|
Plagegeister aller Art und deren Bekämpfung: Skype Malware/ SpamWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
13.08.2015, 15:10 | #16 |
| Skype Malware/ Spam Ok Habe es in der Zwischenzeit aber schon deinstalliert Naja, hier die Logs der Tools. MBAM: Code:
ATTFilter Malwarebytes Anti-Malware www.malwarebytes.org Suchlaufdatum: 13.08.2015 Suchlaufzeit: 15:25 Protokolldatei: MBAM.txt Administrator: Ja Version: 2.1.8.1057 Malware-Datenbank: v2015.08.13.04 Rootkit-Datenbank: v2015.08.06.01 Lizenz: Kostenlose Version Malware-Schutz: Deaktiviert Schutz vor bösartigen Websites: Deaktiviert Selbstschutz: Deaktiviert Betriebssystem: Windows 10 CPU: x64 Dateisystem: NTFS Benutzer: Nils Geiger Suchlauftyp: Bedrohungssuchlauf Ergebnis: Abgeschlossen Durchsuchte Objekte: 450008 Abgelaufene Zeit: 8 Min., 18 Sek. Speicher: Aktiviert Start: Aktiviert Dateisystem: Aktiviert Archive: Aktiviert Rootkits: Deaktiviert Heuristik: Aktiviert PUP: Aktiviert PUM: Aktiviert Prozesse: 0 (keine bösartigen Elemente erkannt) Module: 0 (keine bösartigen Elemente erkannt) Registrierungsschlüssel: 0 (keine bösartigen Elemente erkannt) Registrierungswerte: 0 (keine bösartigen Elemente erkannt) Registrierungsdaten: 0 (keine bösartigen Elemente erkannt) Ordner: 0 (keine bösartigen Elemente erkannt) Dateien: 0 (keine bösartigen Elemente erkannt) Physische Sektoren: 0 (keine bösartigen Elemente erkannt) (end) AdwCleaner Logfile: Code:
ATTFilter # AdwCleaner v4.208 - Bericht erstellt 13/08/2015 um 15:38:33 # Aktualisiert 09/07/2015 von Xplode # Datenbank : 2015-08-12.1 [Server] # Betriebssystem : Windows 10 Pro (x64) # Benutzername : Nils Geiger - NILS-PC # Gestarted von : C:\Users\Nils Geiger\Downloads\AdwCleaner_4.208.exe # Option : Löschen ***** [ Dienste ] ***** ***** [ Dateien / Ordner ] ***** ***** [ Geplante Tasks ] ***** ***** [ Verknüpfungen ] ***** ***** [ Registrierungsdatenbank ] ***** ***** [ Internetbrowser ] ***** -\\ Internet Explorer v11.0.10240.16412 -\\ Mozilla Firefox v39.0.3 (x86 de) -\\ Google Chrome v44.0.2403.155 ************************* AdwCleaner[R0].txt - [9790 Bytes] - [22/11/2013 16:11:01] AdwCleaner[R10].txt - [2490 Bytes] - [16/07/2015 21:56:32] AdwCleaner[R11].txt - [1959 Bytes] - [09/08/2015 22:54:58] AdwCleaner[R12].txt - [2019 Bytes] - [09/08/2015 23:07:31] AdwCleaner[R13].txt - [2013 Bytes] - [13/08/2015 15:36:54] AdwCleaner[R1].txt - [21306 Bytes] - [23/11/2013 22:27:37] AdwCleaner[R2].txt - [22856 Bytes] - [11/12/2013 18:30:15] AdwCleaner[R3].txt - [27631 Bytes] - [22/04/2014 18:29:54] AdwCleaner[R4].txt - [33696 Bytes] - [14/08/2014 21:54:00] AdwCleaner[R5].txt - [1817 Bytes] - [14/08/2014 22:27:14] AdwCleaner[R6].txt - [1747 Bytes] - [14/08/2014 22:33:03] AdwCleaner[R7].txt - [9566 Bytes] - [12/04/2015 17:26:52] AdwCleaner[R8].txt - [2233 Bytes] - [13/04/2015 18:09:05] AdwCleaner[R9].txt - [1742 Bytes] - [13/04/2015 18:16:47] AdwCleaner[S0].txt - [32082 Bytes] - [14/08/2014 21:54:57] AdwCleaner[S1].txt - [1808 Bytes] - [14/08/2014 22:33:50] AdwCleaner[S2].txt - [9568 Bytes] - [12/04/2015 17:27:59] AdwCleaner[S3].txt - [2292 Bytes] - [13/04/2015 18:10:18] AdwCleaner[S4].txt - [1654 Bytes] - [13/04/2015 18:18:39] AdwCleaner[S5].txt - [2366 Bytes] - [16/07/2015 21:58:48] AdwCleaner[S6].txt - [2078 Bytes] - [09/08/2015 23:20:50] AdwCleaner[S7].txt - [1933 Bytes] - [13/08/2015 15:38:33] ########## EOF - C:\AdwCleaner\AdwCleaner[S7].txt - [1992 Bytes] ########## [/CODE] JRT: Code:
ATTFilter ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Junkware Removal Tool (JRT) by Malwarebytes Version: 7.5.6 (08.10.2015:1) OS: Windows 10 Pro x64 Ran by Nils Geiger on 13.08.2015 at 15:42:39,68 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~~ Services ~~~ Tasks Successfully deleted: [Task] C:\WINDOWS\system32\tasks\Driver Booster SkipUAC (Nils Geiger) ~~~ Registry Values ~~~ Registry Keys Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Policies\Google ~~~ Files Successfully deleted: [File] C:\Users\Nils Geiger\Appdata\Local\google\chrome\user data\default\local storage\hxxp_toolbar.avg.com_0.localstorage Successfully deleted: [File] C:\WINDOWS\SysWOW64\REN9DA6.tmp ~~~ Folders Successfully deleted: [Folder] C:\Program Files (x86)\myfree codec Successfully deleted: [Folder] C:\ProgramData\esellerate Successfully deleted: [Folder] C:\ProgramData\iobit\driver booster Successfully deleted: [Folder] C:\ProgramData\productdata Successfully deleted: [Folder] C:\Users\Nils Geiger\Appdata\Local\crashrpt Successfully deleted: [Folder] C:\Users\Nils Geiger\AppData\Roaming\iobit\driver booster Successfully deleted: [Folder] C:\Users\Nils Geiger\AppData\Roaming\productdata Successfully deleted: [Folder] C:\WINDOWS\SysWOW64\ai_recyclebin ~~~ Chrome [C:\Users\Nils Geiger\Appdata\Local\Google\Chrome\User Data\Default\Preferences] - default search provider reset [C:\Users\Nils Geiger\Appdata\Local\Google\Chrome\User Data\Default\Preferences] - Extensions Deleted: [C:\Users\Nils Geiger\Appdata\Local\Google\Chrome\User Data\Default\Secure Preferences] - default search provider reset [C:\Users\Nils Geiger\Appdata\Local\Google\Chrome\User Data\Default\Secure Preferences] - Extensions Deleted: [] ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Scan was completed on 13.08.2015 at 15:45:07,37 End of JRT log ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:12-08-2015 durchgeführt von Nils Geiger (Administrator) auf NILS-PC (13-08-2015 15:59:42) Gestartet von C:\Users\Nils Geiger\Downloads Geladene Profile: Nils Geiger (Verfügbare Profile: Nils Geiger) Platform: Windows 10 Pro (X64) Sprache: Deutsch (Deutschland) Internet Explorer Version 11 (Standard-Browser: FF) Start-Modus: Normal Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Prozesse (Nicht auf der Ausnahmeliste) ================= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.) (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (Stardock Software, Inc) C:\Program Files (x86)\Stardock\DeskScapes8\DS8Srv.exe (Stardock Corporation) C:\Program Files (x86)\Stardock\WindowFX\WindowFXSRV.exe (Stardock Corporation) C:\Program Files (x86)\Stardock\WindowBlinds\WBSrv.exe () C:\Program Files (x86)\Stardock\WindowFX\wfx32.exe (Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\WTabletServiceCon.exe (Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\AvastSvc.exe (Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AAHM\1.00.20\aaHMSvc.exe () C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe (ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.13\AsSysCtrlService.exe (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe (CM & V) C:\Program Files (x86)\DVBViewer\DVBVservice.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe (DTS) C:\Program Files\Realtek\Audio\HDA\DTSAudioService64.exe (Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe (My Digital Life Forums) C:\Windows\KMSServerService\KMS Server Service.exe (Atheros Communications, Inc.) C:\Program Files (x86)\NETGEAR\WNA1100\jswpbapi.exe (IObit) C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe (Unified Intents AB) C:\Program Files (x86)\Unified Remote 3\RemoteServerWin.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe (DEVGURU Co., LTD.) C:\Program Files\Samsung\USB Drivers\25_escape\conn\ss_conn_service.exe (Winstep Software Technologies) C:\Program Files (x86)\Winstep\WsxService.exe () C:\Program Files (x86)\NETGEAR\WNA1100\WifiSvc.exe (Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe (Stardock Software, Inc) C:\Program Files (x86)\Stardock\DeskScapes8\Deskscapes64.exe (Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe (Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersServer.exe (Microsoft Corporation) C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe (Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_TabletUser.exe (Wacom Technology) C:\Program Files\Tablet\Pen\WacomHost.exe (Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe (Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_Tablet.exe (Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_TouchUser.exe (Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe (NVIDIA Corporation) C:\Users\Nils Geiger\AppData\Local\NVIDIA\NvBackend\ApplicationOntology\NvOAWrapperCache.exe (CM&V Hackbart) C:\Program Files (x86)\DVBViewer\DVBVCtrl.exe (Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe (Samsung Electronics.) C:\Program Files (x86)\Samsung\Samsung Magician\Samsung Magician.exe (Stardock Corporation) C:\Program Files (x86)\Stardock\CursorFX\CursorFX.exe (Overwolf LTD) C:\Program Files (x86)\Overwolf\Overwolf.exe (Microsoft Corporation) C:\Users\Nils Geiger\AppData\Local\Microsoft\OneDrive\OneDrive.exe () C:\Program Files\Rainmeter\Rainmeter.exe (Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\avastui.exe (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe () C:\Program Files (x86)\RocketDock\RocketDock.exe (Overwolf LTD) C:\Program Files (x86)\Overwolf\0.88.41.0\Purplizer\Purplizer.exe (Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe (Overwolf LTD) C:\Program Files (x86)\Common Files\Overwolf\0.88.41.0\OverwolfHelper.exe (Overwolf LTD) C:\Program Files (x86)\Common Files\Overwolf\0.88.41.0\OverwolfHelper64.exe (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe (Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe (Intel(R) Corporation) C:\Program Files (x86)\Intel\Extreme Tuning Utility\XtuService.exe (Microsoft Corporation) C:\Windows\System32\wbem\WMIADAP.exe ==================== Registry (Nicht auf der Ausnahmeliste) ================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.) HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8492800 2015-06-24] (Realtek Semiconductor) HKLM\...\Run: [RtHDVBg_DTS] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1402624 2015-06-24] (Realtek Semiconductor) HKLM\...\Run: [Launch LCore] => C:\Program Files\Logitech Gaming Software\LCore.exe [10464536 2014-07-02] (Logitech Inc.) HKLM\...\Run: [ProfilerU] => C:\Program Files\SmartTechnology\Software\ProfilerU.exe [454144 2013-01-31] (Saitek) HKLM\...\Run: [SaiMfd] => C:\Program Files\SmartTechnology\Software\SaiMfd.exe [158208 2013-01-31] (Saitek) HKLM\...\Run: [XboxStat] => C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe [825184 2009-09-30] (Microsoft Corporation) HKLM\...\Run: [Start WingMan Profiler] => C:\Program Files\Logitech\Gaming Software\LWEMon.exe [190536 2010-06-14] (Logitech Inc.) HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [287592 2013-08-07] (Intel Corporation) HKLM\...\Run: [THXCfg64] => C:\WINDOWS\system32\RunDLL32.exe C:\WINDOWS\system32\THXCfg64.dll,RunDLLEntry THXCfg64 HKLM\...\Run: [vksts] => C:\Program Files\CSR\CSR Harmony Wireless Software Stack\vksts.exe [168552 2011-05-26] (Cambridge Silicon Radio Limited) HKLM\...\Run: [HarmonyUserStartup] => C:\Program Files\CSR\CSR Harmony Wireless Software Stack\HarmonyUserStartup.exe [37504 2011-05-26] (Cambridge Silicon Radio Limited) HKLM\...\Run: [HarmonyHFPSkypePlugin] => C:\Program Files (x86)\CSR\CSR Harmony Wireless Software Stack\HarmonyHFPSkypePlugin.exe [147080 2011-05-26] (Cambridge Silicon Radio Limited) HKLM\...\Run: [TrayApplication] => C:\Program Files\CSR\CSR Harmony Wireless Software Stack\TrayApplication.exe [619136 2011-05-26] (Cambridge Silicon Radio Limited) HKLM\...\Run: [ShadowPlay] => C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2634896 2015-07-24] (NVIDIA Corporation) HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [170280 2015-07-11] (Apple Inc.) HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [60712 2015-05-15] (Apple Inc.) HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [49208 2011-10-28] (Hewlett-Packard) HKLM-x32\...\Run: [] => [X] HKLM-x32\...\Run: [WinampAgent] => C:\Program Files (x86)\Winamp\winampa.exe [85600 2013-12-13] (Nullsoft, Inc.) HKLM-x32\...\Run: [PowerDVD14Agent] => C:\Program Files (x86)\CyberLink\PowerDVD14\PowerDVD14Agent.exe [795672 2014-04-28] (CyberLink Corp.) HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5515496 2015-05-21] (Avast Software s.r.o.) HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2015-06-17] (Apple Inc.) HKLM-x32\...\Run: [DivXMediaServer] => C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe [448520 2015-06-24] (DivX, LLC) HKLM-x32\...\Run: [DivXUpdate] => C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [1861640 2015-06-27] (DivX, LLC) HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [334896 2015-06-08] (Oracle Corporation) Winlogon\Notify\WB: C:\Program Files (x86)\Stardock\WindowBlinds\fast64.dll [X] Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X] HKU\S-1-5-19\...\Run: [OneDriveSetup] => C:\Windows\SysWOW64\OneDriveSetup.exe [7805120 2015-07-10] (Microsoft Corporation) HKU\S-1-5-20\...\Run: [OneDriveSetup] => C:\Windows\SysWOW64\OneDriveSetup.exe [7805120 2015-07-10] (Microsoft Corporation) HKU\S-1-5-21-1160257173-3920074079-2544844589-1001\...\Run: [RocketDock] => C:\Program Files (x86)\RocketDock\RocketDock.exe [495616 2007-09-02] () HKU\S-1-5-21-1160257173-3920074079-2544844589-1001\...\Run: [CubeDesktopNXT] => C:\Program Files (x86)\CubeDesktop NXT\TiB.CubeDesktop.exe [2548224 2013-04-25] (Thinking Minds Building Bytes) HKU\S-1-5-21-1160257173-3920074079-2544844589-1001\...\Run: [Steam] => D:\Steam\steam.exe [2899136 2015-08-12] (Valve Corporation) HKU\S-1-5-21-1160257173-3920074079-2544844589-1001\...\Run: [HP Officejet 7500 E910 (NET)] => C:\Program Files\HP\HP Officejet 7500 E910\Bin\ScanToPCActivationApp.exe [2573416 2012-10-17] (Hewlett-Packard Co.) HKU\S-1-5-21-1160257173-3920074079-2544844589-1001\...\Run: [DVBV Service Ctrl] => C:\Program Files (x86)\DVBViewer\DVBVCtrl.exe [66560 2013-12-23] (CM&V Hackbart) HKU\S-1-5-21-1160257173-3920074079-2544844589-1001\...\Run: [Unified Remote v2] => C:\Program Files (x86)\Unified Remote\RemoteServer.exe [333008 2014-06-03] (Unified Intents AB) HKU\S-1-5-21-1160257173-3920074079-2544844589-1001\...\Run: [Amazon Music] => C:\Users\Nils Geiger\AppData\Local\Amazon Music\Amazon Music Helper.exe [6277952 2014-12-08] () HKU\S-1-5-21-1160257173-3920074079-2544844589-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [53661824 2015-07-28] (Skype Technologies S.A.) HKU\S-1-5-21-1160257173-3920074079-2544844589-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8358680 2015-06-01] (Piriform Ltd) HKU\S-1-5-21-1160257173-3920074079-2544844589-1001\...\Run: [Unified Remote V3] => C:\Program Files (x86)\Unified Remote 3\RemoteServerWin.exe [4217552 2015-01-13] (Unified Intents AB) HKU\S-1-5-21-1160257173-3920074079-2544844589-1001\...\Run: [CursorFX] => C:\Program Files (x86)\Stardock\CursorFX\CursorFX.exe [624296 2015-03-16] (Stardock Corporation) HKU\S-1-5-21-1160257173-3920074079-2544844589-1001\...\Run: [Spotify Web Helper] => C:\Users\Nils Geiger\AppData\Roaming\Spotify\SpotifyWebHelper.exe [2018360 2015-08-11] (Spotify Ltd) HKU\S-1-5-21-1160257173-3920074079-2544844589-1001\...\Run: [Overwolf] => C:\Program Files (x86)\Overwolf\Overwolf.exe [41200 2015-08-09] (Overwolf LTD) HKU\S-1-5-21-1160257173-3920074079-2544844589-1001\...\Run: [Dropbox Update] => C:\Users\Nils Geiger\AppData\Local\Dropbox\Update\DropboxUpdate.exe [134512 2015-07-14] (Dropbox, Inc.) HKU\S-1-5-21-1160257173-3920074079-2544844589-1001\...\Run: [OneDrive] => C:\Users\Nils Geiger\AppData\Local\Microsoft\OneDrive\OneDrive.exe [402632 2015-07-29] (Microsoft Corporation) HKU\S-1-5-21-1160257173-3920074079-2544844589-1001\...\Run: [Spotify] => C:\Users\Nils Geiger\AppData\Roaming\Spotify\Spotify.exe [7675448 2015-08-11] (Spotify Ltd) HKU\S-1-5-21-1160257173-3920074079-2544844589-1001\...\RunOnce: [Uninstall C:\Users\Nils Geiger\AppData\Local\Microsoft\OneDrive\17.3.5892.0626\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Nils Geiger\AppData\Local\Microsoft\OneDrive\17.3.5892.0626\amd64" Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\CineForm Status.lnk [2015-01-11] ShortcutTarget: CineForm Status.lnk -> C:\Program Files (x86)\CineForm\Tools\GoProCineFormStatusViewer.exe (GoPro) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\GoPro Importer.lnk [2014-11-19] ShortcutTarget: GoPro Importer.lnk -> C:\Program Files (x86)\GoPro\Tools\Importer\GoPro Importer.exe (GoPro) Startup: C:\Users\Nils Geiger\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Rainmeter.lnk [2014-01-17] ShortcutTarget: Rainmeter.lnk -> C:\Program Files\Rainmeter\Rainmeter.exe () Startup: C:\Users\Nils Geiger\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\rocketdock.bat [2014-11-18] () Startup: C:\Users\Nils Geiger\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Tintenwarnungen überwachen - HP Officejet 7500 E910 (Netzwerk).lnk [2013-06-02] ShortcutTarget: Tintenwarnungen überwachen - HP Officejet 7500 E910 (Netzwerk).lnk -> C:\Program Files\HP\HP Officejet 7500 E910\Bin\HPStatusBL.dll (Hewlett-Packard Co.) ShellIconOverlayIdentifiers: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Nils Geiger\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-07-24] (Dropbox, Inc.) ShellIconOverlayIdentifiers: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Nils Geiger\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-07-24] (Dropbox, Inc.) ShellIconOverlayIdentifiers: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Nils Geiger\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-07-24] (Dropbox, Inc.) ShellIconOverlayIdentifiers: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Nils Geiger\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-07-24] (Dropbox, Inc.) ShellIconOverlayIdentifiers: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Nils Geiger\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-07-24] (Dropbox, Inc.) ShellIconOverlayIdentifiers: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Nils Geiger\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-07-24] (Dropbox, Inc.) ShellIconOverlayIdentifiers: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Nils Geiger\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-07-24] (Dropbox, Inc.) ShellIconOverlayIdentifiers: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Nils Geiger\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-07-24] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2015-05-06] (Avast Software s.r.o.) GroupPolicyScripts: Gruppenrichtline erkannt <======= ACHTUNG ==================== Internet (Nicht auf der Ausnahmeliste) ==================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt..) HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com HKU\S-1-5-19\Software\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm HKU\S-1-5-20\Software\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm HKU\S-1-5-21-1160257173-3920074079-2544844589-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://t.de.msn.com/ HKU\S-1-5-21-1160257173-3920074079-2544844589-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/ SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation) BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_51\bin\ssv.dll [2015-07-15] (Oracle Corporation) BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation) BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_51\bin\jp2ssv.dll [2015-07-15] (Oracle Corporation) BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation) BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_51\bin\ssv.dll [2015-07-15] (Oracle Corporation) BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation) BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_51\bin\jp2ssv.dll [2015-07-15] (Oracle Corporation) Hosts: Es ist mehr als ein Eintrag in der Hosts Datei zu finden. Siehe Hosts-Bereich in Addition.txt Tcpip\Parameters: [DhcpNameServer] 192.168.2.1 Tcpip\..\Interfaces\{d70fde9c-5b01-4030-86c7-4538b1fb3a3c}: [DhcpNameServer] 192.168.2.1 Tcpip\..\Interfaces\{e328989f-9700-4fd0-ad89-817257ef6a5a}: [DhcpNameServer] 192.168.42.129 FireFox: ======== FF ProfilePath: C:\Users\Nils Geiger\AppData\Roaming\Mozilla\Firefox\Profiles\hsbqrsni.default-1432296395773 FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_18_0_0_232.dll [2015-08-12] () FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll [2014-05-22] (DivX, LLC.) FF Plugin: @java.com/DTPlugin,version=11.51.2 -> C:\Program Files\Java\jre1.8.0_51\bin\dtplugin\npDeployJava1.dll [2015-07-15] (Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=11.51.2 -> C:\Program Files\Java\jre1.8.0_51\bin\plugin2\npjp2.dll [2015-07-15] (Oracle Corporation) FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation) FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation) FF Plugin: @videolan.org/vlc,version=2.0.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-16] (VideoLAN) FF Plugin: @videolan.org/vlc,version=2.0.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-16] (VideoLAN) FF Plugin: @videolan.org/vlc,version=2.1.2 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-16] (VideoLAN) FF Plugin: @videolan.org/vlc,version=2.1.3 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-16] (VideoLAN) FF Plugin: @videolan.org/vlc,version=2.1.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-16] (VideoLAN) FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-16] (VideoLAN) FF Plugin: @videolan.org/vlc,version=2.2.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-16] (VideoLAN) FF Plugin: @wacom.com/wtPlugin,version=2.1.0.2 -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll [2012-12-25] (Wacom) FF Plugin: @wacom.com/wtPlugin,version=2.1.0.3 -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll [2012-12-25] (Wacom) FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [Keine Datei] FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_232.dll [2015-08-12] () FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2015-01-06] () FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll [2014-05-22] (DivX, LLC.) FF Plugin-x32: @divx.com/DivX Web Player Plug-In,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll [2015-06-29] (DivX, LLC) FF Plugin-x32: @esn/npbattlelog,version=2.3.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.3.2\npbattlelog.dll [2013-11-21] (EA Digital Illusions CE AB) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-08-08] (Intel Corporation) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-08-08] (Intel Corporation) FF Plugin-x32: @java.com/DTPlugin,version=11.51.2 -> C:\Program Files (x86)\Java\jre1.8.0_51\bin\dtplugin\npDeployJava1.dll [2015-07-15] (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=11.51.2 -> C:\Program Files (x86)\Java\jre1.8.0_51\bin\plugin2\npjp2.dll [2015-07-15] (Oracle Corporation) FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation) FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3505.0912 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-09-12] (Microsoft Corporation) FF Plugin-x32: @nullsoft.com/winampDetector;version=1 -> C:\Program Files (x86)\Winamp Detect\npwachk.dll [2013-12-13] (Nullsoft, Inc.) FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll [2013-09-27] (Pando Networks) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-15] (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-15] (Google Inc.) FF Plugin-x32: @wacom.com/wtPlugin,version=2.1.0.2 -> C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll [2012-12-25] (Wacom) FF Plugin-x32: @wacom.com/wtPlugin,version=2.1.0.3 -> C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll [2012-12-25] (Wacom) FF Plugin HKU\S-1-5-21-1160257173-3920074079-2544844589-1001: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Nils Geiger\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2014-09-05] (Unity Technologies ApS) FF Plugin HKU\S-1-5-21-1160257173-3920074079-2544844589-1001: pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll [2013-09-27] (Pando Networks) FF Plugin HKU\S-1-5-21-1160257173-3920074079-2544844589-1001: wacom.com/WacomTabletPlugin -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll [2012-12-25] (Wacom) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll [2015-07-07] (Apple Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll [2015-07-07] (Apple Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll [2015-07-07] (Apple Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll [2015-07-07] (Apple Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll [2015-07-07] (Apple Inc.) FF Extension: Cookies Manager+ - C:\Users\Nils Geiger\AppData\Roaming\Mozilla\Firefox\Profiles\hsbqrsni.default-1432296395773\Extensions\{bb6bc1bb-f824-4702-90cd-35e2fb24f25d} [2015-07-31] FF Extension: ProxTube - Unblock YouTube - C:\Users\Nils Geiger\AppData\Roaming\Mozilla\Firefox\Profiles\hsbqrsni.default-1432296395773\Extensions\ich@maltegoetz.de.xpi [2015-05-22] FF Extension: Adblock Plus - C:\Users\Nils Geiger\AppData\Roaming\Mozilla\Firefox\Profiles\hsbqrsni.default-1432296395773\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-05-22] Chrome: ======= CHR Profile: C:\Users\Nils Geiger\AppData\Local\Google\Chrome\User Data\Default CHR Extension: (Google Docs) - C:\Users\Nils Geiger\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2012-11-08] CHR Extension: (Google Drive) - C:\Users\Nils Geiger\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2012-11-08] CHR Extension: (Web Developer) - C:\Users\Nils Geiger\AppData\Local\Google\Chrome\User Data\Default\Extensions\bfbameneiokkgbdmiekhjnmfkcnldhhm [2014-07-25] CHR Extension: (YouTube) - C:\Users\Nils Geiger\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2012-11-08] CHR Extension: (Adblock Plus) - C:\Users\Nils Geiger\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2014-08-11] CHR Extension: (Google Search) - C:\Users\Nils Geiger\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2012-11-08] CHR Extension: (EditThisCookie) - C:\Users\Nils Geiger\AppData\Local\Google\Chrome\User Data\Default\Extensions\fngmhnnpilhplaeedifhccceomclgfbg [2015-07-31] CHR Extension: (AllCast Receiver) - C:\Users\Nils Geiger\AppData\Local\Google\Chrome\User Data\Default\Extensions\hjbljnpdahefgnopeohlaeohgkiidnoe [2014-09-20] CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Nils Geiger\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-03-14] CHR Extension: (Chrome Web Store Payments) - C:\Users\Nils Geiger\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-26] CHR Extension: (Gmail) - C:\Users\Nils Geiger\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2012-11-08] ==================== Dienste (Nicht auf der Ausnahmeliste) ======================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77128 2015-05-29] (Apple Inc.) R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe [920736 2012-06-01] () R2 asHmComSvc; C:\Program Files (x86)\ASUS\AAHM\1.00.20\aaHMSvc.exe [951936 2012-06-01] (ASUSTeK Computer Inc.) R2 AsSysCtrlService; C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.13\AsSysCtrlService.exe [149120 2012-02-17] (ASUSTeK Computer Inc.) R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [343336 2015-05-06] (Avast Software s.r.o.) S3 BthHFSrv; C:\Windows\System32\BthHFSrv.dll [326144 2015-07-10] (Microsoft Corporation) S3 CDPSvc; C:\Windows\System32\CDPSvc.dll [134144 2015-07-10] (Microsoft Corporation) R2 CoreMessagingRegistrar; C:\Windows\system32\coremessaging.dll [808856 2015-07-29] (Microsoft Corporation) R2 CoreMessagingRegistrar; C:\Windows\SysWOW64\coremessaging.dll [510976 2015-07-29] (Microsoft Corporation) R2 DeskScapes8; C:\Program Files (x86)\Stardock\DeskScapes8\ds8srv.exe [75376 2014-03-10] (Stardock Software, Inc) S3 diagnosticshub.standardcollector.service; C:\Windows\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe [27136 2015-07-10] (Microsoft Corporation) S3 DmEnrollmentSvc; C:\Windows\system32\Windows.Internal.Management.dll [267776 2015-07-10] (Microsoft Corporation) S3 DmEnrollmentSvc; C:\Windows\SysWOW64\Windows.Internal.Management.dll [193024 2015-07-10] (Microsoft Corporation) R2 DTSAudioService; C:\Program Files\Realtek\Audio\HDA\DTSAudioService64.exe [218768 2015-06-24] (DTS) R2 DVBVRecorder; C:\Program Files (x86)\DVBViewer\DVBVservice.exe [874112 2014-06-01] (CM & V) [Datei ist nicht signiert] S3 embeddedmode; C:\Windows\System32\embeddedmodesvc.dll [87040 2015-07-10] (Microsoft Corporation) S3 EntAppSvc; C:\Windows\system32\EnterpriseAppMgmtSvc.dll [275456 2015-07-10] (Microsoft Corporation) R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1155216 2015-07-24] (NVIDIA Corporation) R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15720 2013-08-07] (Intel Corporation) S3 icssvc; C:\Windows\System32\tetheringservice.dll [148992 2015-07-29] (Microsoft Corporation) R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [733696 2013-05-11] (Intel(R) Corporation) [Datei ist nicht signiert] S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [822232 2013-05-11] (Intel(R) Corporation) R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-08-08] (Intel Corporation) R2 jswpbapi; C:\Program Files (x86)\NETGEAR\WNA1100\jswpbapi.exe [241664 2012-03-26] (Atheros Communications, Inc.) [Datei ist nicht signiert] S3 jswpsapi; C:\Program Files (x86)\NETGEAR\WNA1100\jswpsapi.exe [1102848 2012-03-26] (Atheros Communications, Inc.) [Datei ist nicht signiert] R2 KMSServerService; C:\Windows\KMSServerService\KMS Server Service.exe [211968 2014-11-14] (My Digital Life Forums) [Datei ist nicht signiert] R3 lfsvc; C:\Windows\SysWOW64\lfsvc.dll [22528 2015-07-10] (Microsoft Corporation) R3 LicenseManager; C:\Windows\system32\LicenseManagerSvc.dll [21504 2015-07-10] (Microsoft Corporation) R2 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2909472 2015-07-30] (IObit) S2 MapsBroker; C:\Windows\System32\moshost.dll [62464 2015-07-10] (Microsoft Corporation) S2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1133880 2015-06-18] (Malwarebytes Corporation) R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1871504 2015-07-24] (NVIDIA Corporation) R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [5544592 2015-07-24] (NVIDIA Corporation) S2 OneSyncSvc; C:\Windows\System32\APHostService.dll [296960 2015-07-10] (Microsoft Corporation) R2 OneSyncSvc_Session1; C:\WINDOWS\system32\svchost.exe [39856 2015-07-10] (Microsoft Corporation) R2 OneSyncSvc_Session1; C:\WINDOWS\SysWOW64\svchost.exe [35176 2015-07-10] (Microsoft Corporation) S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2004488 2015-07-14] (Electronic Arts) S3 OverwolfUpdater; C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [995568 2015-08-09] (Overwolf LTD) S3 PimIndexMaintenanceSvc; C:\Windows\System32\PimIndexMaintenance.dll [289280 2015-07-10] (Microsoft Corporation) R3 PimIndexMaintenanceSvc_Session1; C:\WINDOWS\system32\svchost.exe [39856 2015-07-10] (Microsoft Corporation) R3 PimIndexMaintenanceSvc_Session1; C:\WINDOWS\SysWOW64\svchost.exe [35176 2015-07-10] (Microsoft Corporation) R2 RemoteServerWin; C:\Program Files (x86)\Unified Remote 3\RemoteServerWin.exe [4217552 2015-01-13] (Unified Intents AB) S3 RetailDemo; C:\Windows\system32\RDXService.dll [988672 2015-08-03] (Microsoft Corporation) S3 SensorDataService; C:\Windows\System32\SensorDataService.exe [1031680 2015-07-29] (Microsoft Corporation) R2 ss_conn_service; C:\Program Files\Samsung\USB Drivers\25_escape\conn\ss_conn_service.exe [743688 2014-12-31] (DEVGURU Co., LTD.) R3 StateRepository; C:\Windows\system32\windows.staterepository.dll [2674176 2015-07-10] (Microsoft Corporation) R3 StateRepository; C:\Windows\SysWOW64\windows.staterepository.dll [2049024 2015-07-10] (Microsoft Corporation) R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [5495056 2015-06-18] (TeamViewer GmbH) S3 TunngleService; C:\Program Files (x86)\Tunngle\TnglCtrl.exe [758224 2013-11-06] (Tunngle.net GmbH) S3 UnistoreSvc; C:\Windows\System32\unistore.dll [1203200 2015-07-29] (Microsoft Corporation) S3 UnistoreSvc; C:\Windows\SysWOW64\unistore.dll [925696 2015-07-29] (Microsoft Corporation) R3 UnistoreSvc_Session1; C:\WINDOWS\System32\svchost.exe [39856 2015-07-10] (Microsoft Corporation) R3 UnistoreSvc_Session1; C:\WINDOWS\SysWOW64\svchost.exe [35176 2015-07-10] (Microsoft Corporation) S3 UserDataSvc; C:\Windows\System32\userdataservice.dll [1420288 2015-07-30] (Microsoft Corporation) R3 UserDataSvc_Session1; C:\WINDOWS\system32\svchost.exe [39856 2015-07-10] (Microsoft Corporation) R3 UserDataSvc_Session1; C:\WINDOWS\SysWOW64\svchost.exe [35176 2015-07-10] (Microsoft Corporation) S3 vmicvmsession; C:\Windows\System32\ICSvc.dll [506880 2015-07-10] (Microsoft Corporation) S3 WalletService; C:\Windows\system32\WalletService.dll [504320 2015-07-10] (Microsoft Corporation) R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [362928 2015-07-10] (Microsoft Corporation) R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-07-10] (Microsoft Corporation) R2 WindowBlinds; C:\Program Files (x86)\Stardock\WindowBlinds\wbsrv.exe [89600 2013-05-16] (Stardock Corporation) [Datei ist nicht signiert] R2 WindowFX; C:\Program Files (x86)\Stardock\WindowFX\WindowFXSrv.exe [181904 2014-06-12] (Stardock Corporation) R2 WSWNA1100; C:\Program Files (x86)\NETGEAR\WNA1100\WifiSvc.exe [316120 2014-03-19] () R2 WTabletServiceCon; C:\Program Files\Tablet\Pen\WTabletServiceCon.exe [627992 2013-12-17] (Wacom Technology, Corp.) S3 XblAuthManager; C:\Windows\System32\XblAuthManager.dll [918016 2015-07-10] (Microsoft Corporation) S3 XblGameSave; C:\Windows\System32\XblGameSave.dll [1149440 2015-07-10] (Microsoft Corporation) S3 XboxNetApiSvc; C:\Windows\system32\XboxNetApiSvc.dll [1019392 2015-07-10] (Microsoft Corporation) R2 XTU3SERVICE; C:\Program Files (x86)\Intel\Extreme Tuning Utility\XtuService.exe [18384 2014-03-13] (Intel(R) Corporation) R2 Winstep Xtreme Service; C:\Program Files (x86)\Winstep\WsxService [X] ===================== Treiber (Nicht auf der Ausnahmeliste) ========================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [15232 2012-08-22] () R1 AsUpIO; C:\Windows\SysWow64\drivers\AsUpIO.sys [14464 2012-09-14] () R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29168 2015-05-06] () R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [89944 2015-05-06] (Avast Software s.r.o.) R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93528 2015-05-06] (Avast Software s.r.o.) R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65736 2015-05-06] () S1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1047320 2015-05-06] (Avast Software s.r.o.) R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [442264 2015-06-26] (Avast Software s.r.o.) R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [137288 2015-05-06] (Avast Software s.r.o.) R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [272248 2015-05-06] () R3 athur; C:\Windows\System32\drivers\athuwbx.sys [2702336 2013-11-20] (Qualcomm Atheros Communications, Inc.) S3 bcbtums; C:\Windows\system32\drivers\bcbtums.sys [170712 2014-03-16] (Broadcom Corporation.) S3 BtHidBus; C:\Windows\System32\Drivers\BtHidBus.sys [22568 2014-08-12] (IVT Corporation.) R3 CompositeBus; C:\Windows\System32\DriverStore\FileRepository\compositebus.inf_amd64_98334ba6e76853ba\CompositeBus.sys [39936 2015-07-10] (Microsoft Corporation) R1 dtsoftbus01; C:\Windows\System32\drivers\dtsoftbus01.sys [283064 2013-11-20] (Disc Soft Ltd) S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3436896 2015-07-10] (QLogic Corporation) R1 FileCrypt; C:\Windows\System32\drivers\filecrypt.sys [83968 2015-07-10] (Microsoft Corporation) S3 genericusbfn; C:\Windows\System32\drivers\genericusbfn.sys [20992 2015-07-10] (Microsoft Corporation) R1 GpuEnergyDrv; C:\Windows\System32\drivers\gpuenergydrv.sys [8192 2015-07-10] (Microsoft Corporation) S3 hamachi; C:\Windows\system32\DRIVERS\Hamdrv.sys [46136 2014-02-26] (LogMeIn Inc.) R1 HWiNFO32; C:\WINDOWS\SysWOW64\drivers\HWiNFO64A.SYS [26528 2015-02-20] (REALiX(tm)) S3 ibbus; C:\Windows\System32\drivers\ibbus.sys [424800 2015-07-10] (Mellanox) R2 iocbios2; C:\Program Files (x86)\Intel\Extreme Tuning Utility\Drivers\IocDriver\64bit\iocbios2.sys [28912 2014-02-18] (Intel Corporation) S3 IoQos; C:\Windows\System32\drivers\ioqos.sys [26624 2015-07-10] (Microsoft Corporation) S3 IvtAudioBusSrv; C:\Windows\System32\Drivers\IvtBtBus.sys [27256 2012-12-24] (IVT Corporation.) S3 IvtPanBusSrv; C:\Windows\System32\Drivers\btnetBus.sys [31480 2012-12-24] (IVT Corporation.) S3 LGSHidFilt; C:\Windows\system32\DRIVERS\LGSHidFilt.Sys [64280 2013-05-30] (Logitech Inc.) S3 LGSUsbFilt; C:\Windows\system32\DRIVERS\LGSUsbFilt.Sys [41752 2013-05-30] (Logitech Inc.) S0 LSI_SAS3i; C:\Windows\System32\drivers\lsi_sas3i.sys [99168 2015-07-10] (Avago Technologies) R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25816 2015-06-18] (Malwarebytes Corporation) S3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [64216 2015-06-18] (Malwarebytes Corporation) R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [99288 2013-07-26] (Intel Corporation) S3 mlx4_bus; C:\Windows\System32\drivers\mlx4_bus.sys [705376 2015-07-10] (Mellanox) S3 ndfltr; C:\Windows\System32\drivers\ndfltr.sys [76128 2015-07-10] (Mellanox) R2 npf; C:\Windows\System32\drivers\npf.sys [36600 2014-04-18] (Riverbed Technology, Inc.) R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19600 2015-07-24] (NVIDIA Corporation) R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [47976 2015-07-03] (NVIDIA Corporation) R3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [587264 2015-07-10] (Realtek ) R3 SaiK1708; C:\Windows\system32\DRIVERS\SaiK1708.sys [180544 2012-09-20] (Saitek) R3 SaiMini; C:\Windows\System32\drivers\SaiMini.sys [25120 2013-02-01] (Saitek) R3 SaiNtBus; C:\Windows\system32\drivers\SaiBus.sys [52640 2013-02-01] (Saitek) R3 SaiU1708; C:\Windows\System32\drivers\SaiU1708.sys [47168 2012-09-20] (Saitek) R1 se64a; C:\Windows\System32\drivers\se64a.sys [14032 2007-05-03] (EnTech Taiwan) R2 storqosflt; C:\Windows\System32\drivers\storqosflt.sys [61952 2015-07-10] (Microsoft Corporation) R3 swenum; C:\Windows\System32\DriverStore\FileRepository\swenum.inf_amd64_2a699e44676b7781\swenum.sys [17760 2015-07-10] (Microsoft Corporation) S3 UcmCx0101; C:\Windows\System32\Drivers\UcmCx.sys [61952 2015-07-10] (Microsoft Corporation) S3 UcmUcsi; C:\Windows\System32\drivers\UcmUcsi.sys [46080 2015-07-29] (Microsoft Corporation) S3 UdeCx; C:\Windows\System32\drivers\udecx.sys [44032 2015-07-10] () S3 UDST7000BDA; C:\Windows\System32\Drivers\UDST7000BDA.sys [527632 2009-06-15] (TechniSat Digital S.A.) S3 UDST7000HID; C:\Windows\system32\drivers\UDST7000HID.sys [27664 2009-07-15] (TechniSat Digital S.A.) S3 UHSfiltv; C:\Windows\system32\drivers\UHSfiltv.sys [23552 2012-09-12] (Creative Technology Ltd.) S3 USBAAPL64; C:\Windows\System32\Drivers\usbaapl64.sys [54784 2014-07-28] (Apple, Inc.) [Datei ist nicht signiert] R3 uvhid; C:\Windows\System32\drivers\uvhid.sys [25592 2015-01-13] (Windows (R) Win 7 DDK provider) R3 VBAudioVACMME; C:\Windows\system32\DRIVERS\vbaudio_cable64_win7.sys [41192 2015-01-30] (Windows (R) Win 7 DDK provider) R0 WindowsTrustedRT; C:\Windows\System32\drivers\WindowsTrustedRT.sys [106520 2015-07-10] (Microsoft Corporation) R0 WindowsTrustedRTProxy; C:\Windows\System32\drivers\WindowsTrustedRTProxy.sys [17944 2015-07-10] (Microsoft Corporation) S3 WinMad; C:\Windows\System32\drivers\winmad.sys [26976 2015-07-10] (Mellanox) S3 WinVerbs; C:\Windows\System32\drivers\winverbs.sys [59232 2015-07-10] (Mellanox) S3 xboxgip; C:\Windows\System32\drivers\xboxgip.sys [222720 2015-07-10] (Microsoft Corporation) S3 xinputhid; C:\Windows\System32\drivers\xinputhid.sys [25600 2015-07-10] (Microsoft Corporation) R2 {C5F942FD-1110-4664-86CE-0C6BDA305235}; C:\Program Files (x86)\CyberLink\PowerDVD14\Common\NavFilter\000.fcl [32456 2014-04-28] (CyberLink Corp.) S3 wfpcapture; \SystemRoot\System32\drivers\wfpcapture.sys [X] ==================== NetSvcs (Nicht auf der Ausnahmeliste) =================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) NETSVC: dosvc -> C:\Windows\system32\dosvc.dll (Microsoft Corporation) NETSVC: DcpSvc -> C:\Windows\system32\dcpsvc.dll (Microsoft Corporation) NETSVC: NetSetupSvc -> C:\Windows\System32\NetSetupSvc.dll (Microsoft Corporation) NETSVC: dmwappushservice -> C:\Windows\system32\dmwappushsvc.dll (Microsoft Corporation) NETSVC: XblGameSave -> C:\Windows\System32\XblGameSave.dll (Microsoft Corporation) NETSVC: XboxNetApiSvc -> C:\Windows\system32\XboxNetApiSvc.dll (Microsoft Corporation) NETSVC: UsoSvc -> C:\Windows\system32\usocore.dll (Microsoft Corporation) NETSVC: UserManager -> C:\Windows\System32\usermgr.dll (Microsoft Corporation) NETSVC: DmEnrollmentSvc -> C:\Windows\system32\Windows.Internal.Management.dll (Microsoft Corporation) NETSVC: XblAuthManager -> C:\Windows\System32\XblAuthManager.dll (Microsoft Corporation) NETSVC: RetailDemo -> C:\Windows\system32\RDXService.dll (Microsoft Corporation) NETSVCx32: NetSetupSvc -> C:\Windows\SysWOW64\NetSetupSvc.dll ==> Keine Datei NETSVCx32: UserManager -> C:\Windows\SysWOW64\usermgr.dll ==> Keine Datei ==================== Ein Monat: Erstellte Dateien und Ordner ======== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.) 2015-08-13 15:59 - 2015-08-13 15:59 - 00043111 _____ C:\Users\Nils Geiger\Downloads\FRST.txt 2015-08-13 15:56 - 2015-08-13 15:56 - 00000000 ___HD C:\OneDriveTemp 2015-08-13 15:56 - 2015-08-13 15:56 - 00000000 ____D C:\Users\Nils Geiger\AppData\Roaming\ProductData 2015-08-13 15:55 - 2015-08-13 15:55 - 00016148 _____ C:\WINDOWS\system32\NILS-PC_Nils Geiger_HistoryPrediction.bin 2015-08-13 15:45 - 2015-08-13 15:45 - 00002042 _____ C:\Users\Nils Geiger\Desktop\JRT.txt 2015-08-13 15:41 - 2015-08-13 15:41 - 00002072 _____ C:\Users\Nils Geiger\Downloads\AdwCleaner[S7].txt 2015-08-13 15:39 - 2015-08-13 15:55 - 00002560 _____ C:\WINDOWS\setupact.log 2015-08-13 15:39 - 2015-08-13 15:39 - 00000000 _____ C:\WINDOWS\setuperr.log 2015-08-13 15:37 - 2015-08-13 15:55 - 00000275 _____ C:\WINDOWS\WindowsUpdate.log 2015-08-13 15:35 - 2015-08-13 15:35 - 00001201 _____ C:\Users\Nils Geiger\Downloads\MBAM.txt 2015-08-13 15:28 - 2015-08-13 15:42 - 01791580 _____ (Malwarebytes Corporation) C:\Users\Nils Geiger\Downloads\JRT.exe 2015-08-13 15:27 - 2015-08-13 15:36 - 02248704 _____ C:\Users\Nils Geiger\Downloads\AdwCleaner_4.208.exe 2015-08-13 15:25 - 2015-08-13 15:25 - 00120338 _____ C:\Users\Nils Geiger\Desktop\cc_20150813_152520.reg 2015-08-13 15:20 - 2015-08-13 15:20 - 00001184 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk 2015-08-13 15:14 - 2015-08-13 15:14 - 00001350 _____ C:\Users\Nils Geiger\Desktop\Revo Uninstaller.lnk 2015-08-13 15:14 - 2015-08-13 15:14 - 00000000 ____D C:\Program Files (x86)\VS Revo Group 2015-08-13 14:52 - 2015-08-13 15:20 - 24345872 _____ (Malwarebytes Corporation ) C:\Users\Nils Geiger\Downloads\mbam-setup-2.1.8.1057.exe 2015-08-13 14:52 - 2015-08-13 15:14 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\Nils Geiger\Downloads\revosetup95.exe 2015-08-12 18:08 - 2015-08-12 18:08 - 09284296 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerInstaller.exe 2015-08-12 15:07 - 2015-08-08 09:30 - 08020320 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe 2015-08-12 15:07 - 2015-08-08 09:29 - 01822280 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll 2015-08-12 15:07 - 2015-08-08 09:19 - 00608936 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe 2015-08-12 15:07 - 2015-08-08 09:01 - 01533496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll 2015-08-12 15:07 - 2015-08-08 08:48 - 00539728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe 2015-08-12 15:07 - 2015-08-08 08:40 - 00365056 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll 2015-08-12 15:07 - 2015-08-08 08:24 - 02415104 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll 2015-08-12 15:07 - 2015-08-08 08:24 - 01679360 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll 2015-08-12 15:07 - 2015-08-08 08:22 - 01105920 _____ (Microsoft Corporation) C:\WINDOWS\system32\sysmain.dll 2015-08-12 15:07 - 2015-08-08 08:21 - 00642048 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdbui.dll 2015-08-12 15:07 - 2015-08-08 08:15 - 00303104 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll 2015-08-12 15:07 - 2015-08-08 08:00 - 01985024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWrite.dll 2015-08-12 15:07 - 2015-08-06 05:18 - 00290768 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppHost.exe 2015-08-12 15:07 - 2015-08-06 05:17 - 00237392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdyboost.sys 2015-08-12 15:07 - 2015-08-06 05:17 - 00200528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wof.sys 2015-08-12 15:07 - 2015-08-06 04:36 - 21874176 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll 2015-08-12 15:07 - 2015-08-06 04:22 - 00685568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdiWiFi.sys 2015-08-12 15:07 - 2015-08-06 04:03 - 18805248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll 2015-08-12 15:07 - 2015-08-05 06:49 - 00783112 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll 2015-08-12 15:07 - 2015-08-05 06:29 - 00644128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll 2015-08-12 15:07 - 2015-08-05 06:03 - 02416640 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll 2015-08-12 15:07 - 2015-08-05 06:00 - 00310784 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActionCenter.dll 2015-08-12 15:07 - 2015-08-05 05:54 - 01274880 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifinetworkmanager.dll 2015-08-12 15:07 - 2015-08-05 05:47 - 03588096 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys 2015-08-12 15:07 - 2015-08-05 05:47 - 01383424 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys 2015-08-12 15:07 - 2015-08-05 05:43 - 01916416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll 2015-08-12 15:07 - 2015-08-05 05:39 - 00261632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActionCenter.dll 2015-08-12 15:07 - 2015-08-04 06:08 - 02462648 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll 2015-08-12 15:07 - 2015-08-04 06:07 - 00102752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mountmgr.sys 2015-08-12 15:07 - 2015-08-04 06:06 - 00583128 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf.dll 2015-08-12 15:07 - 2015-08-04 06:06 - 00243248 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll 2015-08-12 15:07 - 2015-08-04 05:50 - 02151208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll 2015-08-12 15:07 - 2015-08-04 05:23 - 00078848 _____ (Microsoft Corporation) C:\WINDOWS\system32\VPNv2CSP.dll 2015-08-12 15:07 - 2015-08-04 05:21 - 16709120 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll 2015-08-12 15:07 - 2015-08-04 05:10 - 13025792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll 2015-08-12 15:07 - 2015-08-04 04:59 - 01212416 _____ (Microsoft Corporation) C:\WINDOWS\system32\RemoteNaturalLanguage.dll 2015-08-12 15:07 - 2015-08-04 04:47 - 00898560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RemoteNaturalLanguage.dll 2015-08-12 15:07 - 2015-08-03 04:32 - 00306688 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationObjFactory.dll 2015-08-12 15:07 - 2015-08-03 04:28 - 00268800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NotificationObjFactory.dll 2015-08-12 15:07 - 2015-08-03 04:19 - 00505696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys 2015-08-12 15:07 - 2015-08-03 04:19 - 00393568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys 2015-08-12 15:07 - 2015-08-03 04:18 - 08613200 _____ (Microsoft Corp.) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll 2015-08-12 15:07 - 2015-08-03 04:18 - 01983840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys 2015-08-12 15:07 - 2015-08-03 04:18 - 00594472 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Shell.Broker.dll 2015-08-12 15:07 - 2015-08-03 04:18 - 00046432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msgpiowin32.sys 2015-08-12 15:07 - 2015-08-03 04:17 - 00516960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS 2015-08-12 15:07 - 2015-08-03 04:17 - 00052264 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wpcfltr.sys 2015-08-12 15:07 - 2015-08-03 04:13 - 22322624 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll 2015-08-12 15:07 - 2015-08-03 04:12 - 00801632 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe 2015-08-12 15:07 - 2015-08-03 03:56 - 06878256 _____ (Microsoft Corp.) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll 2015-08-12 15:07 - 2015-08-03 03:50 - 20857848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll 2015-08-12 15:07 - 2015-08-03 03:49 - 00700256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe 2015-08-12 15:07 - 2015-08-03 03:31 - 00911360 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedStartModel.dll 2015-08-12 15:07 - 2015-08-03 03:30 - 00253952 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_UserAccount.dll 2015-08-12 15:07 - 2015-08-03 03:24 - 24592384 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll 2015-08-12 15:07 - 2015-08-03 03:24 - 00503808 _____ (Microsoft Corporation) C:\WINDOWS\system32\tileobjserver.dll 2015-08-12 15:07 - 2015-08-03 03:24 - 00282112 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEEventDispatcher.dll 2015-08-12 15:07 - 2015-08-03 03:24 - 00193536 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedStartModelShim.dll 2015-08-12 15:07 - 2015-08-03 03:23 - 02446336 _____ C:\WINDOWS\system32\InputService.dll 2015-08-12 15:07 - 2015-08-03 03:23 - 00122880 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEDataLayerHelpers.dll 2015-08-12 15:07 - 2015-08-03 03:22 - 01601536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Speech.dll 2015-08-12 15:07 - 2015-08-03 03:22 - 01008640 _____ (Microsoft Corporation) C:\WINDOWS\system32\schedsvc.dll 2015-08-12 15:07 - 2015-08-03 03:22 - 00317440 _____ (Microsoft Corporation) C:\WINDOWS\system32\configmanager2.dll 2015-08-12 15:07 - 2015-08-03 03:22 - 00293376 _____ C:\WINDOWS\system32\TextInputFramework.dll 2015-08-12 15:07 - 2015-08-03 03:21 - 00179712 _____ (Microsoft Corporation) C:\WINDOWS\system32\coredpus.dll 2015-08-12 15:07 - 2015-08-03 03:19 - 00215040 _____ (Microsoft Corporation) C:\WINDOWS\system32\notepad.exe 2015-08-12 15:07 - 2015-08-03 03:19 - 00215040 _____ (Microsoft Corporation) C:\WINDOWS\notepad.exe 2015-08-12 15:07 - 2015-08-03 03:18 - 12503552 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll 2015-08-12 15:07 - 2015-08-03 03:18 - 03780096 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll 2015-08-12 15:07 - 2015-08-03 03:18 - 00162304 _____ (Microsoft Corporation) C:\WINDOWS\system32\SubscriptionMgr.dll 2015-08-12 15:07 - 2015-08-03 03:18 - 00120832 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkStatus.dll 2015-08-12 15:07 - 2015-08-03 03:15 - 02178560 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll 2015-08-12 15:07 - 2015-08-03 03:15 - 01290752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Shell.dll 2015-08-12 15:07 - 2015-08-03 03:15 - 00988672 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXService.dll 2015-08-12 15:07 - 2015-08-03 03:15 - 00595456 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll 2015-08-12 15:07 - 2015-08-03 03:15 - 00573440 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Cortana.Desktop.dll 2015-08-12 15:07 - 2015-08-03 03:15 - 00384000 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppBroker.dll 2015-08-12 15:07 - 2015-08-03 03:15 - 00171520 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinBioDataModel.dll 2015-08-12 15:07 - 2015-08-03 03:14 - 00273920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.LockScreen.dll 2015-08-12 15:07 - 2015-08-03 03:14 - 00247808 _____ C:\WINDOWS\system32\facecredentialprovider.dll 2015-08-12 15:07 - 2015-08-03 03:12 - 19323392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll 2015-08-12 15:07 - 2015-08-03 03:12 - 01890304 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll 2015-08-12 15:07 - 2015-08-03 03:12 - 01823232 _____ C:\WINDOWS\SysWOW64\InputService.dll 2015-08-12 15:07 - 2015-08-03 03:12 - 00217088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VEEventDispatcher.dll 2015-08-12 15:07 - 2015-08-03 03:12 - 00081920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VEDataLayerHelpers.dll 2015-08-12 15:07 - 2015-08-03 03:11 - 01795072 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll 2015-08-12 15:07 - 2015-08-03 03:11 - 00814080 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctfuimanager.dll 2015-08-12 15:07 - 2015-08-03 03:11 - 00200704 _____ C:\WINDOWS\SysWOW64\TextInputFramework.dll 2015-08-12 15:07 - 2015-08-03 03:10 - 01162240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Speech.dll 2015-08-12 15:07 - 2015-08-03 03:06 - 00207872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\notepad.exe 2015-08-12 15:07 - 2015-08-03 03:03 - 00494592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LogonController.dll 2015-08-12 15:07 - 2015-08-03 03:02 - 00311808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LockAppBroker.dll 2015-08-12 15:07 - 2015-08-03 03:02 - 00195072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.LockScreen.dll 2015-08-12 15:07 - 2015-08-03 03:01 - 11262464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll 2015-08-12 15:07 - 2015-08-03 03:00 - 01593856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll 2015-08-12 15:07 - 2015-08-03 02:59 - 00752640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctfuimanager.dll 2015-08-12 15:02 - 2015-08-12 15:02 - 00129101 _____ C:\Users\Nils Geiger\Downloads\Addition.txt 2015-08-12 15:01 - 2015-08-13 15:59 - 00000000 ____D C:\Users\Nils Geiger\Downloads\FRST-OlderVersion 2015-08-11 20:54 - 2015-08-11 20:54 - 00000000 ____D C:\ProgramData\X360CE 2015-08-11 20:54 - 2015-08-11 20:54 - 00000000 ____D C:\Program Files (x86)\steam 2015-08-11 20:45 - 2015-08-11 20:45 - 00001911 _____ C:\Users\Nils Geiger\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Spotify.lnk 2015-08-10 19:58 - 2015-08-13 15:59 - 02173952 _____ (Farbar) C:\Users\Nils Geiger\Downloads\FRST64.exe 2015-08-10 00:11 - 2015-08-11 16:11 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox 2015-08-09 23:38 - 2015-08-13 15:21 - 00113880 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys 2015-08-09 23:38 - 2015-08-13 15:20 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 2015-08-09 23:38 - 2015-08-13 15:20 - 00000000 ____D C:\Program Files (x86)\ Malwarebytes Anti-Malware 2015-08-09 23:38 - 2015-06-18 08:42 - 00064216 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys 2015-08-09 23:38 - 2015-06-18 08:41 - 00109272 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys 2015-08-09 23:38 - 2015-06-18 08:41 - 00025816 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys 2015-08-09 23:32 - 2015-08-13 15:23 - 00000000 ____D C:\WINDOWS\Minidump 2015-08-09 23:15 - 2015-08-13 15:59 - 00000000 ____D C:\FRST 2015-08-09 23:14 - 2015-08-09 23:14 - 00000168 _____ C:\Users\Nils Geiger\defogger_reenable 2015-08-07 20:38 - 2015-08-08 14:09 - 01865516 _____ C:\Users\Apps\musixmatch-lyrics-cp.spa 2015-08-07 20:38 - 2015-08-08 14:09 - 00449780 _____ C:\Users\snapshot_blob.bin 2015-08-07 20:38 - 2015-08-08 14:09 - 00410937 _____ C:\Users\natives_blob.bin 2015-08-05 23:58 - 2015-07-30 08:24 - 01561872 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmde.dll 2015-08-05 23:58 - 2015-07-30 08:23 - 00527952 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll 2015-08-05 23:58 - 2015-07-30 08:21 - 00816576 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll 2015-08-05 23:58 - 2015-07-30 08:17 - 01200400 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcrt4.dll 2015-08-05 23:58 - 2015-07-30 08:17 - 01025840 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsrcsnk.dll 2015-08-05 23:58 - 2015-07-30 08:16 - 02147080 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d9.dll 2015-08-05 23:58 - 2015-07-30 08:15 - 00632168 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll 2015-08-05 23:58 - 2015-07-30 08:14 - 00333168 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFPlay.dll 2015-08-05 23:58 - 2015-07-30 08:09 - 01562968 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpmde.dll 2015-08-05 23:58 - 2015-07-30 08:06 - 01043872 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll 2015-08-05 23:58 - 2015-07-30 08:05 - 02498808 _____ C:\WINDOWS\system32\CoreUIComponents.dll 2015-08-05 23:58 - 2015-07-30 08:05 - 00501008 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll 2015-08-05 23:58 - 2015-07-30 08:04 - 01396064 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll 2015-08-05 23:58 - 2015-07-30 08:03 - 02116448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys 2015-08-05 23:58 - 2015-07-30 07:24 - 00252768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContentDeliveryManager.Utilities.dll 2015-08-05 23:58 - 2015-07-30 06:42 - 01643872 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll 2015-08-05 23:58 - 2015-07-30 06:29 - 00705520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpcrt4.dll 2015-08-05 23:58 - 2015-07-30 06:26 - 01867160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d9.dll 2015-08-05 23:58 - 2015-07-30 06:26 - 00877016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll 2015-08-05 23:58 - 2015-07-30 06:25 - 01356368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmde.dll 2015-08-05 23:58 - 2015-07-30 06:25 - 00713312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll 2015-08-05 23:58 - 2015-07-30 06:24 - 01769056 _____ C:\WINDOWS\SysWOW64\CoreUIComponents.dll 2015-08-05 23:58 - 2015-07-30 06:24 - 00445240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioEng.dll 2015-08-05 23:58 - 2015-07-30 06:24 - 00407616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll 2015-08-05 23:58 - 2015-07-30 06:24 - 00285632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFPlay.dll 2015-08-05 23:58 - 2015-07-30 06:22 - 00896144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsrcsnk.dll 2015-08-05 23:58 - 2015-07-30 06:22 - 00507696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxgi.dll 2015-08-05 23:58 - 2015-07-30 06:21 - 00962400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll 2015-08-05 23:58 - 2015-07-30 06:12 - 00287744 _____ (Microsoft Corporation) C:\WINDOWS\system32\provhandlers.dll 2015-08-05 23:58 - 2015-07-30 06:12 - 00268800 _____ (Microsoft Corporation) C:\WINDOWS\system32\provengine.dll 2015-08-05 23:58 - 2015-07-30 06:09 - 00024576 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManagerShellext.exe 2015-08-05 23:58 - 2015-07-30 06:08 - 00494592 _____ (Microsoft Corporation) C:\WINDOWS\system32\StoreAgent.dll 2015-08-05 23:58 - 2015-07-30 06:08 - 00168960 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe 2015-08-05 23:58 - 2015-07-30 06:08 - 00055296 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe 2015-08-05 23:58 - 2015-07-30 05:59 - 00187904 _____ (Microsoft Corporation) C:\WINDOWS\system32\provisioningcsp.dll 2015-08-05 23:58 - 2015-07-30 05:52 - 00859136 _____ (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll 2015-08-05 23:58 - 2015-07-30 05:52 - 00521216 _____ (Microsoft Corporation) C:\WINDOWS\system32\PsmServiceExtHost.dll 2015-08-05 23:58 - 2015-07-30 05:52 - 00075264 _____ (Microsoft Corporation) C:\WINDOWS\system32\ACPBackgroundManagerPolicy.dll 2015-08-05 23:58 - 2015-07-30 05:49 - 11557888 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll 2015-08-05 23:58 - 2015-07-30 05:49 - 00777728 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll 2015-08-05 23:58 - 2015-07-30 05:49 - 00324096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll 2015-08-05 23:58 - 2015-07-30 05:46 - 02125312 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.appcore.dll 2015-08-05 23:58 - 2015-07-30 05:46 - 00593920 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmsvc.dll 2015-08-05 23:58 - 2015-07-30 05:46 - 00487424 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmkvsrcsnk.dll 2015-08-05 23:58 - 2015-07-30 05:46 - 00204288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmcsp.dll 2015-08-05 23:58 - 2015-07-30 05:45 - 00195584 _____ (Microsoft Corporation) C:\WINDOWS\system32\fwpolicyiomgr.dll 2015-08-05 23:58 - 2015-07-30 05:45 - 00155136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tunnel.sys 2015-08-05 23:58 - 2015-07-30 05:44 - 02662400 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll 2015-08-05 23:58 - 2015-07-30 05:44 - 00280064 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll 2015-08-05 23:58 - 2015-07-30 05:44 - 00229376 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorService.dll 2015-08-05 23:58 - 2015-07-30 05:44 - 00091648 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsNativeApi.V2.dll 2015-08-05 23:58 - 2015-07-30 05:44 - 00065536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthhfenum.sys 2015-08-05 23:58 - 2015-07-30 05:44 - 00041984 _____ (Microsoft Corporation) C:\WINDOWS\system32\VoiceActivationManager.dll 2015-08-05 23:58 - 2015-07-30 05:42 - 00518144 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationController.dll 2015-08-05 23:58 - 2015-07-30 05:41 - 00407040 _____ (Microsoft Corporation) C:\WINDOWS\system32\CredProvDataModel.dll 2015-08-05 23:58 - 2015-07-30 05:41 - 00028672 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationControllerPS.dll 2015-08-05 23:58 - 2015-07-30 05:40 - 00846336 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpncore.dll 2015-08-05 23:58 - 2015-07-30 05:38 - 01420288 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataService.dll 2015-08-05 23:58 - 2015-07-30 05:38 - 00080384 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxSysprep.dll 2015-08-05 23:58 - 2015-07-30 05:34 - 00599552 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnapps.dll 2015-08-05 23:58 - 2015-07-30 05:29 - 00654848 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToManager.dll 2015-08-05 23:58 - 2015-07-30 05:15 - 09889792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll 2015-08-05 23:58 - 2015-07-30 05:10 - 00585728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll 2015-08-05 23:58 - 2015-07-30 05:10 - 00247808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll 2015-08-05 23:58 - 2015-07-30 05:07 - 00163328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fwpolicyiomgr.dll 2015-08-05 23:58 - 2015-07-30 05:06 - 01820160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Logon.dll 2015-08-05 23:58 - 2015-07-30 05:06 - 00373248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmkvsrcsnk.dll 2015-08-05 23:58 - 2015-07-30 05:06 - 00078336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SensorsNativeApi.V2.dll 2015-08-05 23:58 - 2015-07-30 05:06 - 00034816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VoiceActivationManager.dll 2015-08-05 23:58 - 2015-07-30 05:04 - 01714176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.appcore.dll 2015-08-05 23:58 - 2015-07-30 05:04 - 00335360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CredProvDataModel.dll 2015-08-05 23:58 - 2015-07-30 04:59 - 00473088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wpnapps.dll 2015-08-05 23:58 - 2015-07-30 04:58 - 00497152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToManager.dll 2015-08-01 19:14 - 2015-08-01 19:14 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TriDef 2015-08-01 19:14 - 2015-07-03 06:28 - 00065896 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvaudcap32v.dll 2015-08-01 14:19 - 2015-08-01 14:19 - 00021232 _____ (Thesycon GmbH) C:\WINDOWS\system32\Drivers\dpclat_driver.sys 2015-07-30 20:34 - 2015-07-30 20:34 - 00000000 ____D C:\Users\Nils Geiger\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox 2015-07-30 18:53 - 2015-07-30 18:53 - 00000000 ____D C:\WINDOWS\system32\SleepStudy 2015-07-30 18:03 - 2015-07-30 18:03 - 00000000 ____D C:\Users\Nils Geiger\AppData\Local\PeerDistRepub 2015-07-29 16:50 - 2015-08-13 15:23 - 00000000 ___DC C:\WINDOWS\Panther 2015-07-29 16:49 - 2015-07-29 16:49 - 00000000 ____D C:\Windows.old 2015-07-29 16:48 - 2015-07-29 16:48 - 14241792 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll 2015-07-29 16:48 - 2015-07-29 16:48 - 12589056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll 2015-07-29 16:48 - 2015-07-29 16:48 - 07569408 _____ (Microsoft Corporation) C:\WINDOWS\system32\mos.dll 2015-07-29 16:48 - 2015-07-29 16:48 - 07523328 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll 2015-07-29 16:48 - 2015-07-29 16:48 - 07051264 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll 2015-07-29 16:48 - 2015-07-29 16:48 - 06488312 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll 2015-07-29 16:48 - 2015-07-29 16:48 - 06305792 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Search.dll 2015-07-29 16:48 - 2015-07-29 16:48 - 06101504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mos.dll 2015-07-29 16:48 - 2015-07-29 16:48 - 05454848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll 2015-07-29 16:48 - 2015-07-29 16:48 - 05118024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll 2015-07-29 16:48 - 2015-07-29 16:48 - 05076480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingMaps.dll 2015-07-29 16:48 - 2015-07-29 16:48 - 04791296 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll 2015-07-29 16:48 - 2015-07-29 16:48 - 04760576 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExplorerFrame.dll 2015-07-29 16:48 - 2015-07-29 16:48 - 04611584 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll 2015-07-29 16:48 - 2015-07-29 16:48 - 04532304 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe 2015-07-29 16:48 - 2015-07-29 16:48 - 04398080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Search.dll 2015-07-29 16:48 - 2015-07-29 16:48 - 04350464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExplorerFrame.dll 2015-07-29 16:48 - 2015-07-29 16:48 - 04169728 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIRibbon.dll 2015-07-29 16:48 - 2015-07-29 16:48 - 04047288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe 2015-07-29 16:48 - 2015-07-29 16:48 - 03687936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll 2015-07-29 16:48 - 2015-07-29 16:48 - 03620736 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll 2015-07-29 16:48 - 2015-07-29 16:48 - 03579904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll 2015-07-29 16:48 - 2015-07-29 16:48 - 03443200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIRibbon.dll 2015-07-29 16:48 - 2015-07-29 16:48 - 03362816 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll 2015-07-29 16:48 - 2015-07-29 16:48 - 03248640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll 2015-07-29 16:48 - 2015-07-29 16:48 - 03248128 _____ (Microsoft Corporation) C:\WINDOWS\system32\msftedit.dll 2015-07-29 16:48 - 2015-07-29 16:48 - 02878000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll 2015-07-29 16:48 - 2015-07-29 16:48 - 02741760 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll 2015-07-29 16:48 - 2015-07-29 16:48 - 02646528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll 2015-07-29 16:48 - 2015-07-29 16:48 - 02606080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msftedit.dll 2015-07-29 16:48 - 2015-07-29 16:48 - 02558976 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll 2015-07-29 16:48 - 2015-07-29 16:48 - 02235904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll 2015-07-29 16:48 - 2015-07-29 16:48 - 02224128 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll 2015-07-29 16:48 - 2015-07-29 16:48 - 02207744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll 2015-07-29 16:48 - 2015-07-29 16:48 - 02112512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll 2015-07-29 16:48 - 2015-07-29 16:48 - 01964544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssrch.dll 2015-07-29 16:48 - 2015-07-29 16:48 - 01773056 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll 2015-07-29 16:48 - 2015-07-29 16:48 - 01611264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll 2015-07-29 16:48 - 2015-07-29 16:48 - 01602560 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll 2015-07-29 16:48 - 2015-07-29 16:48 - 01591856 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll 2015-07-29 16:48 - 2015-07-29 16:48 - 01521664 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActiveSyncProvider.dll 2015-07-29 16:48 - 2015-07-29 16:48 - 01418240 _____ (Microsoft Corporation) C:\WINDOWS\system32\RecoveryDrive.exe 2015-07-29 16:48 - 2015-07-29 16:48 - 01417216 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll 2015-07-29 16:48 - 2015-07-29 16:48 - 01411072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Editing.dll 2015-07-29 16:48 - 2015-07-29 16:48 - 01380864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll 2015-07-29 16:48 - 2015-07-29 16:48 - 01365072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32.dll 2015-07-29 16:48 - 2015-07-29 16:48 - 01334784 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAutomationCore.dll 2015-07-29 16:48 - 2015-07-29 16:48 - 01294352 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi 2015-07-29 16:48 - 2015-07-29 16:48 - 01203200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Bluetooth.dll 2015-07-29 16:48 - 2015-07-29 16:48 - 01203200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Unistore.dll 2015-07-29 16:48 - 2015-07-29 16:48 - 01201664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Cred.dll 2015-07-29 16:48 - 2015-07-29 16:48 - 01177600 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll 2015-07-29 16:48 - 2015-07-29 16:48 - 01169408 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll 2015-07-29 16:48 - 2015-07-29 16:48 - 01168736 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys 2015-07-29 16:48 - 2015-07-29 16:48 - 01135312 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipUp.exe 2015-07-29 16:48 - 2015-07-29 16:48 - 01123400 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe 2015-07-29 16:48 - 2015-07-29 16:48 - 01112064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIAutomationCore.dll 2015-07-29 16:48 - 2015-07-29 16:48 - 01101792 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmCoreR.dll 2015-07-29 16:48 - 2015-07-29 16:48 - 01085776 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll 2015-07-29 16:48 - 2015-07-29 16:48 - 01067520 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll 2015-07-29 16:48 - 2015-07-29 16:48 - 01061888 