| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Win10: googel chrome und skype watch4 werbung und unseriöse andere werbungWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
18.12.2015, 16:25
| #1 |
| |  Win10: googel chrome und skype watch4 werbung und unseriöse andere werbung hallo ich habe ein Problem seit mehreren Wochen habe ich bei Skype Watch 4 Werbung und auch andere Werbung . Wie beispielsweise verdienen sie so und so viel Geld pro Woche und in unregelmäßigen Abständen öffnet Chrome Seiten die ich nicht angeklickt habe. Ich habe Avira und Antimalwarebyte drüber laufen lassen den pc neu aufgesetzt aber ich werde es nicht los ich bin sozusagen mit meinem Latein am Ende ich habe die logfiels schonmal eingefügt Code:
ATTFilter (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Spotify Ltd) C:\Users\theda\AppData\Roaming\Spotify\SpotifyWebHelper.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avgnt.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.6515.64021.0_x64__8wekyb3d8bbwe\HxMail.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.6515.64021.0_x64__8wekyb3d8bbwe\HxTsr.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Registry (Nicht auf der Ausnahmeliste) ===========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [2598696 2012-02-29] (ELAN Microelectronics Corp.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8492800 2015-06-24] (Realtek Semiconductor)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [1795728 2015-12-08] (NVIDIA Corporation)
HKLM-x32\...\Run: [Avira SystrayStartTrigger] => C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe [66320 2015-11-23] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\Antivirus\avgnt.exe [803200 2015-11-20] (Avira Operations GmbH & Co. KG)
HKU\S-1-5-21-1466943259-3680391096-1312351822-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [50748544 2015-12-01] (Skype Technologies S.A.)
HKU\S-1-5-21-1466943259-3680391096-1312351822-1001\...\Run: [Spotify Web Helper] => C:\Users\theda\AppData\Roaming\Spotify\SpotifyWebHelper.exe [2346096 2015-12-15] (Spotify Ltd)
HKU\S-1-5-21-1466943259-3680391096-1312351822-1001\...\Run: [Spotify] => C:\Users\theda\AppData\Roaming\Spotify\Spotify.exe [8387696 2015-12-15] (Spotify Ltd)
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{97b9f7da-ebcb-4a32-a7cb-9456e797d549}: [DhcpNameServer] 192.168.178.1
Internet Explorer:
==================
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-10-12] (Microsoft Corporation)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-10-12] (Microsoft Corporation)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-10-12] (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-10-12] (Microsoft Corporation)
FireFox:
========
FF ProfilePath: C:\Users\theda\AppData\Roaming\Mozilla\Firefox\Profiles\ZlNLRcpM.default
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-11-05] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-11-05] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-08] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-08] (Google Inc.)
FF Extension: Avira Browser Safety - C:\Users\theda\AppData\Roaming\Mozilla\Firefox\Profiles\ZlNLRcpM.default\Extensions\abs@avira.com [2015-12-08] [ist nicht signiert]
Chrome:
=======
CHR Profile: C:\Users\theda\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Präsentationen) - C:\Users\theda\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-12-08]
CHR Extension: (Google Docs) - C:\Users\theda\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-12-08]
CHR Extension: (Google Drive) - C:\Users\theda\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-12-08]
CHR Extension: (YouTube) - C:\Users\theda\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-12-08]
CHR Extension: (Google-Suche) - C:\Users\theda\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-12-08]
CHR Extension: (Google Tabellen) - C:\Users\theda\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-12-08]
CHR Extension: (Avira Browserschutz) - C:\Users\theda\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2015-12-15]
CHR Extension: (Google Docs Offline) - C:\Users\theda\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-12-08]
CHR Extension: (AdBlock) - C:\Users\theda\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2015-12-08]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\theda\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-12-08]
CHR Extension: (Google Mail) - C:\Users\theda\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-12-08]
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
==================== Dienste (Nicht auf der Ausnahmeliste) ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R2 AntiVirMailService; C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe [948392 2015-11-20] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\Antivirus\sched.exe [466408 2015-11-20] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\Antivirus\avguard.exe [466408 2015-11-20] (Avira Operations GmbH & Co. KG)
R2 AntiVirWebService; C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe [1418560 2015-11-20] (Avira Operations GmbH & Co. KG)
R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\1.02.00\atkexComSvc.exe [936728 2014-01-28] ()
R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [249624 2015-11-23] (Avira Operations GmbH & Co. KG)
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1433216 2015-10-12] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1773696 2015-10-12] (Microsoft Corporation)
R2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1513784 2015-10-05] (Malwarebytes)
R2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1135416 2015-10-05] (Malwarebytes)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [362928 2015-07-10] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-07-10] (Microsoft Corporation)
===================== Treiber (Nicht auf der Ausnahmeliste) ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R3 AFXfilt; C:\Windows\system32\drivers\AFXfilt.sys [35320 2015-12-08] (Creative Technology Ltd.)
R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [15232 2014-01-28] ()
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [135880 2015-11-20] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [146696 2015-11-20] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [35488 2015-11-20] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\system32\DRIVERS\avnetflt.sys [73032 2015-11-20] (Avira Operations GmbH & Co. KG)
R3 cthdb; C:\Windows\system32\DRIVERS\cthdb.sys [37160 2015-06-19] (Creative Technology Ltd)
S3 EsgScanner; C:\Windows\System32\DRIVERS\EsgScanner.sys [22704 2015-12-18] ()
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25816 2015-10-05] (Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [192216 2015-12-18] (Malwarebytes)
R3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [64216 2015-10-05] (Malwarebytes Corporation)
R3 MEIx64; C:\Windows\System32\drivers\TeeDriverx64.sys [129312 2014-09-30] (Intel Corporation)
R3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [888064 2015-12-08] (Realtek )
S3 UdeCx; C:\Windows\System32\drivers\udecx.sys [44032 2015-07-10] ()
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44568 2015-07-10] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [291680 2015-07-10] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [119648 2015-07-10] (Microsoft Corporation)
S3 wfpcapture; \SystemRoot\System32\drivers\wfpcapture.sys [X]
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat: Erstellte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2015-12-18 16:15 - 2015-12-18 16:16 - 00013019 _____ C:\Users\theda\Downloads\FRST.txt
2015-12-18 16:15 - 2015-12-18 16:15 - 02370048 _____ (Farbar) C:\Users\theda\Downloads\FRST64.exe
2015-12-18 16:15 - 2015-12-18 16:15 - 01721344 _____ (Farbar) C:\Users\theda\Downloads\FRST.exe
2015-12-18 16:15 - 2015-12-18 16:15 - 00000000 ____D C:\FRST
2015-12-18 16:07 - 2015-12-18 16:07 - 01466656 _____ C:\Users\theda\Downloads\Revo Uninstaller - CHIP-Installer.exe
2015-12-18 16:07 - 2015-12-18 16:07 - 00002209 _____ C:\Users\theda\Desktop\Revo Uninstaller - CHIP Downloader.lnk
2015-12-18 16:06 - 2015-12-18 16:06 - 00000000 ___HD C:\OneDriveTemp
2015-12-18 16:05 - 2015-12-18 16:05 - 00016148 _____ C:\WINDOWS\system32\DESKTOP-4AC1IMP_theda_HistoryPrediction.bin
2015-12-18 15:35 - 2015-12-18 15:35 - 00000000 _____ C:\autoexec.bat
2015-12-18 15:34 - 2015-12-18 15:34 - 03286400 _____ (Enigma Software Group USA, LLC.) C:\Users\theda\Downloads\SpyHunter-Installer.exe
2015-12-18 15:34 - 2015-12-18 15:34 - 00022704 _____ C:\WINDOWS\system32\Drivers\EsgScanner.sys
2015-12-18 15:29 - 2015-12-18 15:29 - 00000000 ____D C:\AdwCleaner
2015-12-18 15:28 - 2015-12-18 15:28 - 01740288 _____ C:\Users\theda\Downloads\adwcleaner_5.025.exe
2015-12-16 04:20 - 2015-12-16 04:21 - 00000000 ____D C:\Users\theda\OneDrive\Dokumente\Anno 2205
2015-12-14 05:35 - 2015-12-18 16:06 - 00000000 ____D C:\Users\theda\AppData\Roaming\Spotify
2015-12-14 05:35 - 2015-12-18 16:06 - 00000000 ____D C:\Users\theda\AppData\Local\Spotify
2015-12-14 05:35 - 2015-12-14 05:35 - 00234200 _____ (Spotify Ltd) C:\Users\theda\Downloads\SpotifySetup.exe
2015-12-14 05:35 - 2015-12-14 05:35 - 00001850 _____ C:\Users\theda\Desktop\Spotify.lnk
2015-12-14 05:35 - 2015-12-14 05:35 - 00001836 _____ C:\Users\theda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Spotify.lnk
2015-12-11 23:25 - 2015-12-11 23:25 - 00000000 ____D C:\Users\theda\OneDrive\Dokumente\ANNO 2070
2015-12-11 23:21 - 2015-12-11 23:21 - 00000000 ____D C:\ProgramData\Solidshield
2015-12-11 22:49 - 2015-12-11 22:49 - 00000000 ____D C:\WINDOWS\System32\Tasks\Games
2015-12-11 22:36 - 2015-12-11 22:36 - 00000000 ____D C:\Users\theda\AppData\Roaming\Ubisoft
2015-12-11 22:35 - 2010-06-02 04:55 - 00527192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_7.dll
2015-12-11 22:35 - 2010-06-02 04:55 - 00518488 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_7.dll
2015-12-11 22:35 - 2010-06-02 04:55 - 00239960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_7.dll
2015-12-11 22:35 - 2010-06-02 04:55 - 00176984 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_7.dll
2015-12-11 22:35 - 2010-06-02 04:55 - 00077656 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAPOFX1_5.dll
2015-12-11 22:35 - 2010-06-02 04:55 - 00074072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAPOFX1_5.dll
2015-12-11 22:35 - 2010-05-26 11:41 - 02526056 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_43.dll
2015-12-11 22:35 - 2010-05-26 11:41 - 02401112 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_43.dll
2015-12-11 22:35 - 2010-05-26 11:41 - 02106216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_43.dll
2015-12-11 22:35 - 2010-05-26 11:41 - 01998168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_43.dll
2015-12-11 22:35 - 2010-05-26 11:41 - 01907552 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dcsx_43.dll
2015-12-11 22:35 - 2010-05-26 11:41 - 01868128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dcsx_43.dll
2015-12-11 22:35 - 2010-05-26 11:41 - 00511328 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_43.dll
2015-12-11 22:35 - 2010-05-26 11:41 - 00470880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_43.dll
2015-12-11 22:35 - 2010-05-26 11:41 - 00276832 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx11_43.dll
2015-12-11 22:35 - 2010-05-26 11:41 - 00248672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx11_43.dll
2015-12-11 22:35 - 2010-02-04 10:01 - 00530776 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_6.dll
2015-12-11 22:35 - 2010-02-04 10:01 - 00528216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_6.dll
2015-12-11 22:35 - 2010-02-04 10:01 - 00238936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_6.dll
2015-12-11 22:35 - 2010-02-04 10:01 - 00176984 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_6.dll
2015-12-11 22:35 - 2010-02-04 10:01 - 00078680 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAPOFX1_4.dll
2015-12-11 22:35 - 2010-02-04 10:01 - 00074072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAPOFX1_4.dll
2015-12-11 22:35 - 2010-02-04 10:01 - 00024920 _____ (Microsoft Corporation) C:\WINDOWS\system32\X3DAudio1_7.dll
2015-12-11 22:35 - 2010-02-04 10:01 - 00022360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\X3DAudio1_7.dll
2015-12-11 22:35 - 2009-09-04 17:44 - 00517960 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_5.dll
2015-12-11 22:35 - 2009-09-04 17:44 - 00515416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_5.dll
2015-12-11 22:35 - 2009-09-04 17:44 - 00238936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_5.dll
2015-12-11 22:35 - 2009-09-04 17:44 - 00176968 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_5.dll
2015-12-11 22:35 - 2009-09-04 17:44 - 00073544 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAPOFX1_3.dll
2015-12-11 22:35 - 2009-09-04 17:44 - 00069464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAPOFX1_3.dll
2015-12-11 22:35 - 2009-09-04 17:29 - 05554512 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dcsx_42.dll
2015-12-11 22:35 - 2009-09-04 17:29 - 05501792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dcsx_42.dll
2015-12-11 22:35 - 2009-09-04 17:29 - 02582888 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_42.dll
2015-12-11 22:35 - 2009-09-04 17:29 - 02475352 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_42.dll
2015-12-11 22:35 - 2009-09-04 17:29 - 01974616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_42.dll
2015-12-11 22:35 - 2009-09-04 17:29 - 01892184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_42.dll
2015-12-11 22:35 - 2009-09-04 17:29 - 00523088 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_42.dll
2015-12-11 22:35 - 2009-09-04 17:29 - 00453456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_42.dll
2015-12-11 22:35 - 2009-09-04 17:29 - 00285024 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx11_42.dll
2015-12-11 22:35 - 2009-09-04 17:29 - 00235344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx11_42.dll
2015-12-11 22:35 - 2009-03-16 14:18 - 00521560 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_4.dll
2015-12-11 22:35 - 2009-03-16 14:18 - 00517448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_4.dll
2015-12-11 22:35 - 2009-03-16 14:18 - 00235352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_4.dll
2015-12-11 22:35 - 2009-03-16 14:18 - 00174936 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_4.dll
2015-12-11 22:35 - 2009-03-16 14:18 - 00024920 _____ (Microsoft Corporation) C:\WINDOWS\system32\X3DAudio1_6.dll
2015-12-11 22:35 - 2009-03-16 14:18 - 00022360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\X3DAudio1_6.dll
2015-12-11 22:35 - 2009-03-09 15:27 - 05425496 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_41.dll
2015-12-11 22:35 - 2009-03-09 15:27 - 04178264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_41.dll
2015-12-11 22:35 - 2009-03-09 15:27 - 02430312 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_41.dll
2015-12-11 22:35 - 2009-03-09 15:27 - 01846632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_41.dll
2015-12-11 22:35 - 2009-03-09 15:27 - 00520544 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_41.dll
2015-12-11 22:35 - 2009-03-09 15:27 - 00453456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_41.dll
2015-12-11 22:35 - 2008-10-27 10:04 - 00518480 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_3.dll
2015-12-11 22:35 - 2008-10-27 10:04 - 00514384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_3.dll
2015-12-11 22:35 - 2008-10-27 10:04 - 00235856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_3.dll
2015-12-11 22:35 - 2008-10-27 10:04 - 00175440 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_3.dll
2015-12-11 22:35 - 2008-10-27 10:04 - 00074576 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAPOFX1_2.dll
2015-12-11 22:35 - 2008-10-27 10:04 - 00070992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAPOFX1_2.dll
2015-12-11 22:35 - 2008-10-27 10:04 - 00025936 _____ (Microsoft Corporation) C:\WINDOWS\system32\X3DAudio1_5.dll
2015-12-11 22:35 - 2008-10-27 10:04 - 00023376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\X3DAudio1_5.dll
2015-12-11 22:35 - 2008-10-15 06:22 - 05631312 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_40.dll
2015-12-11 22:35 - 2008-10-15 06:22 - 04379984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_40.dll
2015-12-11 22:35 - 2008-10-15 06:22 - 02605920 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_40.dll
2015-12-11 22:35 - 2008-10-15 06:22 - 02036576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_40.dll
2015-12-11 22:35 - 2008-10-15 06:22 - 00519000 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_40.dll
2015-12-11 22:35 - 2008-10-15 06:22 - 00452440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_40.dll
2015-12-11 22:35 - 2008-07-31 10:41 - 00238088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_2.dll
2015-12-11 22:35 - 2008-07-31 10:41 - 00177672 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_2.dll
