24/2015 07:54:55 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: Programm wmplayer.exe, Version 12.0.7601.18741 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen. Prozess-ID: 16ec Startzeit: 01d0964a7a269130 Endzeit: 60000 Anwendungspfad: C:\Program Files (x86)\Windows Media Player\wmplayer.exe Berichts-ID: System errors: ============= Error: (05/24/2015 09:15:46 PM) (Source: cdrom) (EventID: 11) (User: ) Description: Der Treiber hat einen Controllerfehler auf \Device\CdRom0 gefunden. Error: (05/24/2015 09:15:46 PM) (Source: cdrom) (EventID: 11) (User: ) Description: Der Treiber hat einen Controllerfehler auf \Device\CdRom0 gefunden. Error: (05/24/2015 09:15:46 PM) (Source: cdrom) (EventID: 11) (User: ) Description: Der Treiber hat einen Controllerfehler auf \Device\CdRom0 gefunden. Error: (05/24/2015 09:15:46 PM) (Source: cdrom) (EventID: 11) (User: ) Description: Der Treiber hat einen Controllerfehler auf \Device\CdRom0 gefunden. Error: (05/24/2015 09:15:46 PM) (Source: cdrom) (EventID: 11) (User: ) Description: Der Treiber hat einen Controllerfehler auf \Device\CdRom0 gefunden. Error: (05/24/2015 09:15:46 PM) (Source: cdrom) (EventID: 11) (User: ) Description: Der Treiber hat einen Controllerfehler auf \Device\CdRom0 gefunden. Error: (05/24/2015 09:15:46 PM) (Source: cdrom) (EventID: 11) (User: ) Description: Der Treiber hat einen Controllerfehler auf \Device\CdRom0 gefunden. Error: (05/24/2015 09:15:46 PM) (Source: cdrom) (EventID: 11) (User: ) Description: Der Treiber hat einen Controllerfehler auf \Device\CdRom0 gefunden. Error: (05/24/2015 09:15:46 PM) (Source: cdrom) (EventID: 11) (User: ) Description: Der Treiber hat einen Controllerfehler auf \Device\CdRom0 gefunden. Error: (05/24/2015 09:15:46 PM) (Source: cdrom) (EventID: 11) (User: ) Description: Der Treiber hat einen Controllerfehler auf \Device\CdRom0 gefunden. Microsoft Office: ========================= Error: (05/24/2015 09:32:45 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (05/24/2015 08:46:41 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: wmplayer.exe12.0.7601.187411ce401d096516cad8e5661C:\Program Files (x86)\Windows Media Player\wmplayer.exe Error: (05/24/2015 08:33:44 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: wmplayer.exe12.0.7601.187411e9c01d0964fea24728e58C:\Program Files (x86)\Windows Media Player\wmplayer.exe Error: (05/24/2015 08:31:34 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: wmplayer.exe12.0.7601.1874189c01d0964f529b07a774C:\Program Files (x86)\Windows Media Player\wmplayer.exe Error: (05/24/2015 08:24:09 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: wmplayer.exe12.0.7601.187411f7801d0964e9b9f39a060000C:\Program Files (x86)\Windows Media Player\wmplayer.exe Error: (05/24/2015 08:19:42 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: wmplayer.exe12.0.7601.187411a5801d0964de5d894bf60000C:\Program Files (x86)\Windows Media Player\wmplayer.exe Error: (05/24/2015 08:17:28 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: wmplayer.exe12.0.7601.187411d6001d0964d165aeb3b96C:\Program Files (x86)\Windows Media Player\wmplayer.exe Error: (05/24/2015 08:10:51 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: wmplayer.exe12.0.7601.187411fe001d0964cb9249f6460000C:\Program Files (x86)\Windows Media Player\wmplayer.exe Error: (05/24/2015 08:10:40 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: FRST64.exe24.5.2015.054001d096492708d3282C:\Users\Nicholas\Downloads\FRST64.exe2b46cc02-0240-11e5-8f6e-d050992e231d Error: (05/24/2015 07:54:55 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: wmplayer.exe12.0.7601.1874116ec01d0964a7a26913060000C:\Program Files (x86)\Windows Media Player\wmplayer.exe ==================== Memory info =========================== Processor: Intel(R) Core(TM) i5-4690K CPU @ 3.50GHz Percentage of memory in use: 16% Total physical RAM: 16314.25 MB Available physical RAM: 13650.99 MB Total Pagefile: 32626.7 MB Available Pagefile: 29749.19 MB Total Virtual: 8192 MB Available Virtual: 8191.83 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:1862.92 GB) (Free:1623.88 GB) NTFS Drive d: (Pinnacle Studio) (CDROM) (Total:2.12 GB) (Free:0 GB) CDFS Drive e: (Games) (Fixed) (Total:581.74 GB) (Free:547.2 GB) NTFS Drive f: (Dokumente) (Fixed) (Total:596.17 GB) (Free:119.35 GB) NTFS Drive g: (FACTORY_IMAGE) (Fixed) (Total:14.43 GB) (Free:2.07 GB) NTFS ==>[System with boot components (obtained from reading drive)] ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 596.2 GB) (Disk ID: 1549F232) Partition 1: (Active) - (Size=581.7 GB) - (Type=07 NTFS) Partition 4: (Not Active) - (Size=14.4 GB) - (Type=07 NTFS) ======================================================== Disk: 1 (Size: 596.2 GB) (Disk ID: A9F93586) Partition 1: (Not Active) - (Size=596.2 GB) - (Type=07 NTFS) ======================================================== Disk: 2 (MBR Code: Windows 7 or 8) (Size: 1863 GB) (Disk ID: E97F5330) Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=1862.9 GB) - (Type=07 NTFS) ==================== End of log ============================ |
|
25.05.2015, 15:43
| #4 |
| /// the machine /// TB-Ausbilder | PC von heute auf morgen plötzlich langsam! Virus? So funktioniert es:Posten in CODE-Tags Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert mir massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu gross für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
Downloade dir bitte  Malwarebytes Anti-Rootkit und speichere es auf deinem Desktop.
Starte keine andere Datei in diesem Ordner ohne Anweisung eines Helfers Downloade dir bitte  TDSSKiller.exe und speichere diese Datei auf dem Desktop
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
| Themen zu PC von heute auf morgen plötzlich langsam! Virus? |
| adobe, akamai, bho, canon, desktop, explorer, externe festplatte, fehlermeldung, festplatte, google, hijack, hijack this, hijackthis, internet, internet explorer, langsam, programm, prozess, security, senden, software, starten, system, updates, virus, windows |
Linear-Darstellung