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll 2015-07-29 16:48 - 2015-07-29 16:48 - 01043968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Editing.dll 2015-07-29 16:48 - 2015-07-29 16:48 - 01031680 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorDataService.exe 2015-07-29 16:48 - 2015-07-29 16:48 - 01018568 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi 2015-07-29 16:48 - 2015-07-29 16:48 - 00991584 _____ (Microsoft Corporation) C:\WINDOWS\system32\ReAgent.dll 2015-07-29 16:48 - 2015-07-29 16:48 - 00980832 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi 2015-07-29 16:48 - 2015-07-29 16:48 - 00966424 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.appcore.dll 2015-07-29 16:48 - 2015-07-29 16:48 - 00934752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\refsv1.sys 2015-07-29 16:48 - 2015-07-29 16:48 - 00925696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Unistore.dll 2015-07-29 16:48 - 2015-07-29 16:48 - 00916800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll 2015-07-29 16:48 - 2015-07-29 16:48 - 00902656 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchIndexer.exe 2015-07-29 16:48 - 2015-07-29 16:48 - 00872448 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntshrui.dll 2015-07-29 16:48 - 2015-07-29 16:48 - 00869376 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapControlCore.dll 2015-07-29 16:48 - 2015-07-29 16:48 - 00858408 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe 2015-07-29 16:48 - 2015-07-29 16:48 - 00856064 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContactApis.dll 2015-07-29 16:48 - 2015-07-29 16:48 - 00855552 _____ (Microsoft Corporation) C:\WINDOWS\system32\winhttp.dll 2015-07-29 16:48 - 2015-07-29 16:48 - 00850432 _____ (Microsoft Corporation) C:\WINDOWS\system32\comdlg32.dll 2015-07-29 16:48 - 2015-07-29 16:48 - 00845664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ReAgent.dll 2015-07-29 16:48 - 2015-07-29 16:48 - 00841728 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Import.dll 2015-07-29 16:48 - 2015-07-29 16:48 - 00832512 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsStore.dll 2015-07-29 16:48 - 2015-07-29 16:48 - 00828416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Bluetooth.dll 2015-07-29 16:48 - 2015-07-29 16:48 - 00823336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MrmCoreR.dll 2015-07-29 16:48 - 2015-07-29 16:48 - 00808856 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll 2015-07-29 16:48 - 2015-07-29 16:48 - 00799232 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpccpl.dll 2015-07-29 16:48 - 2015-07-29 16:48 - 00798208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntshrui.dll 2015-07-29 16:48 - 2015-07-29 16:48 - 00783872 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll 2015-07-29 16:48 - 2015-07-29 16:48 - 00762896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.appcore.dll 2015-07-29 16:48 - 2015-07-29 16:48 - 00754688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Cred.dll 2015-07-29 16:48 - 2015-07-29 16:48 - 00752640 _____ (Microsoft Corporation) C:\WINDOWS\system32\efscore.dll 2015-07-29 16:48 - 2015-07-29 16:48 - 00750592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comdlg32.dll 2015-07-29 16:48 - 2015-07-29 16:48 - 00712192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchIndexer.exe 2015-07-29 16:48 - 2015-07-29 16:48 - 00695136 _____ (Microsoft Corporation) C:\WINDOWS\system32\wimgapi.dll 2015-07-29 16:48 - 2015-07-29 16:48 - 00680448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.Connectivity.dll 2015-07-29 16:48 - 2015-07-29 16:48 - 00679424 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppContracts.dll 2015-07-29 16:48 - 2015-07-29 16:48 - 00677888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll 2015-07-29 16:48 - 2015-07-29 16:48 - 00670208 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll 2015-07-29 16:48 - 2015-07-29 16:48 - 00667136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winhttp.dll 2015-07-29 16:48 - 2015-07-29 16:48 - 00658568 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipSVC.dll 2015-07-29 16:48 - 2015-07-29 16:48 - 00630160 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll 2015-07-29 16:48 - 2015-07-29 16:48 - 00623616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ContactApis.dll 2015-07-29 16:48 - 2015-07-29 16:48 - 00607008 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll 2015-07-29 16:48 - 2015-07-29 16:48 - 00601344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys 2015-07-29 16:48 - 2015-07-29 16:48 - 00590336 _____ (Microsoft Corporation) C:\WINDOWS\system32\MessagingDataModel2.dll 2015-07-29 16:48 - 2015-07-29 16:48 - 00589824 _____ (Microsoft Corporation) C:\WINDOWS\system32\uxtheme.dll 2015-07-29 16:48 - 2015-07-29 16:48 - 00589312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\efscore.dll 2015-07-29 16:48 - 2015-07-29 16:48 - 00584704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIRibbonRes.dll 2015-07-29 16:48 - 2015-07-29 16:48 - 00584704 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Sensors.dll 2015-07-29 16:48 - 2015-07-29 16:48 - 00584704 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIRibbonRes.dll 2015-07-29 16:48 - 2015-07-29 16:48 - 00584544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wimgapi.dll 2015-07-29 16:48 - 2015-07-29 16:48 - 00578048 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe 2015-07-29 16:48 - 2015-07-29 16:48 - 00575488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Import.dll 2015-07-29 16:48 - 2015-07-29 16:48 - 00569344 _____ (Microsoft Corporation) C:\WINDOWS\system32\MCRecvSrc.dll 2015-07-29 16:48 - 2015-07-29 16:48 - 00565088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\acpi.sys 2015-07-29 16:48 - 2015-07-29 16:48 - 00562688 _____ (Microsoft Corporation) C:\WINDOWS\system32\MbaeApi.dll 2015-07-29 16:48 - 2015-07-29 16:48 - 00553472 _____ (Microsoft Corporation) C:\WINDOWS\system32\GamePanel.exe 2015-07-29 16:48 - 2015-07-29 16:48 - 00542720 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFolder.dll 2015-07-29 16:48 - 2015-07-29 16:48 - 00521568 _____ (Microsoft Corporation) C:\WINDOWS\system32\wimserv.exe 2015-07-29 16:48 - 2015-07-29 16:48 - 00510976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll 2015-07-29 16:48 - 2015-07-29 16:48 - 00505344 _____ C:\WINDOWS\system32\EditionUpgradeManagerObj.dll 2015-07-29 16:48 - 2015-07-29 16:48 - 00503296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.Connectivity.dll 2015-07-29 16:48 - 2015-07-29 16:48 - 00498016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbhub.sys 2015-07-29 16:48 - 2015-07-29 16:48 - 00485888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.BlockedShutdown.dll 2015-07-29 16:48 - 2015-07-29 16:48 - 00480256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MCRecvSrc.dll 2015-07-29 16:48 - 2015-07-29 16:48 - 00465920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MessagingDataModel2.dll 2015-07-29 16:48 - 2015-07-29 16:48 - 00458752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\uxtheme.dll 2015-07-29 16:48 - 2015-07-29 16:48 - 00452608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchFolder.dll 2015-07-29 16:48 - 2015-07-29 16:48 - 00448512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MbaeApi.dll 2015-07-29 16:48 - 2015-07-29 16:48 - 00446976 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapConfiguration.dll 2015-07-29 16:48 - 2015-07-29 16:48 - 00441344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppContracts.dll 2015-07-29 16:48 - 2015-07-29 16:48 - 00437248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Sensors.dll 2015-07-29 16:48 - 2015-07-29 16:48 - 00430592 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppcomapi.dll 2015-07-29 16:48 - 2015-07-29 16:48 - 00425824 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll 2015-07-29 16:48 - 2015-07-29 16:48 - 00421888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Bluetooth.dll 2015-07-29 16:48 - 2015-07-29 16:48 - 00420352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GamePanel.exe 2015-07-29 16:48 - 2015-07-29 16:48 - 00416256 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcdedit.exe 2015-07-29 16:48 - 2015-07-29 16:48 - 00414720 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.BioFeedback.dll 2015-07-29 16:48 - 2015-07-29 16:48 - 00412672 _____ C:\WINDOWS\system32\diagtrack_win.dll 2015-07-29 16:48 - 2015-07-29 16:48 - 00403968 _____ C:\WINDOWS\system32\diagtrack_wininternal.dll 2015-07-29 16:48 - 2015-07-29 16:48 - 00366592 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll 2015-07-29 16:48 - 2015-07-29 16:48 - 00359936 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncsi.dll 2015-07-29 16:48 - 2015-07-29 16:48 - 00356352 _____ (Microsoft Corporation) C:\WINDOWS\system32\stobject.dll 2015-07-29 16:48 - 2015-07-29 16:48 - 00343040 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll 2015-07-29 16:48 - 2015-07-29 16:48 - 00342528 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvr.exe 2015-07-29 16:48 - 2015-07-29 16:48 - 00335248 _____ (Microsoft Corporation) C:\WINDOWS\system32\wintrust.dll 2015-07-29 16:48 - 2015-07-29 16:48 - 00329728 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll 2015-07-29 16:48 - 2015-07-29 16:48 - 00328704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapConfiguration.dll 2015-07-29 16:48 - 2015-07-29 16:48 - 00325984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys 2015-07-29 16:48 - 2015-07-29 16:48 - 00322048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.BlockedShutdown.dll 2015-07-29 16:48 - 2015-07-29 16:48 - 00322048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\stobject.dll 2015-07-29 16:48 - 2015-07-29 16:48 - 00316928 _____ (Microsoft Corporation) C:\WINDOWS\system32\ConhostV2.dll 2015-07-29 16:48 - 2015-07-29 16:48 - 00310784 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsApi.dll 2015-07-29 16:48 - 2015-07-29 16:48 - 00303616 _____ (Microsoft Corporation) C:\WINDOWS\system32\MBMediaManager.dll 2015-07-29 16:48 - 2015-07-29 16:48 - 00296960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Bluetooth.dll 2015-07-29 16:48 - 2015-07-29 16:48 - 00294912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll 2015-07-29 16:48 - 2015-07-29 16:48 - 00291840 _____ (Microsoft Corporation) C:\WINDOWS\system32\systemcpl.dll 2015-07-29 16:48 - 2015-07-29 16:48 - 00290312 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininit.exe 2015-07-29 16:48 - 2015-07-29 16:48 - 00283648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.BioFeedback.dll 2015-07-29 16:48 - 2015-07-29 16:48 - 00279552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\systemcpl.dll 2015-07-29 16:48 - 2015-07-29 16:48 - 00275456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcastdvr.exe 2015-07-29 16:48 - 2015-07-29 16:48 - 00271872 _____ (Microsoft Corporation) C:\WINDOWS\system32\ConsoleLogon.dll 2015-07-29 16:48 - 2015-07-29 16:48 - 00265480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wintrust.dll 2015-07-29 16:48 - 2015-07-29 16:48 - 00263168 _____ (Microsoft Corporation) C:\WINDOWS\system32\DisplayManager.dll 2015-07-29 16:48 - 2015-07-29 16:48 - 00251392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SensorsApi.dll 2015-07-29 16:48 - 2015-07-29 16:48 - 00242264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LockAppHost.exe 2015-07-29 16:48 - 2015-07-29 16:48 - 00242176 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll 2015-07-29 16:48 - 2015-07-29 16:48 - 00235008 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Notifications.dll 2015-07-29 16:48 - 2015-07-29 16:48 - 00232960 _____ (Microsoft Corporation) C:\WINDOWS\system32\DevicesFlowBroker.dll 2015-07-29 16:48 - 2015-07-29 16:48 - 00208736 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll 2015-07-29 16:48 - 2015-07-29 16:48 - 00208384 _____ (Microsoft Corporation) C:\WINDOWS\system32\srumsvc.dll 2015-07-29 16:48 - 2015-07-29 16:48 - 00204288 _____ (Microsoft Corporation) C:\WINDOWS\system32\OmaDmAgent.dll 2015-07-29 16:48 - 2015-07-29 16:48 - 00193024 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseModernAppMgmtCSP.dll 2015-07-29 16:48 - 2015-07-29 16:48 - 00191488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DisplayManager.dll 2015-07-29 16:48 - 2015-07-29 16:48 - 00190464 _____ (Microsoft Corporation) C:\WINDOWS\system32\ReInfo.dll 2015-07-29 16:48 - 2015-07-29 16:48 - 00186880 _____ (Microsoft Corporation) C:\WINDOWS\system32\BootMenuUX.dll 2015-07-29 16:48 - 2015-07-29 16:48 - 00185856 _____ (Microsoft Corporation) C:\WINDOWS\system32\psmsrv.dll 2015-07-29 16:48 - 2015-07-29 16:48 - 00185344 _____ (Microsoft Corporation) C:\WINDOWS\system32\cloudAP.dll 2015-07-29 16:48 - 2015-07-29 16:48 - 00181760 _____ (Microsoft Corporation) C:\WINDOWS\system32\shutdownux.dll 2015-07-29 16:48 - 2015-07-29 16:48 - 00181088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxAllUserStore.dll 2015-07-29 16:48 - 2015-07-29 16:48 - 00179712 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_SignInOptions.dll 2015-07-29 16:48 - 2015-07-29 16:48 - 00179200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\srumsvc.dll 2015-07-29 16:48 - 2015-07-29 16:48 - 00176640 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcdboot.exe 2015-07-29 16:48 - 2015-07-29 16:48 - 00169984 _____ (Microsoft Corporation) C:\WINDOWS\system32\storewuauth.dll 2015-07-29 16:48 - 2015-07-29 16:48 - 00167424 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Privacy.dll 2015-07-29 16:48 - 2015-07-29 16:48 - 00162304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ReInfo.dll 2015-07-29 16:48 - 2015-07-29 16:48 - 00151040 _____ (Microsoft Corporation) C:\WINDOWS\system32\TabSvc.dll 2015-07-29 16:48 - 2015-07-29 16:48 - 00150528 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe 2015-07-29 16:48 - 2015-07-29 16:48 - 00148992 _____ (Microsoft Corporation) C:\WINDOWS\system32\tetheringservice.dll 2015-07-29 16:48 - 2015-07-29 16:48 - 00137216 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEStoreEventHandlers.dll 2015-07-29 16:48 - 2015-07-29 16:48 - 00123392 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll 2015-07-29 16:48 - 2015-07-29 16:48 - 00120832 _____ (Microsoft Corporation) C:\WINDOWS\system32\omadmclient.exe 2015-07-29 16:48 - 2015-07-29 16:48 - 00116736 _____ (Microsoft Corporation) C:\WINDOWS\system32\sendmail.dll 2015-07-29 16:48 - 2015-07-29 16:48 - 00107520 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmapi.dll 2015-07-29 16:48 - 2015-07-29 16:48 - 00104960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sendmail.dll 2015-07-29 16:48 - 2015-07-29 16:48 - 00097128 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcd.dll 2015-07-29 16:48 - 2015-07-29 16:48 - 00093696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmapi.dll 2015-07-29 16:48 - 2015-07-29 16:48 - 00084480 _____ (Microsoft Corporation) C:\WINDOWS\system32\spbcd.dll 2015-07-29 16:48 - 2015-07-29 16:48 - 00082616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcd.dll 2015-07-29 16:48 - 2015-07-29 16:48 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\system32\setbcdlocale.dll 2015-07-29 16:48 - 2015-07-29 16:48 - 00069120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\spbcd.dll 2015-07-29 16:48 - 2015-07-29 16:48 - 00068096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Cortana.ProxyStub.dll 2015-07-29 16:48 - 2015-07-29 16:48 - 00067072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbser.sys 2015-07-29 16:48 - 2015-07-29 16:48 - 00065536 _____ (Microsoft Corporation) C:\WINDOWS\system32\msiexec.exe 2015-07-29 16:48 - 2015-07-29 16:48 - 00064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\unenrollhook.dll 2015-07-29 16:48 - 2015-07-29 16:48 - 00061280 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dam.sys 2015-07-29 16:48 - 2015-07-29 16:48 - 00060928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Cortana.OneCore.dll 2015-07-29 16:48 - 2015-07-29 16:48 - 00058368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msiexec.exe 2015-07-29 16:48 - 2015-07-29 16:48 - 00057856 _____ (Microsoft Corporation) C:\WINDOWS\system32\hmkd.dll 2015-07-29 16:48 - 2015-07-29 16:48 - 00056320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Cortana.PAL.Desktop.dll 2015-07-29 16:48 - 2015-07-29 16:48 - 00053248 _____ (Microsoft Corporation) C:\WINDOWS\system32\omadmprc.exe 2015-07-29 16:48 - 2015-07-29 16:48 - 00046080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\UcmUcsi.sys 2015-07-29 16:48 - 2015-07-29 16:48 - 00045568 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll 2015-07-29 16:48 - 2015-07-29 16:48 - 00045056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hmkd.dll 2015-07-29 16:48 - 2015-07-29 16:48 - 00037376 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll 2015-07-29 16:48 - 2015-07-29 16:48 - 00032768 _____ C:\WINDOWS\system32\LicenseManagerApi.dll 2015-07-29 16:48 - 2015-07-29 16:48 - 00032768 _____ (Microsoft Corporation) C:\WINDOWS\system32\calc.exe 2015-07-29 16:48 - 2015-07-29 16:48 - 00031232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\calc.exe 2015-07-29 16:47 - 2015-07-29 16:47 - 00008192 _____ C:\WINDOWS\system32\config\userdiff 2015-07-29 16:46 - 2015-07-29 16:46 - 00000000 ____D C:\WINDOWS\SysWOW64\XPSViewer 2015-07-29 16:46 - 2015-07-29 16:46 - 00000000 ____D C:\Program Files\Reference Assemblies 2015-07-29 16:46 - 2015-07-29 16:46 - 00000000 ____D C:\Program Files\MSBuild 2015-07-29 16:46 - 2015-07-29 16:46 - 00000000 ____D C:\Program Files (x86)\Reference Assemblies 2015-07-29 16:46 - 2015-07-29 16:00 - 00000000 ____D C:\Program Files (x86)\MSBuild 2015-07-29 16:45 - 2015-06-17 19:10 - 01166520 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationNative_v0300.dll 2015-07-29 16:45 - 2015-06-17 19:10 - 00124112 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll 2015-07-29 16:45 - 2015-06-17 19:10 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe 2015-07-29 16:45 - 2015-05-29 22:07 - 00778936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationNative_v0300.dll 2015-07-29 16:45 - 2015-05-29 22:07 - 00102608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll 2015-07-29 16:45 - 2015-05-29 22:07 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TsWpfWrp.exe 2015-07-29 16:35 - 2015-07-29 16:35 - 00000000 ____D C:\Users\Nils Geiger\AppData\Local\NetworkTiles 2015-07-29 16:32 - 2015-07-29 16:32 - 00000000 ____D C:\Users\Nils Geiger\AppData\Local\MicrosoftEdge 2015-07-29 16:30 - 2015-07-29 16:30 - 00002421 _____ C:\Users\Nils Geiger\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk 2015-07-29 16:30 - 2015-07-29 16:30 - 00000000 ____D C:\Users\Nils Geiger\AppData\Local\Publishers 2015-07-29 16:29 - 2015-07-29 16:29 - 00000000 ____D C:\ProgramData\Microsoft OneDrive 2015-07-29 16:08 - 2015-08-13 15:45 - 01793546 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2015-07-29 16:07 - 2015-07-30 21:29 - 00000000 ____D C:\Users\Nils Geiger\AppData\Local\Comms 2015-07-29 16:07 - 2015-07-29 16:07 - 00000020 ___SH C:\Users\Nils Geiger\ntuser.ini 2015-07-29 16:07 - 2015-07-29 16:07 - 00000000 ____D C:\Users\Nils Geiger\AppData\Local\TileDataLayer 2015-07-29 16:05 - 2015-07-29 16:05 - 00000000 _SHDL C:\Users\Default\Vorlagen 2015-07-29 16:05 - 2015-07-29 16:05 - 00000000 _SHDL C:\Users\Default\Startmenü 2015-07-29 16:05 - 2015-07-29 16:05 - 00000000 _SHDL C:\Users\Default\Netzwerkumgebung 2015-07-29 16:05 - 2015-07-29 16:05 - 00000000 _SHDL C:\Users\Default\Lokale Einstellungen 2015-07-29 16:05 - 2015-07-29 16:05 - 00000000 _SHDL C:\Users\Default\Eigene Dateien 2015-07-29 16:05 - 2015-07-29 16:05 - 00000000 _SHDL C:\Users\Default\Druckumgebung 2015-07-29 16:05 - 2015-07-29 16:05 - 00000000 _SHDL C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programme 2015-07-29 16:05 - 2015-07-29 16:05 - 00000000 _SHDL C:\Users\Default\AppData\Local\Verlauf 2015-07-29 16:05 - 2015-07-29 16:05 - 00000000 _SHDL C:\Users\Default\AppData\Local\Anwendungsdaten 2015-07-29 16:05 - 2015-07-29 16:05 - 00000000 _SHDL C:\Users\Default\Anwendungsdaten 2015-07-29 16:05 - 2015-07-29 16:05 - 00000000 _SHDL C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programme 2015-07-29 16:05 - 2015-07-29 16:05 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Verlauf 2015-07-29 16:05 - 2015-07-29 16:05 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Anwendungsdaten 2015-07-29 16:01 - 2015-07-10 12:59 - 02718208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll 2015-07-29 16:00 - 2015-07-29 16:00 - 00000000 ____D C:\Users\Default\AppData\Roaming\TuneUp Software 2015-07-29 16:00 - 2015-07-29 16:00 - 00000000 ____D C:\Users\Default\AppData\Roaming\Mozilla 2015-07-29 16:00 - 2015-07-29 16:00 - 00000000 ____D C:\Users\Default\AppData\Roaming\Macromedia 2015-07-29 16:00 - 2015-07-29 16:00 - 00000000 ____D C:\Users\Default\AppData\Local\Overwolf 2015-07-29 16:00 - 2015-07-29 16:00 - 00000000 ____D C:\Users\Default\AppData\Local\Mozilla 2015-07-29 16:00 - 2015-07-29 16:00 - 00000000 ____D C:\Users\Default\AppData\Local\Microsoft Help 2015-07-29 16:00 - 2015-07-29 16:00 - 00000000 ____D C:\Users\Default User\AppData\Roaming\TuneUp Software 2015-07-29 16:00 - 2015-07-29 16:00 - 00000000 ____D C:\Users\Default User\AppData\Roaming\Mozilla 2015-07-29 16:00 - 2015-07-29 16:00 - 00000000 ____D C:\Users\Default User\AppData\Roaming\Macromedia 2015-07-29 16:00 - 2015-07-29 16:00 - 00000000 ____D C:\Users\Default User\AppData\Local\Overwolf 2015-07-29 16:00 - 2015-07-29 16:00 - 00000000 ____D C:\Users\Default User\AppData\Local\Mozilla 2015-07-29 16:00 - 2015-07-29 16:00 - 00000000 ____D C:\Users\Default User\AppData\Local\Microsoft Help 2015-07-29 15:59 - 2015-07-29 15:59 - 00001576 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk 2015-07-29 15:57 - 2015-07-29 15:57 - 00000000 ____D C:\WINDOWS\system32\config\bbimigrate 2015-07-29 15:56 - 2015-08-10 01:04 - 00000000 ____D C:\Users\Nils Geiger 2015-07-29 15:56 - 2015-07-29 16:07 - 00000000 ___RD C:\Users\Nils Geiger\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories 2015-07-29 15:56 - 2015-07-29 15:56 - 00000000 _SHDL C:\Users\Nils Geiger\Vorlagen 2015-07-29 15:56 - 2015-07-29 15:56 - 00000000 _SHDL C:\Users\Nils Geiger\Startmenü 2015-07-29 15:56 - 2015-07-29 15:56 - 00000000 _SHDL C:\Users\Nils Geiger\Netzwerkumgebung 2015-07-29 15:56 - 2015-07-29 15:56 - 00000000 _SHDL C:\Users\Nils Geiger\Lokale Einstellungen 2015-07-29 15:56 - 2015-07-29 15:56 - 00000000 _SHDL C:\Users\Nils Geiger\Eigene Dateien 2015-07-29 15:56 - 2015-07-29 15:56 - 00000000 _SHDL C:\Users\Nils Geiger\Druckumgebung 2015-07-29 15:56 - 2015-07-29 15:56 - 00000000 _SHDL C:\Users\Nils Geiger\AppData\Roaming\Microsoft\Windows\Start Menu\Programme 2015-07-29 15:56 - 2015-07-29 15:56 - 00000000 _SHDL C:\Users\Nils Geiger\AppData\Local\Verlauf 2015-07-29 15:56 - 2015-07-29 15:56 - 00000000 _SHDL C:\Users\Nils Geiger\AppData\Local\Anwendungsdaten 2015-07-29 15:56 - 2015-07-29 15:56 - 00000000 _SHDL C:\Users\Nils Geiger\Anwendungsdaten 2015-07-29 15:56 - 2015-07-29 15:56 - 00000000 ___RD C:\Users\Nils Geiger\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools 2015-07-29 15:56 - 2015-07-29 15:56 - 00000000 ___RD C:\Users\Nils Geiger\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility 2015-07-29 15:56 - 2015-07-10 13:04 - 00000000 __RSD C:\Users\Nils Geiger\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell 2015-07-29 15:56 - 2015-07-10 13:04 - 00000000 ____D C:\Users\Nils Geiger\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance 2015-07-29 15:55 - 2015-07-29 15:55 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_SaiK1708_01009.Wdf 2015-07-29 15:55 - 2015-07-29 15:55 - 00000000 ____H C:\ProgramData\DP45977C.lfl 2015-07-29 15:55 - 2015-07-29 15:55 - 00000000 ____D C:\WINDOWS\SysWOW64\RTCOM 2015-07-29 15:55 - 2015-07-29 15:55 - 00000000 ____D C:\WINDOWS\system32\DAX2 2015-07-29 15:55 - 2015-07-29 15:55 - 00000000 ____D C:\Program Files\Realtek 2015-07-29 15:52 - 2015-08-01 19:14 - 00000000 ____D C:\ProgramData\NVIDIA Corporation 2015-07-29 15:52 - 2015-07-29 15:57 - 00000000 ____D C:\Program Files\NVIDIA Corporation 2015-07-29 15:52 - 2015-07-29 15:57 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation 2015-07-29 15:52 - 2015-07-29 15:52 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_WpdFs_01_11_00.Wdf 2015-07-29 15:52 - 2015-07-29 15:52 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_TeeDriverx64_01011.Wdf 2015-07-29 15:51 - 2015-07-29 15:52 - 00035627 _____ C:\WINDOWS\system32\NetSetupMig.log 2015-07-29 15:29 - 2015-07-29 15:40 - 00000000 ___HD C:\$Windows.~BT 2015-07-29 15:09 - 2015-07-29 15:09 - 00000000 ___HD C:\$Windows.~WS 2015-07-23 04:02 - 2015-07-29 16:13 - 00031976 _____ C:\WINDOWS\system32\nvinfo.pb 2015-07-23 04:02 - 2015-07-23 04:02 - 42730312 _____ C:\WINDOWS\system32\nvcompiler.dll 2015-07-23 04:02 - 2015-07-23 04:02 - 37749064 _____ C:\WINDOWS\SysWOW64\nvcompiler.dll 2015-07-23 04:02 - 2015-07-23 04:02 - 30518928 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglv64.dll 2015-07-23 04:02 - 2015-07-23 04:02 - 22973584 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglv32.dll 2015-07-23 04:02 - 2015-07-23 04:02 - 18376584 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvwgf2umx.dll 2015-07-23 04:02 - 2015-07-23 04:02 - 16160440 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvopencl.dll 2015-07-23 04:02 - 2015-07-23 04:02 - 16011680 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvd3dumx.dll 2015-07-23 04:02 - 2015-07-23 04:02 - 15754192 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvwgf2um.dll 2015-07-23 04:02 - 2015-07-23 04:02 - 14511608 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll 2015-07-23 04:02 - 2015-07-23 04:02 - 13274904 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvopencl.dll 2015-07-23 04:02 - 2015-07-23 04:02 - 12973680 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvd3dum.dll 2015-07-23 04:02 - 2015-07-23 04:02 - 11843384 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll 2015-07-23 04:02 - 2015-07-23 04:02 - 11142984 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvlddmkm.sys 2015-07-23 04:02 - 2015-07-23 04:02 - 03351864 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll 2015-07-23 04:02 - 2015-07-23 04:02 - 02963208 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll 2015-07-23 04:02 - 2015-07-23 04:02 - 02360976 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll 2015-07-23 04:02 - 2015-07-23 04:02 - 02164040 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll 2015-07-23 04:02 - 2015-07-23 04:02 - 01898128 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6435362.dll 2015-07-23 04:02 - 2015-07-23 04:02 - 01557648 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6435362.dll 2015-07-23 04:02 - 2015-07-23 04:02 - 01165192 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvumdshimx.dll 2015-07-23 04:02 - 2015-07-23 04:02 - 01061008 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll 2015-07-23 04:02 - 2015-07-23 04:02 - 01053000 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll 2015-07-23 04:02 - 2015-07-23 04:02 - 00991152 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvumdshim.dll 2015-07-23 04:02 - 2015-07-23 04:02 - 00983368 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll 2015-07-23 04:02 - 2015-07-23 04:02 - 00976528 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll 2015-07-23 04:02 - 2015-07-23 04:02 - 00176904 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvinitx.dll 2015-07-23 04:02 - 2015-07-23 04:02 - 00155280 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvinit.dll 2015-07-23 04:02 - 2015-07-23 04:02 - 00150832 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglshim64.dll 2015-07-23 04:02 - 2015-07-23 04:02 - 00128512 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglshim32.dll 2015-07-18 00:18 - 2015-07-18 00:18 - 00000000 ____D C:\Users\Nils Geiger\AppData\Local\CEF 2015-07-16 15:40 - 2015-07-16 15:41 - 00001822 ____H C:\WINDOWS\EPMBatch.ept 2015-07-16 15:36 - 2015-07-16 15:36 - 00000000 ____D C:\Program Files (x86)\EaseUS 2015-07-16 14:40 - 2015-07-16 14:40 - 00000041 _____ C:\script.txt 2015-07-16 14:40 - 2015-07-16 14:40 - 00000031 _____ C:\WINDOWS\script.txt 2015-07-16 14:36 - 2015-07-29 15:57 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Samsung 2015-07-16 14:36 - 2015-07-29 15:57 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NeoSmart Technologies 2015-07-16 14:32 - 2015-07-29 16:04 - 00003394 _____ C:\WINDOWS\System32\Tasks\SamsungMagician 2015-07-16 14:30 - 2015-07-29 16:00 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung Magician 2015-07-15 16:55 - 2015-07-15 16:55 - 00000000 ____D C:\Filme 2015-07-15 16:01 - 2015-07-15 15:59 - 00097888 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll 2015-07-14 19:22 - 2015-08-13 15:32 - 00001264 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-1160257173-3920074079-2544844589-1001UA.job 2015-07-14 19:22 - 2015-08-09 13:32 - 00001212 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-1160257173-3920074079-2544844589-1001Core.job 2015-07-14 19:22 - 2015-07-29 16:04 - 00004332 _____ C:\WINDOWS\System32\Tasks\DropboxUpdateTaskUserS-1-5-21-1160257173-3920074079-2544844589-1001UA 2015-07-14 19:22 - 2015-07-29 16:04 - 00003952 _____ C:\WINDOWS\System32\Tasks\DropboxUpdateTaskUserS-1-5-21-1160257173-3920074079-2544844589-1001Core 2015-07-14 19:21 - 2015-07-14 19:21 - 00000000 ____D C:\Users\Nils Geiger\AppData\Local\Dropbox 2015-07-14 19:21 - 2015-07-14 19:21 - 00000000 ____D C:\ProgramData\Dropbox 2015-07-14 17:31 - 2015-07-29 16:00 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes 2015-07-14 17:30 - 2015-07-14 17:30 - 00000000 ____D C:\Program Files\iPod |
13.08.2015, 15:11 | #17 |
| Skype Malware/ Spam FRST Teil 2:
__________________Code:
ATTFilter ==================== Ein Monat: Geänderte Dateien und Ordner ======== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.) 