2015-12-11 22:35 - 2008-07-31 10:41 - 00072200 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAPOFX1_1.dll
2015-12-11 22:35 - 2008-07-31 10:40 - 00513544 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_2.dll
2015-12-11 22:35 - 2008-07-10 11:00 - 04992520 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_39.dll
2015-12-11 22:35 - 2008-07-10 11:00 - 01942552 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_39.dll
2015-12-11 22:35 - 2008-07-10 11:00 - 00540688 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_39.dll
2015-12-11 22:35 - 2008-05-30 14:19 - 00511496 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_1.dll
2015-12-11 22:35 - 2008-05-30 14:19 - 00507400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_1.dll
2015-12-11 22:35 - 2008-05-30 14:18 - 00238088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_1.dll
2015-12-11 22:35 - 2008-05-30 14:18 - 00177672 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_1.dll
2015-12-11 22:35 - 2008-05-30 14:17 - 00068104 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAPOFX1_0.dll
2015-12-11 22:35 - 2008-05-30 14:17 - 00065032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAPOFX1_0.dll
2015-12-11 22:35 - 2008-05-30 14:17 - 00025608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\X3DAudio1_4.dll
2015-12-11 22:35 - 2008-05-30 14:16 - 00028168 _____ (Microsoft Corporation) C:\WINDOWS\system32\X3DAudio1_4.dll
2015-12-11 22:35 - 2008-05-30 14:11 - 04991496 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_38.dll
2015-12-11 22:35 - 2008-05-30 14:11 - 03850760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_38.dll
2015-12-11 22:35 - 2008-05-30 14:11 - 01941528 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_38.dll
2015-12-11 22:35 - 2008-05-30 14:11 - 01491992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_38.dll
2015-12-11 22:35 - 2008-05-30 14:11 - 00540688 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_38.dll
2015-12-11 22:35 - 2008-05-30 14:11 - 00467984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_38.dll
2015-12-11 22:35 - 2008-03-05 16:04 - 00489480 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_0.dll
2015-12-11 22:35 - 2008-03-05 16:03 - 00479752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_0.dll
2015-12-11 22:35 - 2008-03-05 16:03 - 00238088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_0.dll
2015-12-11 22:35 - 2008-03-05 16:03 - 00177672 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_0.dll
2015-12-11 22:35 - 2008-03-05 16:00 - 00028168 _____ (Microsoft Corporation) C:\WINDOWS\system32\X3DAudio1_3.dll
2015-12-11 22:35 - 2008-03-05 16:00 - 00025608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\X3DAudio1_3.dll
2015-12-11 22:35 - 2008-03-05 15:56 - 04910088 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_37.dll
2015-12-11 22:35 - 2008-03-05 15:56 - 03786760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_37.dll
2015-12-11 22:35 - 2008-03-05 15:56 - 01860120 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_37.dll
2015-12-11 22:35 - 2008-03-05 15:56 - 01420824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_37.dll
2015-12-11 22:35 - 2008-02-05 23:07 - 00529424 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_37.dll
2015-12-11 22:35 - 2008-02-05 23:07 - 00462864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_37.dll
2015-12-11 22:34 - 2007-10-22 03:40 - 00411656 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_10.dll
2015-12-11 22:34 - 2007-10-22 03:39 - 00267272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_10.dll
2015-12-11 22:34 - 2007-10-22 03:37 - 00021000 _____ (Microsoft Corporation) C:\WINDOWS\system32\X3DAudio1_2.dll
2015-12-11 22:34 - 2007-10-22 03:37 - 00017928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\X3DAudio1_2.dll
2015-12-11 22:34 - 2007-10-12 15:14 - 05081608 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_36.dll
2015-12-11 22:34 - 2007-10-12 15:14 - 03734536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_36.dll
2015-12-11 22:34 - 2007-10-12 15:14 - 02006552 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_36.dll
2015-12-11 22:34 - 2007-10-12 15:14 - 01374232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_36.dll
2015-12-11 22:34 - 2007-10-02 09:56 - 00508264 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_36.dll
2015-12-11 22:34 - 2007-10-02 09:56 - 00444776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_36.dll
2015-12-11 22:34 - 2007-07-20 00:57 - 00411496 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_9.dll
2015-12-11 22:34 - 2007-07-20 00:57 - 00267112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_9.dll
2015-12-11 22:34 - 2007-07-19 18:14 - 05073256 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_35.dll
2015-12-11 22:34 - 2007-07-19 18:14 - 03727720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_35.dll
2015-12-11 22:34 - 2007-07-19 18:14 - 01985904 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_35.dll
2015-12-11 22:34 - 2007-07-19 18:14 - 01358192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_35.dll
2015-12-11 22:34 - 2007-07-19 18:14 - 00508264 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_35.dll
2015-12-11 22:34 - 2007-07-19 18:14 - 00444776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_35.dll
2015-12-11 22:34 - 2007-06-20 20:49 - 00409960 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_8.dll
2015-12-11 22:34 - 2007-06-20 20:46 - 00266088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_8.dll
2015-12-11 22:34 - 2007-05-16 16:45 - 04496232 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_34.dll
2015-12-11 22:34 - 2007-05-16 16:45 - 03497832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_34.dll
2015-12-11 22:34 - 2007-05-16 16:45 - 01401200 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_34.dll
2015-12-11 22:34 - 2007-05-16 16:45 - 01124720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_34.dll
2015-12-11 22:34 - 2007-05-16 16:45 - 00506728 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_34.dll
2015-12-11 22:34 - 2007-05-16 16:45 - 00443752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_34.dll
2015-12-11 22:34 - 2007-04-04 18:55 - 00403304 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_7.dll
2015-12-11 22:34 - 2007-04-04 18:55 - 00261480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_7.dll
2015-12-11 22:34 - 2007-04-04 18:54 - 00107368 _____ (Microsoft Corporation) C:\WINDOWS\system32\xinput1_3.dll
2015-12-11 22:34 - 2007-04-04 18:53 - 00081768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xinput1_3.dll
2015-12-11 22:34 - 2007-03-15 16:57 - 00506728 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_33.dll
2015-12-11 22:34 - 2007-03-15 16:57 - 00443752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_33.dll
2015-12-11 22:34 - 2007-03-12 16:42 - 04494184 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_33.dll
2015-12-11 22:34 - 2007-03-12 16:42 - 03495784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_33.dll
2015-12-11 22:34 - 2007-03-12 16:42 - 01400176 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_33.dll
2015-12-11 22:34 - 2007-03-12 16:42 - 01123696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_33.dll
2015-12-11 22:34 - 2007-03-05 12:42 - 00017688 _____ (Microsoft Corporation) C:\WINDOWS\system32\x3daudio1_1.dll
2015-12-11 22:34 - 2007-03-05 12:42 - 00015128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\x3daudio1_1.dll
2015-12-11 22:34 - 2007-01-24 15:27 - 00393576 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_6.dll
2015-12-11 22:34 - 2007-01-24 15:27 - 00255848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_6.dll
2015-12-11 22:34 - 2006-12-08 12:02 - 00251672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_5.dll
2015-12-11 22:34 - 2006-12-08 12:00 - 00390424 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_5.dll
2015-12-11 22:34 - 2006-11-29 13:06 - 04398360 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_32.dll
2015-12-11 22:34 - 2006-11-29 13:06 - 03426072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_32.dll
2015-12-11 22:34 - 2006-11-29 13:06 - 00469264 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10.dll
2015-12-11 22:34 - 2006-11-29 13:06 - 00440080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10.dll
2015-12-11 22:34 - 2006-09-28 16:05 - 03977496 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_31.dll
2015-12-11 22:34 - 2006-09-28 16:05 - 02414360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_31.dll
2015-12-11 22:34 - 2006-09-28 16:05 - 00237848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_4.dll
2015-12-11 22:34 - 2006-09-28 16:04 - 00364824 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_4.dll
2015-12-11 22:34 - 2006-07-28 09:31 - 00083736 _____ (Microsoft Corporation) C:\WINDOWS\system32\xinput1_2.dll
2015-12-11 22:34 - 2006-07-28 09:30 - 00363288 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_3.dll
2015-12-11 22:34 - 2006-07-28 09:30 - 00236824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_3.dll
2015-12-11 22:34 - 2006-07-28 09:30 - 00062744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xinput1_2.dll
2015-12-11 22:34 - 2006-05-31 07:24 - 00230168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_2.dll
2015-12-11 22:34 - 2006-05-31 07:22 - 00354072 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_2.dll
2015-12-11 22:34 - 2006-03-31 12:41 - 03927248 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_30.dll
2015-12-11 22:34 - 2006-03-31 12:40 - 02388176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_30.dll
2015-12-11 22:34 - 2006-03-31 12:40 - 00352464 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_1.dll
2015-12-11 22:34 - 2006-03-31 12:39 - 00229584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_1.dll
2015-12-11 22:34 - 2006-03-31 12:39 - 00083664 _____ (Microsoft Corporation) C:\WINDOWS\system32\xinput1_1.dll
2015-12-11 22:34 - 2006-03-31 12:39 - 00062672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xinput1_1.dll
2015-12-11 22:34 - 2006-02-03 08:43 - 03830992 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_29.dll
2015-12-11 22:34 - 2006-02-03 08:43 - 02332368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_29.dll
2015-12-11 22:34 - 2006-02-03 08:42 - 00355536 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_0.dll
2015-12-11 22:34 - 2006-02-03 08:42 - 00230096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_0.dll
2015-12-11 22:34 - 2006-02-03 08:41 - 00016592 _____ (Microsoft Corporation) C:\WINDOWS\system32\x3daudio1_0.dll
2015-12-11 22:34 - 2006-02-03 08:41 - 00014032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\x3daudio1_0.dll
2015-12-11 22:34 - 2005-12-05 18:09 - 03815120 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_28.dll
2015-12-11 22:34 - 2005-12-05 18:09 - 02323664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_28.dll
2015-12-11 22:34 - 2005-07-22 19:59 - 03807440 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_27.dll
2015-12-11 22:34 - 2005-07-22 19:59 - 02319568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_27.dll
2015-12-11 22:34 - 2005-05-26 15:34 - 03767504 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_26.dll
2015-12-11 22:34 - 2005-05-26 15:34 - 02297552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_26.dll
2015-12-11 22:34 - 2005-03-18 17:19 - 03823312 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_25.dll
2015-12-11 22:34 - 2005-03-18 17:19 - 02337488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_25.dll
2015-12-11 22:34 - 2005-02-05 19:45 - 03544272 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_24.dll
2015-12-11 22:34 - 2005-02-05 19:45 - 02222800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_24.dll
2015-12-11 21:58 - 2015-12-11 21:58 - 00000000 ____D C:\Users\theda\AppData\Local\CEF
2015-12-11 21:57 - 2015-12-11 23:06 - 00000000 ____D C:\Users\theda\AppData\Local\Ubisoft Game Launcher
2015-12-11 21:57 - 2015-12-11 21:57 - 66123432 _____ (Ubisoft) C:\Users\theda\Downloads\UplayInstaller.exe
2015-12-11 21:57 - 2015-12-11 21:57 - 00001278 _____ C:\Users\theda\Desktop\Uplay.lnk
2015-12-11 21:57 - 2015-12-11 21:57 - 00000000 ____D C:\Users\theda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ubisoft
2015-12-11 21:57 - 2015-12-11 21:57 - 00000000 ____D C:\Program Files (x86)\Ubisoft
2015-12-10 18:20 - 2015-12-10 18:20 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2015-12-09 02:09 - 2015-12-18 16:05 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2015-12-09 02:09 - 2015-12-09 02:09 - 00000000 _SHDL C:\Users\Default\Vorlagen
2015-12-09 02:09 - 2015-12-09 02:09 - 00000000 _SHDL C:\Users\Default\Startmenü
2015-12-09 02:09 - 2015-12-09 02:09 - 00000000 _SHDL C:\Users\Default\Netzwerkumgebung
2015-12-09 02:09 - 2015-12-09 02:09 - 00000000 _SHDL C:\Users\Default\Lokale Einstellungen
2015-12-09 02:09 - 2015-12-09 02:09 - 00000000 _SHDL C:\Users\Default\Eigene Dateien
2015-12-09 02:09 - 2015-12-09 02:09 - 00000000 _SHDL C:\Users\Default\Druckumgebung
2015-12-09 02:09 - 2015-12-09 02:09 - 00000000 _SHDL C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2015-12-09 02:09 - 2015-12-09 02:09 - 00000000 _SHDL C:\Users\Default\AppData\Local\Verlauf
2015-12-09 02:09 - 2015-12-09 02:09 - 00000000 _SHDL C:\Users\Default\AppData\Local\Anwendungsdaten
2015-12-09 02:09 - 2015-12-09 02:09 - 00000000 _SHDL C:\Users\Default\Anwendungsdaten
2015-12-09 02:09 - 2015-12-09 02:09 - 00000000 _SHDL C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2015-12-09 02:09 - 2015-12-09 02:09 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Verlauf
2015-12-09 02:09 - 2015-12-09 02:09 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Anwendungsdaten
2015-12-09 02:09 - 2015-12-09 02:09 - 00000000 _SHDL C:\Users\Default User
2015-12-09 02:09 - 2015-12-09 02:09 - 00000000 _SHDL C:\Users\All Users
2015-12-09 02:09 - 2015-12-09 02:09 - 00000000 _SHDL C:\Programme
2015-12-09 02:09 - 2015-12-09 02:09 - 00000000 _SHDL C:\ProgramData\Vorlagen
2015-12-09 02:09 - 2015-12-09 02:09 - 00000000 _SHDL C:\ProgramData\Startmenü
2015-12-09 02:09 - 2015-12-09 02:09 - 00000000 _SHDL C:\ProgramData\Microsoft\Windows\Start Menu\Programme
2015-12-09 02:09 - 2015-12-09 02:09 - 00000000 _SHDL C:\ProgramData\Dokumente
2015-12-09 02:09 - 2015-12-09 02:09 - 00000000 _SHDL C:\ProgramData\Anwendungsdaten
2015-12-09 02:09 - 2015-12-09 02:09 - 00000000 _SHDL C:\Program Files\Gemeinsame Dateien
2015-12-09 02:09 - 2015-12-09 02:09 - 00000000 _SHDL C:\Dokumente und Einstellungen
2015-12-09 02:04 - 2015-12-09 02:04 - 00000000 ____H C:\ProgramData\DP45977C.lfl
2015-12-09 02:04 - 2015-12-09 02:04 - 00000000 ____D C:\ProgramData\Creative
2015-12-09 02:03 - 2015-12-09 02:03 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_ASMBSW_01_11_00.Wdf
2015-12-09 02:03 - 2015-12-09 02:03 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_TeeDriverx64_01011.Wdf
2015-12-09 02:03 - 2015-12-09 02:03 - 00000000 ____D C:\WINDOWS\SysWOW64\RTCOM
2015-12-09 02:03 - 2015-12-09 02:03 - 00000000 ____D C:\WINDOWS\system32\DAX2
2015-12-09 02:03 - 2015-12-09 02:03 - 00000000 ____D C:\Program Files\Realtek
2015-12-09 02:03 - 2015-12-09 02:03 - 00000000 ____D C:\Program Files (x86)\ASUS
2015-12-09 02:03 - 2014-01-28 04:16 - 00028672 _____ (ASUSTek Computer Inc.) C:\WINDOWS\SysWOW64\AsIO.dll
2015-12-09 02:03 - 2014-01-28 04:16 - 00015232 _____ C:\WINDOWS\SysWOW64\Drivers\AsIO.sys
2015-12-09 02:00 - 2015-12-08 17:44 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2015-12-09 02:00 - 2015-12-08 17:33 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2015-12-09 02:00 - 2015-12-08 17:33 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2015-12-09 01:55 - 2015-12-09 17:44 - 00189344 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2015-12-09 01:55 - 2015-12-09 01:55 - 00000000 ____D C:\WINDOWS\ServiceProfiles
2015-12-08 22:12 - 2015-12-18 15:24 - 00001137 _____ C:\Users\theda\Desktop\nativelog.txt
2015-12-08 22:11 - 2015-12-08 22:11 - 00000000 ____D C:\Users\theda\AppData\Roaming\NVIDIA
2015-12-08 22:06 - 2015-12-18 14:30 - 00000000 ____D C:\Users\theda\AppData\Roaming\.minecraft
2015-12-08 22:06 - 2015-12-08 22:06 - 00000000 ____D C:\Users\theda\AppData\Roaming\java
2015-12-08 22:02 - 2015-12-08 22:06 - 00000000 ____D C:\Program Files (x86)\Minecraft
2015-12-08 22:02 - 2015-12-08 22:02 - 02314240 _____ C:\Users\theda\Downloads\MinecraftInstaller.msi
2015-12-08 22:02 - 2015-12-08 22:02 - 00001030 _____ C:\Users\Public\Desktop\Minecraft.lnk
2015-12-08 22:02 - 2015-12-08 22:02 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Minecraft
2015-12-08 20:55 - 2015-12-08 20:55 - 00000000 ____D C:\Users\theda\AppData\Local\NetworkTiles
2015-12-08 20:13 - 2015-12-08 20:15 - 00000000 ____D C:\WINDOWS\system32\MRT