2015-08-13 15:56 - 2015-05-23 22:27 - 00000000 ____D C:\Users\Nils Geiger\AppData\Local\Purplizer 2015-08-13 15:56 - 2014-05-12 01:45 - 00000000 __RDO C:\Users\Nils Geiger\OneDrive 2015-08-13 15:56 - 2013-08-04 13:14 - 00000000 ____D C:\Users\Nils Geiger\AppData\Local\Overwolf 2015-08-13 15:56 - 2013-03-10 11:44 - 00000000 ____D C:\Users\Nils Geiger\AppData\Roaming\Skype 2015-08-13 15:55 - 2015-07-10 14:21 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT 2015-08-13 15:55 - 2015-07-10 11:05 - 00524288 ___SH C:\WINDOWS\system32\config\BBI 2015-08-13 15:55 - 2012-11-08 21:38 - 00001130 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job 2015-08-13 15:54 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\system32\sru 2015-08-13 15:45 - 2015-07-10 18:34 - 00772138 _____ C:\WINDOWS\system32\perfh007.dat 2015-08-13 15:45 - 2015-07-10 18:34 - 00154500 _____ C:\WINDOWS\system32\perfc007.dat 2015-08-13 15:43 - 2014-12-19 01:48 - 00000000 ____D C:\Users\Nils Geiger\AppData\Roaming\IObit 2015-08-13 15:43 - 2014-12-19 01:48 - 00000000 ____D C:\ProgramData\IObit 2015-08-13 15:39 - 2015-07-10 14:20 - 05085632 _____ C:\WINDOWS\system32\FNTCACHE.DAT 2015-08-13 15:38 - 2013-11-22 16:10 - 00000000 ____D C:\AdwCleaner 2015-08-13 15:08 - 2014-04-07 17:12 - 00000884 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job 2015-08-13 15:05 - 2012-11-08 21:38 - 00001134 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job 2015-08-13 14:50 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\system32\NDF 2015-08-13 14:46 - 2013-12-09 01:35 - 00000000 ____D C:\Program Files (x86)\Overwolf 2015-08-13 14:37 - 2015-01-24 16:35 - 00000000 ____D C:\ProgramData\Unified Remote 2015-08-13 14:36 - 2014-06-14 00:40 - 00000000 ____D C:\Program Files\Microsoft Silverlight 2015-08-13 14:36 - 2014-06-14 00:40 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight 2015-08-12 20:50 - 2015-07-10 13:04 - 00000000 ___RD C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories 2015-08-12 20:50 - 2015-07-10 13:04 - 00000000 ___RD C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories 2015-08-12 20:50 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns 2015-08-12 20:50 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\system32\oobe 2015-08-12 20:50 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\system32\appraiser 2015-08-12 20:38 - 2012-11-08 21:52 - 00004168 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{7F8DEDA0-40A5-4C00-8FBE-6DE7C21F0E76} 2015-08-12 18:08 - 2014-04-07 17:12 - 00003870 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater 2015-08-12 15:40 - 2015-01-24 17:07 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight 2015-08-12 15:40 - 2012-11-06 20:45 - 00000000 ____D C:\ProgramData\Microsoft Help 2015-08-12 15:40 - 2012-07-26 07:26 - 00000382 _____ C:\WINDOWS\win.ini 2015-08-12 15:39 - 2013-07-19 03:00 - 00000000 ____D C:\WINDOWS\system32\MRT 2015-08-12 15:35 - 2012-12-12 12:23 - 132483416 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe 2015-08-12 15:34 - 2015-07-10 12:55 - 00000000 ____D C:\WINDOWS\CbsTemp 2015-08-11 23:46 - 2015-04-12 14:16 - 00000000 ____D C:\Users\Nils Geiger\AppData\Local\Spotify 2015-08-11 21:50 - 2015-04-12 14:16 - 00000000 ____D C:\Users\Nils Geiger\AppData\Roaming\Spotify 2015-08-11 18:11 - 2013-11-18 22:18 - 00000000 ____D C:\Program Files\Adobe 2015-08-11 18:11 - 2013-06-22 22:23 - 00000000 ____D C:\Program Files\Common Files\Adobe 2015-08-11 18:10 - 2013-06-22 22:25 - 00000000 ____D C:\ProgramData\regid.1986-12.com.adobe 2015-08-11 18:09 - 2013-09-28 13:02 - 00000000 ____D C:\Program Files (x86)\Adobe 2015-08-11 18:09 - 2013-02-18 15:16 - 00000000 ____D C:\ProgramData\Adobe 2015-08-11 18:09 - 2012-11-04 12:05 - 00000000 ____D C:\Users\Nils Geiger\AppData\Roaming\Adobe 2015-08-11 16:15 - 2014-08-17 02:00 - 00000000 ____D C:\Users\Nils Geiger\AppData\Local\Adobe 2015-08-11 16:11 - 2015-04-12 16:56 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2015-08-10 17:42 - 2013-03-10 11:44 - 00000000 ____D C:\ProgramData\Skype 2015-08-09 23:23 - 2013-04-04 21:18 - 00000000 ____D C:\Users\Nils Geiger\AppData\Roaming\Rainmeter 2015-08-09 23:19 - 2014-01-27 23:12 - 00000000 ____D C:\Program Files (x86)\Nmap 2015-08-09 22:50 - 2012-11-19 19:55 - 00000000 ____D C:\Users\Nils Geiger\AppData\Roaming\.minecraft 2015-08-09 11:08 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\AppReadiness 2015-08-08 21:27 - 2014-05-31 23:25 - 00000000 ____D C:\Users\Nils Geiger\AppData\Roaming\Kodi 2015-08-08 17:38 - 2015-07-10 13:06 - 00794088 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe 2015-08-08 17:38 - 2015-07-10 13:06 - 00179688 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl 2015-08-08 17:01 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\rescache 2015-08-08 14:09 - 2015-06-04 22:08 - 00602180 _____ C:\Users\Apps\local-files-desktop.spa 2015-08-08 14:09 - 2015-06-04 22:08 - 00158566 _____ C:\Users\Apps\hub.spa 2015-08-08 14:09 - 2015-04-23 19:15 - 45066808 _____ C:\Users\libcef.dll 2015-08-08 14:09 - 2015-04-23 19:15 - 10207504 _____ C:\Users\icudtl.dat 2015-08-08 14:09 - 2015-04-23 19:15 - 07675448 _____ (Spotify Ltd) C:\Users\Spotify.exe 2015-08-08 14:09 - 2015-04-23 19:15 - 04487782 _____ C:\Users\devtools_resources.pak 2015-08-08 14:09 - 2015-04-23 19:15 - 03457592 _____ (Microsoft Corporation) C:\Users\d3dcompiler_47.dll 2015-08-08 14:09 - 2015-04-23 19:15 - 02332541 _____ C:\Users\Apps\musixmatch-lyrics.spa 2015-08-08 14:09 - 2015-04-23 19:15 - 02184260 _____ C:\Users\cef.pak 2015-08-08 14:09 - 2015-04-23 19:15 - 02157552 _____ C:\Users\Apps\glue-resources.spa 2015-08-08 14:09 - 2015-04-23 19:15 - 02106424 _____ (Microsoft Corporation) C:\Users\d3dcompiler_43.dll 2015-08-08 14:09 - 2015-04-23 19:15 - 02018360 _____ (Spotify Ltd) C:\Users\SpotifyWebHelper.exe 2015-08-08 14:09 - 2015-04-23 19:15 - 01649208 _____ C:\Users\libGLESv2.dll 2015-08-08 14:09 - 2015-04-23 19:15 - 00967736 _____ (The Chromium Authors) C:\Users\ffmpegsumo.dll 2015-08-08 14:09 - 2015-04-23 19:15 - 00900089 _____ C:\Users\Apps\zlink.spa 2015-08-08 14:09 - 2015-04-23 19:15 - 00838712 _____ (Spotify Ltd) C:\Users\SpotifyCrashService.exe 2015-08-08 14:09 - 2015-04-23 19:15 - 00721136 _____ C:\Users\Apps\browse.spa 2015-08-08 14:09 - 2015-04-23 19:15 - 00622967 _____ C:\Users\cef_200_percent.pak 2015-08-08 14:09 - 2015-04-23 19:15 - 00606828 _____ C:\Users\Apps\playlist-desktop.spa 2015-08-08 14:09 - 2015-04-23 19:15 - 00542847 _____ C:\Users\Apps\notification-center.spa 2015-08-08 14:09 - 2015-04-23 19:15 - 00530001 _____ C:\Users\Apps\settings.spa 2015-08-08 14:09 - 2015-04-23 19:15 - 00528578 _____ C:\Users\Apps\collection.spa 2015-08-08 14:09 - 2015-04-23 19:15 - 00512594 _____ C:\Users\Apps\genre.spa 2015-08-08 14:09 - 2015-04-23 19:15 - 00508698 _____ C:\Users\Apps\collection-artist.spa 2015-08-08 14:09 - 2015-04-23 19:15 - 00504671 _____ C:\Users\Apps\discover.spa 2015-08-08 14:09 - 2015-04-23 19:15 - 00471783 _____ C:\Users\Apps\messages.spa 2015-08-08 14:09 - 2015-04-23 19:15 - 00468951 _____ C:\Users\cef_100_percent.pak 2015-08-08 14:09 - 2015-04-23 19:15 - 00466223 _____ C:\Users\Apps\collection-album.spa 2015-08-08 14:09 - 2015-04-23 19:15 - 00451113 _____ C:\Users\Apps\social-feed.spa 2015-08-08 14:09 - 2015-04-23 19:15 - 00444041 _____ C:\Users\Apps\article.spa 2015-08-08 14:09 - 2015-04-23 19:15 - 00416475 _____ C:\Users\Apps\album.spa 2015-08-08 14:09 - 2015-04-23 19:15 - 00395528 _____ C:\Users\Apps\collection-songs.spa 2015-08-08 14:09 - 2015-04-23 19:15 - 00392161 _____ C:\Users\Apps\zlogin.spa 2015-08-08 14:09 - 2015-04-23 19:15 - 00383262 _____ C:\Users\Apps\social-chart.spa 2015-08-08 14:09 - 2015-04-23 19:15 - 00368227 _____ C:\Users\Apps\charts.spa 2015-08-08 14:09 - 2015-04-23 19:15 - 00366817 _____ C:\Users\Apps\buddy-list.spa 2015-08-08 14:09 - 2015-04-23 19:15 - 00363479 _____ C:\Users\Apps\artist.spa 2015-08-08 14:09 - 2015-04-23 19:15 - 00304572 _____ C:\Users\Apps\radio.spa 2015-08-08 14:09 - 2015-04-23 19:15 - 00278727 _____ C:\Users\Apps\folder.spa 2015-08-08 14:09 - 2015-04-23 19:15 - 00274437 _____ C:\Users\Apps\share.spa 2015-08-08 14:09 - 2015-04-23 19:15 - 00257997 _____ C:\Users\Apps\zlink-queue.spa 2015-08-08 14:09 - 2015-04-23 19:15 - 00244918 _____ C:\Users\Apps\profile.spa 2015-08-08 14:09 - 2015-04-23 19:15 - 00236396 _____ C:\Users\Apps\chart.spa 2015-08-08 14:09 - 2015-04-23 19:15 - 00216723 _____ C:\Users\Apps\search.spa 2015-08-08 14:09 - 2015-04-23 19:15 - 00216045 _____ C:\Users\Apps\findfriends.spa 2015-08-08 14:09 - 2015-04-23 19:15 - 00196416 _____ C:\Users\Apps\suggest.spa 2015-08-08 14:09 - 2015-04-23 19:15 - 00158229 _____ C:\Users\Apps\follow.spa 2015-08-08 14:09 - 2015-04-23 19:15 - 00098360 _____ (Spotify Ltd) C:\Users\SpotifyLauncher.exe 2015-08-08 14:09 - 2015-04-23 19:15 - 00080952 _____ C:\Users\libEGL.dll 2015-08-08 14:09 - 2015-04-23 19:15 - 00080587 _____ C:\Users\Apps\about.spa 2015-08-08 14:09 - 2015-04-23 19:15 - 00073272 _____ C:\Users\wow_helper.exe 2015-08-08 14:09 - 2015-04-23 19:15 - 00072701 _____ C:\Users\Apps\error.spa 2015-08-08 14:09 - 2015-04-23 19:15 - 00053462 _____ C:\Users\Apps\ad.spa 2015-08-08 14:09 - 2015-04-23 19:15 - 00050934 _____ C:\Users\Apps\licenses.spa 2015-08-08 14:09 - 2015-04-23 19:15 - 00014086 _____ C:\Users\locales\en-US.pak 2015-08-08 14:09 - 2015-04-23 19:15 - 00008009 _____ C:\Users\locales\el.mo 2015-08-08 14:09 - 2015-04-23 19:15 - 00007791 _____ C:\Users\locales\ru.mo 2015-08-08 14:09 - 2015-04-23 19:15 - 00007076 _____ C:\Users\locales\ja.mo 2015-08-08 14:09 - 2015-04-23 19:15 - 00006969 _____ C:\Users\locales\hu.mo 2015-08-08 14:09 - 2015-04-23 19:15 - 00006950 _____ C:\Users\locales\fr-CA.mo 2015-08-08 14:09 - 2015-04-23 19:15 - 00006899 _____ C:\Users\locales\fr.mo 2015-08-08 14:09 - 2015-04-23 19:15 - 00006876 _____ C:\Users\locales\fi.mo 2015-08-08 14:09 - 2015-04-23 19:15 - 00006875 _____ C:\Users\locales\pl.mo 2015-08-08 14:09 - 2015-04-23 19:15 - 00006808 _____ C:\Users\locales\es-419.mo 2015-08-08 14:09 - 2015-04-23 19:15 - 00006793 _____ C:\Users\locales\nl.mo 2015-08-08 14:09 - 2015-04-23 19:15 - 00006756 _____ C:\Users\locales\de.mo 2015-08-08 14:09 - 2015-04-23 19:15 - 00006740 _____ C:\Users\locales\zsm.mo 2015-08-08 14:09 - 2015-04-23 19:15 - 00006739 _____ C:\Users\locales\it.mo 2015-08-08 14:09 - 2015-04-23 19:15 - 00006731 _____ C:\Users\locales\es.mo 2015-08-08 14:09 - 2015-04-23 19:15 - 00006726 _____ C:\Users\locales\tr.mo 2015-08-08 14:09 - 2015-04-23 19:15 - 00006719 _____ C:\Users\locales\zh-Hant.mo 2015-08-08 14:09 - 2015-04-23 19:15 - 00006717 _____ C:\Users\locales\pt-BR.mo 2015-08-08 14:09 - 2015-04-23 19:15 - 00006672 _____ C:\Users\locales\sv.mo 2015-08-08 14:09 - 2015-04-23 19:15 - 00006540 _____ C:\Users\locales\arb.mo 2015-08-08 14:09 - 2015-04-23 19:15 - 00006469 _____ C:\Users\locales\en.mo 2015-08-08 14:09 - 2015-04-23 19:15 - 00000020 _____ C:\Users\inst_ver.dat 2015-08-08 14:09 - 2015-04-23 19:15 - 00000000 ____D C:\Users\locales 2015-08-07 00:33 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\Provisioning 2015-08-07 00:01 - 2013-05-22 16:55 - 00000000 ____D C:\Users\Nils Geiger\AppData\Roaming\TS3Client 2015-08-07 00:00 - 2013-05-22 16:54 - 00000000 ____D C:\Program Files (x86)\TeamSpeak3 2015-08-05 21:21 - 2013-01-16 20:18 - 00000000 ____D C:\Users\Nils Geiger\AppData\Roaming\vlc 2015-08-02 21:08 - 2013-09-24 21:58 - 00000000 ____D C:\Users\Nils Geiger\AppData\Local\JDownloader v2.0 2015-08-02 17:29 - 2015-07-11 20:05 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MouseServer 2015-08-02 17:29 - 2015-07-11 20:05 - 00000000 ____D C:\Program Files (x86)\MouseServer 2015-08-01 19:36 - 2014-07-30 19:56 - 00000000 ____D C:\ProgramData\TEMP 2015-08-01 19:14 - 2014-09-19 22:11 - 00000000 ____D C:\Program Files (x86)\TriDef 3D 2015-08-01 12:52 - 2015-04-13 19:04 - 00004280 _____ C:\WINDOWS\System32\Tasks\avast! Emergency Update 2015-07-30 20:34 - 2012-11-27 00:35 - 00000000 ____D C:\Users\Nils Geiger\AppData\Roaming\Dropbox 2015-07-30 15:15 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\appcompat 2015-07-29 18:43 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\system32\restore 2015-07-29 16:50 - 2015-07-10 13:04 - 00028672 _____ C:\WINDOWS\system32\config\BCD-Template 2015-07-29 16:49 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\SysWOW64\oobe 2015-07-29 16:49 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\system32\SystemResetPlatform 2015-07-29 16:49 - 2015-07-10 11:05 - 00000000 ____D C:\WINDOWS\SysWOW64\Dism 2015-07-29 16:49 - 2015-07-10 11:05 - 00000000 ____D C:\WINDOWS\system32\Dism 2015-07-29 16:46 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\SysWOW64\MUI 2015-07-29 16:46 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\system32\MUI 2015-07-29 16:46 - 2015-07-10 13:00 - 00136192 _____ (Microsoft Corporation) C:\WINDOWS\system32\telnet.exe 2015-07-29 16:46 - 2015-07-10 12:59 - 00480256 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnet.dll 2015-07-29 16:46 - 2015-07-10 12:59 - 00395264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnet.dll 2015-07-29 16:46 - 2015-07-10 12:59 - 00220160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dplayx.dll 2015-07-29 16:46 - 2015-07-10 12:59 - 00069120 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnathlp.dll 2015-07-29 16:46 - 2015-07-10 12:59 - 00061952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnathlp.dll 2015-07-29 16:46 - 2015-07-10 12:59 - 00047104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpwsockx.dll 2015-07-29 16:46 - 2015-07-10 12:59 - 00027648 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnsvr.exe 2015-07-29 16:46 - 2015-07-10 12:59 - 00025088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpmodemx.dll 2015-07-29 16:46 - 2015-07-10 12:59 - 00023040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnsvr.exe 2015-07-29 16:46 - 2015-07-10 12:59 - 00020992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dplaysvr.exe 2015-07-29 16:46 - 2015-07-10 12:59 - 00010240 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnhupnp.dll 2015-07-29 16:46 - 2015-07-10 12:59 - 00010240 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnhpast.dll 2015-07-29 16:46 - 2015-07-10 12:59 - 00008704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnhupnp.dll 2015-07-29 16:46 - 2015-07-10 12:59 - 00008704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnhpast.dll 2015-07-29 16:46 - 2015-07-10 12:59 - 00005632 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnlobby.dll 2015-07-29 16:46 - 2015-07-10 12:59 - 00005120 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnaddr.dll 2015-07-29 16:46 - 2015-07-10 12:59 - 00004608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnlobby.dll 2015-07-29 16:46 - 2015-07-10 12:59 - 00004096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnaddr.dll 2015-07-29 16:40 - 2012-11-15 16:29 - 00000000 ____D C:\Program Files (x86)\Stardock 2015-07-29 16:37 - 2012-11-15 16:29 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Stardock 2015-07-29 16:34 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\system32\WinBioDatabase 2015-07-29 16:32 - 2012-11-04 12:05 - 00000000 ____D C:\Users\Nils Geiger\AppData\Local\Packages 2015-07-29 16:13 - 2015-06-01 16:21 - 00000000 ____D C:\ProgramData\boost_interprocess 2015-07-29 16:13 - 2015-02-15 00:15 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation 2015-07-29 16:08 - 2015-07-10 13:04 - 00000000 ___RD C:\WINDOWS\PurchaseDialog 2015-07-29 16:08 - 2015-07-10 13:04 - 00000000 ___RD C:\WINDOWS\PrintDialog 2015-07-29 16:08 - 2015-07-10 13:04 - 00000000 ___RD C:\WINDOWS\MiracastView 2015-07-29 16:08 - 2015-07-10 13:04 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel 2015-07-29 16:05 - 2015-07-10 13:04 - 00000000 ____D C:\Program Files\Windows NT 2015-07-29 16:05 - 2015-07-10 11:05 - 00000000 __RHD C:\Users\Default 2015-07-29 16:04 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\Registration 2015-07-29 16:04 - 2015-05-23 22:27 - 00003838 _____ C:\WINDOWS\System32\Tasks\Overwolf Updater Task 2015-07-29 16:04 - 2015-04-28 17:40 - 00003810 _____ C:\WINDOWS\System32\Tasks\klcp_update 2015-07-29 16:04 - 2015-01-16 17:41 - 00002492 _____ C:\WINDOWS\System32\Tasks\ASC8_SkipUac_Nils Geiger 2015-07-29 16:04 - 2014-12-19 01:32 - 00003324 _____ C:\WINDOWS\System32\Tasks\{43F28C09-FCE3-4572-8078-87947A3B2D83} 2015-07-29 16:04 - 2014-11-15 13:34 - 00009528 _____ C:\WINDOWS\diagwrn.xml 2015-07-29 16:04 - 2014-11-15 13:34 - 00009528 _____ C:\WINDOWS\diagerr.xml 2015-07-29 16:04 - 2014-08-30 11:28 - 00003228 _____ C:\WINDOWS\System32\Tasks\{376E1EBF-3B8C-4617-8E47-99B792FF36A8} 2015-07-29 16:04 - 2014-05-13 18:13 - 00003330 _____ C:\WINDOWS\System32\Tasks\{B1625993-C297-4BEE-9F70-D7FFAEA62E61} 2015-07-29 16:04 - 2014-01-28 17:23 - 00004138 _____ C:\WINDOWS\System32\Tasks\Stardock Central-S-1-5-21-1160257173-3920074079-2544844589-1001 2015-07-29 16:04 - 2013-10-25 14:11 - 00023056 _____ C:\WINDOWS\system32\emptyregdb.dat 2015-07-29 16:04 - 2013-09-28 12:35 - 00003404 _____ C:\WINDOWS\System32\Tasks\{5FC0CC8F-D358-4A9B-9EB0-0C6B6F3C0463} 2015-07-29 16:04 - 2013-06-02 14:57 - 00003744 _____ C:\WINDOWS\System32\Tasks\HPCustParticipation HP Officejet 7500 E910 2015-07-29 16:04 - 2013-04-09 22:26 - 00003328 _____ C:\WINDOWS\System32\Tasks\{48418533-D70D-4612-9EB6-288FEF954A58} 2015-07-29 16:04 - 2013-04-04 22:26 - 00003272 _____ C:\WINDOWS\System32\Tasks\{DEF54CF1-0EE4-4CEB-862C-35CB85BD4D89} 2015-07-29 16:04 - 2013-01-14 10:53 - 00002894 _____ C:\WINDOWS\System32\Tasks\CCleanerSkipUAC 2015-07-29 16:04 - 2012-12-10 18:45 - 00003450 _____ C:\WINDOWS\System32\Tasks\{D5569CD3-60E5-481E-84E5-314172D0E027} 2015-07-29 16:04 - 2012-11-08 21:38 - 00004216 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA 2015-07-29 16:04 - 2012-11-08 21:38 - 00003980 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore 2015-07-29 16:04 - 2012-11-06 20:56 - 00004046 _____ C:\WINDOWS\System32\Tasks\KMS Activation for Office 2015-07-29 16:04 - 2012-11-04 14:42 - 00003670 _____ C:\WINDOWS\System32\Tasks\CreateChoiceProcessTask 2015-07-29 16:04 - 2012-11-04 12:11 - 00003708 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1160257173-3920074079-2544844589-1001 2015-07-29 16:03 - 2015-07-10 13:04 - 00000000 __RHD C:\Users\Public\Libraries 2015-07-29 16:01 - 2014-11-17 21:09 - 00000000 ____D C:\ProgramData\NVIDIA 2015-07-29 16:00 - 2015-07-10 18:44 - 00000000 ____D C:\WINDOWS\ShellNew 2015-07-29 16:00 - 2015-07-10 11:05 - 00032768 ___SH C:\WINDOWS\system32\config\ELAM 2015-07-29 16:00 - 2015-07-07 17:32 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime 2015-07-29 16:00 - 2015-06-15 22:51 - 00000000 ____D C:\Users\Nils Geiger\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Kodi 2015-07-29 16:00 - 2015-06-15 21:38 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LAV Filters 2015-07-29 16:00 - 2015-04-28 17:39 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack 2015-07-29 16:00 - 2015-04-24 14:48 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDFCreator 2015-07-29 16:00 - 2015-04-21 15:37 - 00000000 ___SD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.1.1 2015-07-29 16:00 - 2015-04-13 19:04 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software 2015-07-29 16:00 - 2015-04-12 16:46 - 00000000 ____D C:\Users\Nils Geiger\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Unlocker 2015-07-29 16:00 - 2015-03-13 18:58 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Live Meeting 2007 2015-07-29 16:00 - 2015-02-24 21:09 - 00000000 ____D C:\Users\Nils Geiger\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Sauerbraten 2015-07-29 16:00 - 2015-01-24 16:35 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Unified Remote 3 2015-07-29 16:00 - 2015-01-20 16:41 - 00000000 ____D C:\Users\Nils Geiger\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ninja Lite 2015-07-29 16:00 - 2015-01-20 16:41 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ninja Lite 2015-07-29 16:00 - 2015-01-03 23:15 - 00000000 ____D C:\Users\Nils Geiger\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft AppLocale 2015-07-29 16:00 - 2014-12-26 19:36 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Universal Media Server 2015-07-29 16:00 - 2014-12-26 19:35 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AviSynth 2015-07-29 16:00 - 2014-12-25 19:40 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDFab 9 2015-07-29 16:00 - 2014-12-21 21:03 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink PowerDVD 14 2015-07-29 16:00 - 2014-11-17 23:53 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MonInfo 2015-07-29 16:00 - 2014-11-15 22:15 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RocketDock 2015-07-29 16:00 - 2014-10-04 15:02 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype 2015-07-29 16:00 - 2014-09-18 12:57 - 00000000 ____D C:\Users\Nils Geiger\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Plane9 2015-07-29 16:00 - 2014-09-05 21:56 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Die Sims 4 2015-07-29 16:00 - 2014-07-17 22:30 - 00000000 ____D C:\Users\Nils Geiger\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Unified Remote 2015-07-29 16:00 - 2014-07-13 17:58 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ImgBurn 2015-07-29 16:00 - 2014-07-10 14:47 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe 2015-07-29 16:00 - 2014-07-10 14:15 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wacom 2015-07-29 16:00 - 2014-07-08 17:12 - 00000000 ____D C:\Users\Nils Geiger\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Winamp Erkennungs-Plug-in 2015-07-29 16:00 - 2014-07-08 17:12 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Winamp 2015-07-29 16:00 - 2014-06-15 22:25 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel 2015-07-29 16:00 - 2014-06-08 17:05 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MediaMonkey 2015-07-29 16:00 - 2014-05-27 23:50 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Control 2015-07-29 16:00 - 2014-05-25 17:06 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft 2015-07-29 16:00 - 2014-05-14 14:27 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel Extreme Tuning Utility 2015-07-29 16:00 - 2014-05-13 16:10 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dolphin 2015-07-29 16:00 - 2014-03-18 17:11 - 00000000 ____D C:\Users\Nils Geiger\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\RivaTuner Statistics Server 2015-07-29 16:00 - 2014-03-18 17:11 - 00000000 ____D C:\Users\Nils Geiger\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\EVGA Precision X 2015-07-29 16:00 - 2014-02-27 21:44 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WhiteCap 2015-07-29 16:00 - 2014-02-05 18:12 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Vocaluxe 2015-07-29 16:00 - 2014-01-27 20:11 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NoLimits Track Packager 2015-07-29 16:00 - 2014-01-22 21:41 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPER © - by eRightSoft 2015-07-29 16:00 - 2014-01-11 10:30 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NoLimits 2 2015-07-29 16:00 - 2013-11-25 00:40 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LockHunter 2015-07-29 16:00 - 2013-11-22 18:00 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip 2015-07-29 16:00 - 2013-11-03 00:43 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DAEMON Tools Lite 2015-07-29 16:00 - 2013-11-03 00:05 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN 2015-07-29 16:00 - 2013-10-20 13:05 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java 2015-07-29 16:00 - 2013-09-29 14:35 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MyPhoneExplorer 2015-07-29 16:00 - 2013-09-24 21:59 - 00000000 ____D C:\Users\Nils Geiger\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\JDownloader 2015-07-29 16:00 - 2013-09-19 19:21 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java Development Kit 2015-07-29 16:00 - 2013-09-18 16:05 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DivX 2015-07-29 16:00 - 2013-08-22 15:36 - 00000000 ____D C:\Users\Default.migrated 2015-07-29 16:00 - 2013-08-18 15:34 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tunngle 2015-07-29 16:00 - 2013-08-17 15:20 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WordToPDF 2015-07-29 16:00 - 2013-07-18 11:55 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CubeDesktop NXT 2015-07-29 16:00 - 2013-06-09 18:18 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Façade 2015-07-29 16:00 - 2013-06-02 14:57 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP 2015-07-29 16:00 - 2013-05-30 13:36 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Duplicate Music Files Finder 2015-07-29 16:00 - 2013-05-29 23:28 - 00000000 ____D C:\Users\Nils Geiger\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Similarity 2015-07-29 16:00 - 2013-05-26 00:18 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\UltraStar Deluxe 2015-07-29 16:00 - 2013-05-22 16:55 - 00000000 ____D C:\Users\Nils Geiger\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TeamSpeak 3 Client 2015-07-29 16:00 - 2013-05-01 13:22 - 00000000 ____D C:\Users\Nils Geiger\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CodeBlocks 2015-07-29 16:00 - 2013-05-01 13:22 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CodeBlocks 2015-07-29 16:00 - 2013-04-23 19:42 - 00000000 ____D C:\Users\Nils Geiger\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR 2015-07-29 16:00 - 2013-04-23 19:42 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR 2015-07-29 16:00 - 2013-04-18 20:48 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\xbox-360-controller-custom (x64) 2015-07-29 16:00 - 2013-04-16 16:49 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Xbox 360 Accessories 2015-07-29 16:00 - 2013-04-15 18:32 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XBCD 2015-07-29 16:00 - 2013-04-09 19:28 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Winstep 2015-07-29 16:00 - 2013-04-09 18:23 - 00000000 ____D C:\WINDOWS\de 2015-07-29 16:00 - 2013-03-06 19:48 - 00000000 ____D C:\Users\Nils Geiger\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Curse 2015-07-29 16:00 - 2013-02-28 22:18 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Smart Technology 2015-07-29 16:00 - 2013-02-28 22:15 - 00000000 ____D C:\Users\Nils Geiger\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WBFS Manager 2015-07-29 16:00 - 2013-02-18 23:21 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome 2015-07-29 16:00 - 2013-01-17 17:18 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVBViewer 2015-07-29 16:00 - 2013-01-14 10:53 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner 2015-07-29 16:00 - 2013-01-02 21:18 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MKVToolNix 2015-07-29 16:00 - 2012-12-12 00:01 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NetOn 2 2015-07-29 16:00 - 2012-12-11 23:30 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NetOn 2015-07-29 16:00 - 2012-12-05 13:31 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Notepad++ 2015-07-29 16:00 - 2012-11-28 20:01 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Logitech 2015-07-29 16:00 - 2012-11-27 00:34 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Blue Ripple Sound 2015-07-29 16:00 - 2012-11-27 00:18 - 00000000 ____D C:\Users\Nils Geiger\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam 2015-07-29 16:00 - 2012-11-15 16:25 - 00000000 ____D C:\Users\Nils Geiger\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Stardock 2015-07-29 16:00 - 2012-11-08 21:40 - 00000000 ____D C:\Users\Nils Geiger\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome 2015-07-29 16:00 - 2012-11-06 20:48 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SharePoint 2015-07-29 16:00 - 2012-11-06 20:48 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2015-07-29 16:00 - 2012-11-05 01:20 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\3dtv.at Stereoscopic Player 2015-07-29 15:58 - 2015-07-10 18:34 - 00000000 ____D C:\WINDOWS\SysWOW64\sysprep 2015-07-29 15:58 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\SysWOW64\zh-HK 2015-07-29 15:58 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\SysWOW64\uk-UA 2015-07-29 15:58 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\SysWOW64\tr-TR 2015-07-29 15:58 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\SysWOW64\th-TH 2015-07-29 15:58 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\SysWOW64\sr-Latn-RS 2015-07-29 15:58 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\SysWOW64\sl-SI 2015-07-29 15:58 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\SysWOW64\sk-SK 2015-07-29 15:58 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\SysWOW64\ro-RO 2015-07-29 15:58 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\SysWOW64\migwiz 2015-07-29 15:58 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\SysWOW64\lv-LV 2015-07-29 15:58 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\SysWOW64\lt-LT 2015-07-29 15:58 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\SysWOW64\IME 2015-07-29 15:58 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\SysWOW64\hr-HR 2015-07-29 15:58 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\SysWOW64\he-IL 2015-07-29 15:58 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\SysWOW64\GroupPolicy 2015-07-29 15:58 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\SysWOW64\et-EE 2015-07-29 15:58 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\SysWOW64\en-GB 2015-07-29 15:58 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\SysWOW64\bg-BG 2015-07-29 15:57 - 2015-07-10 15:19 - 00000000 ____D C:\WINDOWS\DigitalLocker 2015-07-29 15:57 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\SysWOW64\ar-SA 2015-07-29 15:57 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\system32\zh-HK 2015-07-29 15:57 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\system32\uk-UA 2015-07-29 15:57 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\system32\tr-TR 2015-07-29 15:57 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\system32\th-TH 2015-07-29 15:57 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\system32\sr-Latn-RS 2015-07-29 15:57 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\system32\spool 2015-07-29 15:57 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\system32\sl-SI 2015-07-29 15:57 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\system32\sk-SK 2015-07-29 15:57 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\system32\ro-RO 2015-07-29 15:57 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\system32\Recovery 2015-07-29 15:57 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\system32\lv-LV 2015-07-29 15:57 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\system32\lt-LT 2015-07-29 15:57 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\system32\InputMethod 2015-07-29 15:57 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\system32\IME 2015-07-29 15:57 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\system32\hr-HR 2015-07-29 15:57 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\system32\he-IL 2015-07-29 15:57 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\system32\et-EE 2015-07-29 15:57 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\system32\en-GB 2015-07-29 15:57 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\system32\bg-BG 2015-07-29 15:57 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\system32\ar-SA 2015-07-29 15:57 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\LiveKernelReports 2015-07-29 15:57 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\InputMethod 2015-07-29 15:57 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\Help 2015-07-29 15:57 - 2015-07-10 13:04 - 00000000 ____D C:\Program Files\Common Files\System 2015-07-29 15:57 - 2015-07-10 13:04 - 00000000 ____D C:\Program Files\Common Files\microsoft shared 2015-07-29 15:57 - 2015-06-05 15:25 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\REVisionEffects 2015-07-29 15:57 - 2015-04-13 19:36 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Rockstar Games 2015-07-29 15:57 - 2015-03-13 14:11 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bullzip 2015-07-29 15:57 - 2014-11-19 19:51 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GoPro 2015-07-29 15:57 - 2014-09-17 00:38 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iWASEL VPN Service 2015-07-29 15:57 - 2014-09-15 20:51 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Xiph.Org 2015-07-29 15:57 - 2014-07-18 20:02 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\X-Mirage 2015-07-29 15:57 - 2014-05-11 01:58 - 00000000 ___RD C:\Users\Public\Recorded TV 2015-07-29 15:57 - 2014-03-16 12:09 - 00000000 ____D C:\Program Files\WIDCOMM 2015-07-29 15:57 - 2014-02-27 22:18 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Animated Wallpaper 2015-07-29 15:57 - 2013-11-21 19:11 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NewBlue 2015-07-29 15:57 - 2013-11-19 21:52 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sony 2015-07-29 15:57 - 2013-11-11 18:39 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CineForm 2015-07-29 15:57 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\system32\WindowsInternal.Inbox.Shared 2015-07-29 15:57 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\system32\WindowsInternal.Inbox.Media.Shared 2015-07-29 15:57 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\MediaViewer 2015-07-29 15:57 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\ADFS 2015-07-29 15:57 - 2013-05-29 22:50 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung 2015-07-29 15:57 - 2013-03-27 18:50 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Screaming Bee 2015-07-29 15:57 - 2013-03-10 16:49 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EA GAMES 2015-07-29 15:57 - 2012-12-19 15:14 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Xilisoft 2015-07-29 15:57 - 2012-11-20 19:05 - 00000000 ____D C:\WINDOWS\system32\appmgmt 2015-07-29 15:57 - 2012-11-04 12:05 - 00000000 ____D C:\ProgramData\PRICache 2015-07-29 15:57 - 2012-07-26 10:12 - 00000000 ___HD C:\WINDOWS\system32\GroupPolicy 2015-07-29 15:56 - 2015-07-10 11:05 - 00000000 ____D C:\WINDOWS\system32\Sysprep 2015-07-29 15:56 - 2015-05-23 22:27 - 00000000 ____D C:\Users\Nils Geiger\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Overwolf 2015-07-29 15:56 - 2013-10-25 16:38 - 00000000 __SHD C:\Recovery 2015-07-29 15:56 - 2013-07-31 17:08 - 00000000 ____D C:\Users\Nils Geiger\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ubisoft 2015-07-29 15:56 - 2013-01-16 19:33 - 00000000 ____D C:\Users\Nils Geiger\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MainConcept 2015-07-29 15:42 - 2013-10-24 23:54 - 00008192 __RSH C:\BOOTSECT.BAK 2015-07-29 15:40 - 2013-11-10 20:15 - 00090216 _____ C:\WINDOWS\system32\lvcoinst.log 2015-07-28 09:26 - 2015-04-23 19:15 - 00000000 _____ C:\Users\Nils.redir 2015-07-24 06:21 - 2015-02-15 00:15 - 01756608 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspbridge64.dll 2015-07-24 06:21 - 2015-02-15 00:15 - 01710568 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspcap64.dll 2015-07-24 06:21 - 2015-02-15 00:15 - 01423304 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspcap.dll 2015-07-24 06:21 - 2015-02-15 00:15 - 01316000 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspbridge.dll 2015-07-23 04:02 - 2014-11-17 21:09 - 00112784 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll 2015-07-23 04:02 - 2014-11-17 21:09 - 00105288 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll 2015-07-22 16:52 - 2015-04-15 18:28 - 00000080 _____ C:\Users\Nils Geiger\AppData\Local剜捯獫慴慇敭屳呇⁁屖湥楴汴浥湥湩潦 2015-07-16 16:05 - 2013-01-14 10:53 - 00000000 ____D C:\Program Files\CCleaner 2015-07-16 15:55 - 2015-04-13 19:36 - 00000000 ____D C:\Program Files\Rockstar Games 2015-07-16 14:36 - 2013-05-29 22:49 - 00000000 ____D C:\Program Files (x86)\Samsung 2015-07-16 14:36 - 2013-04-03 18:13 - 00000000 ____D C:\Program Files (x86)\NeoSmart Technologies 2015-07-16 14:36 - 2012-11-04 12:28 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information 2015-07-16 14:29 - 2013-05-29 22:49 - 00000000 ____D C:\ProgramData\Samsung 2015-07-15 16:15 - 2013-10-20 13:05 - 00000000 ____D C:\ProgramData\Oracle 2015-07-15 16:01 - 2014-09-12 22:26 - 00000000 ____D C:\Program Files (x86)\Java 2015-07-15 16:01 - 2013-01-12 01:29 - 00000000 ____D C:\Program Files\Java 2015-07-15 16:00 - 2013-10-20 13:05 - 00110688 _____ (Oracle Corporation) C:\WINDOWS\system32\WindowsAccessBridge-64.dll 2015-07-15 15:49 - 2015-07-07 17:46 - 00000000 ____D C:\Program Files\iTunes 2015-07-15 15:47 - 2013-08-22 17:36 - 00000000 ___RD C:\WINDOWS\ToastData 2015-07-14 21:59 - 2013-08-18 13:59 - 00000000 ____D C:\ProgramData\Origin 2015-07-14 21:52 - 2012-12-05 14:55 - 00000000 ____D C:\ProgramData\Package Cache 2015-07-14 21:39 - 2013-08-18 14:01 - 00000000 ____D C:\Users\Nils Geiger\AppData\Roaming\Origin 2015-07-14 21:27 - 2013-08-18 13:59 - 00000000 ____D C:\Program Files (x86)\Origin 2015-07-14 19:25 - 2012-11-27 00:48 - 00000000 ___RD C:\Users\Nils Geiger\Dropbox 2015-07-14 17:30 - 2013-02-21 17:36 - 00000000 ____D C:\Program Files (x86)\iTunes 2015-07-14 17:30 - 2012-11-04 18:57 - 00000000 ____D C:\Program Files\Common Files\Apple ==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse ======= 2014-07-11 00:56 - 2014-10-26 22:30 - 0000132 _____ () C:\Users\Nils Geiger\AppData\Roaming\Adobe BMP Format CS5 Prefs 2013-11-20 19:58 - 2013-11-20 19:58 - 0000132 _____ () C:\Users\Nils Geiger\AppData\Roaming\Adobe BMP-Format CC - Voreinstellungen 2014-11-13 22:56 - 2014-11-13 22:57 - 0000132 _____ () C:\Users\Nils Geiger\AppData\Roaming\Adobe PNG Format CS5 Prefs 2014-01-27 20:31 - 2014-01-27 20:31 - 0000132 _____ () C:\Users\Nils Geiger\AppData\Roaming\Adobe PNG-Format CC - Voreinstellungen 2013-05-30 17:11 - 2014-03-29 11:03 - 0038464 _____ () C:\Users\Nils Geiger\AppData\Roaming\Kommagetrennte Werte (DOS).ADR 2013-05-29 23:05 - 2013-05-30 17:33 - 0038484 _____ () C:\Users\Nils Geiger\AppData\Roaming\Kommagetrennte Werte (Windows).ADR 2013-10-07 18:27 - 2015-07-20 20:05 - 0002147 _____ () C:\Users\Nils Geiger\AppData\Roaming\SpeedRunnersLog.txt 2014-12-18 22:51 - 2014-12-18 22:51 - 0002916 _____ () C:\Users\Nils Geiger\AppData\Roaming\TargetInvocationLog.txt 2014-12-29 20:29 - 2014-12-29 20:29 - 0000038 ___SH () C:\Users\Nils Geiger\AppData\Local\69ff07055291669bb2b218.72821112 2015-05-26 16:16 - 2015-05-26 16:16 - 0008288 ____H () C:\Users\Nils Geiger\AppData\Local\Plugin.dat 2014-05-17 17:11 - 2014-05-17 17:11 - 0001465 _____ () C:\Users\Nils Geiger\AppData\Local\recently-used.xbel 2013-01-24 13:10 - 2013-01-24 13:10 - 0007605 _____ () C:\Users\Nils Geiger\AppData\Local\Resmon.ResmonCfg 2014-12-19 15:20 - 2014-12-19 15:20 - 0000700 ___SH () C:\Users\Nils Geiger\AppData\Local\systemFL7.dat 2011-06-05 23:51 - 2011-06-19 13:51 - 0059194 _____ () C:\Users\Nils Geiger\AppData\Local\TempGUIPic.jpg 2015-07-05 02:21 - 2015-07-05 02:21 - 0000000 _____ () C:\Users\Nils Geiger\AppData\Local\{F9619F0C-F9F1-42A0-8E1E-7A56CBEFD0CD} 2013-11-03 00:25 - 2013-11-03 13:45 - 0000040 ___SH () C:\ProgramData\.zreglib 2013-06-02 14:57 - 2013-06-02 14:57 - 0000057 _____ () C:\ProgramData\Ament.ini 2015-07-29 15:55 - 2015-07-29 15:55 - 0000000 ____H () C:\ProgramData\DP45977C.lfl Einige Dateien in TEMP: ==================== C:\Users\Nils Geiger\AppData\Local\Temp\Quarantine.exe C:\Users\Nils Geiger\AppData\Local\Temp\sqlite3.dll ==================== Bamital & volsnap ================= (Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.) C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert C:\WINDOWS\explorer.exe => Datei ist digital signiert C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert C:\WINDOWS\system32\services.exe => Datei ist digital signiert C:\WINDOWS\system32\User32.dll => Datei ist digital signiert C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert LastRegBack: 2015-08-08 16:20 ==================== Ende von Ergebnis ============================ |
14.08.2015, 08:45 | #18 |
/// the machine /// TB-Ausbilder | Skype Malware/ SpamESET Online Scanner
Downloade Dir bitte SecurityCheck und:
und ein frisches FRST log bitte. Noch Probleme?