2015-12-08 20:13 - 2015-11-23 19:10 - 140158008 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2015-12-08 20:08 - 2015-12-01 08:01 - 02115936 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2015-12-08 20:08 - 2015-12-01 06:51 - 07523840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2015-12-08 20:08 - 2015-12-01 05:59 - 05455360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2015-12-08 20:08 - 2015-11-25 06:42 - 04532304 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2015-12-08 20:08 - 2015-11-25 06:33 - 03622272 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2015-12-08 20:08 - 2015-11-25 06:27 - 01366680 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2015-12-08 20:08 - 2015-11-25 06:12 - 04047288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2015-12-08 20:08 - 2015-11-25 06:09 - 01310880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2015-12-08 20:08 - 2015-11-25 06:01 - 02879024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2015-12-08 20:08 - 2015-11-25 05:49 - 01569280 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Globalization.dll
2015-12-08 20:08 - 2015-11-25 05:44 - 21872640 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2015-12-08 20:08 - 2015-11-25 05:42 - 24592384 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2015-12-08 20:08 - 2015-11-25 05:36 - 01710592 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRHInproc.dll
2015-12-08 20:08 - 2015-11-25 05:35 - 00929792 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRH.dll
2015-12-08 20:08 - 2015-11-25 05:35 - 00845824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Magnify.exe
2015-12-08 20:08 - 2015-11-25 05:34 - 12504576 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2015-12-08 20:08 - 2015-11-25 05:31 - 00121344 _____ (Microsoft Corporation) C:\WINDOWS\system32\DAMM.dll
2015-12-08 20:08 - 2015-11-25 05:30 - 00171008 _____ (Microsoft Corporation) C:\WINDOWS\system32\dot3mm.dll
2015-12-08 20:08 - 2015-11-25 05:29 - 01649152 _____ (Microsoft Corporation) C:\WINDOWS\system32\comsvcs.dll
2015-12-08 20:08 - 2015-11-25 05:29 - 00355328 _____ (Microsoft Corporation) C:\WINDOWS\system32\ninput.dll
2015-12-08 20:08 - 2015-11-25 05:28 - 00523776 _____ (Microsoft Corporation) C:\WINDOWS\system32\catsrvut.dll
2015-12-08 20:08 - 2015-11-25 05:27 - 02180608 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2015-12-08 20:08 - 2015-11-25 05:25 - 00324096 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvc.dll
2015-12-08 20:08 - 2015-11-25 05:23 - 19323392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2015-12-08 20:08 - 2015-11-25 05:23 - 03588096 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2015-12-08 20:08 - 2015-11-25 05:23 - 00587776 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieui.dll
2015-12-08 20:08 - 2015-11-25 05:22 - 01717248 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2015-12-08 20:08 - 2015-11-25 05:22 - 00603648 _____ (Microsoft Corporation) C:\WINDOWS\system32\duser.dll
2015-12-08 20:08 - 2015-11-25 05:19 - 01795584 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll
2015-12-08 20:08 - 2015-11-25 05:18 - 01233920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Globalization.dll
2015-12-08 20:08 - 2015-11-25 05:17 - 00774656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRH.dll
2015-12-08 20:08 - 2015-11-25 05:16 - 01442816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRHInproc.dll
2015-12-08 20:08 - 2015-11-25 05:16 - 00786432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Magnify.exe
2015-12-08 20:08 - 2015-11-25 05:11 - 00296960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ninput.dll
2015-12-08 20:08 - 2015-11-25 05:10 - 18801664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2015-12-08 20:08 - 2015-11-25 05:10 - 01328128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comsvcs.dll
2015-12-08 20:08 - 2015-11-25 05:10 - 00415744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\catsrvut.dll
2015-12-08 20:08 - 2015-11-25 05:05 - 11263488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2015-12-08 20:08 - 2015-11-25 05:04 - 01467392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2015-12-08 20:08 - 2015-11-25 05:04 - 00480768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\duser.dll
2015-12-08 20:08 - 2015-11-25 05:04 - 00474624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieui.dll
2015-12-08 20:07 - 2015-12-01 07:03 - 00008192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\gpuenergydrv.sys
2015-12-08 20:07 - 2015-12-01 06:54 - 00771072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2015-12-08 20:07 - 2015-12-01 06:49 - 04792320 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2015-12-08 20:07 - 2015-12-01 06:02 - 03580416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2015-12-08 20:07 - 2015-11-25 06:42 - 00168288 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkUXBroker.exe
2015-12-08 20:07 - 2015-11-25 06:41 - 01822280 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2015-12-08 20:07 - 2015-11-25 06:40 - 00516448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS
2015-12-08 20:07 - 2015-11-25 06:32 - 00113184 _____ (Microsoft Corporation) C:\WINDOWS\system32\userenv.dll
2015-12-08 20:07 - 2015-11-25 06:11 - 01532984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2015-12-08 20:07 - 2015-11-25 05:59 - 00092992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\userenv.dll
2015-12-08 20:07 - 2015-11-25 05:49 - 00498688 _____ (Microsoft Corporation) C:\WINDOWS\system32\WlanMediaManager.dll
2015-12-08 20:07 - 2015-11-25 05:49 - 00467456 _____ (Microsoft Corporation) C:\WINDOWS\system32\MBMediaManager.dll
2015-12-08 20:07 - 2015-11-25 05:49 - 00270336 _____ (Microsoft Corporation) C:\WINDOWS\system32\RasMediaManager.dll
2015-12-08 20:07 - 2015-11-25 05:48 - 00146944 _____ (Microsoft Corporation) C:\WINDOWS\system32\EthernetMediaManager.dll
2015-12-08 20:07 - 2015-11-25 05:48 - 00126464 _____ (Microsoft Corporation) C:\WINDOWS\system32\DAMediaManager.dll
2015-12-08 20:07 - 2015-11-25 05:37 - 02350592 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2015-12-08 20:07 - 2015-11-25 05:36 - 00022528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usb8023.sys
2015-12-08 20:07 - 2015-11-25 05:30 - 00147968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rmcast.sys
2015-12-08 20:07 - 2015-11-25 05:30 - 00080896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hdaudbus.sys
2015-12-08 20:07 - 2015-11-25 05:28 - 00572928 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2015-12-08 20:07 - 2015-11-25 05:26 - 00849408 _____ (Microsoft Corporation) C:\WINDOWS\system32\comdlg32.dll
2015-12-08 20:07 - 2015-11-25 05:26 - 00181760 _____ (Microsoft Corporation) C:\WINDOWS\system32\shutdownux.dll
2015-12-08 20:07 - 2015-11-25 05:25 - 00067072 _____ (Microsoft Corporation) C:\WINDOWS\system32\profext.dll
2015-12-08 20:07 - 2015-11-25 05:22 - 01383424 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2015-12-08 20:07 - 2015-11-25 05:22 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\system32\kbdgeoqw.dll
2015-12-08 20:07 - 2015-11-25 05:22 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\system32\KBDAZST.DLL
2015-12-08 20:07 - 2015-11-25 05:22 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\system32\KBDAZEL.DLL
2015-12-08 20:07 - 2015-11-25 05:22 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\system32\KBDAZE.DLL
2015-12-08 20:07 - 2015-11-25 05:19 - 00185344 _____ (Microsoft Corporation) C:\WINDOWS\system32\psmsrv.dll
2015-12-08 20:07 - 2015-11-25 05:13 - 02153984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll
2015-12-08 20:07 - 2015-11-25 05:10 - 00503296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2015-12-08 20:07 - 2015-11-25 05:08 - 00749568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comdlg32.dll
2015-12-08 20:07 - 2015-11-25 05:07 - 00053248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\profext.dll
2015-12-08 20:07 - 2015-11-25 05:04 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kbdgeoqw.dll
2015-12-08 20:07 - 2015-11-25 05:04 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KBDAZST.DLL
2015-12-08 20:07 - 2015-11-25 05:04 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KBDAZEL.DLL
2015-12-08 20:07 - 2015-11-25 05:04 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KBDAZE.DLL
2015-12-08 20:07 - 2015-11-25 03:52 - 00775312 _____ C:\WINDOWS\SysWOW64\locale.nls
2015-12-08 20:07 - 2015-11-25 03:52 - 00775312 _____ C:\WINDOWS\system32\locale.nls
2015-12-08 20:02 - 2015-12-08 20:02 - 00000000 ____D C:\Users\theda\AppData\Local\ElevatedDiagnostics
2015-12-08 19:52 - 2015-12-08 19:52 - 31017664 _____ (TeamSpeak Systems GmbH) C:\Users\theda\Downloads\TeamSpeak3-Client-win64-3.0.18.2 (1).exe
2015-12-08 19:49 - 2015-12-18 16:05 - 00001136 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2015-12-08 19:49 - 2015-12-18 15:54 - 00001140 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2015-12-08 19:49 - 2015-12-17 19:55 - 00000000 ____D C:\Users\theda\AppData\Roaming\TS3Client
2015-12-08 19:49 - 2015-12-16 20:56 - 00002252 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2015-12-08 19:49 - 2015-12-08 19:52 - 00001284 _____ C:\Users\theda\Desktop\TeamSpeak 3 Client.lnk
2015-12-08 19:49 - 2015-12-08 19:49 - 00004198 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2015-12-08 19:49 - 2015-12-08 19:49 - 00003966 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2015-12-08 19:49 - 2015-12-08 19:49 - 00000000 ____D C:\Users\theda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TeamSpeak 3 Client
2015-12-08 19:49 - 2015-12-08 19:49 - 00000000 ____D C:\Users\theda\AppData\Local\TeamSpeak 3 Client
2015-12-08 19:49 - 2015-12-08 19:49 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-12-08 19:49 - 2015-12-08 19:49 - 00000000 ____D C:\Program Files (x86)\Google
2015-12-08 19:48 - 2015-12-08 20:46 - 00000000 ____D C:\Users\theda\AppData\Local\Google
2015-12-08 19:48 - 2015-12-08 19:48 - 00927824 _____ (Google Inc.) C:\Users\theda\Downloads\ChromeSetup.exe
2015-12-08 19:47 - 2015-12-08 19:48 - 31017664 _____ (TeamSpeak Systems GmbH) C:\Users\theda\Downloads\TeamSpeak3-Client-win64-3.0.18.2.exe
2015-12-08 18:49 - 2015-12-08 18:49 - 00001327 _____ C:\Users\Public\Desktop\World of Warcraft.lnk
2015-12-08 18:49 - 2015-12-08 18:49 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\World of Warcraft
2015-12-08 18:47 - 2015-12-17 17:29 - 00000000 ____D C:\Program Files (x86)\World of Warcraft
2015-12-08 18:47 - 2015-12-08 18:47 - 00000000 ____D C:\Data
2015-12-08 18:46 - 2015-12-17 22:03 - 00000000 ____D C:\Users\theda\AppData\Local\Battle.net
2015-12-08 18:46 - 2015-12-08 18:47 - 00000000 ____D C:\Users\theda\AppData\Roaming\Battle.net
2015-12-08 18:46 - 2015-12-08 18:46 - 00001191 _____ C:\Users\Public\Desktop\Battle.net.lnk
2015-12-08 18:46 - 2015-12-08 18:46 - 00000000 ____D C:\Users\theda\AppData\Local\Blizzard Entertainment
2015-12-08 18:46 - 2015-12-08 18:46 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battle.net
2015-12-08 18:46 - 2015-12-08 18:46 - 00000000 ____D C:\ProgramData\Blizzard Entertainment
2015-12-08 18:45 - 2015-12-17 11:33 - 00000000 ____D C:\Program Files (x86)\Battle.net
2015-12-08 18:44 - 2015-12-08 18:44 - 02950200 _____ (Blizzard Entertainment) C:\Users\theda\Downloads\Battle.net-Setup.exe
2015-12-08 18:44 - 2015-12-08 18:44 - 00000000 ____D C:\ProgramData\Battle.net
2015-12-08 18:41 - 2015-12-08 18:41 - 00000000 ____D C:\Users\theda\AppData\Roaming\LolClient
2015-12-08 18:13 - 2015-12-18 16:06 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2015-12-08 18:13 - 2015-12-08 18:13 - 00000000 ____D C:\Users\theda\Tracing
2015-12-08 18:12 - 2015-12-18 16:07 - 00000000 ____D C:\Users\theda\AppData\Roaming\Skype
2015-12-08 18:12 - 2015-12-08 18:18 - 00000000 ___RD C:\Program Files (x86)\Skype
2015-12-08 18:12 - 2015-12-08 18:12 - 22908888 _____ (Malwarebytes ) C:\Users\theda\Downloads\mbam-setup-web.NT-2.2.0.1024.exe
2015-12-08 18:12 - 2015-12-08 18:12 - 00002642 _____ C:\Users\Public\Desktop\Skype.lnk
2015-12-08 18:12 - 2015-12-08 18:12 - 00001175 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2015-12-08 18:12 - 2015-12-08 18:12 - 00000000 ____D C:\ProgramData\Skype
2015-12-08 18:12 - 2015-12-08 18:12 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2015-12-08 18:12 - 2015-12-08 18:12 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware
2015-12-08 18:12 - 2015-12-08 18:12 - 00000000 ____D C:\ProgramData\Malwarebytes
2015-12-08 18:12 - 2015-12-08 18:12 - 00000000 ____D C:\Program Files (x86)\ Malwarebytes Anti-Malware
2015-12-08 18:12 - 2015-10-05 09:50 - 00109272 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2015-12-08 18:12 - 2015-10-05 09:50 - 00064216 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys
2015-12-08 18:12 - 2015-10-05 09:50 - 00025816 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2015-12-08 18:11 - 2015-12-08 18:11 - 01504384 _____ (Skype Technologies S.A.) C:\Users\theda\Downloads\SkypeSetup.exe
2015-12-08 17:59 - 2015-12-08 17:59 - 00001585 _____ C:\Users\Public\Desktop\League of Legends.lnk
2015-12-08 17:59 - 2015-12-08 17:59 - 00000000 ____D C:\Riot Games
2015-12-08 17:59 - 2015-12-08 17:59 - 00000000 ____D C:\ProgramData\Riot Games
2015-12-08 17:59 - 2015-12-08 17:59 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\League of Legends
2015-12-08 17:59 - 2008-07-31 10:41 - 00068616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAPOFX1_1.dll
2015-12-08 17:59 - 2008-07-31 10:40 - 00509448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_2.dll
2015-12-08 17:59 - 2008-07-12 08:18 - 03851784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_39.dll
2015-12-08 17:59 - 2008-07-12 08:18 - 01493528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_39.dll
2015-12-08 17:59 - 2008-07-12 08:18 - 00467984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_39.dll
2015-12-08 17:58 - 2015-12-08 17:59 - 00000000 ____D C:\Users\theda\AppData\Roaming\Riot Games
2015-12-08 17:58 - 2015-12-08 17:58 - 30668968 _____ (Riot Games) C:\Users\theda\Downloads\LeagueofLegends_EUW_Installer_9_15_2014.exe
2015-12-08 17:57 - 2015-12-08 17:57 - 00000000 ____D C:\Users\theda\AppData\Roaming\Macromedia
2015-12-08 17:55 - 2015-12-08 17:55 - 00002134 _____ C:\Users\Public\Desktop\3D Vision Photo Viewer.lnk
2015-12-08 17:55 - 2015-12-08 17:55 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2015-12-08 17:50 - 2015-12-08 17:50 - 00888064 _____ (Realtek ) C:\WINDOWS\system32\Drivers\rt640x64.sys
2015-12-08 17:50 - 2015-12-08 17:50 - 00082544 _____ (Realtek Semiconductor Corporation) C:\WINDOWS\system32\RtNicProp64.dll
2015-12-08 17:48 - 2015-12-08 17:48 - 02339728 _____ (Creative Technology Ltd.) C:\WINDOWS\system32\AFXAPO64.dll
2015-12-08 17:48 - 2015-12-08 17:48 - 01972952 _____ (Creative Technology Ltd.) C:\WINDOWS\SysWOW64\AFXAPO32.dll
2015-12-08 17:48 - 2015-12-08 17:48 - 00743120 _____ (Creative Technology Ltd) C:\WINDOWS\SysWOW64\APOIM64.exe
2015-12-08 17:48 - 2015-12-08 17:48 - 00349192 _____ (Creative Technology Ltd.) C:\WINDOWS\system32\AFXCTL64.dll
2015-12-08 17:48 - 2015-12-08 17:48 - 00304136 _____ (Creative Technology Ltd.) C:\WINDOWS\SysWOW64\AFXCTL32.dll
2015-12-08 17:48 - 2015-12-08 17:48 - 00051208 _____ (Creative Technology Ltd.) C:\WINDOWS\SysWOW64\AddCat.exe
2015-12-08 17:48 - 2015-12-08 17:48 - 00031240 _____ (Creative Technology Ltd.) C:\WINDOWS\SysWOW64\CtEpDef32.exe
2015-12-08 17:48 - 2015-12-08 17:48 - 00020254 _____ C:\WINDOWS\SysWOW64\AFXAPO64.hda
2015-12-08 17:48 - 2015-12-08 17:48 - 00020254 _____ C:\WINDOWS\system32\AFXAPO64.hda
2015-12-08 17:48 - 2015-12-08 17:48 - 00019390 _____ C:\WINDOWS\system32\CtAfx.ini
2015-12-08 17:45 - 2015-12-08 17:45 - 00000000 ____D C:\Users\theda\AppData\Roaming\Avira
2015-12-08 17:43 - 2015-12-08 17:43 - 00000000 ____D C:\Users\theda\AppData\Roaming\Mozilla
2015-12-08 17:43 - 2015-11-05 15:41 - 00102520 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvStreaming.exe
2015-12-08 17:42 - 2015-12-08 17:42 - 42922824 _____ C:\WINDOWS\system32\nvcompiler.dll
2015-12-08 17:42 - 2015-12-08 17:42 - 37890888 _____ C:\WINDOWS\SysWOW64\nvcompiler.dll
2015-12-08 17:42 - 2015-12-08 17:42 - 22352528 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglv64.dll
2015-12-08 17:42 - 2015-12-08 17:42 - 18496280 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvwgf2umx.dll
2015-12-08 17:42 - 2015-12-08 17:42 - 18397840 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglv32.dll
2015-12-08 17:42 - 2015-12-08 17:42 - 16570048 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvopencl.dll
2015-12-08 17:42 - 2015-12-08 17:42 - 15942648 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvwgf2um.dll
2015-12-08 17:42 - 2015-12-08 17:42 - 15847936 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvd3dumx.dll
2015-12-08 17:42 - 2015-12-08 17:42 - 14853032 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2015-12-08 17:42 - 2015-12-08 17:42 - 13542336 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvopencl.dll
2015-12-08 17:42 - 2015-12-08 17:42 - 12878928 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvd3dum.dll
2015-12-08 17:42 - 2015-12-08 17:42 - 12049688 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2015-12-08 17:42 - 2015-12-08 17:42 - 11227280 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvlddmkm.sys
2015-12-08 17:42 - 2015-12-08 17:42 - 03549088 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2015-12-08 17:42 - 2015-12-08 17:42 - 03135528 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2015-12-08 17:42 - 2015-12-08 17:42 - 02885448 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2015-12-08 17:42 - 2015-12-08 17:42 - 02505360 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2015-12-08 17:42 - 2015-12-08 17:42 - 01914184 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6435891.dll