__________________ |
14.08.2015, 22:23 | #19 |
| Skype Malware/ Spam ESET: Code:
ATTFilter ESETSmartInstaller@High as downloader log: all ok # product=EOS # version=8 # OnlineScannerApp.exe=1.0.0.1 # EOSSerial=4c50ca1c4d3187488e9a2278f43b023a # end=init # utc_time=2015-08-14 07:14:05 # local_time=2015-08-14 09:14:05 (+0100, Mitteleuropäische Sommerzeit) # country="Germany" # osver=6.2.9200 NT Update Init Update Download Update Finalize Updated modules version: 25283 # product=EOS # version=8 # OnlineScannerApp.exe=1.0.0.1 # EOSSerial=4c50ca1c4d3187488e9a2278f43b023a # end=updated # utc_time=2015-08-14 07:44:22 # local_time=2015-08-14 09:44:22 (+0100, Mitteleuropäische Sommerzeit) # country="Germany" # osver=6.2.9200 NT # product=EOS # version=8 # OnlineScannerApp.exe=1.0.0.1 # OnlineScanner.ocx=1.0.0.7777 # api_version=3.1.1 # EOSSerial=4c50ca1c4d3187488e9a2278f43b023a # engine=25283 # end=stopped # remove_checked=false # archives_checked=true # unwanted_checked=true # unsafe_checked=false # antistealth_checked=true # utc_time=2015-08-14 09:15:59 # local_time=2015-08-14 11:15:59 (+0100, Mitteleuropäische Sommerzeit) # country="Germany" # lang=1031 # osver=6.2.9200 NT # compatibility_mode_1='avast! Antivirus' # compatibility_mode=783 16777213 71 90 4586897 10642314 0 0 # compatibility_mode_1='' # compatibility_mode=5893 16776573 100 94 105602 3060971 0 0 # scanned=411089 # found=37 # cleaned=0 # scan_time=5497 sh=01C53FBC0030066FE9032FEC431D9EA26B5811CC ft=1 fh=af8c82510ee8e748 vn="Win32/AlteredSoftware.C evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe.vir" sh=0E7CC420B0BE38296EF8516DC3786361119F1F5F ft=1 fh=02f58beb2edcfbd2 vn="Win32/AlteredSoftware.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\globalUpdate\Update\1.3.25.0\GoogleCrashHandler.exe.vir" sh=01C53FBC0030066FE9032FEC431D9EA26B5811CC ft=1 fh=af8c82510ee8e748 vn="Win32/AlteredSoftware.C evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\globalUpdate\Update\1.3.25.0\GoogleUpdate.exe.vir" sh=A565AA91F7873179776579995E9F4D2B2894AE5A ft=1 fh=22e3a81795d8fb05 vn="Variante von Win32/AlteredSoftware.B evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\globalUpdate\Update\1.3.25.0\GoogleUpdateBroker.exe.vir" sh=F1A0D0D29F924A24AF0F0521CF6F9A9150A10ECC ft=1 fh=22e3a817befc6b5a vn="Variante von Win32/AlteredSoftware.B evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\globalUpdate\Update\1.3.25.0\GoogleUpdateOnDemand.exe.vir" sh=B1A2DF4A73C3B9562A4EF606039CF1195DFCCC64 ft=1 fh=c71c001192caf50d vn="Variante von Win32/AlteredSoftware.B evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\globalUpdate\Update\1.3.25.0\goopdate.dll.vir" sh=5CD27D792D5F30C4F43AD81D598BEBA4181A9B35 ft=1 fh=d9cdf1c8ff17595a vn="Variante von Win32/AlteredSoftware.B evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\globalUpdate\Update\1.3.25.0\goopdateres_en.dll.vir" sh=A3F0EAF5B4EAE4BDCD8452EBA730DD821D8939F0 ft=1 fh=c71c0011fea7552e vn="Variante von Win32/AlteredSoftware.E evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\globalUpdate\Update\1.3.25.0\npGoogleUpdate4.dll.vir" sh=EDB4A6C7E75E18ACB805418EFFD78267BB2F37C4 ft=1 fh=c71c001126306ac8 vn="Variante von Win32/AlteredSoftware.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\globalUpdate\Update\1.3.25.0\psmachine.dll.vir" sh=399CE73FBD27EABB303FD899656E3C66C55B3F29 ft=1 fh=c71c001160921a34 vn="Variante von Win32/AlteredSoftware.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\globalUpdate\Update\1.3.25.0\psuser.dll.vir" sh=9D5C95A7350B39055C5C1A684A331CE5AB7D16AC ft=1 fh=dc82e20893ff7588 vn="Variante von Win32/Toolbar.CrossRider.BM evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\HDvidCodec.com\hdvidextsetup.exe.vir" sh=180B4C67637A553F0B63588F087BA7D725C68A0A ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.E evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\TheHDvid-Codec V10\610b8012-65d9-46f8-82e2-59e88793f902.crx.vir" sh=1F4D080A910C4BC39E1A14F779896AF840E909C3 ft=1 fh=8102d49d9c5ee3b8 vn="Variante von Win32/Toolbar.CrossRider.AI evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\TheHDvid-Codec V10\610b8012-65d9-46f8-82e2-59e88793f902.dll.vir" sh=7A8B4DEAF341721D0F20D9133B493CDE7EF9096C ft=1 fh=4aee281f2a534e15 vn="Variante von Win64/Toolbar.Crossrider.R evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\TheHDvid-Codec V10\6dda008a-ba63-49a6-909b-b90c2520354a.dll.vir" sh=2D7FD355BD64ACEEA6E80C2D32F5148322CA37EC ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\TheHDvid-Codec V10\7275c827-693d-4d0f-937e-118a7bc4bbe4.crx.vir" sh=4510FE7553970D4FC715C011A398A8B746764A11 ft=1 fh=272fb76e77dc2d49 vn="Variante von Win32/Toolbar.CrossRider.AK evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\TheHDvid-Codec V10\7825c744-4199-459d-b88f-5e2d04bae96e-11.exe.vir" sh=4510FE7553970D4FC715C011A398A8B746764A11 ft=1 fh=272fb76e77dc2d49 vn="Variante von Win32/Toolbar.CrossRider.AK evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\TheHDvid-Codec V10\7825c744-4199-459d-b88f-5e2d04bae96e-3.exe.vir" sh=441808F2AA3BC9E7F860A7F5567C32DCADA9C330 ft=1 fh=f2720ff60770ffa2 vn="Variante von Win32/Toolbar.CrossRider.AX evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\TheHDvid-Codec V10\7825c744-4199-459d-b88f-5e2d04bae96e-4.exe.vir" sh=75B40E5A925E22ABE98D0C3B49F77C3FA8B720D1 ft=1 fh=8e857182ccd87edb vn="Variante von Win32/Toolbar.CrossRider.AN evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\TheHDvid-Codec V10\7825c744-4199-459d-b88f-5e2d04bae96e-5.exe.vir" sh=50BE952F7362FA1E0D9A239D5DD8EEE49C326DAC ft=1 fh=8d5526f04ce1dba4 vn="Variante von Win32/Toolbar.CrossRider.AE evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\TheHDvid-Codec V10\7825c744-4199-459d-b88f-5e2d04bae96e-6.exe.vir" sh=37D1C0951130A13F8F7107AF235F51C97DC8A63F ft=1 fh=237bc76e3f3bf431 vn="Variante von Win64/Toolbar.Crossrider.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\TheHDvid-Codec V10\7825c744-4199-459d-b88f-5e2d04bae96e-64.exe.vir" sh=A1B0B4C1555AD5CFA2D82ACF981642C1999380EA ft=1 fh=c454a7dbdbf2c7ca vn="Variante von Win32/Toolbar.CrossRider.AJ evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\TheHDvid-Codec V10\7825c744-4199-459d-b88f-5e2d04bae96e-7.exe.vir" sh=180B4C67637A553F0B63588F087BA7D725C68A0A ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.E evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\TheHDvid-Codec V10\7825c744-4199-459d-b88f-5e2d04bae96e.crx.vir" sh=BFC6C1745F8FB16DB324E24ABFADCD59A7B3A876 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.F evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\TheHDvid-Codec V10\7825c744-4199-459d-b88f-5e2d04bae96e.xpi.vir" sh=259F6A6A0A48FA2D7A3BA87BD79C9B7D2AD01B13 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.C evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\TheHDvid-Codec V10\7825c744-4199-459d-b88f-5e2d04bae96e_.xpi.vir" sh=0765858FABDECBA7DD438E37CFE23F45939BE7A1 ft=1 fh=34095d778fde1fd9 vn="Variante von Win32/Toolbar.CrossRider.AL evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\TheHDvid-Codec V10\TheHDvid-Codec V10-bg.exe.vir" sh=7C26899EEEC31AD4EAB670A340F2DC4FAE64EDFA ft=1 fh=ae725b8fef259139 vn="Variante von Win32/Toolbar.CrossRider.AF evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\TheHDvid-Codec V10\TheHDvid-Codec V10-bho.dll.vir" sh=29C710F21E1A1614BBFD28AE43A0D37C8D48CFA6 ft=1 fh=8b0a32fbc181ec2b vn="Variante von Win64/Toolbar.Crossrider.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\TheHDvid-Codec V10\TheHDvid-Codec V10-bho64.dll.vir" sh=ECBAB335F58DCE8AF08F41DB1AC583AF3E7EE934 ft=1 fh=c0bf5920177e2220 vn="Variante von Win32/Toolbar.CrossRider.BD evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\TheHDvid-Codec V10\TheHDvid-Codec V10-buttonutil.dll.vir" sh=16E29FCC16DAD3C931A4A1B741F550E4F917EAF4 ft=1 fh=8edf149f7660c4c5 vn="Variante von Win32/Toolbar.CrossRider.AA evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\TheHDvid-Codec V10\TheHDvid-Codec V10-buttonutil.exe.vir" sh=6475D3B0F99E23BC0C27EDFC7B0A8CD640856DF4 ft=1 fh=7e73ef9171fff4e9 vn="Variante von Win64/Toolbar.Crossrider.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\TheHDvid-Codec V10\TheHDvid-Codec V10-buttonutil64.dll.vir" sh=9077C0D6B7AFE4549B43F83ACDBC08D28DB8B27A ft=1 fh=28ed5b1ae58f71f4 vn="Variante von Win64/Toolbar.Crossrider.H evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\TheHDvid-Codec V10\TheHDvid-Codec V10-buttonutil64.exe.vir" sh=A1B0B4C1555AD5CFA2D82ACF981642C1999380EA ft=1 fh=c454a7dbdbf2c7ca vn="Variante von Win32/Toolbar.CrossRider.AJ evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\TheHDvid-Codec V10\TheHDvid-Codec V10-codedownloader.exe.vir" sh=9749EC5190A0949BF7AB8EA711809AF4E81A8195 ft=1 fh=4b8f72390d996a22 vn="Variante von Win32/Toolbar.CrossRider.AW evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\TheHDvid-Codec V10\Uninstall.exe.vir" sh=A66AF2E1AEDEFA0D830688C1B9F3D4ED24449F96 ft=1 fh=e43b18cda730aa76 vn="Win32/Packed.VMDetector.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\TheHDvid-Codec V10\utils.exe.vir" sh=63A43D95149B189141788E7C493DDCF07110145A ft=1 fh=60457eaec91070ea vn="Variante von Win32/ELEX.AD evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\ProgramData\IePluginService\PluginService.exe.vir" sh=07BC6EE6F73C961A8AAF7C30AED7B8609AAF5E26 ft=1 fh=ae29f9208f0d2b10 vn="Mehrere Bedrohungen" ac=I fn="C:\Users\Public\Documents\Wondershare\drfone-for-android_full1561.exe" Code:
ATTFilter Results of screen317's Security Check version 1.006 x64 (UAC is enabled) Internet Explorer 11 ``````````````Antivirus/Firewall Check:`````````````` Windows Defender avast! Antivirus Antivirus up to date! `````````Anti-malware/Other Utilities Check:````````` Java 8 Update 51 Adobe Flash Player 18.0.0.232 Mozilla Firefox (39.0.3) Google Chrome (44.0.2403.130) Google Chrome (44.0.2403.155) ````````Process Check: objlist.exe by Laurent```````` ESET ESET Online Scanner OnlineScannerApp.exe AVAST Software Avast AvastSvc.exe AVAST Software Avast avastui.exe `````````````````System Health check````````````````` Total Fragmentation on Drive C: % ````````````````````End of Log`````````````````````` Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:12-08-2015 durchgeführt von Nils Geiger (Administrator) auf NILS-PC (14-08-2015 23:22:23) Gestartet von C:\Users\Nils Geiger\Downloads Geladene Profile: Nils Geiger (Verfügbare Profile: Nils Geiger) Platform: Windows 10 Pro (X64) Sprache: Deutsch (Deutschland) Internet Explorer Version 11 (Standard-Browser: FF) Start-Modus: Normal Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Prozesse (Nicht auf der Ausnahmeliste) ================= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.) (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (Stardock Software, Inc) C:\Program Files (x86)\Stardock\DeskScapes8\DS8Srv.exe (Stardock Corporation) C:\Program Files (x86)\Stardock\WindowFX\WindowFXSRV.exe (Stardock Corporation) C:\Program Files (x86)\Stardock\WindowBlinds\WBSrv.exe () C:\Program Files (x86)\Stardock\WindowFX\wfx32.exe (Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\WTabletServiceCon.exe (Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\AvastSvc.exe (Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AAHM\1.00.20\aaHMSvc.exe (CM & V) C:\Program Files (x86)\DVBViewer\DVBVservice.exe (ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.13\AsSysCtrlService.exe (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe () C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe (DTS) C:\Program Files\Realtek\Audio\HDA\DTSAudioService64.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe (Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe (IObit) C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe (My Digital Life Forums) C:\Windows\KMSServerService\KMS Server Service.exe (Atheros Communications, Inc.) C:\Program Files (x86)\NETGEAR\WNA1100\jswpbapi.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe (DEVGURU Co., LTD.) C:\Program Files\Samsung\USB Drivers\25_escape\conn\ss_conn_service.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe (Unified Intents AB) C:\Program Files (x86)\Unified Remote 3\RemoteServerWin.exe (Winstep Software Technologies) C:\Program Files (x86)\Winstep\WsxService.exe () C:\Program Files (x86)\NETGEAR\WNA1100\WifiSvc.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe (Stardock Software, Inc) C:\Program Files (x86)\Stardock\DeskScapes8\Deskscapes64.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe (Microsoft Corporation) C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe (Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_TabletUser.exe (Wacom Technology) C:\Program Files\Tablet\Pen\WacomHost.exe (Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_TouchUser.exe (Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_Tablet.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe (Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe (CM&V Hackbart) C:\Program Files (x86)\DVBViewer\DVBVCtrl.exe (Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe (Samsung Electronics.) C:\Program Files (x86)\Samsung\Samsung Magician\Samsung Magician.exe (Stardock Corporation) C:\Program Files (x86)\Stardock\CursorFX\CursorFX.exe (Overwolf LTD) C:\Program Files (x86)\Overwolf\Overwolf.exe (Microsoft Corporation) C:\Users\Nils Geiger\AppData\Local\Microsoft\OneDrive\OneDrive.exe () C:\Program Files\Rainmeter\Rainmeter.exe (Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\avastui.exe (Overwolf LTD) C:\Program Files (x86)\Overwolf\0.88.41.0\Purplizer\Purplizer.exe (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe () C:\Program Files (x86)\RocketDock\RocketDock.exe (Overwolf LTD) C:\Program Files (x86)\Common Files\Overwolf\0.88.41.0\OverwolfHelper.exe (Overwolf LTD) C:\Program Files (x86)\Common Files\Overwolf\0.88.41.0\OverwolfHelper64.exe (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe (Intel(R) Corporation) C:\Program Files (x86)\Intel\Extreme Tuning Utility\XtuService.exe (Overwolf LTD) C:\Program Files (x86)\Overwolf\0.88.41.0\OverwolfBrowser.exe (Overwolf LTD) C:\Program Files (x86)\Overwolf\0.88.41.0\OverwolfBrowser.exe (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe (Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersServer.exe (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_2015.8.3.0_x64__8wekyb3d8bbwe\WinStore.Mobile.exe (Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.6106.42001.0_x64__8wekyb3d8bbwe\HxMail.exe (Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.6106.42001.0_x64__8wekyb3d8bbwe\HxTsr.exe (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.ZuneVideo_3.6.12101.0_x64__8wekyb3d8bbwe\Video.UI.exe () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_15.803.16240.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe (Valve Corporation) D:\Steam\Steam.exe (Valve Corporation) D:\Steam\bin\steamwebhelper.exe (Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe (Spotify Ltd) C:\Users\Nils Geiger\AppData\Roaming\Spotify\SpotifyWebHelper.exe (Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\ActionUriServer.exe () C:\Users\Nils Geiger\Downloads\SecurityCheck.exe (Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe (Don HO don.h@free.fr) C:\Program Files (x86)\Notepad++\notepad++.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe ==================== Registry (Nicht auf der Ausnahmeliste) ================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.) HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8492800 2015-06-24] (Realtek Semiconductor) HKLM\...\Run: [RtHDVBg_DTS] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1402624 2015-06-24] (Realtek Semiconductor) HKLM\...\Run: [Launch LCore] => C:\Program Files\Logitech Gaming Software\LCore.exe [10464536 2014-07-02] (Logitech Inc.) HKLM\...\Run: [ProfilerU] => C:\Program Files\SmartTechnology\Software\ProfilerU.exe [454144 2013-01-31] (Saitek) HKLM\...\Run: [SaiMfd] => C:\Program Files\SmartTechnology\Software\SaiMfd.exe [158208 2013-01-31] (Saitek) HKLM\...\Run: [XboxStat] => C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe [825184 2009-09-30] (Microsoft Corporation) HKLM\...\Run: [Start WingMan Profiler] => C:\Program Files\Logitech\Gaming Software\LWEMon.exe [190536 2010-06-14] (Logitech Inc.) HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [287592 2013-08-07] (Intel Corporation) HKLM\...\Run: [THXCfg64] => C:\WINDOWS\system32\RunDLL32.exe C:\WINDOWS\system32\THXCfg64.dll,RunDLLEntry THXCfg64 HKLM\...\Run: [vksts] => C:\Program Files\CSR\CSR Harmony Wireless Software Stack\vksts.exe [168552 2011-05-26] (Cambridge Silicon Radio Limited) HKLM\...\Run: [HarmonyUserStartup] => C:\Program Files\CSR\CSR Harmony Wireless Software Stack\HarmonyUserStartup.exe [37504 2011-05-26] (Cambridge Silicon Radio Limited) HKLM\...\Run: [HarmonyHFPSkypePlugin] => C:\Program Files (x86)\CSR\CSR Harmony Wireless Software Stack\HarmonyHFPSkypePlugin.exe [147080 2011-05-26] (Cambridge Silicon Radio Limited) HKLM\...\Run: [TrayApplication] => C:\Program Files\CSR\CSR Harmony Wireless Software Stack\TrayApplication.exe [619136 2011-05-26] (Cambridge Silicon Radio Limited) HKLM\...\Run: [ShadowPlay] => C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2634896 2015-07-24] (NVIDIA Corporation) HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [170280 2015-07-11] (Apple Inc.) HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [60712 2015-05-15] (Apple Inc.) HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [49208 2011-10-28] (Hewlett-Packard) HKLM-x32\...\Run: [] => [X] HKLM-x32\...\Run: [WinampAgent] => C:\Program Files (x86)\Winamp\winampa.exe [85600 2013-12-13] (Nullsoft, Inc.) HKLM-x32\...\Run: [PowerDVD14Agent] => C:\Program Files (x86)\CyberLink\PowerDVD14\PowerDVD14Agent.exe [795672 2014-04-28] (CyberLink Corp.) HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5515496 2015-05-21] (Avast Software s.r.o.) HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2015-06-17] (Apple Inc.) HKLM-x32\...\Run: [DivXMediaServer] => C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe [448520 2015-06-24] (DivX, LLC) HKLM-x32\...\Run: [DivXUpdate] => C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [1861640 2015-06-27] (DivX, LLC) HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [334896 2015-06-08] (Oracle Corporation) Winlogon\Notify\WB: C:\Program Files (x86)\Stardock\WindowBlinds\fast64.dll [X] Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X] HKU\S-1-5-19\...\Run: [OneDriveSetup] => C:\Windows\SysWOW64\OneDriveSetup.exe [7805120 2015-07-10] (Microsoft Corporation) HKU\S-1-5-20\...\Run: [OneDriveSetup] => C:\Windows\SysWOW64\OneDriveSetup.exe [7805120 2015-07-10] (Microsoft Corporation) HKU\S-1-5-21-1160257173-3920074079-2544844589-1001\...\Run: [RocketDock] => C:\Program Files (x86)\RocketDock\RocketDock.exe [495616 2007-09-02] () HKU\S-1-5-21-1160257173-3920074079-2544844589-1001\...\Run: [CubeDesktopNXT] => C:\Program Files (x86)\CubeDesktop NXT\TiB.CubeDesktop.exe [2548224 2013-04-25] (Thinking Minds Building Bytes) HKU\S-1-5-21-1160257173-3920074079-2544844589-1001\...\Run: [Steam] => D:\Steam\steam.exe [2899136 2015-08-12] (Valve Corporation) HKU\S-1-5-21-1160257173-3920074079-2544844589-1001\...\Run: [HP Officejet 7500 E910 (NET)] => C:\Program Files\HP\HP Officejet 7500 E910\Bin\ScanToPCActivationApp.exe [2573416 2012-10-17] (Hewlett-Packard Co.) HKU\S-1-5-21-1160257173-3920074079-2544844589-1001\...\Run: [DVBV Service Ctrl] => C:\Program Files (x86)\DVBViewer\DVBVCtrl.exe [66560 2013-12-23] (CM&V Hackbart) HKU\S-1-5-21-1160257173-3920074079-2544844589-1001\...\Run: [Unified Remote v2] => C:\Program Files (x86)\Unified Remote\RemoteServer.exe [333008 2014-06-03] (Unified Intents AB) HKU\S-1-5-21-1160257173-3920074079-2544844589-1001\...\Run: [Amazon Music] => C:\Users\Nils Geiger\AppData\Local\Amazon Music\Amazon Music Helper.exe [6277952 2014-12-08] () HKU\S-1-5-21-1160257173-3920074079-2544844589-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [53661824 2015-07-28] (Skype Technologies S.A.) HKU\S-1-5-21-1160257173-3920074079-2544844589-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8358680 2015-06-01] (Piriform Ltd) HKU\S-1-5-21-1160257173-3920074079-2544844589-1001\...\Run: [Unified Remote V3] => C:\Program Files (x86)\Unified Remote 3\RemoteServerWin.exe [4217552 2015-01-13] (Unified Intents AB) HKU\S-1-5-21-1160257173-3920074079-2544844589-1001\...\Run: [CursorFX] => C:\Program Files (x86)\Stardock\CursorFX\CursorFX.exe [624296 2015-03-16] (Stardock Corporation) HKU\S-1-5-21-1160257173-3920074079-2544844589-1001\...\Run: [Spotify Web Helper] => C:\Users\Nils Geiger\AppData\Roaming\Spotify\SpotifyWebHelper.exe [2018360 2015-08-11] (Spotify Ltd) HKU\S-1-5-21-1160257173-3920074079-2544844589-1001\...\Run: [Overwolf] => C:\Program Files (x86)\Overwolf\Overwolf.exe [41200 2015-08-09] (Overwolf LTD) HKU\S-1-5-21-1160257173-3920074079-2544844589-1001\...\Run: [Dropbox Update] => C:\Users\Nils Geiger\AppData\Local\Dropbox\Update\DropboxUpdate.exe [134512 2015-07-14] (Dropbox, Inc.) HKU\S-1-5-21-1160257173-3920074079-2544844589-1001\...\Run: [OneDrive] => C:\Users\Nils Geiger\AppData\Local\Microsoft\OneDrive\OneDrive.exe [402632 2015-07-29] (Microsoft Corporation) HKU\S-1-5-21-1160257173-3920074079-2544844589-1001\...\Run: [Spotify] => C:\Users\Nils Geiger\AppData\Roaming\Spotify\Spotify.exe [7675448 2015-08-11] (Spotify Ltd) HKU\S-1-5-21-1160257173-3920074079-2544844589-1001\...\RunOnce: [Uninstall C:\Users\Nils Geiger\AppData\Local\Microsoft\OneDrive\17.3.5892.0626\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Nils Geiger\AppData\Local\Microsoft\OneDrive\17.3.5892.0626\amd64" Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\CineForm Status.lnk [2015-01-11] ShortcutTarget: CineForm Status.lnk -> C:\Program Files (x86)\CineForm\Tools\GoProCineFormStatusViewer.exe (GoPro) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\GoPro Importer.lnk [2014-11-19] ShortcutTarget: GoPro Importer.lnk -> C:\Program Files (x86)\GoPro\Tools\Importer\GoPro Importer.exe (GoPro) Startup: C:\Users\Nils Geiger\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Rainmeter.lnk [2014-01-17] ShortcutTarget: Rainmeter.lnk -> C:\Program Files\Rainmeter\Rainmeter.exe () Startup: C:\Users\Nils Geiger\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\rocketdock.bat [2014-11-18] () Startup: C:\Users\Nils Geiger\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Tintenwarnungen überwachen - HP Officejet 7500 E910 (Netzwerk).lnk [2013-06-02] ShortcutTarget: Tintenwarnungen überwachen - HP Officejet 7500 E910 (Netzwerk).lnk -> C:\Program Files\HP\HP Officejet 7500 E910\Bin\HPStatusBL.dll (Hewlett-Packard Co.) ShellIconOverlayIdentifiers: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Nils Geiger\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-07-24] (Dropbox, Inc.) ShellIconOverlayIdentifiers: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Nils Geiger\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-07-24] (Dropbox, Inc.) ShellIconOverlayIdentifiers: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Nils Geiger\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-07-24] (Dropbox, Inc.) ShellIconOverlayIdentifiers: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Nils Geiger\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-07-24] (Dropbox, Inc.) ShellIconOverlayIdentifiers: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Nils Geiger\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-07-24] (Dropbox, Inc.) ShellIconOverlayIdentifiers: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Nils Geiger\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-07-24] (Dropbox, Inc.) ShellIconOverlayIdentifiers: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Nils Geiger\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-07-24] (Dropbox, Inc.) ShellIconOverlayIdentifiers: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Nils Geiger\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-07-24] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2015-05-06] (Avast Software s.r.o.) GroupPolicyScripts: Gruppenrichtline erkannt <======= ACHTUNG ==================== Internet (Nicht auf der Ausnahmeliste) ==================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt..) HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com HKU\S-1-5-19\Software\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm HKU\S-1-5-20\Software\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm HKU\S-1-5-21-1160257173-3920074079-2544844589-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://t.de.msn.com/ HKU\S-1-5-21-1160257173-3920074079-2544844589-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/ SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation) BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_51\bin\ssv.dll [2015-07-15] (Oracle Corporation) BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation) BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_51\bin\jp2ssv.dll [2015-07-15] (Oracle Corporation) BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation) BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_51\bin\ssv.dll [2015-07-15] (Oracle Corporation) BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation) BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_51\bin\jp2ssv.dll [2015-07-15] (Oracle Corporation) Hosts: Es ist mehr als ein Eintrag in der Hosts Datei zu finden. Siehe Hosts-Bereich in Addition.txt Tcpip\Parameters: [DhcpNameServer] 192.168.2.1 Tcpip\..\Interfaces\{d70fde9c-5b01-4030-86c7-4538b1fb3a3c}: [DhcpNameServer] 192.168.2.1 Tcpip\..\Interfaces\{e328989f-9700-4fd0-ad89-817257ef6a5a}: [DhcpNameServer] 192.168.42.129 FireFox: ======== FF ProfilePath: C:\Users\Nils Geiger\AppData\Roaming\Mozilla\Firefox\Profiles\hsbqrsni.default-1432296395773 FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_18_0_0_232.dll [2015-08-12] () FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll [2014-05-22] (DivX, LLC.) FF Plugin: @java.com/DTPlugin,version=11.51.2 -> C:\Program Files\Java\jre1.8.0_51\bin\dtplugin\npDeployJava1.dll [2015-07-15] (Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=11.51.2 -> C:\Program Files\Java\jre1.8.0_51\bin\plugin2\npjp2.dll [2015-07-15] (Oracle Corporation) FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation) FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation) FF Plugin: @videolan.org/vlc,version=2.0.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-16] (VideoLAN) FF Plugin: @videolan.org/vlc,version=2.0.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-16] (VideoLAN) FF Plugin: @videolan.org/vlc,version=2.1.2 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-16] (VideoLAN) FF Plugin: @videolan.org/vlc,version=2.1.3 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-16] (VideoLAN) FF Plugin: @videolan.org/vlc,version=2.1.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-16] (VideoLAN) FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-16] (VideoLAN) FF Plugin: @videolan.org/vlc,version=2.2.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-16] (VideoLAN) FF Plugin: @wacom.com/wtPlugin,version=2.1.0.2 -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll [2012-12-25] (Wacom) FF Plugin: @wacom.com/wtPlugin,version=2.1.0.3 -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll [2012-12-25] (Wacom) FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [Keine Datei] FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_232.dll [2015-08-12] () FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2015-01-06] () FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll [2014-05-22] (DivX, LLC.) FF Plugin-x32: @divx.com/DivX Web Player Plug-In,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll [2015-06-29] (DivX, LLC) FF Plugin-x32: @esn/npbattlelog,version=2.3.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.3.2\npbattlelog.dll [2013-11-21] (EA Digital Illusions CE AB) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-08-08] (Intel Corporation) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-08-08] (Intel Corporation) FF Plugin-x32: @java.com/DTPlugin,version=11.51.2 -> C:\Program Files (x86)\Java\jre1.8.0_51\bin\dtplugin\npDeployJava1.dll [2015-07-15] (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=11.51.2 -> C:\Program Files (x86)\Java\jre1.8.0_51\bin\plugin2\npjp2.dll [2015-07-15] (Oracle Corporation) FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation) FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3505.0912 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-09-12] (Microsoft Corporation) FF Plugin-x32: @nullsoft.com/winampDetector;version=1 -> C:\Program Files (x86)\Winamp Detect\npwachk.dll [2013-12-13] (Nullsoft, Inc.) FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-08-07] (NVIDIA Corporation) FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-08-07] (NVIDIA Corporation) FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll [2013-09-27] (Pando Networks) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-15] (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-15] (Google Inc.) FF Plugin-x32: @wacom.com/wtPlugin,version=2.1.0.2 -> C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll [2012-12-25] (Wacom) FF Plugin-x32: @wacom.com/wtPlugin,version=2.1.0.3 -> C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll [2012-12-25] (Wacom) FF Plugin HKU\S-1-5-21-1160257173-3920074079-2544844589-1001: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Nils Geiger\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2014-09-05] (Unity Technologies ApS) FF Plugin HKU\S-1-5-21-1160257173-3920074079-2544844589-1001: pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll [2013-09-27] (Pando Networks) FF Plugin HKU\S-1-5-21-1160257173-3920074079-2544844589-1001: wacom.com/WacomTabletPlugin -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll [2012-12-25] (Wacom) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll [2015-07-07] (Apple Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll [2015-07-07] (Apple Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll [2015-07-07] (Apple Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll [2015-07-07] (Apple Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll [2015-07-07] (Apple Inc.) FF Extension: Cookies Manager+ - C:\Users\Nils Geiger\AppData\Roaming\Mozilla\Firefox\Profiles\hsbqrsni.default-1432296395773\Extensions\{bb6bc1bb-f824-4702-90cd-35e2fb24f25d} [2015-07-31] FF Extension: ProxTube - Unblock YouTube - C:\Users\Nils Geiger\AppData\Roaming\Mozilla\Firefox\Profiles\hsbqrsni.default-1432296395773\Extensions\ich@maltegoetz.de.xpi [2015-05-22] FF Extension: Adblock Plus - C:\Users\Nils Geiger\AppData\Roaming\Mozilla\Firefox\Profiles\hsbqrsni.default-1432296395773\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-05-22] Chrome: ======= CHR Profile: C:\Users\Nils Geiger\AppData\Local\Google\Chrome\User Data\Default CHR Extension: (Google Docs) - C:\Users\Nils Geiger\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2012-11-08] CHR Extension: (Google Drive) - C:\Users\Nils Geiger\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2012-11-08] CHR Extension: (Web Developer) - C:\Users\Nils Geiger\AppData\Local\Google\Chrome\User Data\Default\Extensions\bfbameneiokkgbdmiekhjnmfkcnldhhm [2014-07-25] CHR Extension: (YouTube) - C:\Users\Nils Geiger\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2012-11-08] CHR Extension: (Adblock Plus) - C:\Users\Nils Geiger\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2014-08-11] CHR Extension: (Google Search) - C:\Users\Nils Geiger\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2012-11-08] CHR Extension: (EditThisCookie) - C:\Users\Nils Geiger\AppData\Local\Google\Chrome\User Data\Default\Extensions\fngmhnnpilhplaeedifhccceomclgfbg [2015-07-31] CHR Extension: (AllCast Receiver) - C:\Users\Nils Geiger\AppData\Local\Google\Chrome\User Data\Default\Extensions\hjbljnpdahefgnopeohlaeohgkiidnoe [2014-09-20] CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Nils Geiger\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-03-14] CHR Extension: (Chrome Web Store Payments) - C:\Users\Nils Geiger\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-26] CHR Extension: (Gmail) - C:\Users\Nils Geiger\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2012-11-08] ==================== Dienste (Nicht auf der Ausnahmeliste) ======================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77128 2015-05-29] (Apple Inc.) R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe [920736 2012-06-01] () R2 asHmComSvc; C:\Program Files (x86)\ASUS\AAHM\1.00.20\aaHMSvc.exe [951936 2012-06-01] (ASUSTeK Computer Inc.) R2 AsSysCtrlService; C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.13\AsSysCtrlService.exe [149120 2012-02-17] (ASUSTeK Computer Inc.) R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [343336 2015-05-06] (Avast Software s.r.o.) S3 BthHFSrv; C:\Windows\System32\BthHFSrv.dll [326144 2015-07-10] (Microsoft Corporation) S3 CDPSvc; C:\Windows\System32\CDPSvc.dll [134144 2015-07-10] (Microsoft Corporation) R2 CoreMessagingRegistrar; C:\Windows\system32\coremessaging.dll [808856 2015-07-29] (Microsoft Corporation) R2 CoreMessagingRegistrar; C:\Windows\SysWOW64\coremessaging.dll [510976 2015-07-29] (Microsoft Corporation) R2 DeskScapes8; C:\Program Files (x86)\Stardock\DeskScapes8\ds8srv.exe [75376 2014-03-10] (Stardock Software, Inc) S3 diagnosticshub.standardcollector.service; C:\Windows\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe [27136 2015-07-10] (Microsoft Corporation) S3 DmEnrollmentSvc; C:\Windows\system32\Windows.Internal.Management.dll [267776 2015-07-10] (Microsoft Corporation) S3 DmEnrollmentSvc; C:\Windows\SysWOW64\Windows.Internal.Management.dll [193024 2015-07-10] (Microsoft Corporation) R2 DTSAudioService; C:\Program Files\Realtek\Audio\HDA\DTSAudioService64.exe [218768 2015-06-24] (DTS) R2 DVBVRecorder; C:\Program Files (x86)\DVBViewer\DVBVservice.exe [874112 2014-06-01] (CM & V) [Datei ist nicht signiert] S3 embeddedmode; C:\Windows\System32\embeddedmodesvc.dll [87040 2015-07-10] (Microsoft Corporation) S3 EntAppSvc; C:\Windows\system32\EnterpriseAppMgmtSvc.dll [275456 2015-07-10] (Microsoft Corporation) R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1155216 2015-07-24] (NVIDIA Corporation) R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15720 2013-08-07] (Intel Corporation) S3 icssvc; C:\Windows\System32\tetheringservice.dll [148992 2015-07-29] (Microsoft Corporation) R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [733696 2013-05-11] (Intel(R) Corporation) [Datei ist nicht signiert] S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [822232 2013-05-11] (Intel(R) Corporation) R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-08-08] (Intel Corporation) R2 jswpbapi; C:\Program Files (x86)\NETGEAR\WNA1100\jswpbapi.exe [241664 2012-03-26] (Atheros Communications, Inc.) [Datei ist nicht signiert] S3 jswpsapi; C:\Program Files (x86)\NETGEAR\WNA1100\jswpsapi.exe [1102848 2012-03-26] (Atheros Communications, Inc.) [Datei ist nicht signiert] R2 KMSServerService; C:\Windows\KMSServerService\KMS Server Service.exe [211968 2014-11-14] (My Digital Life Forums) [Datei ist nicht signiert] R3 lfsvc; C:\Windows\SysWOW64\lfsvc.dll [22528 2015-07-10] (Microsoft Corporation) R3 LicenseManager; C:\Windows\system32\LicenseManagerSvc.dll [21504 2015-07-10] (Microsoft Corporation) R2 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2909472 2015-07-30] (IObit) S2 MapsBroker; C:\Windows\System32\moshost.dll [62464 2015-07-10] (Microsoft Corporation) S2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1133880 2015-06-18] (Malwarebytes Corporation) R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1871504 2015-07-24] (NVIDIA Corporation) R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [5544592 2015-07-24] (NVIDIA Corporation) S2 OneSyncSvc; C:\Windows\System32\APHostService.dll [296960 2015-07-10] (Microsoft Corporation) R2 OneSyncSvc_Session1; C:\WINDOWS\system32\svchost.exe [39856 2015-07-10] (Microsoft Corporation) R2 OneSyncSvc_Session1; C:\WINDOWS\SysWOW64\svchost.exe [35176 2015-07-10] (Microsoft Corporation) S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2004488 2015-07-14] (Electronic Arts) S3 OverwolfUpdater; C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [995568 2015-08-09] (Overwolf LTD) S3 PimIndexMaintenanceSvc; C:\Windows\System32\PimIndexMaintenance.dll [289280 2015-07-10] (Microsoft Corporation) R3 PimIndexMaintenanceSvc_Session1; C:\WINDOWS\system32\svchost.exe [39856 2015-07-10] (Microsoft Corporation) R3 PimIndexMaintenanceSvc_Session1; C:\WINDOWS\SysWOW64\svchost.exe [35176 2015-07-10] (Microsoft Corporation) R2 RemoteServerWin; C:\Program Files (x86)\Unified Remote 3\RemoteServerWin.exe [4217552 2015-01-13] (Unified Intents AB) S3 RetailDemo; C:\Windows\system32\RDXService.dll [988672 2015-08-03] (Microsoft Corporation) S3 SensorDataService; C:\Windows\System32\SensorDataService.exe [1031680 2015-07-29] (Microsoft Corporation) R2 ss_conn_service; C:\Program Files\Samsung\USB Drivers\25_escape\conn\ss_conn_service.exe [743688 2014-12-31] (DEVGURU Co., LTD.) R3 StateRepository; C:\Windows\system32\windows.staterepository.dll [2674176 2015-07-10] (Microsoft Corporation) R3 StateRepository; C:\Windows\SysWOW64\windows.staterepository.dll [2049024 2015-07-10] (Microsoft Corporation) R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [5611280 2015-08-07] (TeamViewer GmbH) S3 TunngleService; C:\Program Files (x86)\Tunngle\TnglCtrl.exe [758224 2013-11-06] (Tunngle.net GmbH) S3 UnistoreSvc; C:\Windows\System32\unistore.dll [1203200 2015-07-29] (Microsoft Corporation) S3 UnistoreSvc; C:\Windows\SysWOW64\unistore.dll [925696 2015-07-29] (Microsoft Corporation) R3 UnistoreSvc_Session1; C:\WINDOWS\System32\svchost.exe [39856 2015-07-10] (Microsoft Corporation) R3 UnistoreSvc_Session1; C:\WINDOWS\SysWOW64\svchost.exe [35176 2015-07-10] (Microsoft Corporation) S3 UserDataSvc; C:\Windows\System32\userdataservice.dll [1420288 2015-07-30] (Microsoft Corporation) R3 UserDataSvc_Session1; C:\WINDOWS\system32\svchost.exe [39856 2015-07-10] (Microsoft Corporation) R3 UserDataSvc_Session1; C:\WINDOWS\SysWOW64\svchost.exe [35176 2015-07-10] (Microsoft Corporation) S3 vmicvmsession; C:\Windows\System32\ICSvc.dll [506880 2015-07-10] (Microsoft Corporation) S3 WalletService; C:\Windows\system32\WalletService.dll [504320 2015-07-10] (Microsoft Corporation) S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [362928 2015-07-10] (Microsoft Corporation) S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-07-10] (Microsoft Corporation) R2 WindowBlinds; C:\Program Files (x86)\Stardock\WindowBlinds\wbsrv.exe [89600 2013-05-16] (Stardock Corporation) [Datei ist nicht signiert] R2 WindowFX; C:\Program Files (x86)\Stardock\WindowFX\WindowFXSrv.exe [181904 2014-06-12] (Stardock Corporation) R2 WSWNA1100; C:\Program Files (x86)\NETGEAR\WNA1100\WifiSvc.exe [316120 2014-03-19] () R2 WTabletServiceCon; C:\Program Files\Tablet\Pen\WTabletServiceCon.exe [627992 2013-12-17] (Wacom Technology, Corp.) S3 XblAuthManager; C:\Windows\System32\XblAuthManager.dll [918016 2015-07-10] (Microsoft Corporation) S3 XblGameSave; C:\Windows\System32\XblGameSave.dll [1149440 2015-07-10] (Microsoft Corporation) S3 XboxNetApiSvc; C:\Windows\system32\XboxNetApiSvc.dll [1019392 2015-07-10] (Microsoft Corporation) R2 XTU3SERVICE; C:\Program Files (x86)\Intel\Extreme Tuning Utility\XtuService.exe [18384 2014-03-13] (Intel(R) Corporation) R2 Winstep Xtreme Service; C:\Program Files (x86)\Winstep\WsxService [X] ===================== Treiber (Nicht auf der Ausnahmeliste) ========================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [15232 2012-08-22] () R1 AsUpIO; C:\Windows\SysWow64\drivers\AsUpIO.sys [14464 2012-09-14] () R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29168 2015-05-06] () R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [89944 2015-05-06] (Avast Software s.r.o.) R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93528 2015-05-06] (Avast Software s.r.o.) R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65736 2015-05-06] () S1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1047320 2015-05-06] (Avast Software s.r.o.) R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [442264 2015-06-26] (Avast Software s.r.o.) R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [137288 2015-05-06] (Avast Software s.r.o.) R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [272248 2015-05-06] () R3 athur; C:\Windows\System32\drivers\athuwbx.sys [2702336 2013-11-20] (Qualcomm Atheros Communications, Inc.) S3 bcbtums; C:\Windows\system32\drivers\bcbtums.sys [170712 2014-03-16] (Broadcom Corporation.) S3 BtHidBus; C:\Windows\System32\Drivers\BtHidBus.sys [22568 2014-08-12] (IVT Corporation.) R3 CompositeBus; C:\Windows\System32\DriverStore\FileRepository\compositebus.inf_amd64_98334ba6e76853ba\CompositeBus.sys [39936 2015-07-10] (Microsoft Corporation) R1 dtsoftbus01; C:\Windows\System32\drivers\dtsoftbus01.sys [283064 2013-11-20] (Disc Soft Ltd) S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3436896 2015-07-10] (QLogic Corporation) R1 FileCrypt; C:\Windows\System32\drivers\filecrypt.sys [83968 2015-07-10] (Microsoft Corporation) S3 genericusbfn; C:\Windows\System32\drivers\genericusbfn.sys [20992 2015-07-10] (Microsoft Corporation) R1 GpuEnergyDrv; C:\Windows\System32\drivers\gpuenergydrv.sys [8192 2015-07-10] (Microsoft Corporation) S3 hamachi; C:\Windows\system32\DRIVERS\Hamdrv.sys [46136 2014-02-26] (LogMeIn Inc.) R1 HWiNFO32; C:\WINDOWS\SysWOW64\drivers\HWiNFO64A.SYS [26528 2015-02-20] (REALiX(tm)) S3 ibbus; C:\Windows\System32\drivers\ibbus.sys [424800 2015-07-10] (Mellanox) R2 iocbios2; C:\Program Files (x86)\Intel\Extreme Tuning Utility\Drivers\IocDriver\64bit\iocbios2.sys [28912 2014-02-18] (Intel Corporation) S3 IoQos; C:\Windows\System32\drivers\ioqos.sys [26624 2015-07-10] (Microsoft Corporation) S3 IvtAudioBusSrv; C:\Windows\System32\Drivers\IvtBtBus.sys [27256 2012-12-24] (IVT Corporation.) S3 IvtPanBusSrv; C:\Windows\System32\Drivers\btnetBus.sys [31480 2012-12-24] (IVT Corporation.) S3 LGSHidFilt; C:\Windows\system32\DRIVERS\LGSHidFilt.Sys [64280 2013-05-30] (Logitech Inc.) S3 LGSUsbFilt; C:\Windows\system32\DRIVERS\LGSUsbFilt.Sys [41752 2013-05-30] (Logitech Inc.) S0 LSI_SAS3i; C:\Windows\System32\drivers\lsi_sas3i.sys [99168 2015-07-10] (Avago Technologies) R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25816 2015-06-18] (Malwarebytes Corporation) S3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [64216 2015-06-18] (Malwarebytes Corporation) R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [99288 2013-07-26] (Intel Corporation) S3 mlx4_bus; C:\Windows\System32\drivers\mlx4_bus.sys [705376 2015-07-10] (Mellanox) S3 ndfltr; C:\Windows\System32\drivers\ndfltr.sys [76128 2015-07-10] (Mellanox) R2 npf; C:\Windows\System32\drivers\npf.sys [36600 2014-04-18] (Riverbed Technology, Inc.) R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19600 2015-07-24] (NVIDIA Corporation) R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [47976 2015-07-03] (NVIDIA Corporation) R3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [587264 2015-07-10] (Realtek ) R3 SaiK1708; C:\Windows\system32\DRIVERS\SaiK1708.sys [180544 2012-09-20] (Saitek) R3 SaiMini; C:\Windows\System32\drivers\SaiMini.sys [25120 2013-02-01] (Saitek) R3 SaiNtBus; C:\Windows\system32\drivers\SaiBus.sys [52640 2013-02-01] (Saitek) R3 SaiU1708; C:\Windows\System32\drivers\SaiU1708.sys [47168 2012-09-20] (Saitek) R1 se64a; C:\Windows\System32\drivers\se64a.sys [14032 2007-05-03] (EnTech Taiwan) R2 storqosflt; C:\Windows\System32\drivers\storqosflt.sys [61952 2015-07-10] (Microsoft Corporation) R3 swenum; C:\Windows\System32\DriverStore\FileRepository\swenum.inf_amd64_2a699e44676b7781\swenum.sys [17760 2015-07-10] (Microsoft Corporation) S3 UcmCx0101; C:\Windows\System32\Drivers\UcmCx.sys [61952 2015-07-10] (Microsoft Corporation) S3 UcmUcsi; C:\Windows\System32\drivers\UcmUcsi.sys [46080 2015-07-29] (Microsoft Corporation) S3 UdeCx; C:\Windows\System32\drivers\udecx.sys [44032 2015-07-10] () S3 UDST7000BDA; C:\Windows\System32\Drivers\UDST7000BDA.sys [527632 2009-06-15] (TechniSat Digital S.A.) S3 UDST7000HID; C:\Windows\system32\drivers\UDST7000HID.sys [27664 2009-07-15] (TechniSat Digital S.A.) S3 UHSfiltv; C:\Windows\system32\drivers\UHSfiltv.sys [23552 2012-09-12] (Creative Technology Ltd.) S3 USBAAPL64; C:\Windows\System32\Drivers\usbaapl64.sys [54784 2014-07-28] (Apple, Inc.) [Datei ist nicht signiert] R3 uvhid; C:\Windows\System32\drivers\uvhid.sys [25592 2015-01-13] (Windows (R) Win 7 DDK provider) R3 VBAudioVACMME; C:\Windows\system32\DRIVERS\vbaudio_cable64_win7.sys [41192 2015-01-30] (Windows (R) Win 7 DDK provider) R0 WindowsTrustedRT; C:\Windows\System32\drivers\WindowsTrustedRT.sys [106520 2015-07-10] (Microsoft Corporation) R0 WindowsTrustedRTProxy; C:\Windows\System32\drivers\WindowsTrustedRTProxy.sys [17944 2015-07-10] (Microsoft Corporation) S3 WinMad; C:\Windows\System32\drivers\winmad.sys [26976 2015-07-10] (Mellanox) S3 WinVerbs; C:\Windows\System32\drivers\winverbs.sys [59232 2015-07-10] (Mellanox) S3 xboxgip; C:\Windows\System32\drivers\xboxgip.sys [222720 2015-07-10] (Microsoft Corporation) S3 xinputhid; C:\Windows\System32\drivers\xinputhid.sys [25600 2015-07-10] (Microsoft Corporation) R2 {C5F942FD-1110-4664-86CE-0C6BDA305235}; C:\Program Files (x86)\CyberLink\PowerDVD14\Common\NavFilter\000.fcl [32456 2014-04-28] (CyberLink Corp.) S3 wfpcapture; \SystemRoot\System32\drivers\wfpcapture.sys [X] ==================== NetSvcs (Nicht auf der Ausnahmeliste) =================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) NETSVC: dosvc -> C:\Windows\system32\dosvc.dll (Microsoft Corporation) NETSVC: DcpSvc -> C:\Windows\system32\dcpsvc.dll (Microsoft Corporation) NETSVC: NetSetupSvc -> C:\Windows\System32\NetSetupSvc.dll (Microsoft Corporation) NETSVC: dmwappushservice -> C:\Windows\system32\dmwappushsvc.dll (Microsoft Corporation) NETSVC: XblGameSave -> C:\Windows\System32\XblGameSave.dll (Microsoft Corporation) NETSVC: XboxNetApiSvc -> C:\Windows\system32\XboxNetApiSvc.dll (Microsoft Corporation) NETSVC: UsoSvc -> C:\Windows\system32\usocore.dll (Microsoft Corporation) NETSVC: UserManager -> C:\Windows\System32\usermgr.dll (Microsoft Corporation) NETSVC: DmEnrollmentSvc -> C:\Windows\system32\Windows.Internal.Management.dll (Microsoft Corporation) NETSVC: XblAuthManager -> C:\Windows\System32\XblAuthManager.dll (Microsoft Corporation) NETSVC: RetailDemo -> C:\Windows\system32\RDXService.dll (Microsoft Corporation) NETSVCx32: NetSetupSvc -> C:\Windows\SysWOW64\NetSetupSvc.dll ==> Keine Datei NETSVCx32: UserManager -> C:\Windows\SysWOW64\usermgr.dll ==> Keine Datei ==================== Ein Monat: Erstellte Dateien und Ordner ======== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.) 2015-08-14 23:18 - 2015-08-14 23:18 - 00852684 _____ C:\Users\Nils Geiger\Downloads\SecurityCheck.exe 2015-08-14 23:15 - 2015-08-14 23:15 - 00016148 _____ C:\WINDOWS\system32\NILS-PC_Nils Geiger_HistoryPrediction.bin 2015-08-14 16:54 - 2015-08-14 16:54 - 00000000 ____D C:\Program Files (x86)\ESET 2015-08-14 16:53 - 2015-08-14 16:54 - 02870984 _____ (ESET) C:\Users\Nils Geiger\Downloads\esetsmartinstaller_deu.exe 2015-08-14 16:28 - 2015-08-14 16:28 - 00000000 ___HD C:\OneDriveTemp 2015-08-13 22:28 - 2015-08-13 22:29 - 07389486 _____ C:\Users\Nils Geiger\Downloads\JStroud_Barti.rar 2015-08-13 20:48 - 2015-08-07 06:05 - 00573048 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvStreaming.exe 2015-08-13 20:47 - 2015-08-13 20:48 - 00000000 ____D C:\WINDOWS\LastGood.Tmp 2015-08-13 20:46 - 2015-08-07 13:07 - 42840184 _____ C:\WINDOWS\system32\nvcompiler.dll 2015-08-13 20:46 - 2015-08-07 13:07 - 37819184 _____ C:\WINDOWS\SysWOW64\nvcompiler.dll 2015-08-13 20:46 - 2015-08-07 13:07 - 22551672 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglv64.dll 2015-08-13 20:46 - 2015-08-07 13:07 - 18564728 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglv32.dll 2015-08-13 20:46 - 2015-08-07 13:07 - 16638896 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvopencl.dll 2015-08-13 20:46 - 2015-08-07 13:07 - 15627520 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvd3dumx.dll 2015-08-13 20:46 - 2015-08-07 13:07 - 14935968 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll 2015-08-13 20:46 - 2015-08-07 13:07 - 13663424 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvopencl.dll 2015-08-13 20:46 - 2015-08-07 13:07 - 12186176 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll 2015-08-13 20:46 - 2015-08-07 13:07 - 02352248 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll 2015-08-13 20:46 - 2015-08-07 13:07 - 02104440 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll 2015-08-13 20:46 - 2015-08-07 13:07 - 01898288 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6435560.dll 2015-08-13 20:46 - 2015-08-07 13:07 - 01558832 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6435560.dll 2015-08-13 20:46 - 2015-08-07 13:07 - 01177016 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvumdshimx.dll 2015-08-13 20:46 - 2015-08-07 13:07 - 01063032 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll 2015-08-13 20:46 - 2015-08-07 13:07 - 01061168 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll 2015-08-13 20:46 - 2015-08-07 13:07 - 01000088 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvumdshim.dll 2015-08-13 20:46 - 2015-08-07 13:07 - 00985392 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll 2015-08-13 20:46 - 2015-08-07 13:07 - 00931960 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll 2015-08-13 20:46 - 2015-08-07 13:07 - 00176904 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvinitx.dll 2015-08-13 20:46 - 2015-08-07 13:07 - 00155792 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvinit.dll 2015-08-13 20:46 - 2015-08-07 13:07 - 00150832 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglshim64.dll 2015-08-13 20:46 - 2015-08-07 13:07 - 00128696 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglshim32.dll 2015-08-13 20:46 - 2015-08-07 13:07 - 00040280 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvhdap64.dll 2015-08-13 15:59 - 2015-08-14 23:22 - 00044992 _____ C:\Users\Nils Geiger\Downloads\FRST.txt 2015-08-13 15:56 - 2015-08-13 15:56 - 00000000 ____D C:\Users\Nils Geiger\AppData\Roaming\ProductData 2015-08-13 15:45 - 2015-08-13 15:45 - 00002042 _____ C:\Users\Nils Geiger\Downloads\JRT.txt 2015-08-13 15:41 - 2015-08-13 15:41 - 00002072 _____ C:\Users\Nils Geiger\Downloads\AdwCleaner[S7].txt 2015-08-13 15:39 - 2015-08-14 16:27 - 00006556 _____ C:\WINDOWS\setupact.log 2015-08-13 15:39 - 2015-08-13 15:39 - 00000000 _____ C:\WINDOWS\setuperr.log 2015-08-13 15:37 - 2015-08-14 22:38 - 00000275 _____ C:\WINDOWS\WindowsUpdate.log 2015-08-13 15:35 - 2015-08-13 15:35 - 00001201 _____ C:\Users\Nils Geiger\Downloads\MBAM.txt 2015-08-13 15:28 - 2015-08-13 15:42 - 01791580 _____ (Malwarebytes Corporation) C:\Users\Nils Geiger\Downloads\JRT.exe 2015-08-13 15:27 - 2015-08-13 15:36 - 02248704 _____ C:\Users\Nils Geiger\Downloads\AdwCleaner_4.208.exe 2015-08-13 15:14 - 2015-08-13 15:14 - 00000000 ____D C:\Program Files (x86)\VS Revo Group 2015-08-13 14:52 - 2015-08-13 15:20 - 24345872 _____ (Malwarebytes Corporation ) C:\Users\Nils Geiger\Downloads\mbam-setup-2.1.8.1057.exe 2015-08-13 14:52 - 2015-08-13 15:14 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\Nils Geiger\Downloads\revosetup95.exe 2015-08-12 18:08 - 2015-08-12 18:08 - 09284296 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerInstaller.exe 2015-08-12 15:07 - 2015-08-08 09:30 - 08020320 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe 2015-08-12 15:07 - 2015-08-08 09:29 - 01822280 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll 2015-08-12 15:07 - 2015-08-08 09:19 - 00608936 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe 2015-08-12 15:07 - 2015-08-08 09:01 - 01533496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll 2015-08-12 15:07 - 2015-08-08 08:48 - 00539728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe 2015-08-12 15:07 - 2015-08-08 08:40 - 00365056 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll 2015-08-12 15:07 - 2015-08-08 08:24 - 02415104 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll 2015-08-12 15:07 - 2015-08-08 08:24 - 01679360 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll 2015-08-12 15:07 - 2015-08-08 08:22 - 01105920 _____ (Microsoft Corporation) C:\WINDOWS\system32\sysmain.dll 2015-08-12 15:07 - 2015-08-08 08:21 - 00642048 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdbui.dll 2015-08-12 15:07 - 2015-08-08 08:15 - 00303104 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll 2015-08-12 15:07 - 2015-08-08 08:00 - 01985024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWrite.dll 2015-08-12 15:07 - 2015-08-06 05:18 - 00290768 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppHost.exe 2015-08-12 15:07 - 2015-08-06 05:17 - 00237392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdyboost.sys 2015-08-12 15:07 - 2015-08-06 05:17 - 00200528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wof.sys 2015-08-12 15:07 - 2015-08-06 04:36 - 21874176 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll 2015-08-12 15:07 - 2015-08-06 04:22 - 00685568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdiWiFi.sys 2015-08-12 15:07 - 2015-08-06 04:03 - 18805248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll 2015-08-12 15:07 - 2015-08-05 06:49 - 00783112 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll 2015-08-12 15:07 - 2015-08-05 06:29 - 00644128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll 2015-08-12 15:07 - 2015-08-05 06:03 - 02416640 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll 2015-08-12 15:07 - 2015-08-05 06:00 - 00310784 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActionCenter.dll 2015-08-12 15:07 - 2015-08-05 05:54 - 01274880 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifinetworkmanager.dll 2015-08-12 15:07 - 2015-08-05 05:47 - 03588096 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys 2015-08-12 15:07 - 2015-08-05 05:47 - 01383424 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys 2015-08-12 15:07 - 2015-08-05 05:43 - 01916416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll 2015-08-12 15:07 - 2015-08-05 05:39 - 00261632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActionCenter.dll 2015-08-12 15:07 - 2015-08-04 06:08 - 02462648 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll 2015-08-12 15:07 - 2015-08-04 06:07 - 00102752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mountmgr.sys 2015-08-12 15:07 - 2015-08-04 06:06 - 00583128 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf.dll 2015-08-12 15:07 - 2015-08-04 06:06 - 00243248 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll 2015-08-12 15:07 - 2015-08-04 05:50 - 02151208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll 2015-08-12 15:07 - 2015-08-04 05:23 - 00078848 _____ (Microsoft Corporation) C:\WINDOWS\system32\VPNv2CSP.dll 2015-08-12 15:07 - 2015-08-04 05:21 - 16709120 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll 2015-08-12 15:07 - 2015-08-04 05:10 - 13025792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll 2015-08-12 15:07 - 2015-08-04 04:59 - 01212416 _____ (Microsoft Corporation) C:\WINDOWS\system32\RemoteNaturalLanguage.dll 2015-08-12 15:07 - 2015-08-04 04:47 - 00898560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RemoteNaturalLanguage.dll 2015-08-12 15:07 - 2015-08-03 04:32 - 00306688 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationObjFactory.dll 2015-08-12 15:07 - 2015-08-03 04:28 - 00268800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NotificationObjFactory.dll 2015-08-12 15:07 - 2015-08-03 04:19 - 00505696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys 2015-08-12 15:07 - 2015-08-03 04:19 - 00393568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys 2015-08-12 15:07 - 2015-08-03 04:18 - 08613200 _____ (Microsoft Corp.) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll 2015-08-12 15:07 - 2015-08-03 04:18 - 01983840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys 2015-08-12 15:07 - 2015-08-03 04:18 - 00594472 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Shell.Broker.dll 2015-08-12 15:07 - 2015-08-03 04:18 - 00046432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msgpiowin32.sys 2015-08-12 15:07 - 2015-08-03 04:17 - 00516960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS 2015-08-12 15:07 - 2015-08-03 04:17 - 00052264 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wpcfltr.sys 2015-08-12 15:07 - 2015-08-03 04:13 - 22322624 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll 2015-08-12 15:07 - 2015-08-03 04:12 - 00801632 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe 2015-08-12 15:07 - 2015-08-03 03:56 - 06878256 _____ (Microsoft Corp.) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll 2015-08-12 15:07 - 2015-08-03 03:50 - 20857848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll 2015-08-12 15:07 - 2015-08-03 03:49 - 00700256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe 2015-08-12 15:07 - 2015-08-03 03:31 - 00911360 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedStartModel.dll 2015-08-12 15:07 - 2015-08-03 03:30 - 00253952 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_UserAccount.dll 2015-08-12 15:07 - 2015-08-03 03:24 - 24592384 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll 2015-08-12 15:07 - 2015-08-03 03:24 - 00503808 _____ (Microsoft Corporation) C:\WINDOWS\system32\tileobjserver.dll 2015-08-12 15:07 - 2015-08-03 03:24 - 00282112 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEEventDispatcher.dll 2015-08-12 15:07 - 2015-08-03 03:24 - 00193536 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedStartModelShim.dll 2015-08-12 15:07 - 2015-08-03 03:23 - 02446336 _____ C:\WINDOWS\system32\InputService.dll 2015-08-12 15:07 - 2015-08-03 03:23 - 00122880 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEDataLayerHelpers.dll 2015-08-12 15:07 - 2015-08-03 03:22 - 01601536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Speech.dll 2015-08-12 15:07 - 2015-08-03 03:22 - 01008640 _____ (Microsoft Corporation) C:\WINDOWS\system32\schedsvc.dll 2015-08-12 15:07 - 2015-08-03 03:22 - 00317440 _____ (Microsoft Corporation) C:\WINDOWS\system32\configmanager2.dll 2015-08-12 15:07 - 2015-08-03 03:22 - 00293376 _____ C:\WINDOWS\system32\TextInputFramework.dll 2015-08-12 15:07 - 2015-08-03 03:21 - 00179712 _____ (Microsoft Corporation) C:\WINDOWS\system32\coredpus.dll 2015-08-12 15:07 - 2015-08-03 03:19 - 00215040 _____ (Microsoft Corporation) C:\WINDOWS\system32\notepad.exe 2015-08-12 15:07 - 2015-08-03 03:19 - 00215040 _____ (Microsoft Corporation) C:\WINDOWS\notepad.exe 2015-08-12 15:07 - 2015-08-03 03:18 - 12503552 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll 2015-08-12 15:07 - 2015-08-03 03:18 - 03780096 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll 2015-08-12 15:07 - 2015-08-03 03:18 - 00162304 _____ (Microsoft Corporation) C:\WINDOWS\system32\SubscriptionMgr.dll 2015-08-12 15:07 - 2015-08-03 03:18 - 00120832 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkStatus.dll 2015-08-12 15:07 - 2015-08-03 03:15 - 02178560 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll 2015-08-12 15:07 - 2015-08-03 03:15 - 01290752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Shell.dll 2015-08-12 15:07 - 2015-08-03 03:15 - 00988672 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXService.dll 2015-08-12 15:07 - 2015-08-03 03:15 - 00595456 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll 2015-08-12 15:07 - 2015-08-03 03:15 - 00573440 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Cortana.Desktop.dll 2015-08-12 15:07 - 2015-08-03 03:15 - 00384000 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppBroker.dll 2015-08-12 15:07 - 2015-08-03 03:15 - 00171520 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinBioDataModel.dll 2015-08-12 15:07 - 2015-08-03 03:14 - 00273920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.LockScreen.dll 2015-08-12 15:07 - 2015-08-03 03:14 - 00247808 _____ C:\WINDOWS\system32\facecredentialprovider.dll 2015-08-12 15:07 - 2015-08-03 03:12 - 19323392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll 2015-08-12 15:07 - 2015-08-03 03:12 - 01890304 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll 2015-08-12 15:07 - 2015-08-03 03:12 - 01823232 _____ C:\WINDOWS\SysWOW64\InputService.dll 2015-08-12 15:07 - 2015-08-03 03:12 - 00217088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VEEventDispatcher.dll 2015-08-12 15:07 - 2015-08-03 03:12 - 00081920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VEDataLayerHelpers.dll 2015-08-12 15:07 - 2015-08-03 03:11 - 01795072 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll 2015-08-12 15:07 - 2015-08-03 03:11 - 00814080 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctfuimanager.dll 2015-08-12 15:07 - 2015-08-03 03:11 - 00200704 _____ C:\WINDOWS\SysWOW64\TextInputFramework.dll 2015-08-12 15:07 - 2015-08-03 03:10 - 01162240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Speech.dll 2015-08-12 15:07 - 2015-08-03 03:06 - 00207872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\notepad.exe 2015-08-12 15:07 - 2015-08-03 03:03 - 00494592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LogonController.dll 2015-08-12 15:07 - 2015-08-03 03:02 - 00311808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LockAppBroker.dll 2015-08-12 15:07 - 2015-08-03 03:02 - 00195072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.LockScreen.dll 2015-08-12 15:07 - 2015-08-03 03:01 - 11262464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll 2015-08-12 15:07 - 2015-08-03 03:00 - 01593856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll 2015-08-12 15:07 - 2015-08-03 02:59 - 00752640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctfuimanager.dll 2015-08-12 15:02 - 2015-08-12 15:02 - 00129101 _____ C:\Users\Nils Geiger\Downloads\Addition.txt 2015-08-12 15:01 - 2015-08-13 15:59 - 00000000 ____D C:\Users\Nils Geiger\Downloads\FRST-OlderVersion 2015-08-11 20:54 - 2015-08-11 20:54 - 00000000 ____D C:\ProgramData\X360CE 2015-08-11 20:54 - 2015-08-11 20:54 - 00000000 ____D C:\Program Files (x86)\steam 2015-08-11 20:45 - 2015-08-11 20:45 - 00001911 _____ C:\Users\Nils Geiger\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Spotify.lnk 2015-08-10 19:58 - 2015-08-13 15:59 - 02173952 _____ (Farbar) C:\Users\Nils Geiger\Downloads\FRST64.exe 2015-08-10 00:11 - 2015-08-11 16:11 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox 2015-08-09 23:38 - 2015-08-13 15:21 - 00113880 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys 2015-08-09 23:38 - 2015-08-13 15:20 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 2015-08-09 23:38 - 2015-08-13 15:20 - 00000000 ____D C:\Program Files (x86)\ Malwarebytes Anti-Malware 2015-08-09 23:38 - 2015-06-18 08:42 - 00064216 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys 2015-08-09 23:38 - 2015-06-18 08:41 - 00109272 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys 2015-08-09 23:38 - 2015-06-18 08:41 - 00025816 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys 2015-08-09 23:32 - 2015-08-13 15:23 - 00000000 ____D C:\WINDOWS\Minidump 2015-08-09 23:15 - 2015-08-14 23:22 - 00000000 ____D C:\FRST 2015-08-09 23:14 - 2015-08-09 23:14 - 00000168 _____ C:\Users\Nils Geiger\defogger_reenable 2015-08-07 20:38 - 2015-08-08 14:09 - 01865516 _____ C:\Users\Apps\musixmatch-lyrics-cp.spa 2015-08-07 20:38 - 2015-08-08 14:09 - 00449780 _____ C:\Users\snapshot_blob.bin 2015-08-07 20:38 - 2015-08-08 14:09 - 00410937 _____ C:\Users\natives_blob.bin 2015-08-05 23:58 - 2015-07-30 08:24 - 01561872 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmde.dll 2015-08-05 23:58 - 2015-07-30 08:23 - 00527952 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll 2015-08-05 23:58 - 2015-07-30 08:21 - 00816576 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll 2015-08-05 23:58 - 2015-07-30 08:17 - 01200400 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcrt4.dll 2015-08-05 23:58 - 2015-07-30 08:17 - 01025840 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsrcsnk.dll 2015-08-05 23:58 - 2015-07-30 08:16 - 02147080 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d9.dll 2015-08-05 23:58 - 2015-07-30 08:15 - 00632168 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll 2015-08-05 23:58 - 2015-07-30 08:14 - 00333168 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFPlay.dll 2015-08-05 23:58 - 2015-07-30 08:09 - 01562968 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpmde.dll 2015-08-05 23:58 - 2015-07-30 08:06 - 01043872 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll 2015-08-05 23:58 - 2015-07-30 08:05 - 02498808 _____ C:\WINDOWS\system32\CoreUIComponents.dll 2015-08-05 23:58 - 2015-07-30 08:05 - 00501008 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll 2015-08-05 23:58 - 2015-07-30 08:04 - 01396064 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll 2015-08-05 23:58 - 2015-07-30 08:03 - 02116448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys 2015-08-05 23:58 - 2015-07-30 07:24 - 00252768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContentDeliveryManager.Utilities.dll 2015-08-05 23:58 - 2015-07-30 06:42 - 01643872 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll 2015-08-05 23:58 - 2015-07-30 06:29 - 00705520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpcrt4.dll 2015-08-05 23:58 - 2015-07-30 06:26 - 01867160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d9.dll 2015-08-05 23:58 - 2015-07-30 06:26 - 00877016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll 2015-08-05 23:58 - 2015-07-30 06:25 - 01356368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmde.dll 2015-08-05 23:58 - 2015-07-30 06:25 - 00713312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll 2015-08-05 23:58 - 2015-07-30 06:24 - 01769056 _____ C:\WINDOWS\SysWOW64\CoreUIComponents.dll 2015-08-05 23:58 - 2015-07-30 06:24 - 00445240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioEng.dll 2015-08-05 23:58 - 2015-07-30 06:24 - 00407616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll 2015-08-05 23:58 - 2015-07-30 06:24 - 00285632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFPlay.dll 2015-08-05 23:58 - 2015-07-30 06:22 - 00896144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsrcsnk.dll 2015-08-05 23:58 - 2015-07-30 06:22 - 00507696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxgi.dll 2015-08-05 23:58 - 2015-07-30 06:21 - 00962400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll 2015-08-05 23:58 - 2015-07-30 06:12 - 00287744 _____ (Microsoft Corporation) C:\WINDOWS\system32\provhandlers.dll 2015-08-05 23:58 - 2015-07-30 06:12 - 00268800 _____ (Microsoft Corporation) C:\WINDOWS\system32\provengine.dll 2015-08-05 23:58 - 2015-07-30 06:09 - 00024576 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManagerShellext.exe 2015-08-05 23:58 - 2015-07-30 06:08 - 00494592 _____ (Microsoft Corporation) C:\WINDOWS\system32\StoreAgent.dll 2015-08-05 23:58 - 2015-07-30 06:08 - 00168960 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe 2015-08-05 23:58 - 2015-07-30 06:08 - 00055296 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe 2015-08-05 23:58 - 2015-07-30 05:59 - 00187904 _____ (Microsoft Corporation) C:\WINDOWS\system32\provisioningcsp.dll 2015-08-05 23:58 - 2015-07-30 05:52 - 00859136 _____ (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll 2015-08-05 23:58 - 2015-07-30 05:52 - 00521216 _____ (Microsoft Corporation) C:\WINDOWS\system32\PsmServiceExtHost.dll 2015-08-05 23:58 - 2015-07-30 05:52 - 00075264 _____ (Microsoft Corporation) C:\WINDOWS\system32\ACPBackgroundManagerPolicy.dll 2015-08-05 23:58 - 2015-07-30 05:49 - 11557888 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll 2015-08-05 23:58 - 2015-07-30 05:49 - 00777728 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll 2015-08-05 23:58 - 2015-07-30 05:49 - 00324096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll 2015-08-05 23:58 - 2015-07-30 05:46 - 02125312 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.appcore.dll 2015-08-05 23:58 - 2015-07-30 05:46 - 00593920 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmsvc.dll 2015-08-05 23:58 - 2015-07-30 05:46 - 00487424 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmkvsrcsnk.dll 2015-08-05 23:58 - 2015-07-30 05:46 - 00204288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmcsp.dll 2015-08-05 23:58 - 2015-07-30 05:45 - 00195584 _____ (Microsoft Corporation) C:\WINDOWS\system32\fwpolicyiomgr.dll 2015-08-05 23:58 - 2015-07-30 05:45 - 00155136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tunnel.sys 2015-08-05 23:58 - 2015-07-30 05:44 - 02662400 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll 2015-08-05 23:58 - 2015-07-30 05:44 - 00280064 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll 2015-08-05 23:58 - 2015-07-30 05:44 - 00229376 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorService.dll 2015-08-05 23:58 - 2015-07-30 05:44 - 00091648 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsNativeApi.V2.dll 2015-08-05 23:58 - 2015-07-30 05:44 - 00065536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthhfenum.sys 2015-08-05 23:58 - 2015-07-30 05:44 - 00041984 _____ (Microsoft Corporation) C:\WINDOWS\system32\VoiceActivationManager.dll 2015-08-05 23:58 - 2015-07-30 05:42 - 00518144 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationController.dll 2015-08-05 23:58 - 2015-07-30 05:41 - 00407040 _____ (Microsoft Corporation) C:\WINDOWS\system32\CredProvDataModel.dll 2015-08-05 23:58 - 2015-07-30 05:41 - 00028672 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationControllerPS.dll 2015-08-05 23:58 - 2015-07-30 05:40 - 00846336 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpncore.dll 2015-08-05 23:58 - 2015-07-30 05:38 - 01420288 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataService.dll 2015-08-05 23:58 - 2015-07-30 05:38 - 00080384 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxSysprep.dll 2015-08-05 23:58 - 2015-07-30 05:34 - 00599552 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnapps.dll 2015-08-05 23:58 - 2015-07-30 05:29 - 00654848 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToManager.dll 2015-08-05 23:58 - 2015-07-30 05:15 - 09889792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll 2015-08-05 23:58 - 2015-07-30 05:10 - 00585728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll 2015-08-05 23:58 - 2015-07-30 05:10 - 00247808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll 2015-08-05 23:58 - 2015-07-30 05:07 - 00163328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fwpolicyiomgr.dll 2015-08-05 23:58 - 2015-07-30 05:06 - 01820160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Logon.dll 2015-08-05 23:58 - 2015-07-30 05:06 - 00373248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmkvsrcsnk.dll 2015-08-05 23:58 - 2015-07-30 05:06 - 00078336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SensorsNativeApi.V2.dll 2015-08-05 23:58 - 2015-07-30 05:06 - 00034816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VoiceActivationManager.dll 2015-08-05 23:58 - 2015-07-30 05:04 - 01714176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.appcore.dll 2015-08-05 23:58 - 2015-07-30 05:04 - 00335360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CredProvDataModel.dll 2015-08-05 23:58 - 2015-07-30 04:59 - 00473088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wpnapps.dll 2015-08-05 23:58 - 2015-07-30 04:58 - 00497152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToManager.dll 2015-08-01 19:14 - 2015-08-01 19:14 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TriDef 2015-08-01 19:14 - 2015-07-03 06:28 - 00065896 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvaudcap32v.dll 2015-08-01 14:19 - 2015-08-01 14:19 - 00021232 _____ (Thesycon GmbH) C:\WINDOWS\system32\Drivers\dpclat_driver.sys 2015-07-30 20:34 - 2015-07-30 20:34 - 00000000 ____D C:\Users\Nils Geiger\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox 2015-07-30 18:53 - 2015-07-30 18:53 - 00000000 ____D C:\WINDOWS\system32\SleepStudy 2015-07-30 18:03 - 2015-07-30 18:03 - 00000000 ____D C:\Users\Nils Geiger\AppData\Local\PeerDistRepub 2015-07-29 16:50 - 2015-08-13 15:23 - 00000000 ___DC C:\WINDOWS\Panther 2015-07-29 16:49 - 2015-07-29 16:49 - 00000000 ____D C:\Windows.old 2015-07-29 16:48 - 2015-07-29 16:48 - 14241792 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll 2015-07-29 16:48 - 2015-07-29 16:48 - 12589056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll 2015-07-29 16:48 - 2015-07-29 16:48 - 07569408 _____ (Microsoft Corporation) C:\WINDOWS\system32\mos.dll 2015-07-29 16:48 - 2015-07-29 16:48 - 07523328 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll 2015-07-29 16:48 - 2015-07-29 16:48 - 07051264 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll 2015-07-29 16:48 - 2015-07-29 16:48 - 06488312 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll 2015-07-29 16:48 - 2015-07-29 16:48 - 06305792 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Search.dll 2015-07-29 16:48 - 2015-07-29 16:48 - 06101504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mos.dll 2015-07-29 16:48 - 2015-07-29 16:48 - 05454848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll 2015-07-29 16:48 - 2015-07-29 16:48 - 05118024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll 2015-07-29 16:48 - 2015-07-29 16:48 - 05076480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingMaps.dll 2015-07-29 16:48 - 2015-07-29 16:48 - 04791296 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll 2015-07-29 16:48 - 2015-07-29 16:48 - 04760576 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExplorerFrame.dll 2015-07-29 16:48 - 2015-07-29 16:48 - 04611584 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll 2015-07-29 16:48 - 2015-07-29 16:48 - 04532304 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe 2015-07-29 16:48 - 2015-07-29 16:48 - 04398080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Search.dll 2015-07-29 16:48 - 2015-07-29 16:48 - 04350464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExplorerFrame.dll 2015-07-29 16:48 - 2015-07-29 16:48 - 04169728 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIRibbon.dll 2015-07-29 16:48 - 2015-07-29 16:48 - 04047288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe 2015-07-29 16:48 - 2015-07-29 16:48 - 03687936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll 2015-07-29 16:48 - 2015-07-29 16:48 - 03620736 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll 2015-07-29 16:48 - 2015-07-29 16:48 - 03579904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll 2015-07-29 16:48 - 2015-07-29 16:48 - 03443200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIRibbon.dll 2015-07-29 16:48 - 2015-07-29 16:48 - 03362816 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll 2015-07-29 16:48 - 2015-07-29 16:48 - 03248640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll 2015-07-29 16:48 - 2015-07-29 16:48 - 03248128 _____ (Microsoft Corporation) C:\WINDOWS\system32\msftedit.dll 2015-07-29 16:48 - 2015-07-29 16:48 - 02878000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll 2015-07-29 16:48 - 2015-07-29 16:48 - 02741760 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll 2015-07-29 16:48 - 2015-07-29 16:48 - 02646528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll 2015-07-29 16:48 - 2015-07-29 16:48 - 02606080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msftedit.dll 2015-07-29 16:48 - 2015-07-29 16:48 - 02558976 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll 2015-07-29 16:48 - 2015-07-29 16:48 - 02235904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll 2015-07-29 16:48 - 2015-07-29 16:48 - 02224128 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll 2015-07-29 16:48 - 2015-07-29 16:48 - 02207744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll 2015-07-29 16:48 - 2015-07-29 16:48 - 02112512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll 2015-07-29 16:48 - 2015-07-29 16:48 - 01964544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssrch.dll 2015-07-29 16:48 - 2015-07-29 16:48 - 01773056 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll 2015-07-29 16:48 - 2015-07-29 16:48 - 01611264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll 2015-07-29 16:48 - 2015-07-29 16:48 - 01602560 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll 2015-07-29 16:48 - 2015-07-29 16:48 - 01591856 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll 2015-07-29 16:48 - 2015-07-29 16:48 - 01521664 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActiveSyncProvider.dll 2015-07-29 16:48 - 2015-07-29 16:48 - 01418240 _____ (Microsoft Corporation) C:\WINDOWS\system32\RecoveryDrive.exe 2015-07-29 16:48 - 2015-07-29 16:48 - 01417216 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll 2015-07-29 16:48 - 2015-07-29 16:48 - 01411072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Editing.dll 2015-07-29 16:48 - 2015-07-29 16:48 - 01380864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll 2015-07-29 16:48 - 2015-07-29 16:48 - 01365072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32.dll 2015-07-29 16:48 - 2015-07-29 16:48 - 01334784 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAutomationCore.dll 2015-07-29 16:48 - 2015-07-29 16:48 - 01294352 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi 2015-07-29 16:48 - 2015-07-29 16:48 - 01203200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Bluetooth.dll 2015-07-29 16:48 - 2015-07-29 16:48 - 01203200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Unistore.dll 2015-07-29 16:48 - 2015-07-29 16:48 - 01201664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Cred.dll 2015-07-29 16:48 - 2015-07-29 16:48 - 01177600 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll 2015-07-29 16:48 - 2015-07-29 16:48 - 01169408 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll 2015-07-29 16:48 - 2015-07-29 16:48 - 01168736 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys 2015-07-29 16:48 - 2015-07-29 16:48 - 01135312 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipUp.exe 2015-07-29 16:48 - 2015-07-29 16:48 - 01123400 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe 2015-07-29 16:48 - 2015-07-29 16:48 - 01112064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIAutomationCore.dll 2015-07-29 16:48 - 2015-07-29 16:48 - 01101792 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmCoreR.dll 2015-07-29 16:48 - 2015-07-29 16:48 - 01085776 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll 2015-07-29 16:48 - 2015-07-29 16:48 - 01067520 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll 2015-07-29 16:48 - 2015-07-29 16:48 - 01061888 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll 2015-07-29 16:48 - 2015-07-29 16:48 - 01043968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Editing.dll 2015-07-29 16:48 - 2015-07-29 16:48 - 01031680 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorDataService.exe 2015-07-29 16:48 - 2015-07-29 16:48 - 01018568 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi 2015-07-29 16:48 - 2015-07-29 16:48 - 00991584 _____ (Microsoft Corporation) C:\WINDOWS\system32\ReAgent.dll 2015-07-29 16:48 - 2015-07-29 16:48 - 00980832 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi 2015-07-29 16:48 - 2015-07-29 16:48 - 00966424 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.appcore.dll 2015-07-29 16:48 - 2015-07-29 16:48 - 00934752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\refsv1.sys 2015-07-29 16:48 - 2015-07-29 16:48 - 00925696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Unistore.dll 2015-07-29 16:48 - 2015-07-29 16:48 - 00916800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll 2015-07-29 16:48 - 2015-07-29 16:48 - 00902656 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchIndexer.exe 2015-07-29 16:48 - 2015-07-29 16:48 - 00872448 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntshrui.dll 2015-07-29 16:48 - 2015-07-29 16:48 - 00869376 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapControlCore.dll 2015-07-29 16:48 - 2015-07-29 16:48 - 00858408 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe 2015-07-29 16:48 - 2015-07-29 16:48 - 00856064 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContactApis.dll 2015-07-29 16:48 - 2015-07-29 16:48 - 00855552 _____ (Microsoft Corporation) C:\WINDOWS\system32\winhttp.dll 2015-07-29 16:48 - 2015-07-29 16:48 - 00850432 _____ (Microsoft Corporation) C:\WINDOWS\system32\comdlg32.dll 2015-07-29 16:48 - 2015-07-29 16:48 - 00845664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ReAgent.dll 2015-07-29 16:48 - 2015-07-29 16:48 - 00841728 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Import.dll 2015-07-29 16:48 - 2015-07-29 16:48 - 00832512 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsStore.dll 2015-07-29 16:48 - 2015-07-29 16:48 - 00828416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Bluetooth.dll 2015-07-29 16:48 - 2015-07-29 16:48 - 00823336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MrmCoreR.dll 2015-07-29 16:48 - 2015-07-29 16:48 - 00808856 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll 2015-07-29 16:48 - 2015-07-29 16:48 - 00799232 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpccpl.dll 2015-07-29 16:48 - 2015-07-29 16:48 - 00798208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntshrui.dll 2015-07-29 16:48 - 2015-07-29 16:48 - 00783872 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll 2015-07-29 16:48 - 2015-07-29 16:48 - 00762896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.appcore.dll 2015-07-29 16:48 - 2015-07-29 16:48 - 00754688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Cred.dll 2015-07-29 16:48 - 2015-07-29 16:48 - 00752640 _____ (Microsoft Corporation) C:\WINDOWS\system32\efscore.dll 2015-07-29 16:48 - 2015-07-29 16:48 - 00750592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comdlg32.dll 2015-07-29 16:48 - 2015-07-29 16:48 - 00712192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchIndexer.exe 2015-07-29 16:48 - 2015-07-29 16:48 - 00695136 _____ (Microsoft Corporation) C:\WINDOWS\system32\wimgapi.dll 2015-07-29 16:48 - 2015-07-29 16:48 - 00680448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.Connectivity.dll 2015-07-29 16:48 - 2015-07-29 16:48 - 00679424 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppContracts.dll 2015-07-29 16:48 - 2015-07-29 16:48 - 00677888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll 2015-07-29 16:48 - 2015-07-29 16:48 - 00670208 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll 2015-07-29 16:48 - 2015-07-29 16:48 - 00667136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winhttp.dll 2015-07-29 16:48 - 2015-07-29 16:48 - 00658568 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipSVC.dll 2015-07-29 16:48 - 2015-07-29 16:48 - 00630160 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll 2015-07-29 16:48 - 2015-07-29 16:48 - 00623616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ContactApis.dll 2015-07-29 16:48 - 2015-07-29 16:48 - 00607008 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll 2015-07-29 16:48 - 2015-07-29 16:48 - 00601344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys 2015-07-29 16:48 - 2015-07-29 16:48 - 00590336 _____ (Microsoft Corporation) C:\WINDOWS\system32\MessagingDataModel2.dll 2015-07-29 16:48 - 2015-07-29 16:48 - 00589824 _____ (Microsoft Corporation) C:\WINDOWS\system32\uxtheme.dll 2015-07-29 16:48 - 2015-07-29 16:48 - 00589312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\efscore.dll 2015-07-29 16:48 - 2015-07-29 16:48 - 00584704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIRibbonRes.dll 2015-07-29 16:48 - 2015-07-29 16:48 - 00584704 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Sensors.dll 2015-07-29 16:48 - 2015-07-29 16:48 - 00584704 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIRibbonRes.dll 2015-07-29 16:48 - 2015-07-29 16:48 - 00584544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wimgapi.dll 2015-07-29 16:48 - 2015-07-29 16:48 - 00578048 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe 2015-07-29 16:48 - 2015-07-29 16:48 - 00575488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Import.dll 2015-07-29 16:48 - 2015-07-29 16:48 - 00569344 _____ (Microsoft Corporation) C:\WINDOWS\system32\MCRecvSrc.dll 2015-07-29 16:48 - 2015-07-29 16:48 - 00565088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\acpi.sys 2015-07-29 16:48 - 2015-07-29 16:48 - 00562688 _____ (Microsoft Corporation) C:\WINDOWS\system32\MbaeApi.dll 2015-07-29 16:48 - 2015-07-29 16:48 - 00553472 _____ (Microsoft Corporation) C:\WINDOWS\system32\GamePanel.exe 2015-07-29 16:48 - 2015-07-29 16:48 - 00542720 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFolder.dll 2015-07-29 16:48 - 2015-07-29 16:48 - 00521568 _____ (Microsoft Corporation) C:\WINDOWS\system32\wimserv.exe 2015-07-29 16:48 - 2015-07-29 16:48 - 00510976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll 2015-07-29 16:48 - 2015-07-29 16:48 - 00505344 _____ C:\WINDOWS\system32\EditionUpgradeManagerObj.dll 2015-07-29 16:48 - 2015-07-29 16:48 - 00503296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.Connectivity.dll 2015-07-29 16:48 - 2015-07-29 16:48 - 00498016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbhub.sys 2015-07-29 16:48 - 2015-07-29 16:48 - 00485888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.BlockedShutdown.dll 2015-07-29 16:48 - 2015-07-29 16:48 - 00480256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MCRecvSrc.dll 2015-07-29 16:48 - 2015-07-29 16:48 - 00465920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MessagingDataModel2.dll 2015-07-29 16:48 - 2015-07-29 16:48 - 00458752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\uxtheme.dll 2015-07-29 16:48 - 2015-07-29 16:48 - 00452608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchFolder.dll 2015-07-29 16:48 - 2015-07-29 16:48 - 00448512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MbaeApi.dll 2015-07-29 16:48 - 2015-07-29 16:48 - 00446976 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapConfiguration.dll 2015-07-29 16:48 - 2015-07-29 16:48 - 00441344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppContracts.dll 2015-07-29 16:48 - 2015-07-29 16:48 - 00437248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Sensors.dll 2015-07-29 16:48 - 2015-07-29 16:48 - 00430592 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppcomapi.dll 2015-07-29 16:48 - 2015-07-29 16:48 - 00425824 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll 2015-07-29 16:48 - 2015-07-29 16:48 - 00421888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Bluetooth.dll 2015-07-29 16:48 - 2015-07-29 16:48 - 00420352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GamePanel.exe 2015-07-29 16:48 - 2015-07-29 16:48 - 00416256 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcdedit.exe 2015-07-29 16:48 - 2015-07-29 16:48 - 00414720 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.BioFeedback.dll 2015-07-29 16:48 - 2015-07-29 16:48 - 00412672 _____ C:\WINDOWS\system32\diagtrack_win.dll 2015-07-29 16:48 - 2015-07-29 16:48 - 00403968 _____ C:\WINDOWS\system32\diagtrack_wininternal.dll 2015-07-29 16:48 - 2015-07-29 16:48 - 00366592 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll 2015-07-29 16:48 - 2015-07-29 16:48 - 00359936 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncsi.dll 2015-07-29 16:48 - 2015-07-29 16:48 - 00356352 _____ (Microsoft Corporation) C:\WINDOWS\system32\stobject.dll 2015-07-29 16:48 - 2015-07-29 16:48 - 00343040 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll 2015-07-29 16:48 - 2015-07-29 16:48 - 00342528 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvr.exe 2015-07-29 16:48 - 2015-07-29 16:48 - 00335248 _____ (Microsoft Corporation) C:\WINDOWS\system32\wintrust.dll 2015-07-29 16:48 - 2015-07-29 16:48 - 00329728 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll 2015-07-29 16:48 - 2015-07-29 16:48 - 00328704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapConfiguration.dll 2015-07-29 16:48 - 2015-07-29 16:48 - 00325984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys 2015-07-29 16:48 - 2015-07-29 16:48 - 00322048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.BlockedShutdown.dll 2015-07-29 16:48 - 2015-07-29 16:48 - 00322048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\stobject.dll 2015-07-29 16:48 - 2015-07-29 16:48 - 00316928 _____ (Microsoft Corporation) C:\WINDOWS\system32\ConhostV2.dll 2015-07-29 16:48 - 2015-07-29 16:48 - 00310784 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsApi.dll 2015-07-29 16:48 - 2015-07-29 16:48 - 00303616 _____ (Microsoft Corporation) C:\WINDOWS\system32\MBMediaManager.dll 2015-07-29 16:48 - 2015-07-29 16:48 - 00296960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Bluetooth.dll 2015-07-29 16:48 - 2015-07-29 16:48 - 00294912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll 2015-07-29 16:48 - 2015-07-29 16:48 - 00291840 _____ (Microsoft Corporation) C:\WINDOWS\system32\systemcpl.dll 2015-07-29 16:48 - 2015-07-29 16:48 - 00290312 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininit.exe 2015-07-29 16:48 - 2015-07-29 16:48 - 00283648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.BioFeedback.dll 2015-07-29 16:48 - 2015-07-29 16:48 - 00279552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\systemcpl.dll 2015-07-29 16:48 - 2015-07-29 16:48 - 00275456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcastdvr.exe 2015-07-29 16:48 - 2015-07-29 16:48 - 00271872 _____ (Microsoft Corporation) C:\WINDOWS\system32\ConsoleLogon.dll 2015-07-29 16:48 - 2015-07-29 16:48 - 00265480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wintrust.dll 2015-07-29 16:48 - 2015-07-29 16:48 - 00263168 _____ (Microsoft Corporation) C:\WINDOWS\system32\DisplayManager.dll 2015-07-29 16:48 - 2015-07-29 16:48 - 00251392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SensorsApi.dll 2015-07-29 16:48 - 2015-07-29 16:48 - 00242264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LockAppHost.exe 2015-07-29 16:48 - 2015-07-29 16:48 - 00242176 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll 2015-07-29 16:48 - 2015-07-29 16:48 - 00235008 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Notifications.dll 2015-07-29 16:48 - 2015-07-29 16:48 - 00232960 _____ (Microsoft Corporation) C:\WINDOWS\system32\DevicesFlowBroker.dll 2015-07-29 16:48 - 2015-07-29 16:48 - 00208736 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll 2015-07-29 16:48 - 2015-07-29 16:48 - 00208384 _____ (Microsoft Corporation) C:\WINDOWS\system32\srumsvc.dll 2015-07-29 16:48 - 2015-07-29 16:48 - 00204288 _____ (Microsoft Corporation) C:\WINDOWS\system32\OmaDmAgent.dll 2015-07-29 16:48 - 2015-07-29 16:48 - 00193024 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseModernAppMgmtCSP.dll 2015-07-29 16:48 - 2015-07-29 16:48 - 00191488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DisplayManager.dll 2015-07-29 16:48 - 2015-07-29 16:48 - 00190464 _____ (Microsoft Corporation) C:\WINDOWS\system32\ReInfo.dll 2015-07-29 16:48 - 2015-07-29 16:48 - 00186880 _____ (Microsoft Corporation) C:\WINDOWS\system32\BootMenuUX.dll 2015-07-29 16:48 - 2015-07-29 16:48 - 00185856 _____ (Microsoft Corporation) C:\WINDOWS\system32\psmsrv.dll 2015-07-29 16:48 - 2015-07-29 16:48 - 00185344 _____ (Microsoft Corporation) C:\WINDOWS\system32\cloudAP.dll 2015-07-29 16:48 - 2015-07-29 16:48 - 00181760 _____ (Microsoft Corporation) C:\WINDOWS\system32\shutdownux.dll 2015-07-29 16:48 - 2015-07-29 16:48 - 00181088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxAllUserStore.dll 2015-07-29 16:48 - 2015-07-29 16:48 - 00179712 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_SignInOptions.dll 2015-07-29 16:48 - 2015-07-29 16:48 - 00179200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\srumsvc.dll 2015-07-29 16:48 - 2015-07-29 16:48 - 00176640 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcdboot.exe 2015-07-29 16:48 - 2015-07-29 16:48 - 00169984 _____ (Microsoft Corporation) C:\WINDOWS\system32\storewuauth.dll 2015-07-29 16:48 - 2015-07-29 16:48 - 00167424 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Privacy.dll 2015-07-29 16:48 - 2015-07-29 16:48 - 00162304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ReInfo.dll 2015-07-29 16:48 - 2015-07-29 16:48 - 00151040 _____ (Microsoft Corporation) C:\WINDOWS\system32\TabSvc.dll 2015-07-29 16:48 - 2015-07-29 16:48 - 00150528 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe 2015-07-29 16:48 - 2015-07-29 16:48 - 00148992 _____ (Microsoft Corporation) C:\WINDOWS\system32\tetheringservice.dll 2015-07-29 16:48 - 2015-07-29 16:48 - 00137216 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEStoreEventHandlers.dll 2015-07-29 16:48 - 2015-07-29 16:48 - 00123392 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll 2015-07-29 16:48 - 2015-07-29 16:48 - 00120832 _____ (Microsoft Corporation) C:\WINDOWS\system32\omadmclient.exe 2015-07-29 16:48 - 2015-07-29 16:48 - 00116736 _____ (Microsoft Corporation) C:\WINDOWS\system32\sendmail.dll 2015-07-29 16:48 - 2015-07-29 16:48 - 00107520 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmapi.dll 2015-07-29 16:48 - 2015-07-29 16:48 - 00104960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sendmail.dll 2015-07-29 16:48 - 2015-07-29 16:48 - 00097128 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcd.dll 2015-07-29 16:48 - 2015-07-29 16:48 - 00093696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmapi.dll 2015-07-29 16:48 - 2015-07-29 16:48 - 00084480 _____ (Microsoft Corporation) C:\WINDOWS\system32\spbcd.dll 2015-07-29 16:48 - 2015-07-29 16:48 - 00082616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcd.dll 2015-07-29 16:48 - 2015-07-29 16:48 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\system32\setbcdlocale.dll 2015-07-29 16:48 - 2015-07-29 16:48 - 00069120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\spbcd.dll 2015-07-29 16:48 - 2015-07-29 16:48 - 00068096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Cortana.ProxyStub.dll 2015-07-29 16:48 - 2015-07-29 16:48 - 00067072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbser.sys 2015-07-29 16:48 - 2015-07-29 16:48 - 00065536 _____ (Microsoft Corporation) C:\WINDOWS\system32\msiexec.exe 2015-07-29 16:48 - 2015-07-29 16:48 - 00064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\unenrollhook.dll 2015-07-29 16:48 - 2015-07-29 16:48 - 00061280 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dam.sys 2015-07-29 16:48 - 2015-07-29 16:48 - 00060928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Cortana.OneCore.dll 2015-07-29 16:48 - 2015-07-29 16:48 - 00058368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msiexec.exe 2015-07-29 16:48 - 2015-07-29 16:48 - 00057856 _____ (Microsoft Corporation) C:\WINDOWS\system32\hmkd.dll 2015-07-29 16:48 - 2015-07-29 16:48 - 00056320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Cortana.PAL.Desktop.dll 2015-07-29 16:48 - 2015-07-29 16:48 - 00053248 _____ (Microsoft Corporation) C:\WINDOWS\system32\omadmprc.exe 2015-07-29 16:48 - 2015-07-29 16:48 - 00046080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\UcmUcsi.sys 2015-07-29 16:48 - 2015-07-29 16:48 - 00045568 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll 2015-07-29 16:48 - 2015-07-29 16:48 - 00045056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hmkd.dll 2015-07-29 16:48 - 2015-07-29 16:48 - 00037376 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll 2015-07-29 16:48 - 2015-07-29 16:48 - 00032768 _____ C:\WINDOWS\system32\LicenseManagerApi.dll 2015-07-29 16:48 - 2015-07-29 16:48 - 00032768 _____ (Microsoft Corporation) C:\WINDOWS\system32\calc.exe 2015-07-29 16:48 - 2015-07-29 16:48 - 00031232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\calc.exe 2015-07-29 16:47 - 2015-07-29 16:47 - 00008192 _____ C:\WINDOWS\system32\config\userdiff 2015-07-29 16:46 - 2015-07-29 16:46 - 00000000 ____D C:\WINDOWS\SysWOW64\XPSViewer 2015-07-29 16:46 - 2015-07-29 16:46 - 00000000 ____D C:\Program Files\Reference Assemblies 2015-07-29 16:46 - 2015-07-29 16:46 - 00000000 ____D C:\Program Files\MSBuild 2015-07-29 16:46 - 2015-07-29 16:46 - 00000000 ____D C:\Program Files (x86)\Reference Assemblies 2015-07-29 16:46 - 2015-07-29 16:00 - 00000000 ____D C:\Program Files (x86)\MSBuild 2015-07-29 16:45 - 2015-06-17 19:10 - 01166520 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationNative_v0300.dll 2015-07-29 16:45 - 2015-06-17 19:10 - 00124112 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll 2015-07-29 16:45 - 2015-06-17 19:10 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe 2015-07-29 16:45 - 2015-05-29 22:07 - 00778936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationNative_v0300.dll 2015-07-29 16:45 - 2015-05-29 22:07 - 00102608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll 2015-07-29 16:45 - 2015-05-29 22:07 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TsWpfWrp.exe 2015-07-29 16:35 - 2015-07-29 16:35 - 00000000 ____D C:\Users\Nils Geiger\AppData\Local\NetworkTiles 2015-07-29 16:32 - 2015-07-29 16:32 - 00000000 ____D C:\Users\Nils Geiger\AppData\Local\MicrosoftEdge 2015-07-29 16:30 - 2015-07-29 16:30 - 00002421 _____ C:\Users\Nils Geiger\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk 2015-07-29 16:30 - 2015-07-29 16:30 - 00000000 ____D C:\Users\Nils Geiger\AppData\Local\Publishers 2015-07-29 16:29 - 2015-07-29 16:29 - 00000000 ____D C:\ProgramData\Microsoft OneDrive 2015-07-29 16:08 - 2015-08-14 16:54 - 01793546 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2015-07-29 16:07 - 2015-07-30 21:29 - 00000000 ____D C:\Users\Nils Geiger\AppData\Local\Comms 2015-07-29 16:07 - 2015-07-29 16:07 - 00000020 ___SH C:\Users\Nils Geiger\ntuser.ini 2015-07-29 16:07 - 2015-07-29 16:07 - 00000000 ____D C:\Users\Nils Geiger\AppData\Local\TileDataLayer 2015-07-29 16:05 - 2015-07-29 16:05 - 00000000 _SHDL C:\Users\Default\Vorlagen 2015-07-29 16:05 - 2015-07-29 16:05 - 00000000 _SHDL C:\Users\Default\Startmenü 2015-07-29 16:05 - 2015-07-29 16:05 - 00000000 _SHDL C:\Users\Default\Netzwerkumgebung 2015-07-29 16:05 - 2015-07-29 16:05 - 00000000 _SHDL C:\Users\Default\Lokale Einstellungen 2015-07-29 16:05 - 2015-07-29 16:05 - 00000000 _SHDL C:\Users\Default\Eigene Dateien 2015-07-29 16:05 - 2015-07-29 16:05 - 00000000 _SHDL C:\Users\Default\Druckumgebung 2015-07-29 16:05 - 2015-07-29 16:05 - 00000000 _SHDL C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programme 2015-07-29 16:05 - 2015-07-29 16:05 - 00000000 _SHDL C:\Users\Default\AppData\Local\Verlauf 2015-07-29 16:05 - 2015-07-29 16:05 - 00000000 _SHDL C:\Users\Default\AppData\Local\Anwendungsdaten 2015-07-29 16:05 - 2015-07-29 16:05 - 00000000 _SHDL C:\Users\Default\Anwendungsdaten 2015-07-29 16:05 - 2015-07-29 16:05 - 00000000 _SHDL C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programme 2015-07-29 16:05 - 2015-07-29 16:05 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Verlauf 2015-07-29 16:05 - 2015-07-29 16:05 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Anwendungsdaten 2015-07-29 16:01 - 2015-07-10 12:59 - 02718208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll 2015-07-29 16:00 - 2015-07-29 16:00 - 00000000 ____D C:\Users\Default\AppData\Roaming\TuneUp Software 2015-07-29 16:00 - 2015-07-29 16:00 - 00000000 ____D C:\Users\Default\AppData\Roaming\Mozilla 2015-07-29 16:00 - 2015-07-29 16:00 - 00000000 ____D C:\Users\Default\AppData\Roaming\Macromedia 2015-07-29 16:00 - 2015-07-29 16:00 - 00000000 ____D C:\Users\Default\AppData\Local\Overwolf 2015-07-29 16:00 - 2015-07-29 16:00 - 00000000 ____D C:\Users\Default\AppData\Local\Mozilla 2015-07-29 16:00 - 2015-07-29 16:00 - 00000000 ____D C:\Users\Default\AppData\Local\Microsoft Help 2015-07-29 16:00 - 2015-07-29 16:00 - 00000000 ____D C:\Users\Default User\AppData\Roaming\TuneUp Software 2015-07-29 16:00 - 2015-07-29 16:00 - 00000000 ____D C:\Users\Default User\AppData\Roaming\Mozilla 2015-07-29 16:00 - 2015-07-29 16:00 - 00000000 ____D C:\Users\Default User\AppData\Roaming\Macromedia 2015-07-29 16:00 - 2015-07-29 16:00 - 00000000 ____D C:\Users\Default User\AppData\Local\Overwolf 2015-07-29 16:00 - 2015-07-29 16:00 - 00000000 ____D C:\Users\Default User\AppData\Local\Mozilla 2015-07-29 16:00 - 2015-07-29 16:00 - 00000000 ____D C:\Users\Default User\AppData\Local\Microsoft Help 2015-07-29 15:59 - 2015-07-29 15:59 - 00001576 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk 2015-07-29 15:57 - 2015-07-29 15:57 - 00000000 ____D C:\WINDOWS\system32\config\bbimigrate 2015-07-29 15:56 - 2015-08-13 21:57 - 00000000 ____D C:\Users\Nils Geiger 2015-07-29 15:56 - 2015-07-29 16:07 - 00000000 ___RD C:\Users\Nils Geiger\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories 2015-07-29 15:56 - 2015-07-29 15:56 - 00000000 _SHDL C:\Users\Nils Geiger\Vorlagen 2015-07-29 15:56 - 2015-07-29 15:56 - 00000000 _SHDL C:\Users\Nils Geiger\Startmenü 2015-07-29 15:56 - 2015-07-29 15:56 - 00000000 _SHDL C:\Users\Nils Geiger\Netzwerkumgebung 2015-07-29 15:56 - 2015-07-29 15:56 - 00000000 _SHDL C:\Users\Nils Geiger\Lokale Einstellungen 2015-07-29 15:56 - 2015-07-29 15:56 - 00000000 _SHDL C:\Users\Nils Geiger\Eigene Dateien 2015-07-29 15:56 - 2015-07-29 15:56 - 00000000 _SHDL C:\Users\Nils Geiger\Druckumgebung 2015-07-29 15:56 - 2015-07-29 15:56 - 00000000 _SHDL C:\Users\Nils Geiger\AppData\Roaming\Microsoft\Windows\Start Menu\Programme 2015-07-29 15:56 - 2015-07-29 15:56 - 00000000 _SHDL C:\Users\Nils Geiger\AppData\Local\Verlauf 2015-07-29 15:56 - 2015-07-29 15:56 - 00000000 _SHDL C:\Users\Nils Geiger\AppData\Local\Anwendungsdaten 2015-07-29 15:56 - 2015-07-29 15:56 - 00000000 _SHDL C:\Users\Nils Geiger\Anwendungsdaten 2015-07-29 15:56 - 2015-07-29 15:56 - 00000000 ___RD C:\Users\Nils Geiger\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools 2015-07-29 15:56 - 2015-07-29 15:56 - 00000000 ___RD C:\Users\Nils Geiger\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility 2015-07-29 15:56 - 2015-07-10 13:04 - 00000000 __RSD C:\Users\Nils Geiger\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell 2015-07-29 15:56 - 2015-07-10 13:04 - 00000000 ____D C:\Users\Nils Geiger\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance 2015-07-29 15:55 - 2015-07-29 15:55 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_SaiK1708_01009.Wdf 2015-07-29 15:55 - 2015-07-29 15:55 - 00000000 ____H C:\ProgramData\DP45977C.lfl 2015-07-29 15:55 - 2015-07-29 15:55 - 00000000 ____D C:\WINDOWS\SysWOW64\RTCOM 2015-07-29 15:55 - 2015-07-29 15:55 - 00000000 ____D C:\WINDOWS\system32\DAX2 2015-07-29 15:55 - 2015-07-29 15:55 - 00000000 ____D C:\Program Files\Realtek 2015-07-29 15:52 - 2015-08-13 20:48 - 00000000 ____D C:\ProgramData\NVIDIA Corporation 2015-07-29 15:52 - 2015-07-29 15:57 - 00000000 ____D C:\Program Files\NVIDIA Corporation 2015-07-29 15:52 - 2015-07-29 15:57 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation 2015-07-29 15:52 - 2015-07-29 15:52 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_WpdFs_01_11_00.Wdf 2015-07-29 15:52 - 2015-07-29 15:52 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_TeeDriverx64_01011.Wdf 2015-07-29 15:51 - 2015-07-29 15:52 - 00035627 _____ C:\WINDOWS\system32\NetSetupMig.log 2015-07-29 15:29 - 2015-07-29 15:40 - 00000000 ___HD C:\$Windows.~BT 2015-07-29 15:09 - 2015-07-29 15:09 - 00000000 ___HD C:\$Windows.~WS 2015-07-23 04:02 - 2015-08-11 21:52 - 11174544 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvlddmkm.sys 2015-07-23 04:02 - 2015-08-07 13:07 - 17926480 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvwgf2umx.dll 2015-07-23 04:02 - 2015-08-07 13:07 - 15328296 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvwgf2um.dll 2015-07-23 04:02 - 2015-08-07 13:07 - 12609072 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvd3dum.dll 2015-07-23 04:02 - 2015-08-07 13:07 - 03462776 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll 2015-07-23 04:02 - 2015-08-07 13:07 - 03059856 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll 2015-07-23 04:02 - 2015-08-07 13:07 - 00034100 _____ C:\WINDOWS\system32\nvinfo.pb 2015-07-23 04:02 - 2015-07-23 04:02 - 01898128 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6435362.dll 2015-07-23 04:02 - 2015-07-23 04:02 - 01557648 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6435362.dll 2015-07-18 00:18 - 2015-07-18 00:18 - 00000000 ____D C:\Users\Nils Geiger\AppData\Local\CEF 2015-07-16 15:40 - 2015-07-16 15:41 - 00001822 ____H C:\WINDOWS\EPMBatch.ept 2015-07-16 15:36 - 2015-07-16 15:36 - 00000000 ____D C:\Program Files (x86)\EaseUS 2015-07-16 14:40 - 2015-07-16 14:40 - 00000041 _____ C:\script.txt 2015-07-16 14:40 - 2015-07-16 14:40 - 00000031 _____ C:\WINDOWS\script.txt 2015-07-16 14:36 - 2015-07-29 15:57 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Samsung 2015-07-16 14:36 - 2015-07-29 15:57 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NeoSmart Technologies 2015-07-16 14:32 - 2015-07-29 16:04 - 00003394 _____ C:\WINDOWS\System32\Tasks\SamsungMagician 2015-07-16 14:30 - 2015-07-29 16:00 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung Magician 2015-07-15 16:55 - 2015-07-15 16:55 - 00000000 ____D C:\Filme 2015-07-15 16:01 - 2015-07-15 15:59 - 00097888 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll |
14.08.2015, 22:30 | #20 |
| Skype Malware/ Spam FRST Teil 2: Code:
ATTFilter ==================== Ein Monat: Geänderte Dateien und Ordner ======== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.) 2015-08-14 23:16 - 2013-03-10 11:44 - 00000000 ____D C:\Users\Nils Geiger\AppData\Roaming\Skype 2015-08-14 23:15 - 2012-11-08 21:52 - 00004168 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{7F8DEDA0-40A5-4C00-8FBE-6DE7C21F0E76} 2015-08-14 23:08 - 2014-04-07 17:12 - 00000884 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job 2015-08-14 23:04 - 2012-11-08 21:38 - 00001134 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job 2015-08-14 22:33 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\system32\sru 2015-08-14 22:32 - 2015-07-14 19:22 - 00001264 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-1160257173-3920074079-2544844589-1001UA.job 2015-08-14 22:20 - 2015-04-12 14:16 - 00000000 ____D C:\Users\Nils Geiger\AppData\Local\Spotify 2015-08-14 21:04 - 2012-11-08 21:38 - 00001130 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job 2015-08-14 18:23 - 2015-04-12 14:16 - 00000000 ____D C:\Users\Nils Geiger\AppData\Roaming\Spotify 2015-08-14 16:54 - 2015-07-10 18:34 - 00772138 _____ C:\WINDOWS\system32\perfh007.dat 2015-08-14 16:54 - 2015-07-10 18:34 - 00154500 _____ C:\WINDOWS\system32\perfc007.dat 2015-08-14 16:51 - 2014-12-13 15:40 - 00001049 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 10.lnk 2015-08-14 16:51 - 2012-11-05 20:19 - 00000000 ____D C:\Users\Nils Geiger\AppData\Roaming\TeamViewer 2015-08-14 16:51 - 2012-11-04 12:23 - 00000000 ____D C:\Program Files (x86)\TeamViewer 2015-08-14 16:28 - 2015-05-23 22:27 - 00000000 ____D C:\Users\Nils Geiger\AppData\Local\Purplizer 2015-08-14 16:28 - 2014-05-12 01:45 - 00000000 __RDO C:\Users\Nils Geiger\OneDrive 2015-08-14 16:28 - 2013-08-04 13:14 - 00000000 ____D C:\Users\Nils Geiger\AppData\Local\Overwolf 2015-08-14 16:27 - 2015-07-10 14:21 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT 2015-08-14 16:27 - 2015-01-24 16:35 - 00000000 ____D C:\ProgramData\Unified Remote 2015-08-14 16:27 - 2014-11-17 21:09 - 00000000 ____D C:\ProgramData\NVIDIA 2015-08-14 16:27 - 2014-07-30 19:56 - 00000000 ____D C:\ProgramData\TEMP 2015-08-13 22:45 - 2015-07-10 11:05 - 00524288 ___SH C:\WINDOWS\system32\config\BBI 2015-08-13 20:48 - 2015-02-15 00:15 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation 2015-08-13 20:48 - 2012-11-04 12:20 - 00000000 ____D C:\temp 2015-08-13 16:41 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\AppReadiness 2015-08-13 16:32 - 2015-04-15 18:28 - 00000080 _____ C:\Users\Nils Geiger\AppData\Local剜捯獫慴慇敭屳呇⁁屖湥楴汴浥湥湩潦 2015-08-13 15:43 - 2014-12-19 01:48 - 00000000 ____D C:\Users\Nils Geiger\AppData\Roaming\IObit 2015-08-13 15:43 - 2014-12-19 01:48 - 00000000 ____D C:\ProgramData\IObit 2015-08-13 15:39 - 2015-07-10 14:20 - 05085632 _____ C:\WINDOWS\system32\FNTCACHE.DAT 2015-08-13 15:38 - 2013-11-22 16:10 - 00000000 ____D C:\AdwCleaner 2015-08-13 14:50 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\system32\NDF 2015-08-13 14:46 - 2013-12-09 01:35 - 00000000 ____D C:\Program Files (x86)\Overwolf 2015-08-13 14:36 - 2014-06-14 00:40 - 00000000 ____D C:\Program Files\Microsoft Silverlight 2015-08-13 14:36 - 2014-06-14 00:40 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight 2015-08-12 20:50 - 2015-07-10 13:04 - 00000000 ___RD C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories 2015-08-12 20:50 - 2015-07-10 13:04 - 00000000 ___RD C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories 2015-08-12 20:50 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns 2015-08-12 20:50 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\system32\oobe 2015-08-12 20:50 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\system32\appraiser 2015-08-12 18:08 - 2014-04-07 17:12 - 00003870 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater 2015-08-12 15:40 - 2015-01-24 17:07 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight 2015-08-12 15:40 - 2012-11-06 20:45 - 00000000 ____D C:\ProgramData\Microsoft Help 2015-08-12 15:40 - 2012-07-26 07:26 - 00000382 _____ C:\WINDOWS\win.ini 2015-08-12 15:39 - 2013-07-19 03:00 - 00000000 ____D C:\WINDOWS\system32\MRT 2015-08-12 15:35 - 2012-12-12 12:23 - 132483416 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe 2015-08-12 15:34 - 2015-07-10 12:55 - 00000000 ____D C:\WINDOWS\CbsTemp 2015-08-11 18:11 - 2013-11-18 22:18 - 00000000 ____D C:\Program Files\Adobe 2015-08-11 18:11 - 2013-06-22 22:23 - 00000000 ____D C:\Program Files\Common Files\Adobe 2015-08-11 18:10 - 2013-06-22 22:25 - 00000000 ____D C:\ProgramData\regid.1986-12.com.adobe 2015-08-11 18:09 - 2013-09-28 13:02 - 00000000 ____D C:\Program Files (x86)\Adobe 2015-08-11 18:09 - 2013-02-18 15:16 - 00000000 ____D C:\ProgramData\Adobe 2015-08-11 18:09 - 2012-11-04 12:05 - 00000000 ____D C:\Users\Nils Geiger\AppData\Roaming\Adobe 2015-08-11 16:15 - 2014-08-17 02:00 - 00000000 ____D C:\Users\Nils Geiger\AppData\Local\Adobe 2015-08-11 16:11 - 2015-04-12 16:56 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2015-08-10 17:42 - 2013-03-10 11:44 - 00000000 ____D C:\ProgramData\Skype 2015-08-09 23:23 - 2013-04-04 21:18 - 00000000 ____D C:\Users\Nils Geiger\AppData\Roaming\Rainmeter 2015-08-09 23:19 - 2014-01-27 23:12 - 00000000 ____D C:\Program Files (x86)\Nmap 2015-08-09 22:50 - 2012-11-19 19:55 - 00000000 ____D C:\Users\Nils Geiger\AppData\Roaming\.minecraft 2015-08-09 13:32 - 2015-07-14 19:22 - 00001212 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-1160257173-3920074079-2544844589-1001Core.job 2015-08-08 21:27 - 2014-05-31 23:25 - 00000000 ____D C:\Users\Nils Geiger\AppData\Roaming\Kodi 2015-08-08 17:38 - 2015-07-10 13:06 - 00794088 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe 2015-08-08 17:38 - 2015-07-10 13:06 - 00179688 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl 2015-08-08 17:01 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\rescache 2015-08-08 14:09 - 2015-06-04 22:08 - 00602180 _____ C:\Users\Apps\local-files-desktop.spa 2015-08-08 14:09 - 2015-06-04 22:08 - 00158566 _____ C:\Users\Apps\hub.spa 2015-08-08 14:09 - 2015-04-23 19:15 - 45066808 _____ C:\Users\libcef.dll 2015-08-08 14:09 - 2015-04-23 19:15 - 10207504 _____ C:\Users\icudtl.dat 2015-08-08 14:09 - 2015-04-23 19:15 - 07675448 _____ (Spotify Ltd) C:\Users\Spotify.exe 2015-08-08 14:09 - 2015-04-23 19:15 - 04487782 _____ C:\Users\devtools_resources.pak 2015-08-08 14:09 - 2015-04-23 19:15 - 03457592 _____ (Microsoft Corporation) C:\Users\d3dcompiler_47.dll 2015-08-08 14:09 - 2015-04-23 19:15 - 02332541 _____ C:\Users\Apps\musixmatch-lyrics.spa 2015-08-08 14:09 - 2015-04-23 19:15 - 02184260 _____ C:\Users\cef.pak 2015-08-08 14:09 - 2015-04-23 19:15 - 02157552 _____ C:\Users\Apps\glue-resources.spa 2015-08-08 14:09 - 2015-04-23 19:15 - 02106424 _____ (Microsoft Corporation) C:\Users\d3dcompiler_43.dll 2015-08-08 14:09 - 2015-04-23 19:15 - 02018360 _____ (Spotify Ltd) C:\Users\SpotifyWebHelper.exe 2015-08-08 14:09 - 2015-04-23 19:15 - 01649208 _____ C:\Users\libGLESv2.dll 2015-08-08 14:09 - 2015-04-23 19:15 - 00967736 _____ (The Chromium Authors) C:\Users\ffmpegsumo.dll 2015-08-08 14:09 - 2015-04-23 19:15 - 00900089 _____ C:\Users\Apps\zlink.spa 2015-08-08 14:09 - 2015-04-23 19:15 - 00838712 _____ (Spotify Ltd) C:\Users\SpotifyCrashService.exe 2015-08-08 14:09 - 2015-04-23 19:15 - 00721136 _____ C:\Users\Apps\browse.spa 2015-08-08 14:09 - 2015-04-23 19:15 - 00622967 _____ C:\Users\cef_200_percent.pak 2015-08-08 14:09 - 2015-04-23 19:15 - 00606828 _____ C:\Users\Apps\playlist-desktop.spa 2015-08-08 14:09 - 2015-04-23 19:15 - 00542847 _____ C:\Users\Apps\notification-center.spa 2015-08-08 14:09 - 2015-04-23 19:15 - 00530001 _____ C:\Users\Apps\settings.spa 2015-08-08 14:09 - 2015-04-23 19:15 - 00528578 _____ C:\Users\Apps\collection.spa 2015-08-08 14:09 - 2015-04-23 19:15 - 00512594 _____ C:\Users\Apps\genre.spa 2015-08-08 14:09 - 2015-04-23 19:15 - 00508698 _____ C:\Users\Apps\collection-artist.spa 2015-08-08 14:09 - 2015-04-23 19:15 - 00504671 _____ C:\Users\Apps\discover.spa 