2015-12-08 17:42 - 2015-12-08 17:42 - 01581208 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvhdagenco6420103.dll
2015-12-08 17:42 - 2015-12-08 17:42 - 01573520 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6435891.dll
2015-12-08 17:42 - 2015-12-08 17:42 - 01025088 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncMFTH264.dll
2015-12-08 17:42 - 2015-12-08 17:42 - 00886416 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2015-12-08 17:42 - 2015-12-08 17:42 - 00870544 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2015-12-08 17:42 - 2015-12-08 17:42 - 00831960 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncMFTH264.dll
2015-12-08 17:42 - 2015-12-08 17:42 - 00698512 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2015-12-08 17:42 - 2015-12-08 17:42 - 00682824 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2015-12-08 17:42 - 2015-12-08 17:42 - 00609968 _____ C:\WINDOWS\system32\nvmcumd.dll
2015-12-08 17:42 - 2015-12-08 17:42 - 00548376 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvumdshimx.dll
2015-12-08 17:42 - 2015-12-08 17:42 - 00512144 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvDecMFTMjpeg.dll
2015-12-08 17:42 - 2015-12-08 17:42 - 00509600 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2015-12-08 17:42 - 2015-12-08 17:42 - 00455496 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvDecMFTMjpeg.dll
2015-12-08 17:42 - 2015-12-08 17:42 - 00453944 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvumdshim.dll
2015-12-08 17:42 - 2015-12-08 17:42 - 00431296 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2015-12-08 17:42 - 2015-12-08 17:42 - 00422728 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll
2015-12-08 17:42 - 2015-12-08 17:42 - 00378184 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll
2015-12-08 17:42 - 2015-12-08 17:42 - 00214168 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvhda64v.sys
2015-12-08 17:42 - 2015-12-08 17:42 - 00186144 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvinitx.dll
2015-12-08 17:42 - 2015-12-08 17:42 - 00164520 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvinit.dll
2015-12-08 17:42 - 2015-12-08 17:42 - 00160096 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglshim64.dll
2015-12-08 17:42 - 2015-12-08 17:42 - 00137240 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglshim32.dll
2015-12-08 17:42 - 2015-12-08 17:42 - 00047952 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvhdap64.dll
2015-12-08 17:42 - 2015-11-20 15:35 - 00146696 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avipbb.sys
2015-12-08 17:42 - 2015-11-20 15:35 - 00135880 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avgntflt.sys
2015-12-08 17:42 - 2015-11-20 15:35 - 00073032 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avnetflt.sys
2015-12-08 17:42 - 2015-11-20 15:35 - 00035488 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avkmgr.sys
2015-12-08 17:39 - 2015-12-08 17:43 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2015-12-08 17:39 - 2015-12-08 17:42 - 00000000 ____D C:\ProgramData\Avira
2015-12-08 17:39 - 2015-12-08 17:42 - 00000000 ____D C:\Program Files (x86)\Avira
2015-12-08 17:39 - 2015-12-08 17:39 - 00001287 _____ C:\Users\Public\Desktop\Avira Launcher.lnk
2015-12-08 17:38 - 2015-12-08 17:38 - 04600536 _____ (Avira Operations GmbH & Co. KG) C:\Users\theda\Downloads\avira_de_av_56670780c823c__ws.exe
2015-12-08 17:38 - 2015-12-08 17:38 - 00000000 ____D C:\ProgramData\Package Cache
2015-12-08 17:35 - 2015-12-18 16:06 - 00000000 ___RD C:\Users\theda\OneDrive
2015-12-08 17:35 - 2015-12-09 17:49 - 00002387 _____ C:\Users\theda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2015-12-08 17:34 - 2015-12-08 17:38 - 00000000 ____D C:\Users\theda\AppData\Local\MicrosoftEdge
2015-12-08 17:34 - 2015-12-08 17:34 - 00000000 ____D C:\Users\theda\AppData\Local\NVIDIA
2015-12-08 17:34 - 2015-12-08 17:34 - 00000000 ____D C:\ProgramData\Microsoft OneDrive
2015-12-08 17:33 - 2015-12-18 16:05 - 00000000 ____D C:\ProgramData\NVIDIA
2015-12-08 17:33 - 2015-12-08 17:35 - 00000000 ____D C:\Users\theda\AppData\Local\Comms
2015-12-08 17:33 - 2015-11-05 16:08 - 06358648 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2015-12-08 17:33 - 2015-11-05 16:08 - 02983216 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc64.dll
2015-12-08 17:33 - 2015-11-05 16:08 - 02554672 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll
2015-12-08 17:33 - 2015-11-05 16:08 - 00938616 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvvsvc.exe
2015-12-08 17:33 - 2015-11-05 16:08 - 00385328 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmctray.dll
2015-12-08 17:33 - 2015-11-05 16:08 - 00062584 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll
2015-12-08 17:33 - 2015-10-28 14:49 - 06027430 _____ C:\WINDOWS\system32\nvcoproc.bin
2015-12-08 17:32 - 2015-12-08 17:42 - 00121672 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2015-12-08 17:32 - 2015-12-08 17:42 - 00113808 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2015-12-08 17:31 - 2015-12-08 17:49 - 00000000 ____D C:\Users\theda\AppData\Local\PackageStaging
2015-12-08 17:31 - 2015-12-08 17:31 - 00000000 ____D C:\Users\theda\AppData\Local\Publishers
2015-12-08 17:30 - 2015-12-11 15:18 - 00000000 ____D C:\Users\theda\AppData\Local\Packages
2015-12-08 17:30 - 2015-12-09 17:48 - 00000000 __RHD C:\Users\Public\AccountPictures
2015-12-08 17:30 - 2015-12-08 17:30 - 01898312 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6435354.dll
2015-12-08 17:30 - 2015-12-08 17:30 - 01557648 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6435354.dll
2015-12-08 17:30 - 2015-12-08 17:30 - 00016148 _____ C:\WINDOWS\system32\DESKTOP-4AC1IMP_defaultuser0_HistoryPrediction.bin
2015-12-08 17:30 - 2015-12-08 17:30 - 00000000 ____D C:\Users\theda\AppData\Roaming\Adobe
2015-12-08 17:30 - 2015-12-08 17:30 - 00000000 ____D C:\Users\theda\AppData\Local\VirtualStore
2015-12-08 17:30 - 2015-12-08 17:30 - 00000000 ____D C:\Users\theda\AppData\Local\TileDataLayer
2015-12-08 17:29 - 2015-12-18 15:34 - 00000000 ____D C:\Users\theda
2015-12-08 17:29 - 2015-12-08 17:29 - 00000020 ___SH C:\Users\theda\ntuser.ini
2015-12-08 17:29 - 2015-12-08 17:29 - 00000000 _SHDL C:\Users\theda\Vorlagen
2015-12-08 17:29 - 2015-12-08 17:29 - 00000000 _SHDL C:\Users\theda\Startmenü
2015-12-08 17:29 - 2015-12-08 17:29 - 00000000 _SHDL C:\Users\theda\Netzwerkumgebung
2015-12-08 17:29 - 2015-12-08 17:29 - 00000000 _SHDL C:\Users\theda\Lokale Einstellungen
2015-12-08 17:29 - 2015-12-08 17:29 - 00000000 _SHDL C:\Users\theda\Eigene Dateien
2015-12-08 17:29 - 2015-12-08 17:29 - 00000000 _SHDL C:\Users\theda\Druckumgebung
2015-12-08 17:29 - 2015-12-08 17:29 - 00000000 _SHDL C:\Users\theda\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2015-12-08 17:29 - 2015-12-08 17:29 - 00000000 _SHDL C:\Users\theda\AppData\Local\Verlauf
2015-12-08 17:29 - 2015-12-08 17:29 - 00000000 _SHDL C:\Users\theda\AppData\Local\Anwendungsdaten
2015-12-08 17:29 - 2015-12-08 17:29 - 00000000 _SHDL C:\Users\theda\Anwendungsdaten
2015-12-08 17:14 - 2015-12-18 16:09 - 01790124 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2015-12-08 17:11 - 2015-07-10 11:59 - 02718208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2015-12-08 17:10 - 2015-12-08 17:10 - 00000000 ____D C:\ProgramData\USOShared
2015-12-08 16:53 - 2015-12-08 16:53 - 00000000 _____ C:\Recovery.txt
2015-12-08 16:51 - 2015-12-08 20:43 - 00000000 ___DC C:\WINDOWS\Panther
2015-12-08 16:51 - 2015-12-08 16:52 - 00000000 ____D C:\Windows.old
2015-12-08 16:51 - 2015-12-08 16:51 - 00008192 _____ C:\WINDOWS\system32\config\userdiff
2015-12-08 16:51 - 2015-12-08 16:51 - 00000000 ____D C:\WINDOWS\InfusedApps
2015-12-08 16:51 - 2015-12-08 16:51 - 00000000 ____D C:\Program Files\Elantech
2015-12-08 16:50 - 2015-12-08 16:50 - 00000000 ____D C:\Program Files\ASUS
2015-12-08 16:49 - 2015-12-08 16:49 - 00000000 ____D C:\WINDOWS\Setup
2015-12-08 16:43 - 2015-12-08 16:43 - 00000000 ____D C:\WINDOWS\SysWOW64\XPSViewer
2015-12-08 16:43 - 2015-12-08 16:43 - 00000000 ____D C:\WINDOWS\OCR
2015-12-08 16:43 - 2015-12-08 16:43 - 00000000 ____D C:\Program Files\Reference Assemblies
2015-12-08 16:43 - 2015-12-08 16:43 - 00000000 ____D C:\Program Files\MSBuild
2015-12-08 16:43 - 2015-12-08 16:43 - 00000000 ____D C:\Program Files (x86)\Reference Assemblies
2015-12-08 16:43 - 2015-12-08 16:43 - 00000000 ____D C:\Program Files (x86)\MSBuild
2015-12-08 16:42 - 2015-12-18 16:09 - 00771100 _____ C:\WINDOWS\system32\perfh007.dat
2015-12-08 16:42 - 2015-12-18 16:09 - 00153964 _____ C:\WINDOWS\system32\perfc007.dat
2015-12-08 16:42 - 2015-12-08 16:42 - 00305634 _____ C:\WINDOWS\system32\perfi007.dat
2015-12-08 16:42 - 2015-12-08 16:42 - 00040390 _____ C:\WINDOWS\system32\perfd007.dat
2015-12-08 16:42 - 2015-12-08 16:42 - 00000000 ____D C:\WINDOWS\SysWOW64\winrm
2015-12-08 16:42 - 2015-12-08 16:42 - 00000000 ____D C:\WINDOWS\SysWOW64\WCN
2015-12-08 16:42 - 2015-12-08 16:42 - 00000000 ____D C:\WINDOWS\SysWOW64\sysprep
2015-12-08 16:42 - 2015-12-08 16:42 - 00000000 ____D C:\WINDOWS\SysWOW64\slmgr
2015-12-08 16:42 - 2015-12-08 16:42 - 00000000 ____D C:\WINDOWS\SysWOW64\Printing_Admin_Scripts
2015-12-08 16:42 - 2015-12-08 16:42 - 00000000 ____D C:\WINDOWS\SysWOW64\de
2015-12-08 16:42 - 2015-12-08 16:42 - 00000000 ____D C:\WINDOWS\SysWOW64\0409
2015-12-08 16:42 - 2015-12-08 16:42 - 00000000 ____D C:\WINDOWS\system32\winrm
2015-12-08 16:42 - 2015-12-08 16:42 - 00000000 ____D C:\WINDOWS\system32\WCN
2015-12-08 16:42 - 2015-12-08 16:42 - 00000000 ____D C:\WINDOWS\system32\slmgr
2015-12-08 16:42 - 2015-12-08 16:42 - 00000000 ____D C:\WINDOWS\system32\Printing_Admin_Scripts
2015-12-08 16:42 - 2015-12-08 16:42 - 00000000 ____D C:\WINDOWS\system32\de
2015-12-08 16:42 - 2015-12-08 16:42 - 00000000 ____D C:\WINDOWS\system32\0409
2015-12-08 16:42 - 2015-12-08 16:42 - 00000000 ____D C:\WINDOWS\DigitalLocker
2015-12-08 16:39 - 2015-12-01 01:32 - 00826872 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2015-12-08 16:39 - 2015-12-01 01:32 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2015-12-08 16:38 - 2015-12-08 16:53 - 00028672 _____ C:\WINDOWS\system32\config\BCD-Template
2015-12-08 16:38 - 2015-12-08 16:36 - 00229888 _____ (Microsoft Corporation) C:\WINDOWS\system32\msclmd.dll
2015-12-08 16:38 - 2015-12-08 16:36 - 00215943 _____ C:\WINDOWS\SysWOW64\dssec.dat
2015-12-08 16:38 - 2015-12-08 16:36 - 00215943 _____ C:\WINDOWS\system32\dssec.dat
2015-12-08 16:38 - 2015-12-08 16:36 - 00208384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msclmd.dll
2015-12-08 16:38 - 2015-12-08 16:36 - 00017463 _____ C:\WINDOWS\system32\Drivers\etc\services
2015-12-08 16:38 - 2015-12-08 16:36 - 00015462 _____ C:\WINDOWS\system32\OEMDefaultAssociations.xml
2015-12-08 16:38 - 2015-12-08 16:36 - 00008798 _____ C:\WINDOWS\SysWOW64\icrav03.rat
2015-12-08 16:38 - 2015-12-08 16:36 - 00008798 _____ C:\WINDOWS\system32\icrav03.rat
2015-12-08 16:38 - 2015-12-08 16:36 - 00003683 _____ C:\WINDOWS\system32\Drivers\etc\lmhosts.sam
2015-12-08 16:38 - 2015-12-08 16:36 - 00001988 _____ C:\WINDOWS\SysWOW64\ticrf.rat
2015-12-08 16:38 - 2015-12-08 16:36 - 00001988 _____ C:\WINDOWS\system32\ticrf.rat
2015-12-08 16:38 - 2015-12-08 16:36 - 00001358 _____ C:\WINDOWS\system32\Drivers\etc\protocol
2015-12-08 16:38 - 2015-12-08 16:36 - 00000858 _____ C:\WINDOWS\system32\DefaultQuestions.json
2015-12-08 16:38 - 2015-12-08 16:36 - 00000741 _____ C:\WINDOWS\SysWOW64\NOISE.DAT
2015-12-08 16:38 - 2015-12-08 16:36 - 00000741 _____ C:\WINDOWS\system32\NOISE.DAT
2015-12-08 16:38 - 2015-12-08 16:36 - 00000407 _____ C:\WINDOWS\system32\Drivers\etc\networks
2015-12-08 16:38 - 2015-12-08 16:36 - 00000389 _____ C:\WINDOWS\system32\AutoWorkplace.exe.config
2015-12-08 16:37 - 2015-12-18 14:38 - 00000000 ___HD C:\Program Files\WindowsApps
2015-12-08 16:37 - 2015-12-18 14:38 - 00000000 ____D C:\WINDOWS\AppReadiness
2015-12-08 16:37 - 2015-12-11 23:09 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2015-12-08 16:37 - 2015-12-11 17:34 - 00000000 ____D C:\WINDOWS\rescache
2015-12-08 16:37 - 2015-12-09 17:42 - 00000000 ___SD C:\WINDOWS\SysWOW64\F12
2015-12-08 16:37 - 2015-12-09 17:42 - 00000000 ____D C:\WINDOWS\SysWOW64\oobe
2015-12-08 16:37 - 2015-12-09 17:42 - 00000000 ____D C:\WINDOWS\SysWOW64\Dism
2015-12-08 16:37 - 2015-12-09 17:41 - 00000000 ___SD C:\WINDOWS\system32\F12
2015-12-08 16:37 - 2015-12-09 17:41 - 00000000 ___RD C:\WINDOWS\PurchaseDialog
2015-12-08 16:37 - 2015-12-09 17:41 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2015-12-08 16:37 - 2015-12-09 17:41 - 00000000 ___RD C:\WINDOWS\DevicesFlow
2015-12-08 16:37 - 2015-12-09 17:41 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2015-12-08 16:37 - 2015-12-09 17:41 - 00000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2015-12-08 16:37 - 2015-12-09 17:41 - 00000000 ____D C:\WINDOWS\system32\oobe
2015-12-08 16:37 - 2015-12-09 17:41 - 00000000 ____D C:\WINDOWS\system32\Dism
2015-12-08 16:37 - 2015-12-09 17:41 - 00000000 ____D C:\WINDOWS\system32\appraiser
2015-12-08 16:37 - 2015-12-09 17:41 - 00000000 ____D C:\WINDOWS\Provisioning
2015-12-08 16:37 - 2015-12-09 17:41 - 00000000 ____D C:\WINDOWS\L2Schemas
2015-12-08 16:37 - 2015-12-09 17:41 - 00000000 ____D C:\Program Files\Windows Journal
2015-12-08 16:37 - 2015-12-09 02:09 - 00000000 ____D C:\Program Files\Windows NT
2015-12-08 16:37 - 2015-12-09 02:06 - 00000000 ____D C:\WINDOWS\system32\Sysprep
2015-12-08 16:37 - 2015-12-08 17:33 - 00000000 ____D C:\WINDOWS\Help
2015-12-08 16:37 - 2015-12-08 17:31 - 00000000 ___RD C:\WINDOWS\PrintDialog
2015-12-08 16:37 - 2015-12-08 17:31 - 00000000 ___RD C:\WINDOWS\MiracastView
2015-12-08 16:37 - 2015-12-08 17:29 - 00000000 ____D C:\WINDOWS\system32\WinBioDatabase
2015-12-08 16:37 - 2015-12-08 17:11 - 00000000 ____D C:\WINDOWS\system32\spool
2015-12-08 16:37 - 2015-12-08 17:11 - 00000000 ____D C:\WINDOWS\system32\FxsTmp
2015-12-08 16:37 - 2015-12-08 17:10 - 00000000 ____D C:\ProgramData\USOPrivate
2015-12-08 16:37 - 2015-12-08 16:43 - 00000000 ____D C:\WINDOWS\SysWOW64\MUI
2015-12-08 16:37 - 2015-12-08 16:43 - 00000000 ____D C:\WINDOWS\system32\MUI
2015-12-08 16:37 - 2015-12-08 16:42 - 00000000 ___SD C:\WINDOWS\SysWOW64\DiagSvcs
2015-12-08 16:37 - 2015-12-08 16:42 - 00000000 ___SD C:\WINDOWS\system32\dsc
2015-12-08 16:37 - 2015-12-08 16:42 - 00000000 ___SD C:\WINDOWS\system32\DiagSvcs
2015-12-08 16:37 - 2015-12-08 16:42 - 00000000 ____D C:\WINDOWS\SysWOW64\setup
2015-12-08 16:37 - 2015-12-08 16:42 - 00000000 ____D C:\WINDOWS\SysWOW64\Com
2015-12-08 16:37 - 2015-12-08 16:42 - 00000000 ____D C:\WINDOWS\system32\setup
2015-12-08 16:37 - 2015-12-08 16:42 - 00000000 ____D C:\WINDOWS\system32\migwiz
2015-12-08 16:37 - 2015-12-08 16:42 - 00000000 ____D C:\WINDOWS\system32\Com
2015-12-08 16:37 - 2015-12-08 16:42 - 00000000 ____D C:\WINDOWS\PolicyDefinitions
2015-12-08 16:37 - 2015-12-08 16:42 - 00000000 ____D C:\WINDOWS\IME
2015-12-08 16:37 - 2015-12-08 16:42 - 00000000 ____D C:\Program Files\Windows Photo Viewer
2015-12-08 16:37 - 2015-12-08 16:42 - 00000000 ____D C:\Program Files\Windows Defender
2015-12-08 16:37 - 2015-12-08 16:42 - 00000000 ____D C:\Program Files\Common Files\System
2015-12-08 16:37 - 2015-12-08 16:42 - 00000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2015-12-08 16:37 - 2015-12-08 16:42 - 00000000 ____D C:\Program Files (x86)\Windows Defender
2015-12-08 16:37 - 2015-12-08 16:38 - 00000000 __RSD C:\WINDOWS\Media
2015-12-08 16:37 - 2015-12-08 16:38 - 00000000 ___SD C:\WINDOWS\SysWOW64\Nui
2015-12-08 16:37 - 2015-12-08 16:38 - 00000000 ___SD C:\WINDOWS\system32\Nui
2015-12-08 16:37 - 2015-12-08 16:38 - 00000000 ___RD C:\WINDOWS\Offline Web Pages
2015-12-08 16:37 - 2015-12-08 16:38 - 00000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2015-12-08 16:37 - 2015-12-08 16:38 - 00000000 ____D C:\WINDOWS\SysWOW64\migwiz
2015-12-08 16:37 - 2015-12-08 16:38 - 00000000 ____D C:\WINDOWS\SysWOW64\icsxml
2015-12-08 16:37 - 2015-12-08 16:38 - 00000000 ____D C:\WINDOWS\SysWOW64\downlevel
2015-12-08 16:37 - 2015-12-08 16:38 - 00000000 ____D C:\WINDOWS\SysWOW64\Bthprops
2015-12-08 16:37 - 2015-12-08 16:38 - 00000000 ____D C:\WINDOWS\SysWOW64\AdvancedInstallers
2015-12-08 16:37 - 2015-12-08 16:38 - 00000000 ____D C:\WINDOWS\system32\WinMetadata
2015-12-08 16:37 - 2015-12-08 16:38 - 00000000 ____D C:\WINDOWS\system32\SecureBootUpdates
2015-12-08 16:37 - 2015-12-08 16:38 - 00000000 ____D C:\WINDOWS\system32\MsDtc
2015-12-08 16:37 - 2015-12-08 16:38 - 00000000 ____D C:\WINDOWS\system32\MailContactsCalendarSync
2015-12-08 16:37 - 2015-12-08 16:38 - 00000000 ____D C:\WINDOWS\system32\icsxml
2015-12-08 16:37 - 2015-12-08 16:38 - 00000000 ____D C:\WINDOWS\system32\ias
2015-12-08 16:37 - 2015-12-08 16:38 - 00000000 ____D C:\WINDOWS\system32\downlevel
2015-12-08 16:37 - 2015-12-08 16:38 - 00000000 ____D C:\WINDOWS\system32\Bthprops
2015-12-08 16:37 - 2015-12-08 16:38 - 00000000 ____D C:\WINDOWS\system32\AdvancedInstallers