2015-08-08 14:09 - 2015-04-23 19:15 - 00471783 _____ C:\Users\Apps\messages.spa 2015-08-08 14:09 - 2015-04-23 19:15 - 00468951 _____ C:\Users\cef_100_percent.pak 2015-08-08 14:09 - 2015-04-23 19:15 - 00466223 _____ C:\Users\Apps\collection-album.spa 2015-08-08 14:09 - 2015-04-23 19:15 - 00451113 _____ C:\Users\Apps\social-feed.spa 2015-08-08 14:09 - 2015-04-23 19:15 - 00444041 _____ C:\Users\Apps\article.spa 2015-08-08 14:09 - 2015-04-23 19:15 - 00416475 _____ C:\Users\Apps\album.spa 2015-08-08 14:09 - 2015-04-23 19:15 - 00395528 _____ C:\Users\Apps\collection-songs.spa 2015-08-08 14:09 - 2015-04-23 19:15 - 00392161 _____ C:\Users\Apps\zlogin.spa 2015-08-08 14:09 - 2015-04-23 19:15 - 00383262 _____ C:\Users\Apps\social-chart.spa 2015-08-08 14:09 - 2015-04-23 19:15 - 00368227 _____ C:\Users\Apps\charts.spa 2015-08-08 14:09 - 2015-04-23 19:15 - 00366817 _____ C:\Users\Apps\buddy-list.spa 2015-08-08 14:09 - 2015-04-23 19:15 - 00363479 _____ C:\Users\Apps\artist.spa 2015-08-08 14:09 - 2015-04-23 19:15 - 00304572 _____ C:\Users\Apps\radio.spa 2015-08-08 14:09 - 2015-04-23 19:15 - 00278727 _____ C:\Users\Apps\folder.spa 2015-08-08 14:09 - 2015-04-23 19:15 - 00274437 _____ C:\Users\Apps\share.spa 2015-08-08 14:09 - 2015-04-23 19:15 - 00257997 _____ C:\Users\Apps\zlink-queue.spa 2015-08-08 14:09 - 2015-04-23 19:15 - 00244918 _____ C:\Users\Apps\profile.spa 2015-08-08 14:09 - 2015-04-23 19:15 - 00236396 _____ C:\Users\Apps\chart.spa 2015-08-08 14:09 - 2015-04-23 19:15 - 00216723 _____ C:\Users\Apps\search.spa 2015-08-08 14:09 - 2015-04-23 19:15 - 00216045 _____ C:\Users\Apps\findfriends.spa 2015-08-08 14:09 - 2015-04-23 19:15 - 00196416 _____ C:\Users\Apps\suggest.spa 2015-08-08 14:09 - 2015-04-23 19:15 - 00158229 _____ C:\Users\Apps\follow.spa 2015-08-08 14:09 - 2015-04-23 19:15 - 00098360 _____ (Spotify Ltd) C:\Users\SpotifyLauncher.exe 2015-08-08 14:09 - 2015-04-23 19:15 - 00080952 _____ C:\Users\libEGL.dll 2015-08-08 14:09 - 2015-04-23 19:15 - 00080587 _____ C:\Users\Apps\about.spa 2015-08-08 14:09 - 2015-04-23 19:15 - 00073272 _____ C:\Users\wow_helper.exe 2015-08-08 14:09 - 2015-04-23 19:15 - 00072701 _____ C:\Users\Apps\error.spa 2015-08-08 14:09 - 2015-04-23 19:15 - 00053462 _____ C:\Users\Apps\ad.spa 2015-08-08 14:09 - 2015-04-23 19:15 - 00050934 _____ C:\Users\Apps\licenses.spa 2015-08-08 14:09 - 2015-04-23 19:15 - 00014086 _____ C:\Users\locales\en-US.pak 2015-08-08 14:09 - 2015-04-23 19:15 - 00008009 _____ C:\Users\locales\el.mo 2015-08-08 14:09 - 2015-04-23 19:15 - 00007791 _____ C:\Users\locales\ru.mo 2015-08-08 14:09 - 2015-04-23 19:15 - 00007076 _____ C:\Users\locales\ja.mo 2015-08-08 14:09 - 2015-04-23 19:15 - 00006969 _____ C:\Users\locales\hu.mo 2015-08-08 14:09 - 2015-04-23 19:15 - 00006950 _____ C:\Users\locales\fr-CA.mo 2015-08-08 14:09 - 2015-04-23 19:15 - 00006899 _____ C:\Users\locales\fr.mo 2015-08-08 14:09 - 2015-04-23 19:15 - 00006876 _____ C:\Users\locales\fi.mo 2015-08-08 14:09 - 2015-04-23 19:15 - 00006875 _____ C:\Users\locales\pl.mo 2015-08-08 14:09 - 2015-04-23 19:15 - 00006808 _____ C:\Users\locales\es-419.mo 2015-08-08 14:09 - 2015-04-23 19:15 - 00006793 _____ C:\Users\locales\nl.mo 2015-08-08 14:09 - 2015-04-23 19:15 - 00006756 _____ C:\Users\locales\de.mo 2015-08-08 14:09 - 2015-04-23 19:15 - 00006740 _____ C:\Users\locales\zsm.mo 2015-08-08 14:09 - 2015-04-23 19:15 - 00006739 _____ C:\Users\locales\it.mo 2015-08-08 14:09 - 2015-04-23 19:15 - 00006731 _____ C:\Users\locales\es.mo 2015-08-08 14:09 - 2015-04-23 19:15 - 00006726 _____ C:\Users\locales\tr.mo 2015-08-08 14:09 - 2015-04-23 19:15 - 00006719 _____ C:\Users\locales\zh-Hant.mo 2015-08-08 14:09 - 2015-04-23 19:15 - 00006717 _____ C:\Users\locales\pt-BR.mo 2015-08-08 14:09 - 2015-04-23 19:15 - 00006672 _____ C:\Users\locales\sv.mo 2015-08-08 14:09 - 2015-04-23 19:15 - 00006540 _____ C:\Users\locales\arb.mo 2015-08-08 14:09 - 2015-04-23 19:15 - 00006469 _____ C:\Users\locales\en.mo 2015-08-08 14:09 - 2015-04-23 19:15 - 00000020 _____ C:\Users\inst_ver.dat 2015-08-08 14:09 - 2015-04-23 19:15 - 00000000 ____D C:\Users\locales 2015-08-07 13:07 - 2015-04-16 19:03 - 00204648 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvhda64v.sys 2015-08-07 13:07 - 2015-04-16 07:19 - 01567576 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvhdagenco6420103.dll 2015-08-07 13:07 - 2014-11-17 21:09 - 00112944 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll 2015-08-07 13:07 - 2014-11-17 21:09 - 00105264 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll 2015-08-07 06:27 - 2014-11-17 21:09 - 06883632 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll 2015-08-07 06:27 - 2014-11-17 21:09 - 03491960 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc64.dll 2015-08-07 06:27 - 2014-11-17 21:09 - 02558768 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll 2015-08-07 06:27 - 2014-11-17 21:09 - 00937776 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvvsvc.exe 2015-08-07 06:27 - 2014-11-17 21:09 - 00385144 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmctray.dll 2015-08-07 06:27 - 2014-11-17 21:09 - 00062584 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll 2015-08-07 00:33 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\Provisioning 2015-08-07 00:01 - 2013-05-22 16:55 - 00000000 ____D C:\Users\Nils Geiger\AppData\Roaming\TS3Client 2015-08-07 00:00 - 2013-05-22 16:54 - 00000000 ____D C:\Program Files (x86)\TeamSpeak3 2015-08-05 21:21 - 2013-01-16 20:18 - 00000000 ____D C:\Users\Nils Geiger\AppData\Roaming\vlc 2015-08-03 11:22 - 2014-11-17 21:09 - 05133709 _____ C:\WINDOWS\system32\nvcoproc.bin 2015-08-02 21:08 - 2013-09-24 21:58 - 00000000 ____D C:\Users\Nils Geiger\AppData\Local\JDownloader v2.0 2015-08-02 17:29 - 2015-07-11 20:05 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MouseServer 2015-08-02 17:29 - 2015-07-11 20:05 - 00000000 ____D C:\Program Files (x86)\MouseServer 2015-08-01 19:14 - 2014-09-19 22:11 - 00000000 ____D C:\Program Files (x86)\TriDef 3D 2015-08-01 12:52 - 2015-04-13 19:04 - 00004280 _____ C:\WINDOWS\System32\Tasks\avast! Emergency Update 2015-07-30 20:34 - 2012-11-27 00:35 - 00000000 ____D C:\Users\Nils Geiger\AppData\Roaming\Dropbox 2015-07-30 15:15 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\appcompat 2015-07-29 18:43 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\system32\restore 2015-07-29 16:50 - 2015-07-10 13:04 - 00028672 _____ C:\WINDOWS\system32\config\BCD-Template 2015-07-29 16:49 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\SysWOW64\oobe 2015-07-29 16:49 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\system32\SystemResetPlatform 2015-07-29 16:49 - 2015-07-10 11:05 - 00000000 ____D C:\WINDOWS\SysWOW64\Dism 2015-07-29 16:49 - 2015-07-10 11:05 - 00000000 ____D C:\WINDOWS\system32\Dism 2015-07-29 16:46 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\SysWOW64\MUI 2015-07-29 16:46 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\system32\MUI 2015-07-29 16:46 - 2015-07-10 13:00 - 00136192 _____ (Microsoft Corporation) C:\WINDOWS\system32\telnet.exe 2015-07-29 16:46 - 2015-07-10 12:59 - 00480256 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnet.dll 2015-07-29 16:46 - 2015-07-10 12:59 - 00395264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnet.dll 2015-07-29 16:46 - 2015-07-10 12:59 - 00220160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dplayx.dll 2015-07-29 16:46 - 2015-07-10 12:59 - 00069120 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnathlp.dll 2015-07-29 16:46 - 2015-07-10 12:59 - 00061952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnathlp.dll 2015-07-29 16:46 - 2015-07-10 12:59 - 00047104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpwsockx.dll 2015-07-29 16:46 - 2015-07-10 12:59 - 00027648 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnsvr.exe 2015-07-29 16:46 - 2015-07-10 12:59 - 00025088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpmodemx.dll 2015-07-29 16:46 - 2015-07-10 12:59 - 00023040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnsvr.exe 2015-07-29 16:46 - 2015-07-10 12:59 - 00020992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dplaysvr.exe 2015-07-29 16:46 - 2015-07-10 12:59 - 00010240 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnhupnp.dll 2015-07-29 16:46 - 2015-07-10 12:59 - 00010240 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnhpast.dll 2015-07-29 16:46 - 2015-07-10 12:59 - 00008704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnhupnp.dll 2015-07-29 16:46 - 2015-07-10 12:59 - 00008704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnhpast.dll 2015-07-29 16:46 - 2015-07-10 12:59 - 00005632 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnlobby.dll 2015-07-29 16:46 - 2015-07-10 12:59 - 00005120 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnaddr.dll 2015-07-29 16:46 - 2015-07-10 12:59 - 00004608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnlobby.dll 2015-07-29 16:46 - 2015-07-10 12:59 - 00004096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnaddr.dll 2015-07-29 16:40 - 2012-11-15 16:29 - 00000000 ____D C:\Program Files (x86)\Stardock 2015-07-29 16:37 - 2012-11-15 16:29 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Stardock 2015-07-29 16:34 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\system32\WinBioDatabase 2015-07-29 16:32 - 2012-11-04 12:05 - 00000000 ____D C:\Users\Nils Geiger\AppData\Local\Packages 2015-07-29 16:13 - 2015-06-01 16:21 - 00000000 ____D C:\ProgramData\boost_interprocess 2015-07-29 16:08 - 2015-07-10 13:04 - 00000000 ___RD C:\WINDOWS\PurchaseDialog 2015-07-29 16:08 - 2015-07-10 13:04 - 00000000 ___RD C:\WINDOWS\PrintDialog 2015-07-29 16:08 - 2015-07-10 13:04 - 00000000 ___RD C:\WINDOWS\MiracastView 2015-07-29 16:08 - 2015-07-10 13:04 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel 2015-07-29 16:05 - 2015-07-10 13:04 - 00000000 ____D C:\Program Files\Windows NT 2015-07-29 16:05 - 2015-07-10 11:05 - 00000000 __RHD C:\Users\Default 2015-07-29 16:04 - 2015-07-14 19:22 - 00004332 _____ C:\WINDOWS\System32\Tasks\DropboxUpdateTaskUserS-1-5-21-1160257173-3920074079-2544844589-1001UA 2015-07-29 16:04 - 2015-07-14 19:22 - 00003952 _____ C:\WINDOWS\System32\Tasks\DropboxUpdateTaskUserS-1-5-21-1160257173-3920074079-2544844589-1001Core 2015-07-29 16:04 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\Registration 2015-07-29 16:04 - 2015-05-23 22:27 - 00003838 _____ C:\WINDOWS\System32\Tasks\Overwolf Updater Task 2015-07-29 16:04 - 2015-04-28 17:40 - 00003810 _____ C:\WINDOWS\System32\Tasks\klcp_update 2015-07-29 16:04 - 2015-01-16 17:41 - 00002492 _____ C:\WINDOWS\System32\Tasks\ASC8_SkipUac_Nils Geiger 2015-07-29 16:04 - 2014-12-19 01:32 - 00003324 _____ C:\WINDOWS\System32\Tasks\{43F28C09-FCE3-4572-8078-87947A3B2D83} 2015-07-29 16:04 - 2014-11-15 13:34 - 00009528 _____ C:\WINDOWS\diagwrn.xml 2015-07-29 16:04 - 2014-11-15 13:34 - 00009528 _____ C:\WINDOWS\diagerr.xml 2015-07-29 16:04 - 2014-08-30 11:28 - 00003228 _____ C:\WINDOWS\System32\Tasks\{376E1EBF-3B8C-4617-8E47-99B792FF36A8} 2015-07-29 16:04 - 2014-05-13 18:13 - 00003330 _____ C:\WINDOWS\System32\Tasks\{B1625993-C297-4BEE-9F70-D7FFAEA62E61} 2015-07-29 16:04 - 2014-01-28 17:23 - 00004138 _____ C:\WINDOWS\System32\Tasks\Stardock Central-S-1-5-21-1160257173-3920074079-2544844589-1001 2015-07-29 16:04 - 2013-10-25 14:11 - 00023056 _____ C:\WINDOWS\system32\emptyregdb.dat 2015-07-29 16:04 - 2013-09-28 12:35 - 00003404 _____ C:\WINDOWS\System32\Tasks\{5FC0CC8F-D358-4A9B-9EB0-0C6B6F3C0463} 2015-07-29 16:04 - 2013-06-02 14:57 - 00003744 _____ C:\WINDOWS\System32\Tasks\HPCustParticipation HP Officejet 7500 E910 2015-07-29 16:04 - 2013-04-09 22:26 - 00003328 _____ C:\WINDOWS\System32\Tasks\{48418533-D70D-4612-9EB6-288FEF954A58} 2015-07-29 16:04 - 2013-04-04 22:26 - 00003272 _____ C:\WINDOWS\System32\Tasks\{DEF54CF1-0EE4-4CEB-862C-35CB85BD4D89} 2015-07-29 16:04 - 2013-01-14 10:53 - 00002894 _____ C:\WINDOWS\System32\Tasks\CCleanerSkipUAC 2015-07-29 16:04 - 2012-12-10 18:45 - 00003450 _____ C:\WINDOWS\System32\Tasks\{D5569CD3-60E5-481E-84E5-314172D0E027} 2015-07-29 16:04 - 2012-11-08 21:38 - 00004216 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA 2015-07-29 16:04 - 2012-11-08 21:38 - 00003980 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore 2015-07-29 16:04 - 2012-11-06 20:56 - 00004046 _____ C:\WINDOWS\System32\Tasks\KMS Activation for Office 2015-07-29 16:04 - 2012-11-04 14:42 - 00003670 _____ C:\WINDOWS\System32\Tasks\CreateChoiceProcessTask 2015-07-29 16:04 - 2012-11-04 12:11 - 00003708 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1160257173-3920074079-2544844589-1001 2015-07-29 16:03 - 2015-07-10 13:04 - 00000000 __RHD C:\Users\Public\Libraries 2015-07-29 16:00 - 2015-07-14 17:31 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes 2015-07-29 16:00 - 2015-07-10 18:44 - 00000000 ____D C:\WINDOWS\ShellNew 2015-07-29 16:00 - 2015-07-10 11:05 - 00032768 ___SH C:\WINDOWS\system32\config\ELAM 2015-07-29 16:00 - 2015-07-07 17:32 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime 2015-07-29 16:00 - 2015-06-15 22:51 - 00000000 ____D C:\Users\Nils Geiger\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Kodi 2015-07-29 16:00 - 2015-06-15 21:38 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LAV Filters 2015-07-29 16:00 - 2015-04-28 17:39 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack 2015-07-29 16:00 - 2015-04-24 14:48 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDFCreator 2015-07-29 16:00 - 2015-04-21 15:37 - 00000000 ___SD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.1.1 2015-07-29 16:00 - 2015-04-13 19:04 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software 2015-07-29 16:00 - 2015-04-12 16:46 - 00000000 ____D C:\Users\Nils Geiger\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Unlocker 2015-07-29 16:00 - 2015-03-13 18:58 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Live Meeting 2007 2015-07-29 16:00 - 2015-02-24 21:09 - 00000000 ____D C:\Users\Nils Geiger\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Sauerbraten 2015-07-29 16:00 - 2015-01-24 16:35 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Unified Remote 3 2015-07-29 16:00 - 2015-01-20 16:41 - 00000000 ____D C:\Users\Nils Geiger\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ninja Lite 2015-07-29 16:00 - 2015-01-20 16:41 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ninja Lite 2015-07-29 16:00 - 2015-01-03 23:15 - 00000000 ____D C:\Users\Nils Geiger\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft AppLocale 2015-07-29 16:00 - 2014-12-26 19:36 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Universal Media Server 2015-07-29 16:00 - 2014-12-26 19:35 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AviSynth 2015-07-29 16:00 - 2014-12-25 19:40 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDFab 9 2015-07-29 16:00 - 2014-12-21 21:03 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink PowerDVD 14 2015-07-29 16:00 - 2014-11-17 23:53 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MonInfo 2015-07-29 16:00 - 2014-11-15 22:15 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RocketDock 2015-07-29 16:00 - 2014-10-04 15:02 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype 2015-07-29 16:00 - 2014-09-18 12:57 - 00000000 ____D C:\Users\Nils Geiger\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Plane9 2015-07-29 16:00 - 2014-09-05 21:56 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Die Sims 4 2015-07-29 16:00 - 2014-07-17 22:30 - 00000000 ____D C:\Users\Nils Geiger\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Unified Remote 2015-07-29 16:00 - 2014-07-13 17:58 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ImgBurn 2015-07-29 16:00 - 2014-07-10 14:47 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe 2015-07-29 16:00 - 2014-07-10 14:15 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wacom 2015-07-29 16:00 - 2014-07-08 17:12 - 00000000 ____D C:\Users\Nils Geiger\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Winamp Erkennungs-Plug-in 2015-07-29 16:00 - 2014-07-08 17:12 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Winamp 2015-07-29 16:00 - 2014-06-15 22:25 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel 2015-07-29 16:00 - 2014-06-08 17:05 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MediaMonkey 2015-07-29 16:00 - 2014-05-27 23:50 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Control 2015-07-29 16:00 - 2014-05-25 17:06 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft 2015-07-29 16:00 - 2014-05-14 14:27 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel Extreme Tuning Utility 2015-07-29 16:00 - 2014-05-13 16:10 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dolphin 2015-07-29 16:00 - 2014-03-18 17:11 - 00000000 ____D C:\Users\Nils Geiger\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\RivaTuner Statistics Server 2015-07-29 16:00 - 2014-03-18 17:11 - 00000000 ____D C:\Users\Nils Geiger\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\EVGA Precision X 2015-07-29 16:00 - 2014-02-27 21:44 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WhiteCap 2015-07-29 16:00 - 2014-02-05 18:12 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Vocaluxe 2015-07-29 16:00 - 2014-01-27 20:11 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NoLimits Track Packager 2015-07-29 16:00 - 2014-01-22 21:41 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPER © - by eRightSoft 2015-07-29 16:00 - 2014-01-11 10:30 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NoLimits 2 2015-07-29 16:00 - 2013-11-25 00:40 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LockHunter 2015-07-29 16:00 - 2013-11-22 18:00 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip 2015-07-29 16:00 - 2013-11-03 00:43 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DAEMON Tools Lite 2015-07-29 16:00 - 2013-11-03 00:05 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN 2015-07-29 16:00 - 2013-10-20 13:05 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java 2015-07-29 16:00 - 2013-09-29 14:35 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MyPhoneExplorer 2015-07-29 16:00 - 2013-09-24 21:59 - 00000000 ____D C:\Users\Nils Geiger\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\JDownloader 2015-07-29 16:00 - 2013-09-19 19:21 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java Development Kit 2015-07-29 16:00 - 2013-09-18 16:05 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DivX 2015-07-29 16:00 - 2013-08-22 15:36 - 00000000 ____D C:\Users\Default.migrated 2015-07-29 16:00 - 2013-08-18 15:34 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tunngle 2015-07-29 16:00 - 2013-08-17 15:20 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WordToPDF 2015-07-29 16:00 - 2013-07-18 11:55 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CubeDesktop NXT 2015-07-29 16:00 - 2013-06-09 18:18 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Façade 2015-07-29 16:00 - 2013-06-02 14:57 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP 2015-07-29 16:00 - 2013-05-30 13:36 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Duplicate Music Files Finder 2015-07-29 16:00 - 2013-05-29 23:28 - 00000000 ____D C:\Users\Nils Geiger\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Similarity 2015-07-29 16:00 - 2013-05-26 00:18 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\UltraStar Deluxe 2015-07-29 16:00 - 2013-05-22 16:55 - 00000000 ____D C:\Users\Nils Geiger\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TeamSpeak 3 Client 2015-07-29 16:00 - 2013-05-01 13:22 - 00000000 ____D C:\Users\Nils Geiger\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CodeBlocks 2015-07-29 16:00 - 2013-05-01 13:22 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CodeBlocks 2015-07-29 16:00 - 2013-04-23 19:42 - 00000000 ____D C:\Users\Nils Geiger\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR 2015-07-29 16:00 - 2013-04-23 19:42 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR 2015-07-29 16:00 - 2013-04-18 20:48 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\xbox-360-controller-custom (x64) 2015-07-29 16:00 - 2013-04-16 16:49 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Xbox 360 Accessories 2015-07-29 16:00 - 2013-04-15 18:32 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XBCD 2015-07-29 16:00 - 2013-04-09 19:28 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Winstep 2015-07-29 16:00 - 2013-04-09 18:23 - 00000000 ____D C:\WINDOWS\de 2015-07-29 16:00 - 2013-03-06 19:48 - 00000000 ____D C:\Users\Nils Geiger\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Curse 2015-07-29 16:00 - 2013-02-28 22:18 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Smart Technology 2015-07-29 16:00 - 2013-02-28 22:15 - 00000000 ____D C:\Users\Nils Geiger\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WBFS Manager 2015-07-29 16:00 - 2013-02-18 23:21 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome 2015-07-29 16:00 - 2013-01-17 17:18 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVBViewer 2015-07-29 16:00 - 2013-01-14 10:53 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner 2015-07-29 16:00 - 2013-01-02 21:18 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MKVToolNix 2015-07-29 16:00 - 2012-12-12 00:01 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NetOn 2 2015-07-29 16:00 - 2012-12-11 23:30 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NetOn 2015-07-29 16:00 - 2012-12-05 13:31 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Notepad++ 2015-07-29 16:00 - 2012-11-28 20:01 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Logitech 2015-07-29 16:00 - 2012-11-27 00:34 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Blue Ripple Sound 2015-07-29 16:00 - 2012-11-27 00:18 - 00000000 ____D C:\Users\Nils Geiger\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam 2015-07-29 16:00 - 2012-11-15 16:25 - 00000000 ____D C:\Users\Nils Geiger\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Stardock 2015-07-29 16:00 - 2012-11-08 21:40 - 00000000 ____D C:\Users\Nils Geiger\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome 2015-07-29 16:00 - 2012-11-06 20:48 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SharePoint 2015-07-29 16:00 - 2012-11-06 20:48 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2015-07-29 16:00 - 2012-11-05 01:20 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\3dtv.at Stereoscopic Player 2015-07-29 15:58 - 2015-07-10 18:34 - 00000000 ____D C:\WINDOWS\SysWOW64\sysprep 2015-07-29 15:58 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\SysWOW64\zh-HK 2015-07-29 15:58 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\SysWOW64\uk-UA 2015-07-29 15:58 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\SysWOW64\tr-TR 2015-07-29 15:58 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\SysWOW64\th-TH 2015-07-29 15:58 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\SysWOW64\sr-Latn-RS 2015-07-29 15:58 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\SysWOW64\sl-SI 2015-07-29 15:58 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\SysWOW64\sk-SK 2015-07-29 15:58 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\SysWOW64\ro-RO 2015-07-29 15:58 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\SysWOW64\migwiz 2015-07-29 15:58 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\SysWOW64\lv-LV 2015-07-29 15:58 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\SysWOW64\lt-LT 2015-07-29 15:58 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\SysWOW64\IME 2015-07-29 15:58 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\SysWOW64\hr-HR 2015-07-29 15:58 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\SysWOW64\he-IL 2015-07-29 15:58 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\SysWOW64\GroupPolicy 2015-07-29 15:58 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\SysWOW64\et-EE 2015-07-29 15:58 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\SysWOW64\en-GB 2015-07-29 15:58 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\SysWOW64\bg-BG 2015-07-29 15:57 - 2015-07-10 15:19 - 00000000 ____D C:\WINDOWS\DigitalLocker 2015-07-29 15:57 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\SysWOW64\ar-SA 2015-07-29 15:57 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\system32\zh-HK 2015-07-29 15:57 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\system32\uk-UA 2015-07-29 15:57 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\system32\tr-TR 2015-07-29 15:57 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\system32\th-TH 2015-07-29 15:57 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\system32\sr-Latn-RS 2015-07-29 15:57 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\system32\spool 2015-07-29 15:57 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\system32\sl-SI 2015-07-29 15:57 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\system32\sk-SK 2015-07-29 15:57 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\system32\ro-RO 2015-07-29 15:57 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\system32\Recovery 2015-07-29 15:57 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\system32\lv-LV 2015-07-29 15:57 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\system32\lt-LT 2015-07-29 15:57 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\system32\InputMethod 2015-07-29 15:57 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\system32\IME 2015-07-29 15:57 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\system32\hr-HR 2015-07-29 15:57 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\system32\he-IL 2015-07-29 15:57 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\system32\et-EE 2015-07-29 15:57 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\system32\en-GB 2015-07-29 15:57 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\system32\bg-BG 2015-07-29 15:57 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\system32\ar-SA 2015-07-29 15:57 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\LiveKernelReports 2015-07-29 15:57 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\InputMethod 2015-07-29 15:57 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\Help 2015-07-29 15:57 - 2015-07-10 13:04 - 00000000 ____D C:\Program Files\Common Files\System 2015-07-29 15:57 - 2015-07-10 13:04 - 00000000 ____D C:\Program Files\Common Files\microsoft shared 2015-07-29 15:57 - 2015-06-05 15:25 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\REVisionEffects 2015-07-29 15:57 - 2015-04-13 19:36 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Rockstar Games 2015-07-29 15:57 - 2015-03-13 14:11 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bullzip 2015-07-29 15:57 - 2014-11-19 19:51 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GoPro 2015-07-29 15:57 - 2014-09-17 00:38 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iWASEL VPN Service 2015-07-29 15:57 - 2014-09-15 20:51 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Xiph.Org 2015-07-29 15:57 - 2014-07-18 20:02 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\X-Mirage 2015-07-29 15:57 - 2014-05-11 01:58 - 00000000 ___RD C:\Users\Public\Recorded TV 2015-07-29 15:57 - 2014-03-16 12:09 - 00000000 ____D C:\Program Files\WIDCOMM 2015-07-29 15:57 - 2014-02-27 22:18 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Animated Wallpaper 2015-07-29 15:57 - 2013-11-21 19:11 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NewBlue 2015-07-29 15:57 - 2013-11-19 21:52 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sony 2015-07-29 15:57 - 2013-11-11 18:39 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CineForm 2015-07-29 15:57 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\system32\WindowsInternal.Inbox.Shared 2015-07-29 15:57 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\system32\WindowsInternal.Inbox.Media.Shared 2015-07-29 15:57 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\MediaViewer 2015-07-29 15:57 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\ADFS 2015-07-29 15:57 - 2013-05-29 22:50 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung 2015-07-29 15:57 - 2013-03-27 18:50 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Screaming Bee 2015-07-29 15:57 - 2013-03-10 16:49 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EA GAMES 2015-07-29 15:57 - 2012-12-19 15:14 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Xilisoft 2015-07-29 15:57 - 2012-11-20 19:05 - 00000000 ____D C:\WINDOWS\system32\appmgmt 2015-07-29 15:57 - 2012-11-04 12:05 - 00000000 ____D C:\ProgramData\PRICache 2015-07-29 15:57 - 2012-07-26 10:12 - 00000000 ___HD C:\WINDOWS\system32\GroupPolicy 2015-07-29 15:56 - 2015-07-10 11:05 - 00000000 ____D C:\WINDOWS\system32\Sysprep 2015-07-29 15:56 - 2015-05-23 22:27 - 00000000 ____D C:\Users\Nils Geiger\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Overwolf 2015-07-29 15:56 - 2013-10-25 16:38 - 00000000 __SHD C:\Recovery 2015-07-29 15:56 - 2013-07-31 17:08 - 00000000 ____D C:\Users\Nils Geiger\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ubisoft 2015-07-29 15:56 - 2013-01-16 19:33 - 00000000 ____D C:\Users\Nils Geiger\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MainConcept 2015-07-29 15:42 - 2013-10-24 23:54 - 00008192 __RSH C:\BOOTSECT.BAK 2015-07-29 15:40 - 2013-11-10 20:15 - 00090216 _____ C:\WINDOWS\system32\lvcoinst.log 2015-07-28 09:26 - 2015-04-23 19:15 - 00000000 _____ C:\Users\Nils.redir 2015-07-24 06:21 - 2015-02-15 00:15 - 01756608 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspbridge64.dll 2015-07-24 06:21 - 2015-02-15 00:15 - 01710568 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspcap64.dll 2015-07-24 06:21 - 2015-02-15 00:15 - 01423304 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspcap.dll 2015-07-24 06:21 - 2015-02-15 00:15 - 01316000 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspbridge.dll 2015-07-16 16:05 - 2013-01-14 10:53 - 00000000 ____D C:\Program Files\CCleaner 2015-07-16 15:55 - 2015-04-13 19:36 - 00000000 ____D C:\Program Files\Rockstar Games 2015-07-16 14:36 - 2013-05-29 22:49 - 00000000 ____D C:\Program Files (x86)\Samsung 2015-07-16 14:36 - 2013-04-03 18:13 - 00000000 ____D C:\Program Files (x86)\NeoSmart Technologies 2015-07-16 14:36 - 2012-11-04 12:28 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information 2015-07-16 14:29 - 2013-05-29 22:49 - 00000000 ____D C:\ProgramData\Samsung 2015-07-15 16:15 - 2013-10-20 13:05 - 00000000 ____D C:\ProgramData\Oracle 2015-07-15 16:01 - 2014-09-12 22:26 - 00000000 ____D C:\Program Files (x86)\Java 2015-07-15 16:01 - 2013-01-12 01:29 - 00000000 ____D C:\Program Files\Java 2015-07-15 16:00 - 2013-10-20 13:05 - 00110688 _____ (Oracle Corporation) C:\WINDOWS\system32\WindowsAccessBridge-64.dll 2015-07-15 15:49 - 2015-07-07 17:46 - 00000000 ____D C:\Program Files\iTunes 2015-07-15 15:47 - 2013-08-22 17:36 - 00000000 ___RD C:\WINDOWS\ToastData ==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse ======= 2014-07-11 00:56 - 2014-10-26 22:30 - 0000132 _____ () C:\Users\Nils Geiger\AppData\Roaming\Adobe BMP Format CS5 Prefs 2013-11-20 19:58 - 2013-11-20 19:58 - 0000132 _____ () C:\Users\Nils Geiger\AppData\Roaming\Adobe BMP-Format CC - Voreinstellungen 2014-11-13 22:56 - 2014-11-13 22:57 - 0000132 _____ () C:\Users\Nils Geiger\AppData\Roaming\Adobe PNG Format CS5 Prefs 2014-01-27 20:31 - 2014-01-27 20:31 - 0000132 _____ () C:\Users\Nils Geiger\AppData\Roaming\Adobe PNG-Format CC - Voreinstellungen 2013-05-30 17:11 - 2014-03-29 11:03 - 0038464 _____ () C:\Users\Nils Geiger\AppData\Roaming\Kommagetrennte Werte (DOS).ADR 2013-05-29 23:05 - 2013-05-30 17:33 - 0038484 _____ () C:\Users\Nils Geiger\AppData\Roaming\Kommagetrennte Werte (Windows).ADR 2013-10-07 18:27 - 2015-07-20 20:05 - 0002147 _____ () C:\Users\Nils Geiger\AppData\Roaming\SpeedRunnersLog.txt 2014-12-18 22:51 - 2014-12-18 22:51 - 0002916 _____ () C:\Users\Nils Geiger\AppData\Roaming\TargetInvocationLog.txt 2014-12-29 20:29 - 2014-12-29 20:29 - 0000038 ___SH () C:\Users\Nils Geiger\AppData\Local\69ff07055291669bb2b218.72821112 2015-05-26 16:16 - 2015-05-26 16:16 - 0008288 ____H () C:\Users\Nils Geiger\AppData\Local\Plugin.dat 2014-05-17 17:11 - 2014-05-17 17:11 - 0001465 _____ () C:\Users\Nils Geiger\AppData\Local\recently-used.xbel 2013-01-24 13:10 - 2013-01-24 13:10 - 0007605 _____ () C:\Users\Nils Geiger\AppData\Local\Resmon.ResmonCfg 2014-12-19 15:20 - 2014-12-19 15:20 - 0000700 ___SH () C:\Users\Nils Geiger\AppData\Local\systemFL7.dat 2011-06-05 23:51 - 2011-06-19 13:51 - 0059194 _____ () C:\Users\Nils Geiger\AppData\Local\TempGUIPic.jpg 2015-07-05 02:21 - 2015-07-05 02:21 - 0000000 _____ () C:\Users\Nils Geiger\AppData\Local\{F9619F0C-F9F1-42A0-8E1E-7A56CBEFD0CD} 2013-11-03 00:25 - 2013-11-03 13:45 - 0000040 ___SH () C:\ProgramData\.zreglib 2013-06-02 14:57 - 2013-06-02 14:57 - 0000057 _____ () C:\ProgramData\Ament.ini 2015-07-29 15:55 - 2015-07-29 15:55 - 0000000 ____H () C:\ProgramData\DP45977C.lfl Einige Dateien in TEMP: ==================== C:\Users\Nils Geiger\AppData\Local\Temp\Quarantine.exe C:\Users\Nils Geiger\AppData\Local\Temp\sqlite3.dll ==================== Bamital & volsnap ================= (Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.) C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert C:\WINDOWS\explorer.exe => Datei ist digital signiert C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert C:\WINDOWS\system32\services.exe => Datei ist digital signiert C:\WINDOWS\system32\User32.dll => Datei ist digital signiert C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert LastRegBack: 2015-08-08 16:20 ==================== Ende von Ergebnis ============================ War das soweit korrekt? Bisher sonst keine Probleme mehr aufgetreten. |
15.08.2015, 11:12 | #21 |
/// the machine /// TB-Ausbilder | Skype Malware/ Spam Passt, die sind eh schon alle in Quarantäne. Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster. Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument Code:
ATTFilter C:\Users\Public\Documents\Wondershare\drfone-for-android_full1561.exe Emptytemp: Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
Cleanup: (Die Reihenfolge ist hier entscheidend) Falls Defogger verwendet wurde: Erneut starten und auf Re-enable klicken. Falls Combofix verwendet wurde: Combofix deinstallieren .
Alle Logs gepostet? Dann lade Dir bitte DelFix herunter.
Hinweis: DelFix entfernt u.a. alle verwendeten Programme, die Quarantäne unserer Scanner, den Java-Cache und löscht sich abschließend selbst. Starte Deinen Rechner abschließend neu. Sollten jetzt noch Programme aus unserer Bereinigung übrig sein, kannst Du diese bedenkenlos löschen. Wenn Du möchtest, kannst Du hier sagen, ob Du mit mir und meiner Hilfe zufrieden warst...und/oder das Forum mit einer kleinen Spende unterstützen. Absicherung: Beim Betriebsystem Windows die automatischen Updates aktivieren. Auch die sicherheitsrelevante Software sollte immer nur in der aktuellsten Version vorliegen: Browser Java Flash-Player PDF-Reader Sicherheitslücken in deren alten Versionen werden dazu ausgenutzt, um beim einfachen Besuch einer manipulierten Website per "Drive-by" Malware zu installieren. Ich empfehle z.B. die Verwendung von Mozilla Firefox statt des Internet Explorers. Zudem lassen sich mit dem Firefox auch PDF-Dokumente öffnen. Aktiviere eine Firewall. Die in Windows integrierte genügt im Normalfall völlig. Verwende ein Antivirusprogramm mit Echtzeitscanner und stets aktueller Signaturendatenbank. Meine Empfehlung: Emsisoft Zusätzlich kannst Du Deinen PC regelmäßig mit Malwarebytes Anti-Malware und ESET scannen. Optional: NoScript verhindert das Ausführen von aktiven Inhalten (Java, JavaScript, Flash,...) für sämtliche Websites. Man kann aber nach dem Prinzip einer Whitelist festlegen, auf welchen Seiten Scripts erlaubt werden sollen. Malwarebytes Anti Exploit: Schützt die Anwendungen des Computers vor der Ausnutzung bekannter Schwachstellen. Lade Software von einem sauberen Portal wie . Wähle beim Installieren von Software immer die benutzerdefinierte Option und entferne den Haken bei allen optional angebotenen Toolbars oder sonstigen, fürs Programm, irrelevanten Ergänzungen. Um Adware wieder los zu werden, empfiehlt sich zunächst die Deinstallation sowie die anschließende Resteentfernung mit Adwarecleaner . Abschließend noch ein paar grundsätzliche Bemerkungen: Ändere regelmäßig Deine wichtigen Online-Passwörter und erstelle regelmäßig Backups Deiner wichtigen Dateien oder des Systems. Der Nutzen von Registry-Cleanern, Optimizern usw. zur Performancesteigerung ist umstritten. Ich empfehle deshalb, die Finger von der Registry zu lassen und lieber die windowseigene Datenträgerbereinigung zu verwenden.
__________________ --> Skype Malware/ Spam |
15.08.2015, 11:36 | #22 |
| Skype Malware/ Spam Ok, super! Abschließend noch die Fixlog: Code:
ATTFilter Entferungsergebnis von Farbar Recovery Scan Tool (x64) Version:12-08-2015 durchgeführt von Nils Geiger (2015-08-15 12:18:50) Run:1 Gestartet von C:\Users\Nils Geiger\Downloads Geladene Profile: Nils Geiger (Verfügbare Profile: Nils Geiger) Start-Modus: Normal ============================================== fixlist Inhalt: ***************** C:\Users\Public\Documents\Wondershare\drfone-for-android_full1561.exe Emptytemp: ***************** C:\Users\Public\Documents\Wondershare\drfone-for-android_full1561.exe => erfolgreich verschoben. EmptyTemp: => 646 MB temporäre Dateien entfernt. Das System musste neu gestartet werden.. ==== Ende von Fixlog 12:18:59 ==== Grüße, Lyxus |
16.08.2015, 06:23 | #23 |
/// the machine /// TB-Ausbilder | Skype Malware/ Spam Gern Geschehen
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
Themen zu Skype Malware/ Spam |
antivirus, ausführbare, avast, dateien, ebenfalls, entfernt, forum, free, freund, fund, kein fund, klicke, klicken, link, liste, malware, nachrichten, natürlich, neu, ordner, problem, roaming, skype, spam, ungewollt, verschickt, version, zugriff |