2015-12-08 16:37 - 2015-12-08 16:38 - 00000000 ____D C:\WINDOWS\ShellNew
2015-12-08 16:37 - 2015-12-08 16:38 - 00000000 ____D C:\WINDOWS\Registration
2015-12-08 16:37 - 2015-12-08 16:37 - 00000000 __SHD C:\Program Files\Windows Sidebar
2015-12-08 16:37 - 2015-12-08 16:37 - 00000000 __SHD C:\Program Files (x86)\Windows Sidebar
2015-12-08 16:37 - 2015-12-08 16:37 - 00000000 __RHD C:\Users\Public\Libraries
2015-12-08 16:37 - 2015-12-08 16:37 - 00000000 ___SD C:\WINDOWS\SysWOW64\Configuration
2015-12-08 16:37 - 2015-12-08 16:37 - 00000000 ___SD C:\WINDOWS\system32\Configuration
2015-12-08 16:37 - 2015-12-08 16:37 - 00000000 ___SD C:\WINDOWS\Downloaded Program Files
2015-12-08 16:37 - 2015-12-08 16:37 - 00000000 ___RD C:\WINDOWS\DesktopTileResources
2015-12-08 16:37 - 2015-12-08 16:37 - 00000000 ___HD C:\WINDOWS\ELAMBKUP
2015-12-08 16:37 - 2015-12-08 16:37 - 00000000 ____D C:\WINDOWS\Web
2015-12-08 16:37 - 2015-12-08 16:37 - 00000000 ____D C:\WINDOWS\Vss
2015-12-08 16:37 - 2015-12-08 16:37 - 00000000 ____D C:\WINDOWS\tracing
2015-12-08 16:37 - 2015-12-08 16:37 - 00000000 ____D C:\WINDOWS\TAPI
2015-12-08 16:37 - 2015-12-08 16:37 - 00000000 ____D C:\WINDOWS\SysWOW64\SMI
2015-12-08 16:37 - 2015-12-08 16:37 - 00000000 ____D C:\WINDOWS\SysWOW64\ras
2015-12-08 16:37 - 2015-12-08 16:37 - 00000000 ____D C:\WINDOWS\SysWOW64\NDF
2015-12-08 16:37 - 2015-12-08 16:37 - 00000000 ____D C:\WINDOWS\SysWOW64\MsDtc
2015-12-08 16:37 - 2015-12-08 16:37 - 00000000 ____D C:\WINDOWS\SysWOW64\Macromed
2015-12-08 16:37 - 2015-12-08 16:37 - 00000000 ____D C:\WINDOWS\SysWOW64\Ipmi
2015-12-08 16:37 - 2015-12-08 16:37 - 00000000 ____D C:\WINDOWS\SysWOW64\InputMethod
2015-12-08 16:37 - 2015-12-08 16:37 - 00000000 ____D C:\WINDOWS\SysWOW64\inetsrv
2015-12-08 16:37 - 2015-12-08 16:37 - 00000000 ____D C:\WINDOWS\SysWOW64\IME
2015-12-08 16:37 - 2015-12-08 16:37 - 00000000 ____D C:\WINDOWS\SysWOW64\GroupPolicyUsers
2015-12-08 16:37 - 2015-12-08 16:37 - 00000000 ____D C:\WINDOWS\SysWOW64\GroupPolicy
2015-12-08 16:37 - 2015-12-08 16:37 - 00000000 ____D C:\WINDOWS\SysWOW64\FxsTmp
2015-12-08 16:37 - 2015-12-08 16:37 - 00000000 ____D C:\WINDOWS\SysWOW64\AppLocker
2015-12-08 16:37 - 2015-12-08 16:37 - 00000000 ____D C:\WINDOWS\SystemResources
2015-12-08 16:37 - 2015-12-08 16:37 - 00000000 ____D C:\WINDOWS\SystemApps
2015-12-08 16:37 - 2015-12-08 16:37 - 00000000 ____D C:\WINDOWS\system32\winevt
2015-12-08 16:37 - 2015-12-08 16:37 - 00000000 ____D C:\WINDOWS\system32\ras
2015-12-08 16:37 - 2015-12-08 16:37 - 00000000 ____D C:\WINDOWS\system32\ProximityToast
2015-12-08 16:37 - 2015-12-08 16:37 - 00000000 ____D C:\WINDOWS\system32\PointOfService
2015-12-08 16:37 - 2015-12-08 16:37 - 00000000 ____D C:\WINDOWS\system32\NDF
2015-12-08 16:37 - 2015-12-08 16:37 - 00000000 ____D C:\WINDOWS\system32\Macromed
2015-12-08 16:37 - 2015-12-08 16:37 - 00000000 ____D C:\WINDOWS\system32\Ipmi
2015-12-08 16:37 - 2015-12-08 16:37 - 00000000 ____D C:\WINDOWS\system32\InputMethod
2015-12-08 16:37 - 2015-12-08 16:37 - 00000000 ____D C:\WINDOWS\system32\inetsrv
2015-12-08 16:37 - 2015-12-08 16:37 - 00000000 ____D C:\WINDOWS\system32\IME
2015-12-08 16:37 - 2015-12-08 16:37 - 00000000 ____D C:\WINDOWS\system32\GroupPolicyUsers
2015-12-08 16:37 - 2015-12-08 16:37 - 00000000 ____D C:\WINDOWS\system32\GroupPolicy
2015-12-08 16:37 - 2015-12-08 16:37 - 00000000 ____D C:\WINDOWS\system32\config\Journal
2015-12-08 16:37 - 2015-12-08 16:37 - 00000000 ____D C:\WINDOWS\system32\AppLocker
2015-12-08 16:37 - 2015-12-08 16:37 - 00000000 ____D C:\WINDOWS\System
2015-12-08 16:37 - 2015-12-08 16:37 - 00000000 ____D C:\WINDOWS\SKB
2015-12-08 16:37 - 2015-12-08 16:37 - 00000000 ____D C:\WINDOWS\security
2015-12-08 16:37 - 2015-12-08 16:37 - 00000000 ____D C:\WINDOWS\schemas
2015-12-08 16:37 - 2015-12-08 16:37 - 00000000 ____D C:\WINDOWS\SchCache
2015-12-08 16:37 - 2015-12-08 16:37 - 00000000 ____D C:\WINDOWS\Resources
2015-12-08 16:37 - 2015-12-08 16:37 - 00000000 ____D C:\WINDOWS\PLA
2015-12-08 16:37 - 2015-12-08 16:37 - 00000000 ____D C:\WINDOWS\Performance
2015-12-08 16:37 - 2015-12-08 16:37 - 00000000 ____D C:\WINDOWS\ModemLogs
2015-12-08 16:37 - 2015-12-08 16:37 - 00000000 ____D C:\WINDOWS\LiveKernelReports
2015-12-08 16:37 - 2015-12-08 16:37 - 00000000 ____D C:\WINDOWS\InputMethod
2015-12-08 16:37 - 2015-12-08 16:37 - 00000000 ____D C:\WINDOWS\Globalization
2015-12-08 16:37 - 2015-12-08 16:37 - 00000000 ____D C:\WINDOWS\Cursors
2015-12-08 16:37 - 2015-12-08 16:37 - 00000000 ____D C:\WINDOWS\Branding
2015-12-08 16:37 - 2015-12-08 16:37 - 00000000 ____D C:\WINDOWS\appcompat
2015-12-08 16:37 - 2015-12-08 16:37 - 00000000 ____D C:\WINDOWS\addins
2015-12-08 16:37 - 2015-12-08 16:37 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2015-12-08 16:37 - 2015-12-08 16:37 - 00000000 ____D C:\ProgramData\Comms
2015-12-08 16:37 - 2015-12-08 16:37 - 00000000 ____D C:\Program Files\Windows Portable Devices
2015-12-08 16:37 - 2015-12-08 16:37 - 00000000 ____D C:\Program Files\Windows Multimedia Platform
2015-12-08 16:37 - 2015-12-08 16:37 - 00000000 ____D C:\Program Files\Common Files\Services
2015-12-08 16:37 - 2015-12-08 16:37 - 00000000 ____D C:\Program Files (x86)\Windows Portable Devices
2015-12-08 16:37 - 2015-12-08 16:37 - 00000000 ____D C:\Program Files (x86)\Windows NT
2015-12-08 16:37 - 2015-12-08 16:37 - 00000000 ____D C:\Program Files (x86)\Windows Multimedia Platform
2015-12-08 16:37 - 2015-12-08 16:35 - 00000219 _____ C:\WINDOWS\system.ini
2015-12-08 16:37 - 2015-12-08 16:35 - 00000092 _____ C:\WINDOWS\win.ini
2015-12-08 16:36 - 2015-12-18 16:09 - 00000000 ____D C:\WINDOWS\INF
2015-12-08 16:25 - 2015-12-08 20:13 - 00000000 ____D C:\WINDOWS\CbsTemp
2015-12-08 16:23 - 2015-12-18 16:04 - 00262144 ___SH C:\WINDOWS\system32\config\BBI
2015-12-08 16:23 - 2015-12-08 17:10 - 00032768 ___SH C:\WINDOWS\system32\config\ELAM
2015-12-08 16:23 - 2015-12-08 16:42 - 00000000 ____D C:\WINDOWS\servicing
2015-12-08 16:23 - 2015-12-08 16:37 - 00000000 ____D C:\WINDOWS\system32\SMI
2015-12-08 16:23 - 2015-07-10 10:11 - 00000164 _____ C:\WINDOWS\system32\config\FP
2015-12-08 16:06 - 2015-12-08 16:54 - 00000000 ___HD C:\$SysReset
==================== Ein Monat: Geänderte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2015-12-08 20:40 - 2015-10-30 20:27 - 00000000 ___HD C:\$WINDOWS.~BT
2015-12-08 17:48 - 2014-04-16 09:02 - 00245256 _____ (Creative Technology Limited) C:\WINDOWS\system32\AFXCo64.dll
2015-12-08 17:48 - 2014-04-16 09:02 - 00035320 _____ (Creative Technology Ltd.) C:\WINDOWS\system32\Drivers\afxfilt.sys
2015-12-08 17:42 - 2015-07-31 14:42 - 00034493 _____ C:\WINDOWS\system32\nvinfo.pb
2015-12-08 16:32 - 2015-07-10 11:59 - 00065536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthmodem.sys
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======
2015-12-09 02:04 - 2015-12-09 02:04 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
Einige Dateien in TEMP:
====================
C:\Users\theda\AppData\Local\Temp\avgnt.exe
==================== Bamital & volsnap =================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert
LastRegBack: 2015-12-09 01:55
==================== Ende von FRST.txt ============================
Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:17-12-2015
durchgeführt von theda (2015-12-18 16:16:46)
Gestartet von C:\Users\theda\Downloads
Windows 10 Home (X64) (2015-12-08 16:26:37)
Start-Modus: Normal
==========================================================
==================== Konten: =============================
Administrator (S-1-5-21-1466943259-3680391096-1312351822-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1466943259-3680391096-1312351822-503 - Limited - Disabled)
Gast (S-1-5-21-1466943259-3680391096-1312351822-501 - Limited - Disabled)
theda (S-1-5-21-1466943259-3680391096-1312351822-1001 - Administrator - Enabled) => C:\Users\theda
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: Avira Antivirus (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avira Antivirus (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
Anno 2070 (HKLM-x32\...\Uplay Install 22) (Version: - Ubisoft)
Anno 2205 (HKLM-x32\...\Uplay Install 1253) (Version: - Ubisoft)
Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.15.129 - Avira Operations GmbH & Co. KG)
Avira Launcher (HKLM-x32\...\{d0e166af-1634-4c0b-ae96-2180e61f9d38}) (Version: 1.1.52.15531 - Avira Operations GmbH & Co. KG)
Avira Launcher (x32 Version: 1.1.52.15531 - Avira Operations GmbH & Co. KG) Hidden
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
ETDWare PS/2-X64 8.0.5.7_WHQL (HKLM\...\Elantech) (Version: 8.0.5.7 - ELAN Microelectronic Corp.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 47.0.2526.106 - Google Inc.)
Google Update Helper (x32 Version: 1.3.29.1 - Google Inc.) Hidden
League of Legends (HKLM-x32\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games )
League of Legends (x32 Version: 3.0.1 - Riot Games ) Hidden
Malwarebytes Anti-Malware Version 2.2.0.1024 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.0.1024 - Malwarebytes)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Minecraft (HKLM-x32\...\{1C16BCA3-EBC1-49F6-8623-8FBFB9CCC872}) (Version: 1.0.3.0 - Mojang)
NVIDIA 3D Vision Treiber 358.91 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 358.91 - NVIDIA Corporation)
NVIDIA Grafiktreiber 358.91 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 358.91 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.34.4 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.4 - NVIDIA Corporation)
NVIDIA Update 10.4.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 10.4.0 - NVIDIA Corporation)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7535 - Realtek Semiconductor Corp.)
Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 7.5.0.9082 - Microsoft Corporation)
Skype™ 7.16 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.16.101 - Skype Technologies S.A.)
Spotify (HKU\S-1-5-21-1466943259-3680391096-1312351822-1001\...\Spotify) (Version: 1.0.20.94.g8f8543b3 - Spotify AB)
TeamSpeak 3 Client (HKU\S-1-5-21-1466943259-3680391096-1312351822-1001\...\TeamSpeak 3 Client) (Version: 3.0.18 - TeamSpeak Systems GmbH)
Uplay (HKLM-x32\...\Uplay) (Version: 14.0 - Ubisoft)
World of Warcraft (HKLM-x32\...\World of Warcraft) (Version: - Blizzard Entertainment)
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
CustomCLSID: HKU\S-1-5-21-1466943259-3680391096-1312351822-1001_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\theda\AppData\Local\Microsoft\OneDrive\17.3.6281.1202\FileCoAuth.exe (Microsoft Corporation)
==================== Wiederherstellungspunkte =========================
==================== Hosts Inhalt: ===============================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2015-12-08 16:38 - 2015-12-08 16:36 - 00000824 ____N C:\WINDOWS\system32\Drivers\etc\hosts
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {13131757-2B0B-4C14-AAF4-F4D5115D60F6} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-12-08] (Google Inc.)
Task: {82469CC0-2117-4E64-8E92-490E0E88618E} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-12-08] (Google Inc.)
Task: {BFA1620D-19B7-47F5-9C5C-0B2CD80BBDC3} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2015-11-23] (Microsoft Corporation)
Task: {F2BAE32D-325D-41E2-93FB-BE210E74BE88} - System32\Tasks\Games\UpdateCheck_S-1-5-21-1466943259-3680391096-1312351822-1001
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Verknüpfungen =============================
(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)
==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
2015-07-10 12:00 - 2015-07-10 12:00 - 00028160 _____ () C:\WINDOWS\SYSTEM32\efsext.dll
2015-07-31 11:23 - 2015-07-31 11:23 - 00032768 _____ () C:\WINDOWS\SYSTEM32\licensemanagerapi.dll
2015-12-08 17:33 - 2015-11-05 16:08 - 00116344 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2015-08-19 01:43 - 2015-08-11 10:13 - 00413184 _____ () C:\WINDOWS\System32\diagtrack_win.dll
2015-12-09 02:03 - 2014-01-28 04:16 - 00936728 _____ () C:\Program Files (x86)\ASUS\AXSP\1.02.00\atkexComSvc.exe
2015-10-01 06:51 - 2015-09-17 07:48 - 02494712 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2015-10-01 06:51 - 2015-09-17 07:48 - 02494712 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
2015-10-01 06:50 - 2015-09-17 06:48 - 00429056 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll
2015-07-10 11:59 - 2015-07-10 11:59 - 00143360 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\XamlTileRendering.dll
2015-12-08 20:08 - 2015-11-25 05:20 - 06569472 _____ () C:\WINDOWS\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2015-12-08 20:07 - 2015-11-25 05:17 - 00471040 _____ () C:\WINDOWS\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2015-12-08 20:08 - 2015-11-25 05:17 - 01808384 _____ () C:\WINDOWS\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2015-10-01 06:51 - 2015-09-17 06:43 - 02274816 _____ () C:\WINDOWS\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2015-07-10 12:00 - 2015-07-10 17:45 - 00210432 _____ () C:\WINDOWS\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.ProxyStub.dll
2015-08-19 01:43 - 2015-08-11 10:10 - 00293376 _____ () C:\WINDOWS\SYSTEM32\textinputframework.dll
2015-12-09 02:03 - 2015-12-18 16:05 - 00028672 _____ () C:\Program Files (x86)\ASUS\AXSP\1.02.00\PEbiosinterface32.dll
2015-12-09 02:03 - 2014-01-28 04:16 - 00104448 _____ () C:\Program Files (x86)\ASUS\AXSP\1.02.00\ATKEX.dll
2015-11-25 20:18 - 2015-11-25 20:18 - 00147136 ____R () C:\Program Files (x86)\Skype\Phone\ssScreenVVS2.dll
2015-12-16 20:56 - 2015-12-11 04:54 - 01583432 _____ () C:\Program Files (x86)\Google\Chrome\Application\47.0.2526.106\libglesv2.dll
2015-12-16 20:56 - 2015-12-11 04:54 - 00081224 _____ () C:\Program Files (x86)\Google\Chrome\Application\47.0.2526.106\libegl.dll
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
==================== Andere Bereiche ============================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-1466943259-3680391096-1312351822-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\theda\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\img13.jpg
DNS Servers: 192.168.178.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{4CD61AAF-C1B3-436E-880C-0970BEB135D7}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [TCP Query User{F8D70286-387A-4410-9EE8-ACA74EABF8F5}C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [UDP Query User{A1E864CE-29CC-46E6-A106-7EC8E4FDD65C}C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [{D2D62558-AA5D-4562-977C-FE4E240669C0}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Anno 2070\Anno5.exe
FirewallRules: [{B770EEAA-E2A9-40D1-B663-DFCEEFCFDA1E}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Anno 2070\Anno5.exe
FirewallRules: [TCP Query User{52A7D8B8-7579-4935-8870-E3C3856DAE31}C:\users\theda\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\theda\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{12B18C7A-A5F0-4CCC-B42E-E31EEEAFAF82}C:\users\theda\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\theda\appdata\roaming\spotify\spotify.exe
FirewallRules: [{6F229FD0-861E-4F6C-A6E3-5BA32F7B2E89}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Anno 2205\Bin\Win64\Anno2205.exe
FirewallRules: [{4986B159-8C3E-4319-9B86-075D54E67CE2}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Fehlerhafte Geräte im Gerätemanager =============
==================== Fehlereinträge in der Ereignisanzeige: =========================
Applikationsfehler:
==================
Error: (12/16/2015 07:08:16 PM) (Source: ESENT) (EventID: 413) (User: )
Description: SettingSyncHost (4604) Es konnte keine neue Protokolldatei erstellt werden, weil die Datenbank nicht auf das Protokolllaufwerk schreiben kann. Das Laufwerk ist möglicherweise schreibgeschützt, falsch konfiguriert, beschädigt oder hat zu wenig freien Speicherplatz. Fehler -1032.
Error: (12/16/2015 07:08:16 PM) (Source: ESENT) (EventID: 488) (User: )
Description: SettingSyncHost (4604) Der Versuch, die Datei "C:\WINDOWS\system32\edbtmp.log" zu erstellen, ist mit Systemfehler 5 (0x00000005): "Zugriff verweigert " fehlgeschlagen. Fehler -1032 (0xfffffbf8) beim Erstellen von Dateien.
Error: (12/16/2015 07:08:05 PM) (Source: ESENT) (EventID: 413) (User: )
Description: SettingSyncHost (4604) Es konnte keine neue Protokolldatei erstellt werden, weil die Datenbank nicht auf das Protokolllaufwerk schreiben kann. Das Laufwerk ist möglicherweise schreibgeschützt, falsch konfiguriert, beschädigt oder hat zu wenig freien Speicherplatz. Fehler -1032.
Error: (12/16/2015 07:08:05 PM) (Source: ESENT) (EventID: 488) (User: )
Description: SettingSyncHost (4604) Der Versuch, die Datei "C:\WINDOWS\system32\edbtmp.log" zu erstellen, ist mit Systemfehler 5 (0x00000005): "Zugriff verweigert " fehlgeschlagen. Fehler -1032 (0xfffffbf8) beim Erstellen von Dateien.
Error: (12/16/2015 07:07:54 PM) (Source: ESENT) (EventID: 413) (User: )
Description: SettingSyncHost (4604) Es konnte keine neue Protokolldatei erstellt werden, weil die Datenbank nicht auf das Protokolllaufwerk schreiben kann. Das Laufwerk ist möglicherweise schreibgeschützt, falsch konfiguriert, beschädigt oder hat zu wenig freien Speicherplatz. Fehler -1032.
Error: (12/16/2015 07:07:54 PM) (Source: ESENT) (EventID: 488) (User: )
Description: SettingSyncHost (4604) Der Versuch, die Datei "C:\WINDOWS\system32\edbtmp.log" zu erstellen, ist mit Systemfehler 5 (0x00000005): "Zugriff verweigert " fehlgeschlagen. Fehler -1032 (0xfffffbf8) beim Erstellen von Dateien.
Error: (12/16/2015 07:07:43 PM) (Source: ESENT) (EventID: 413) (User: )
Description: SettingSyncHost (4604) Es konnte keine neue Protokolldatei erstellt werden, weil die Datenbank nicht auf das Protokolllaufwerk schreiben kann. Das Laufwerk ist möglicherweise schreibgeschützt, falsch konfiguriert, beschädigt oder hat zu wenig freien Speicherplatz. Fehler -1032.
Error: (12/16/2015 07:07:43 PM) (Source: ESENT) (EventID: 488) (User: )
Description: SettingSyncHost (4604) Der Versuch, die Datei "C:\WINDOWS\system32\edbtmp.log" zu erstellen, ist mit Systemfehler 5 (0x00000005): "Zugriff verweigert " fehlgeschlagen. Fehler -1032 (0xfffffbf8) beim Erstellen von Dateien.
Error: (12/16/2015 07:07:32 PM) (Source: ESENT) (EventID: 413) (User: )
Description: SettingSyncHost (4604) Es konnte keine neue Protokolldatei erstellt werden, weil die Datenbank nicht auf das Protokolllaufwerk schreiben kann. Das Laufwerk ist möglicherweise schreibgeschützt, falsch konfiguriert, beschädigt oder hat zu wenig freien Speicherplatz. Fehler -1032.
Error: (12/16/2015 07:07:32 PM) (Source: ESENT) (EventID: 488) (User: )
Description: SettingSyncHost (4604) Der Versuch, die Datei "C:\WINDOWS\system32\edbtmp.log" zu erstellen, ist mit Systemfehler 5 (0x00000005): "Zugriff verweigert " fehlgeschlagen. Fehler -1032 (0xfffffbf8) beim Erstellen von Dateien.
Systemfehler:
=============
Error: (12/18/2015 04:09:06 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalAktivierung{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT-AUTORITÄTLokaler DienstS-1-5-19LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar
Error: (12/18/2015 04:09:06 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalAktivierung{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT-AUTORITÄTLokaler DienstS-1-5-19LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar
Error: (12/18/2015 04:09:05 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalAktivierung{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT-AUTORITÄTLokaler DienstS-1-5-19LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar
Error: (12/18/2015 04:09:04 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalAktivierung{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT-AUTORITÄTLokaler DienstS-1-5-19LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar
Error: (12/18/2015 04:09:03 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalAktivierung{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT-AUTORITÄTLokaler DienstS-1-5-19LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar
Error: (12/18/2015 04:09:03 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalAktivierung{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT-AUTORITÄTLokaler DienstS-1-5-19LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar
Error: (12/18/2015 04:09:02 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalAktivierung{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT-AUTORITÄTLokaler DienstS-1-5-19LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar
Error: (12/18/2015 04:09:01 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalAktivierung{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT-AUTORITÄTLokaler DienstS-1-5-19LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar
Error: (12/18/2015 04:09:01 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalAktivierung{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT-AUTORITÄTLokaler DienstS-1-5-19LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar
Error: (12/18/2015 04:09:00 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalAktivierung{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT-AUTORITÄTLokaler DienstS-1-5-19LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar
==================== Speicherinformationen ===========================
Prozessor: Intel(R) Core(TM) i5-4440 CPU @ 3.10GHz
Prozentuale Nutzung des RAM: 28%
Installierter physikalischer RAM: 8135.34 MB
Verfügbarer physikalischer RAM: 5834.23 MB
Summe virtueller Speicher: 9991.34 MB
Verfügbarer virtueller Speicher: 7279.29 MB
==================== Laufwerke ================================
Drive c: () (Fixed) (Total:930.56 GB) (Free:841.33 GB) NTFS
==================== MBR & Partitionstabelle ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 00000000)
Partition: GPT.
==================== Ende von Addition.txt ============================
|
|
18.12.2015, 18:34
| #2 |
| /// Malwareteam  | Win10: googel chrome und skype watch4 werbung und unseriöse andere werbung Mein Name ist Dennis und ich werde dir bei der Bereinigung helfen. Bitte beachte, dass es ein paar Regeln gibt:
Die FRST.txt ist nicht vollständig gepostet, bitte die ganze posten.
__________________ |
|
18.12.2015, 18:45
| #3 |
| | Win10: googel chrome und skype watch4 werbung und unseriöse andere werbung ups das tut mir leid hoffe das alles jetzt da ist
__________________Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:17-12-2015 durchgeführt von theda (Administrator) auf DESKTOP-4AC1IMP (18-12-2015 16:15:54) Gestartet von C:\Users\theda\Downloads Geladene Profile: theda (Verfügbare Profile: theda) Platform: Windows 10 Home (X64) Sprache: Deutsch (Deutschland) Internet Explorer Version 11 (Standard-Browser: Chrome) Start-Modus: Normal Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Prozesse (Nicht auf der Ausnahmeliste) ================= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.) (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\sched.exe () C:\Program Files (x86)\ASUS\AXSP\1.02.00\atkexComSvc.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avguard.exe (Malwarebytes) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe (Malwarebytes) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe (Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe (Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avshadow.exe (Malwarebytes) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe (ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe (Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe (Spotify Ltd) C:\Users\theda\AppData\Roaming\Spotify\SpotifyWebHelper.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avgnt.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.6515.64021.0_x64__8wekyb3d8bbwe\HxMail.exe (Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.6515.64021.0_x64__8wekyb3d8bbwe\HxTsr.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe ==================== Registry (Nicht auf der Ausnahmeliste) =========================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.) HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [2598696 2012-02-29] (ELAN Microelectronics Corp.) HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8492800 2015-06-24] (Realtek Semiconductor) HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [1795728 2015-12-08] (NVIDIA Corporation) HKLM-x32\...\Run: [Avira SystrayStartTrigger] => C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe [66320 2015-11-23] (Avira Operations GmbH & Co. KG) HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\Antivirus\avgnt.exe [803200 2015-11-20] (Avira Operations GmbH & Co. KG) HKU\S-1-5-21-1466943259-3680391096-1312351822-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [50748544 2015-12-01] (Skype Technologies S.A.) HKU\S-1-5-21-1466943259-3680391096-1312351822-1001\...\Run: [Spotify Web Helper] => C:\Users\theda\AppData\Roaming\Spotify\SpotifyWebHelper.exe [2346096 2015-12-15] (Spotify Ltd) HKU\S-1-5-21-1466943259-3680391096-1312351822-1001\...\Run: [Spotify] => C:\Users\theda\AppData\Roaming\Spotify\Spotify.exe [8387696 2015-12-15] (Spotify Ltd) ==================== Internet (Nicht auf der Ausnahmeliste) ==================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.) Tcpip\Parameters: [DhcpNameServer] 192.168.178.1 Tcpip\..\Interfaces\{97b9f7da-ebcb-4a32-a7cb-9456e797d549}: [DhcpNameServer] 192.168.178.1 Internet Explorer: ================== BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-10-12] (Microsoft Corporation) BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-10-12] (Microsoft Corporation) Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-10-12] (Microsoft Corporation) Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-10-12] (Microsoft Corporation) FireFox: ======== FF ProfilePath: C:\Users\theda\AppData\Roaming\Mozilla\Firefox\Profiles\ZlNLRcpM.default FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-11-05] (NVIDIA Corporation) FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-11-05] (NVIDIA Corporation) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-08] (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-08] (Google Inc.) FF Extension: Avira Browser Safety - C:\Users\theda\AppData\Roaming\Mozilla\Firefox\Profiles\ZlNLRcpM.default\Extensions\abs@avira.com [2015-12-08] [ist nicht signiert] Chrome: ======= CHR Profile: C:\Users\theda\AppData\Local\Google\Chrome\User Data\Default CHR Extension: (Google Präsentationen) - C:\Users\theda\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-12-08] CHR Extension: (Google Docs) - C:\Users\theda\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-12-08] CHR Extension: (Google Drive) - C:\Users\theda\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-12-08] CHR Extension: (YouTube) - C:\Users\theda\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-12-08] CHR Extension: (Google-Suche) - C:\Users\theda\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-12-08] CHR Extension: (Google Tabellen) - C:\Users\theda\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-12-08] CHR Extension: (Avira Browserschutz) - C:\Users\theda\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2015-12-15] CHR Extension: (Google Docs Offline) - C:\Users\theda\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-12-08] CHR Extension: (AdBlock) - C:\Users\theda\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2015-12-08] CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\theda\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-12-08] CHR Extension: (Google Mail) - C:\Users\theda\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-12-08] CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx ==================== Dienste (Nicht auf der Ausnahmeliste) ======================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) R2 AntiVirMailService; C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe [948392 2015-11-20] (Avira Operations GmbH & Co. KG) R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\Antivirus\sched.exe [466408 2015-11-20] (Avira Operations GmbH & Co. KG) R2 AntiVirService; C:\Program Files (x86)\Avira\Antivirus\avguard.exe [466408 2015-11-20] (Avira Operations GmbH & Co. KG) R2 AntiVirWebService; C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe [1418560 2015-11-20] (Avira Operations GmbH & Co. KG) R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\1.02.00\atkexComSvc.exe [936728 2014-01-28] () R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [249624 2015-11-23] (Avira Operations GmbH & Co. KG) R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1433216 2015-10-12] (Microsoft Corporation) R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1773696 2015-10-12] (Microsoft Corporation) R2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1513784 2015-10-05] (Malwarebytes) R2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1135416 2015-10-05] (Malwarebytes) S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [362928 2015-07-10] (Microsoft Corporation) S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-07-10] (Microsoft Corporation) ===================== Treiber (Nicht auf der Ausnahmeliste) ========================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) R3 AFXfilt; C:\Windows\system32\drivers\AFXfilt.sys [35320 2015-12-08] (Creative Technology Ltd.) R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [15232 2014-01-28] () R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [135880 2015-11-20] (Avira Operations GmbH & Co. KG) R1 avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [146696 2015-11-20] (Avira Operations GmbH & Co. KG) R1 avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [35488 2015-11-20] (Avira Operations GmbH & Co. KG) R2 avnetflt; C:\Windows\system32\DRIVERS\avnetflt.sys [73032 2015-11-20] (Avira Operations GmbH & Co. KG) R3 cthdb; C:\Windows\system32\DRIVERS\cthdb.sys [37160 2015-06-19] (Creative Technology Ltd) S3 EsgScanner; C:\Windows\System32\DRIVERS\EsgScanner.sys [22704 2015-12-18] () R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25816 2015-10-05] (Malwarebytes) R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [192216 2015-12-18] (Malwarebytes) R3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [64216 2015-10-05] (Malwarebytes Corporation) R3 MEIx64; C:\Windows\System32\drivers\TeeDriverx64.sys [129312 2014-09-30] (Intel Corporation) R3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [888064 2015-12-08] (Realtek ) S3 UdeCx; C:\Windows\System32\drivers\udecx.sys [44032 2015-07-10] () S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44568 2015-07-10] (Microsoft Corporation) S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [291680 2015-07-10] (Microsoft Corporation) S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [119648 2015-07-10] (Microsoft Corporation) S3 wfpcapture; \SystemRoot\System32\drivers\wfpcapture.sys [X] ==================== NetSvcs (Nicht auf der Ausnahmeliste) =================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) ==================== Ein Monat: Erstellte Dateien und Ordner ======== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.) 2015-12-18 16:15 - 2015-12-18 16:16 - 00013019 _____ C:\Users\theda\Downloads\FRST.txt 2015-12-18 16:15 - 2015-12-18 16:15 - 02370048 _____ (Farbar) C:\Users\theda\Downloads\FRST64.exe 2015-12-18 16:15 - 2015-12-18 16:15 - 01721344 _____ (Farbar) C:\Users\theda\Downloads\FRST.exe 2015-12-18 16:15 - 2015-12-18 16:15 - 00000000 ____D C:\FRST 2015-12-18 16:07 - 2015-12-18 16:07 - 01466656 _____ C:\Users\theda\Downloads\Revo Uninstaller - CHIP-Installer.exe 2015-12-18 16:07 - 2015-12-18 16:07 - 00002209 _____ C:\Users\theda\Desktop\Revo Uninstaller - CHIP Downloader.lnk 2015-12-18 16:06 - 2015-12-18 16:06 - 00000000 ___HD C:\OneDriveTemp 2015-12-18 16:05 - 2015-12-18 16:05 - 00016148 _____ C:\WINDOWS\system32\DESKTOP-4AC1IMP_theda_HistoryPrediction.bin 2015-12-18 15:35 - 2015-12-18 15:35 - 00000000 _____ C:\autoexec.bat 2015-12-18 15:34 - 2015-12-18 15:34 - 03286400 _____ (Enigma Software Group USA, LLC.) C:\Users\theda\Downloads\SpyHunter-Installer.exe 2015-12-18 15:34 - 2015-12-18 15:34 - 00022704 _____ C:\WINDOWS\system32\Drivers\EsgScanner.sys 2015-12-18 15:29 - 2015-12-18 15:29 - 00000000 ____D C:\AdwCleaner 2015-12-18 15:28 - 2015-12-18 15:28 - 01740288 _____ C:\Users\theda\Downloads\adwcleaner_5.025.exe 2015-12-16 04:20 - 2015-12-16 04:21 - 00000000 ____D C:\Users\theda\OneDrive\Dokumente\Anno 2205 2015-12-14 05:35 - 2015-12-18 16:06 - 00000000 ____D C:\Users\theda\AppData\Roaming\Spotify 2015-12-14 05:35 - 2015-12-18 16:06 - 00000000 ____D C:\Users\theda\AppData\Local\Spotify 2015-12-14 05:35 - 2015-12-14 05:35 - 00234200 _____ (Spotify Ltd) C:\Users\theda\Downloads\SpotifySetup.exe 2015-12-14 05:35 - 2015-12-14 05:35 - 00001850 _____ C:\Users\theda\Desktop\Spotify.lnk 2015-12-14 05:35 - 2015-12-14 05:35 - 00001836 _____ C:\Users\theda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Spotify.lnk 2015-12-11 23:25 - 2015-12-11 23:25 - 00000000 ____D C:\Users\theda\OneDrive\Dokumente\ANNO 2070 2015-12-11 23:21 - 2015-12-11 23:21 - 00000000 ____D C:\ProgramData\Solidshield 2015-12-11 22:49 - 2015-12-11 22:49 - 00000000 ____D C:\WINDOWS\System32\Tasks\Games 2015-12-11 22:36 - 2015-12-11 22:36 - 00000000 ____D C:\Users\theda\AppData\Roaming\Ubisoft 2015-12-11 22:35 - 2010-06-02 04:55 - 00527192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_7.dll 2015-12-11 22:35 - 2010-06-02 04:55 - 00518488 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_7.dll 2015-12-11 22:35 - 2010-06-02 04:55 - 00239960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_7.dll 2015-12-11 22:35 - 2010-06-02 04:55 - 00176984 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_7.dll 2015-12-11 22:35 - 2010-06-02 04:55 - 00077656 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAPOFX1_5.dll 2015-12-11 22:35 - 2010-06-02 04:55 - 00074072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAPOFX1_5.dll 2015-12-11 22:35 - 2010-05-26 11:41 - 02526056 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_43.dll 2015-12-11 22:35 - 2010-05-26 11:41 - 02401112 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_43.dll 2015-12-11 22:35 - 2010-05-26 11:41 - 02106216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_43.dll 2015-12-11 22:35 - 2010-05-26 11:41 - 01998168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_43.dll 2015-12-11 22:35 - 2010-05-26 11:41 - 01907552 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dcsx_43.dll 2015-12-11 22:35 - 2010-05-26 11:41 - 01868128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dcsx_43.dll 2015-12-11 22:35 - 2010-05-26 11:41 - 00511328 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_43.dll 2015-12-11 22:35 - 2010-05-26 11:41 - 00470880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_43.dll 2015-12-11 22:35 - 2010-05-26 11:41 - 00276832 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx11_43.dll 2015-12-11 22:35 - 2010-05-26 11:41 - 00248672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx11_43.dll 2015-12-11 22:35 - 2010-02-04 10:01 - 00530776 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_6.dll 2015-12-11 22:35 - 2010-02-04 10:01 - 00528216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_6.dll 2015-12-11 22:35 - 2010-02-04 10:01 - 00238936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_6.dll 2015-12-11 22:35 - 2010-02-04 10:01 - 00176984 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_6.dll 2015-12-11 22:35 - 2010-02-04 10:01 - 00078680 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAPOFX1_4.dll 2015-12-11 22:35 - 2010-02-04 10:01 - 00074072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAPOFX1_4.dll 2015-12-11 22:35 - 2010-02-04 10:01 - 00024920 _____ (Microsoft Corporation) C:\WINDOWS\system32\X3DAudio1_7.dll 2015-12-11 22:35 - 2010-02-04 10:01 - 00022360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\X3DAudio1_7.dll 2015-12-11 22:35 - 2009-09-04 17:44 - 00517960 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_5.dll 2015-12-11 22:35 - 2009-09-04 17:44 - 00515416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_5.dll 2015-12-11 22:35 - 2009-09-04 17:44 - 00238936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_5.dll 2015-12-11 22:35 - 2009-09-04 17:44 - 00176968 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_5.dll 2015-12-11 22:35 - 2009-09-04 17:44 - 00073544 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAPOFX1_3.dll 2015-12-11 22:35 - 2009-09-04 17:44 - 00069464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAPOFX1_3.dll 2015-12-11 22:35 - 2009-09-04 17:29 - 05554512 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dcsx_42.dll 2015-12-11 22:35 - 2009-09-04 17:29 - 05501792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dcsx_42.dll 2015-12-11 22:35 - 2009-09-04 17:29 - 02582888 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_42.dll 2015-12-11 22:35 - 2009-09-04 17:29 - 02475352 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_42.dll 2015-12-11 22:35 - 2009-09-04 17:29 - 01974616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_42.dll 2015-12-11 22:35 - 2009-09-04 17:29 - 01892184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_42.dll 2015-12-11 22:35 - 2009-09-04 17:29 - 00523088 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_42.dll 2015-12-11 22:35 - 2009-09-04 17:29 - 00453456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_42.dll 2015-12-11 22:35 - 2009-09-04 17:29 - 00285024 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx11_42.dll 2015-12-11 22:35 - 2009-09-04 17:29 - 00235344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx11_42.dll 2015-12-11 22:35 - 2009-03-16 14:18 - 00521560 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_4.dll 2015-12-11 22:35 - 2009-03-16 14:18 - 00517448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_4.dll 2015-12-11 22:35 - 2009-03-16 14:18 - 00235352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_4.dll 2015-12-11 22:35 - 2009-03-16 14:18 - 00174936 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_4.dll 2015-12-11 22:35 - 2009-03-16 14:18 - 00024920 _____ (Microsoft Corporation) C:\WINDOWS\system32\X3DAudio1_6.dll 2015-12-11 22:35 - 2009-03-16 14:18 - 00022360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\X3DAudio1_6.dll 2015-12-11 22:35 - 2009-03-09 15:27 - 05425496 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_41.dll 2015-12-11 22:35 - 2009-03-09 15:27 - 04178264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_41.dll 2015-12-11 22:35 - 2009-03-09 15:27 - 02430312 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_41.dll 2015-12-11 22:35 - 2009-03-09 15:27 - 01846632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_41.dll 2015-12-11 22:35 - 2009-03-09 15:27 - 00520544 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_41.dll 2015-12-11 22:35 - 2009-03-09 15:27 - 00453456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_41.dll 2015-12-11 22:35 - 2008-10-27 10:04 - 00518480 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_3.dll 2015-12-11 22:35 - 2008-10-27 10:04 - 00514384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_3.dll 2015-12-11 22:35 - 2008-10-27 10:04 - 00235856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_3.dll 2015-12-11 22:35 - 2008-10-27 10:04 - 00175440 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_3.dll 2015-12-11 22:35 - 2008-10-27 10:04 - 00074576 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAPOFX1_2.dll 2015-12-11 22:35 - 2008-10-27 10:04 - 00070992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAPOFX1_2.dll 2015-12-11 22:35 - 2008-10-27 10:04 - 00025936 _____ (Microsoft Corporation) C:\WINDOWS\system32\X3DAudio1_5.dll 2015-12-11 22:35 - 2008-10-27 10:04 - 00023376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\X3DAudio1_5.dll 2015-12-11 22:35 - 2008-10-15 06:22 - 05631312 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_40.dll 2015-12-11 22:35 - 2008-10-15 06:22 - 04379984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_40.dll 2015-12-11 22:35 - 2008-10-15 06:22 - 02605920 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_40.dll 2015-12-11 22:35 - 2008-10-15 06:22 - 02036576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_40.dll 2015-12-11 22:35 - 2008-10-15 06:22 - 00519000 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_40.dll 2015-12-11 22:35 - 2008-10-15 06:22 - 00452440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_40.dll 2015-12-11 22:35 - 2008-07-31 10:41 - 00238088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_2.dll 2015-12-11 22:35 - 2008-07-31 10:41 - 00177672 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_2.dll 2015-12-11 22:35 - 2008-07-31 10:41 - 00072200 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAPOFX1_1.dll 2015-12-11 22:35 - 2008-07-31 10:40 - 00513544 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_2.dll 2015-12-11 22:35 - 2008-07-10 11:00 - 04992520 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_39.dll 2015-12-11 22:35 - 2008-07-10 11:00 - 01942552 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_39.dll 2015-12-11 22:35 - 2008-07-10 11:00 - 00540688 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_39.dll 2015-12-11 22:35 - 2008-05-30 14:19 - 00511496 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_1.dll 2015-12-11 22:35 - 2008-05-30 14:19 - 00507400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_1.dll 2015-12-11 22:35 - 2008-05-30 14:18 - 00238088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_1.dll 2015-12-11 22:35 - 2008-05-30 14:18 - 00177672 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_1.dll 2015-12-11 22:35 - 2008-05-30 14:17 - 00068104 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAPOFX1_0.dll 2015-12-11 22:35 - 2008-05-30 14:17 - 00065032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAPOFX1_0.dll 2015-12-11 22:35 - 2008-05-30 14:17 - 00025608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\X3DAudio1_4.dll 2015-12-11 22:35 - 2008-05-30 14:16 - 00028168 _____ (Microsoft Corporation) C:\WINDOWS\system32\X3DAudio1_4.dll 2015-12-11 22:35 - 2008-05-30 14:11 - 04991496 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_38.dll 2015-12-11 22:35 - 2008-05-30 14:11 - 03850760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_38.dll 2015-12-11 22:35 - 2008-05-30 14:11 - 01941528 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_38.dll 2015-12-11 22:35 - 2008-05-30 14:11 - 01491992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_38.dll 2015-12-11 22:35 - 2008-05-30 14:11 - 00540688 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_38.dll 2015-12-11 22:35 - 2008-05-30 14:11 - 00467984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_38.dll 2015-12-11 22:35 - 2008-03-05 16:04 - 00489480 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_0.dll 2015-12-11 22:35 - 2008-03-05 16:03 - 00479752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_0.dll 2015-12-11 22:35 - 2008-03-05 16:03 - 00238088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_0.dll 2015-12-11 22:35 - 2008-03-05 16:03 - 00177672 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_0.dll 2015-12-11 22:35 - 2008-03-05 16:00 - 00028168 _____ (Microsoft Corporation) C:\WINDOWS\system32\X3DAudio1_3.dll 2015-12-11 22:35 - 2008-03-05 16:00 - 00025608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\X3DAudio1_3.dll 2015-12-11 22:35 - 2008-03-05 15:56 - 04910088 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_37.dll 2015-12-11 22:35 - 2008-03-05 15:56 - 03786760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_37.dll 2015-12-11 22:35 - 2008-03-05 15:56 - 01860120 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_37.dll 2015-12-11 22:35 - 2008-03-05 15:56 - 01420824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_37.dll 2015-12-11 22:35 - 2008-02-05 23:07 - 00529424 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_37.dll 2015-12-11 22:35 - 2008-02-05 23:07 - 00462864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_37.dll 2015-12-11 22:34 - 2007-10-22 03:40 - 00411656 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_10.dll 2015-12-11 22:34 - 2007-10-22 03:39 - 00267272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_10.dll 2015-12-11 22:34 - 2007-10-22 03:37 - 00021000 _____ (Microsoft Corporation) C:\WINDOWS\system32\X3DAudio1_2.dll 2015-12-11 22:34 - 2007-10-22 03:37 - 00017928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\X3DAudio1_2.dll 2015-12-11 22:34 - 2007-10-12 15:14 - 05081608 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_36.dll 2015-12-11 22:34 - 2007-10-12 15:14 - 03734536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_36.dll 2015-12-11 22:34 - 2007-10-12 15:14 - 02006552 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_36.dll 2015-12-11 22:34 - 2007-10-12 15:14 - 01374232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_36.dll 2015-12-11 22:34 - 2007-10-02 09:56 - 00508264 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_36.dll 2015-12-11 22:34 - 2007-10-02 09:56 - 00444776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_36.dll 2015-12-11 22:34 - 2007-07-20 00:57 - 00411496 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_9.dll 2015-12-11 22:34 - 2007-07-20 00:57 - 00267112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_9.dll 2015-12-11 22:34 - 2007-07-19 18:14 - 05073256 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_35.dll 2015-12-11 22:34 - 2007-07-19 18:14 - 03727720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_35.dll 2015-12-11 22:34 - 2007-07-19 18:14 - 01985904 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_35.dll 2015-12-11 22:34 - 2007-07-19 18:14 - 01358192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_35.dll 2015-12-11 22:34 - 2007-07-19 18:14 - 00508264 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_35.dll 2015-12-11 22:34 - 2007-07-19 18:14 - 00444776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_35.dll 2015-12-11 22:34 - 2007-06-20 20:49 - 00409960 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_8.dll 2015-12-11 22:34 - 2007-06-20 20:46 - 00266088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_8.dll 2015-12-11 22:34 - 2007-05-16 16:45 - 04496232 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_34.dll 2015-12-11 22:34 - 2007-05-16 16:45 - 03497832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_34.dll 2015-12-11 22:34 - 2007-05-16 16:45 - 01401200 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_34.dll 2015-12-11 22:34 - 2007-05-16 16:45 - 01124720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_34.dll 2015-12-11 22:34 - 2007-05-16 16:45 - 00506728 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_34.dll 2015-12-11 22:34 - 2007-05-16 16:45 - 00443752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_34.dll 2015-12-11 22:34 - 2007-04-04 18:55 - 00403304 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_7.dll 2015-12-11 22:34 - 2007-04-04 18:55 - 00261480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_7.dll 2015-12-11 22:34 - 2007-04-04 18:54 - 00107368 _____ (Microsoft Corporation) C:\WINDOWS\system32\xinput1_3.dll 2015-12-11 22:34 - 2007-04-04 18:53 - 00081768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xinput1_3.dll 2015-12-11 22:34 - 2007-03-15 16:57 - 00506728 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_33.dll 2015-12-11 22:34 - 2007-03-15 16:57 - 00443752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_33.dll 2015-12-11 22:34 - 2007-03-12 16:42 - 04494184 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_33.dll 2015-12-11 22:34 - 2007-03-12 16:42 - 03495784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_33.dll 2015-12-11 22:34 - 2007-03-12 16:42 - 01400176 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_33.dll 2015-12-11 22:34 - 2007-03-12 16:42 - 01123696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_33.dll 2015-12-11 22:34 - 2007-03-05 12:42 - 00017688 _____ (Microsoft Corporation) C:\WINDOWS\system32\x3daudio1_1.dll 2015-12-11 22:34 - 2007-03-05 12:42 - 00015128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\x3daudio1_1.dll 2015-12-11 22:34 - 2007-01-24 15:27 - 00393576 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_6.dll 2015-12-11 22:34 - 2007-01-24 15:27 - 00255848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_6.dll 2015-12-11 22:34 - 2006-12-08 12:02 - 00251672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_5.dll 2015-12-11 22:34 - 2006-12-08 12:00 - 00390424 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_5.dll 2015-12-11 22:34 - 2006-11-29 13:06 - 04398360 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_32.dll 2015-12-11 22:34 - 2006-11-29 13:06 - 03426072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_32.dll 2015-12-11 22:34 - 2006-11-29 13:06 - 00469264 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10.dll 2015-12-11 22:34 - 2006-11-29 13:06 - 00440080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10.dll 2015-12-11 22:34 - 2006-09-28 16:05 - 03977496 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_31.dll 2015-12-11 22:34 - 2006-09-28 16:05 - 02414360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_31.dll 2015-12-11 22:34 - 2006-09-28 16:05 - 00237848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_4.dll 2015-12-11 22:34 - 2006-09-28 16:04 - 00364824 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_4.dll 2015-12-11 22:34 - 2006-07-28 09:31 - 00083736 _____ (Microsoft Corporation) C:\WINDOWS\system32\xinput1_2.dll 2015-12-11 22:34 - 2006-07-28 09:30 - 00363288 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_3.dll 2015-12-11 22:34 - 2006-07-28 09:30 - 00236824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_3.dll 2015-12-11 22:34 - 2006-07-28 09:30 - 00062744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xinput1_2.dll 2015-12-11 22:34 - 2006-05-31 07:24 - 00230168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_2.dll 2015-12-11 22:34 - 2006-05-31 07:22 - 00354072 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_2.dll 2015-12-11 22:34 - 2006-03-31 12:41 - 03927248 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_30.dll 2015-12-11 22:34 - 2006-03-31 12:40 - 02388176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_30.dll 2015-12-11 22:34 - 2006-03-31 12:40 - 00352464 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_1.dll 2015-12-11 22:34 - 2006-03-31 12:39 - 00229584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_1.dll 2015-12-11 22:34 - 2006-03-31 12:39 - 00083664 _____ (Microsoft Corporation) C:\WINDOWS\system32\xinput1_1.dll 2015-12-11 22:34 - 2006-03-31 12:39 - 00062672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xinput1_1.dll 2015-12-11 22:34 - 2006-02-03 08:43 - 03830992 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_29.dll 2015-12-11 22:34 - 2006-02-03 08:43 - 02332368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_29.dll 2015-12-11 22:34 - 2006-02-03 08:42 - 00355536 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_0.dll 2015-12-11 22:34 - 2006-02-03 08:42 - 00230096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_0.dll 2015-12-11 22:34 - 2006-02-03 08:41 - 00016592 _____ (Microsoft Corporation) C:\WINDOWS\system32\x3daudio1_0.dll 2015-12-11 22:34 - 2006-02-03 08:41 - 00014032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\x3daudio1_0.dll 2015-12-11 22:34 - 2005-12-05 18:09 - 03815120 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_28.dll 2015-12-11 22:34 - 2005-12-05 18:09 - 02323664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_28.dll 2015-12-11 22:34 - 2005-07-22 19:59 - 03807440 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_27.dll 2015-12-11 22:34 - 2005-07-22 19:59 - 02319568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_27.dll 2015-12-11 22:34 - 2005-05-26 15:34 - 03767504 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_26.dll 2015-12-11 22:34 - 2005-05-26 15:34 - 02297552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_26.dll 2015-12-11 22:34 - 2005-03-18 17:19 - 03823312 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_25.dll 2015-12-11 22:34 - 2005-03-18 17:19 - 02337488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_25.dll 2015-12-11 22:34 - 2005-02-05 19:45 - 03544272 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_24.dll 2015-12-11 22:34 - 2005-02-05 19:45 - 02222800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_24.dll 2015-12-11 21:58 - 2015-12-11 21:58 - 00000000 ____D C:\Users\theda\AppData\Local\CEF 2015-12-11 21:57 - 2015-12-11 23:06 - 00000000 ____D C:\Users\theda\AppData\Local\Ubisoft Game Launcher 2015-12-11 21:57 - 2015-12-11 21:57 - 66123432 _____ (Ubisoft) C:\Users\theda\Downloads\UplayInstaller.exe 2015-12-11 21:57 - 2015-12-11 21:57 - 00001278 _____ C:\Users\theda\Desktop\Uplay.lnk 2015-12-11 21:57 - 2015-12-11 21:57 - 00000000 ____D C:\Users\theda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ubisoft 2015-12-11 21:57 - 2015-12-11 21:57 - 00000000 ____D C:\Program Files (x86)\Ubisoft 2015-12-10 18:20 - 2015-12-10 18:20 - 00000000 ____D C:\WINDOWS\system32\SleepStudy 2015-12-09 02:09 - 2015-12-18 16:05 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT 2015-12-09 02:09 - 2015-12-09 02:09 - 00000000 _SHDL C:\Users\Default\Vorlagen 2015-12-09 02:09 - 2015-12-09 02:09 - 00000000 _SHDL C:\Users\Default\Startmenü 2015-12-09 02:09 - 2015-12-09 02:09 - 00000000 _SHDL C:\Users\Default\Netzwerkumgebung 2015-12-09 02:09 - 2015-12-09 02:09 - 00000000 _SHDL C:\Users\Default\Lokale Einstellungen 2015-12-09 02:09 - 2015-12-09 02:09 - 00000000 _SHDL C:\Users\Default\Eigene Dateien 2015-12-09 02:09 - 2015-12-09 02:09 - 00000000 _SHDL C:\Users\Default\Druckumgebung 2015-12-09 02:09 - 2015-12-09 02:09 - 00000000 _SHDL C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programme 2015-12-09 02:09 - 2015-12-09 02:09 - 00000000 _SHDL C:\Users\Default\AppData\Local\Verlauf 2015-12-09 02:09 - 2015-12-09 02:09 - 00000000 _SHDL C:\Users\Default\AppData\Local\Anwendungsdaten 2015-12-09 02:09 - 2015-12-09 02:09 - 00000000 _SHDL C:\Users\Default\Anwendungsdaten 2015-12-09 02:09 - 2015-12-09 02:09 - 00000000 _SHDL C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programme 2015-12-09 02:09 - 2015-12-09 02:09 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Verlauf 2015-12-09 02:09 - 2015-12-09 02:09 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Anwendungsdaten 2015-12-09 02:09 - 2015-12-09 02:09 - 00000000 _SHDL C:\Users\Default User 2015-12-09 02:09 - 2015-12-09 02:09 - 00000000 _SHDL C:\Users\All Users 2015-12-09 02:09 - 2015-12-09 02:09 - 00000000 _SHDL C:\Programme 2015-12-09 02:09 - 2015-12-09 02:09 - 00000000 _SHDL C:\ProgramData\Vorlagen 2015-12-09 02:09 - 2015-12-09 02:09 - 00000000 _SHDL C:\ProgramData\Startmenü 2015-12-09 02:09 - 2015-12-09 02:09 - 00000000 _SHDL C:\ProgramData\Microsoft\Windows\Start Menu\Programme 2015-12-09 02:09 - 2015-12-09 02:09 - 00000000 _SHDL C:\ProgramData\Dokumente 2015-12-09 02:09 - 2015-12-09 02:09 - 00000000 _SHDL C:\ProgramData\Anwendungsdaten 2015-12-09 02:09 - 2015-12-09 02:09 - 00000000 _SHDL C:\Program Files\Gemeinsame Dateien 2015-12-09 02:09 - 2015-12-09 02:09 - 00000000 _SHDL C:\Dokumente und Einstellungen 2015-12-09 02:04 - 2015-12-09 02:04 - 00000000 ____H C:\ProgramData\DP45977C.lfl 2015-12-09 02:04 - 2015-12-09 02:04 - 00000000 ____D C:\ProgramData\Creative 2015-12-09 02:03 - 2015-12-09 02:03 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_ASMBSW_01_11_00.Wdf 2015-12-09 02:03 - 2015-12-09 02:03 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_TeeDriverx64_01011.Wdf 2015-12-09 02:03 - 2015-12-09 02:03 - 00000000 ____D C:\WINDOWS\SysWOW64\RTCOM 2015-12-09 02:03 - 2015-12-09 02:03 - 00000000 ____D C:\WINDOWS\system32\DAX2 2015-12-09 02:03 - 2015-12-09 02:03 - 00000000 ____D C:\Program Files\Realtek 2015-12-09 02:03 - 2015-12-09 02:03 - 00000000 ____D C:\Program Files (x86)\ASUS 2015-12-09 02:03 - 2014-01-28 04:16 - 00028672 _____ (ASUSTek Computer Inc.) C:\WINDOWS\SysWOW64\AsIO.dll 2015-12-09 02:03 - 2014-01-28 04:16 - 00015232 _____ C:\WINDOWS\SysWOW64\Drivers\AsIO.sys 2015-12-09 02:00 - 2015-12-08 17:44 - 00000000 ____D C:\ProgramData\NVIDIA Corporation 2015-12-09 02:00 - 2015-12-08 17:33 - 00000000 ____D C:\Program Files\NVIDIA Corporation 2015-12-09 02:00 - 2015-12-08 17:33 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation 2015-12-09 01:55 - 2015-12-09 17:44 - 00189344 _____ C:\WINDOWS\system32\FNTCACHE.DAT 2015-12-09 01:55 - 2015-12-09 01:55 - 00000000 ____D C:\WINDOWS\ServiceProfiles 2015-12-08 22:12 - 2015-12-18 15:24 - 00001137 _____ C:\Users\theda\Desktop\nativelog.txt 2015-12-08 22:11 - 2015-12-08 22:11 - 00000000 ____D C:\Users\theda\AppData\Roaming\NVIDIA 2015-12-08 22:06 - 2015-12-18 14:30 - 00000000 ____D C:\Users\theda\AppData\Roaming\.minecraft 2015-12-08 22:06 - 2015-12-08 22:06 - 00000000 ____D C:\Users\theda\AppData\Roaming\java 2015-12-08 22:02 - 2015-12-08 22:06 - 00000000 ____D C:\Program Files (x86)\Minecraft 2015-12-08 22:02 - 2015-12-08 22:02 - 02314240 _____ C:\Users\theda\Downloads\MinecraftInstaller.msi 2015-12-08 22:02 - 2015-12-08 22:02 - 00001030 _____ C:\Users\Public\Desktop\Minecraft.lnk 2015-12-08 22:02 - 2015-12-08 22:02 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Minecraft 2015-12-08 20:55 - 2015-12-08 20:55 - 00000000 ____D C:\Users\theda\AppData\Local\NetworkTiles 2015-12-08 20:13 - 2015-12-08 20:15 - 00000000 ____D C:\WINDOWS\system32\MRT 2015-12-08 20:13 - 2015-11-23 19:10 - 140158008 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe 2015-12-08 20:08 - 2015-12-01 08:01 - 02115936 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys 2015-12-08 20:08 - 2015-12-01 06:51 - 07523840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll 2015-12-08 20:08 - 2015-12-01 05:59 - 05455360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll 2015-12-08 20:08 - 2015-11-25 06:42 - 04532304 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe 2015-12-08 20:08 - 2015-11-25 06:33 - 03622272 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll 2015-12-08 20:08 - 2015-11-25 06:27 - 01366680 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll 2015-12-08 20:08 - 2015-11-25 06:12 - 04047288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe 2015-12-08 20:08 - 2015-11-25 06:09 - 01310880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll 2015-12-08 20:08 - 2015-11-25 06:01 - 02879024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll 2015-12-08 20:08 - 2015-11-25 05:49 - 01569280 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Globalization.dll 2015-12-08 20:08 - 2015-11-25 05:44 - 21872640 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll 2015-12-08 20:08 - 2015-11-25 05:42 - 24592384 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll 2015-12-08 20:08 - 2015-11-25 05:36 - 01710592 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRHInproc.dll 2015-12-08 20:08 - 2015-11-25 05:35 - 00929792 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRH.dll 2015-12-08 20:08 - 2015-11-25 05:35 - 00845824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Magnify.exe 2015-12-08 20:08 - 2015-11-25 05:34 - 12504576 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll 2015-12-08 20:08 - 2015-11-25 05:31 - 00121344 _____ (Microsoft Corporation) C:\WINDOWS\system32\DAMM.dll 2015-12-08 20:08 - 2015-11-25 05:30 - 00171008 _____ (Microsoft Corporation) C:\WINDOWS\system32\dot3mm.dll 2015-12-08 20:08 - 2015-11-25 05:29 - 01649152 _____ (Microsoft Corporation) C:\WINDOWS\system32\comsvcs.dll 2015-12-08 20:08 - 2015-11-25 05:29 - 00355328 _____ (Microsoft Corporation) C:\WINDOWS\system32\ninput.dll 2015-12-08 20:08 - 2015-11-25 05:28 - 00523776 _____ (Microsoft Corporation) C:\WINDOWS\system32\catsrvut.dll 2015-12-08 20:08 - 2015-11-25 05:27 - 02180608 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll 2015-12-08 20:08 - 2015-11-25 05:25 - 00324096 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvc.dll 2015-12-08 20:08 - 2015-11-25 05:23 - 19323392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll 2015-12-08 20:08 - 2015-11-25 05:23 - 03588096 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys 2015-12-08 20:08 - 2015-11-25 05:23 - 00587776 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieui.dll 2015-12-08 20:08 - 2015-11-25 05:22 - 01717248 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll 2015-12-08 20:08 - 2015-11-25 05:22 - 00603648 _____ (Microsoft Corporation) C:\WINDOWS\system32\duser.dll 2015-12-08 20:08 - 2015-11-25 05:19 - 01795584 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll 2015-12-08 20:08 - 2015-11-25 05:18 - 01233920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Globalization.dll 2015-12-08 20:08 - 2015-11-25 05:17 - 00774656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRH.dll 2015-12-08 20:08 - 2015-11-25 05:16 - 01442816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRHInproc.dll 2015-12-08 20:08 - 2015-11-25 05:16 - 00786432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Magnify.exe 2015-12-08 20:08 - 2015-11-25 05:11 - 00296960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ninput.dll 2015-12-08 20:08 - 2015-11-25 05:10 - 18801664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll 2015-12-08 20:08 - 2015-11-25 05:10 - 01328128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comsvcs.dll 2015-12-08 20:08 - 2015-11-25 05:10 - 00415744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\catsrvut.dll 2015-12-08 20:08 - 2015-11-25 05:05 - 11263488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll 2015-12-08 20:08 - 2015-11-25 05:04 - 01467392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll 2015-12-08 20:08 - 2015-11-25 05:04 - 00480768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\duser.dll 2015-12-08 20:08 - 2015-11-25 05:04 - 00474624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieui.dll 2015-12-08 20:07 - 2015-12-01 07:03 - 00008192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\gpuenergydrv.sys 2015-12-08 20:07 - 2015-12-01 06:54 - 00771072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll 2015-12-08 20:07 - 2015-12-01 06:49 - 04792320 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll 2015-12-08 20:07 - 2015-12-01 06:02 - 03580416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll 2015-12-08 20:07 - 2015-11-25 06:42 - 00168288 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkUXBroker.exe 2015-12-08 20:07 - 2015-11-25 06:41 - 01822280 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll 2015-12-08 20:07 - 2015-11-25 06:40 - 00516448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS 2015-12-08 20:07 - 2015-11-25 06:32 - 00113184 _____ (Microsoft Corporation) C:\WINDOWS\system32\userenv.dll 2015-12-08 20:07 - 2015-11-25 06:11 - 01532984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll 2015-12-08 20:07 - 2015-11-25 05:59 - 00092992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\userenv.dll 2015-12-08 20:07 - 2015-11-25 05:49 - 00498688 _____ (Microsoft Corporation) C:\WINDOWS\system32\WlanMediaManager.dll 2015-12-08 20:07 - 2015-11-25 05:49 - 00467456 _____ (Microsoft Corporation) C:\WINDOWS\system32\MBMediaManager.dll 2015-12-08 20:07 - 2015-11-25 05:49 - 00270336 _____ (Microsoft Corporation) C:\WINDOWS\system32\RasMediaManager.dll 2015-12-08 20:07 - 2015-11-25 05:48 - 00146944 _____ (Microsoft Corporation) C:\WINDOWS\system32\EthernetMediaManager.dll 2015-12-08 20:07 - 2015-11-25 05:48 - 00126464 _____ (Microsoft Corporation) C:\WINDOWS\system32\DAMediaManager.dll 2015-12-08 20:07 - 2015-11-25 05:37 - 02350592 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll 2015-12-08 20:07 - 2015-11-25 05:36 - 00022528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usb8023.sys 2015-12-08 20:07 - 2015-11-25 05:30 - 00147968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rmcast.sys 2015-12-08 20:07 - 2015-11-25 05:30 - 00080896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hdaudbus.sys 2015-12-08 20:07 - 2015-11-25 05:28 - 00572928 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll 2015-12-08 20:07 - 2015-11-25 05:26 - 00849408 _____ (Microsoft Corporation) C:\WINDOWS\system32\comdlg32.dll 2015-12-08 20:07 - 2015-11-25 05:26 - 00181760 _____ (Microsoft Corporation) C:\WINDOWS\system32\shutdownux.dll 2015-12-08 20:07 - 2015-11-25 05:25 - 00067072 _____ (Microsoft Corporation) C:\WINDOWS\system32\profext.dll 2015-12-08 20:07 - 2015-11-25 05:22 - 01383424 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys 2015-12-08 20:07 - 2015-11-25 05:22 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\system32\kbdgeoqw.dll 2015-12-08 20:07 - 2015-11-25 05:22 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\system32\KBDAZST.DLL 2015-12-08 20:07 - 2015-11-25 05:22 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\system32\KBDAZEL.DLL 2015-12-08 20:07 - 2015-11-25 05:22 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\system32\KBDAZE.DLL 2015-12-08 20:07 - 2015-11-25 05:19 - 00185344 _____ (Microsoft Corporation) C:\WINDOWS\system32\psmsrv.dll 2015-12-08 20:07 - 2015-11-25 05:13 - 02153984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll 2015-12-08 20:07 - 2015-11-25 05:10 - 00503296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll 2015-12-08 20:07 - 2015-11-25 05:08 - 00749568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comdlg32.dll 2015-12-08 20:07 - 2015-11-25 05:07 - 00053248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\profext.dll 2015-12-08 20:07 - 2015-11-25 05:04 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kbdgeoqw.dll 2015-12-08 20:07 - 2015-11-25 05:04 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KBDAZST.DLL 2015-12-08 20:07 - 2015-11-25 05:04 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KBDAZEL.DLL 2015-12-08 20:07 - 2015-11-25 05:04 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KBDAZE.DLL 2015-12-08 20:07 - 2015-11-25 03:52 - 00775312 _____ C:\WINDOWS\SysWOW64\locale.nls 2015-12-08 20:07 - 2015-11-25 03:52 - 00775312 _____ C:\WINDOWS\system32\locale.nls 2015-12-08 20:02 - 2015-12-08 20:02 - 00000000 ____D C:\Users\theda\AppData\Local\ElevatedDiagnostics 2015-12-08 19:52 - 2015-12-08 19:52 - 31017664 _____ (TeamSpeak Systems GmbH) C:\Users\theda\Downloads\TeamSpeak3-Client-win64-3.0.18.2 (1).exe 2015-12-08 19:49 - 2015-12-18 16:05 - 00001136 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job 2015-12-08 19:49 - 2015-12-18 15:54 - 00001140 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job 2015-12-08 19:49 - 2015-12-17 19:55 - 00000000 ____D C:\Users\theda\AppData\Roaming\TS3Client 2015-12-08 19:49 - 2015-12-16 20:56 - 00002252 _____ C:\Users\Public\Desktop\Google Chrome.lnk 2015-12-08 19:49 - 2015-12-08 19:52 - 00001284 _____ C:\Users\theda\Desktop\TeamSpeak 3 Client.lnk 2015-12-08 19:49 - 2015-12-08 19:49 - 00004198 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA 2015-12-08 19:49 - 2015-12-08 19:49 - 00003966 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore 2015-12-08 19:49 - 2015-12-08 19:49 - 00000000 ____D C:\Users\theda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TeamSpeak 3 Client 2015-12-08 19:49 - 2015-12-08 19:49 - 00000000 ____D C:\Users\theda\AppData\Local\TeamSpeak 3 Client 2015-12-08 19:49 - 2015-12-08 19:49 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome 2015-12-08 19:49 - 2015-12-08 19:49 - 00000000 ____D C:\Program Files (x86)\Google 2015-12-08 19:48 - 2015-12-08 20:46 - 00000000 ____D C:\Users\theda\AppData\Local\Google 2015-12-08 19:48 - 2015-12-08 19:48 - 00927824 _____ (Google Inc.) C:\Users\theda\Downloads\ChromeSetup.exe 2015-12-08 19:47 - 2015-12-08 19:48 - 31017664 _____ (TeamSpeak Systems GmbH) C:\Users\theda\Downloads\TeamSpeak3-Client-win64-3.0.18.2.exe 2015-12-08 18:49 - 2015-12-08 18:49 - 00001327 _____ C:\Users\Public\Desktop\World of Warcraft.lnk 2015-12-08 18:49 - 2015-12-08 18:49 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\World of Warcraft 2015-12-08 18:47 - 2015-12-17 17:29 - 00000000 ____D C:\Program Files (x86)\World of Warcraft 2015-12-08 18:47 - 2015-12-08 18:47 - 00000000 ____D C:\Data 2015-12-08 18:46 - 2015-12-17 22:03 - 00000000 ____D C:\Users\theda\AppData\Local\Battle.net 2015-12-08 18:46 - 2015-12-08 18:47 - 00000000 ____D C:\Users\theda\AppData\Roaming\Battle.net 2015-12-08 18:46 - 2015-12-08 18:46 - 00001191 _____ C:\Users\Public\Desktop\Battle.net.lnk 2015-12-08 18:46 - 2015-12-08 18:46 - 00000000 ____D C:\Users\theda\AppData\Local\Blizzard Entertainment 2015-12-08 18:46 - 2015-12-08 18:46 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battle.net 2015-12-08 18:46 - 2015-12-08 18:46 - 00000000 ____D C:\ProgramData\Blizzard Entertainment 2015-12-08 18:45 - 2015-12-17 11:33 - 00000000 ____D C:\Program Files (x86)\Battle.net 2015-12-08 18:44 - 2015-12-08 18:44 - 02950200 _____ (Blizzard Entertainment) C:\Users\theda\Downloads\Battle.net-Setup.exe 2015-12-08 18:44 - 2015-12-08 18:44 - 00000000 ____D C:\ProgramData\Battle.net 2015-12-08 18:41 - 2015-12-08 18:41 - 00000000 ____D C:\Users\theda\AppData\Roaming\LolClient 2015-12-08 18:13 - 2015-12-18 16:06 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys 2015-12-08 18:13 - 2015-12-08 18:13 - 00000000 ____D C:\Users\theda\Tracing 2015-12-08 18:12 - 2015-12-18 16:07 - 00000000 ____D C:\Users\theda\AppData\Roaming\Skype 2015-12-08 18:12 - 2015-12-08 18:18 - 00000000 ___RD C:\Program Files (x86)\Skype 2015-12-08 18:12 - 2015-12-08 18:12 - 22908888 _____ (Malwarebytes ) C:\Users\theda\Downloads\mbam-setup-web.NT-2.2.0.1024.exe 2015-12-08 18:12 - 2015-12-08 18:12 - 00002642 _____ C:\Users\Public\Desktop\Skype.lnk 2015-12-08 18:12 - 2015-12-08 18:12 - 00001175 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk 2015-12-08 18:12 - 2015-12-08 18:12 - 00000000 ____D C:\ProgramData\Skype 2015-12-08 18:12 - 2015-12-08 18:12 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype 2015-12-08 18:12 - 2015-12-08 18:12 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 2015-12-08 18:12 - 2015-12-08 18:12 - 00000000 ____D C:\ProgramData\Malwarebytes 2015-12-08 18:12 - 2015-12-08 18:12 - 00000000 ____D C:\Program Files (x86)\ Malwarebytes Anti-Malware 2015-12-08 18:12 - 2015-10-05 09:50 - 00109272 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamchameleon.sys 2015-12-08 18:12 - 2015-10-05 09:50 - 00064216 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys 2015-12-08 18:12 - 2015-10-05 09:50 - 00025816 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys 2015-12-08 18:11 - 2015-12-08 18:11 - 01504384 _____ (Skype Technologies S.A.) C:\Users\theda\Downloads\SkypeSetup.exe 2015-12-08 17:59 - 2015-12-08 17:59 - 00001585 _____ C:\Users\Public\Desktop\League of Legends.lnk 2015-12-08 17:59 - 2015-12-08 17:59 - 00000000 ____D C:\Riot Games 2015-12-08 17:59 - 2015-12-08 17:59 - 00000000 ____D C:\ProgramData\Riot Games 2015-12-08 17:59 - 2015-12-08 17:59 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\League of Legends 2015-12-08 17:59 - 2008-07-31 10:41 - 00068616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAPOFX1_1.dll 2015-12-08 17:59 - 2008-07-31 10:40 - 00509448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_2.dll 2015-12-08 17:59 - 2008-07-12 08:18 - 03851784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_39.dll 2015-12-08 17:59 - 2008-07-12 08:18 - 01493528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_39.dll 2015-12-08 17:59 - 2008-07-12 08:18 - 00467984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_39.dll 2015-12-08 17:58 - 2015-12-08 17:59 - 00000000 ____D C:\Users\theda\AppData\Roaming\Riot Games 2015-12-08 17:58 - 2015-12-08 17:58 - 30668968 _____ (Riot Games) C:\Users\theda\Downloads\LeagueofLegends_EUW_Installer_9_15_2014.exe 2015-12-08 17:57 - 2015-12-08 17:57 - 00000000 ____D C:\Users\theda\AppData\Roaming\Macromedia 2015-12-08 17:55 - 2015-12-08 17:55 - 00002134 _____ C:\Users\Public\Desktop\3D Vision Photo Viewer.lnk 2015-12-08 17:55 - 2015-12-08 17:55 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation 2015-12-08 17:50 - 2015-12-08 17:50 - 00888064 _____ (Realtek ) C:\WINDOWS\system32\Drivers\rt640x64.sys 2015-12-08 17:50 - 2015-12-08 17:50 - 00082544 _____ (Realtek Semiconductor Corporation) C:\WINDOWS\system32\RtNicProp64.dll 2015-12-08 17:48 - 2015-12-08 17:48 - 02339728 _____ (Creative Technology Ltd.) C:\WINDOWS\system32\AFXAPO64.dll 2015-12-08 17:48 - 2015-12-08 17:48 - 01972952 _____ (Creative Technology Ltd.) C:\WINDOWS\SysWOW64\AFXAPO32.dll 2015-12-08 17:48 - 2015-12-08 17:48 - 00743120 _____ (Creative Technology Ltd) C:\WINDOWS\SysWOW64\APOIM64.exe 2015-12-08 17:48 - 2015-12-08 17:48 - 00349192 _____ (Creative Technology Ltd.) C:\WINDOWS\system32\AFXCTL64.dll 2015-12-08 17:48 - 2015-12-08 17:48 - 00304136 _____ (Creative Technology Ltd.) C:\WINDOWS\SysWOW64\AFXCTL32.dll 2015-12-08 17:48 - 2015-12-08 17:48 - 00051208 _____ (Creative Technology Ltd.) C:\WINDOWS\SysWOW64\AddCat.exe 2015-12-08 17:48 - 2015-12-08 17:48 - 00031240 _____ (Creative Technology Ltd.) C:\WINDOWS\SysWOW64\CtEpDef32.exe 2015-12-08 17:48 - 2015-12-08 17:48 - 00020254 _____ C:\WINDOWS\SysWOW64\AFXAPO64.hda 2015-12-08 17:48 - 2015-12-08 17:48 - 00020254 _____ C:\WINDOWS\system32\AFXAPO64.hda 2015-12-08 17:48 - 2015-12-08 17:48 - 00019390 _____ C:\WINDOWS\system32\CtAfx.ini 2015-12-08 17:45 - 2015-12-08 17:45 - 00000000 ____D C:\Users\theda\AppData\Roaming\Avira 2015-12-08 17:43 - 2015-12-08 17:43 - 00000000 ____D C:\Users\theda\AppData\Roaming\Mozilla 2015-12-08 17:43 - 2015-11-05 15:41 - 00102520 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvStreaming.exe 2015-12-08 17:42 - 2015-12-08 17:42 - 42922824 _____ C:\WINDOWS\system32\nvcompiler.dll 2015-12-08 17:42 - 2015-12-08 17:42 - 37890888 _____ C:\WINDOWS\SysWOW64\nvcompiler.dll 2015-12-08 17:42 - 2015-12-08 17:42 - 22352528 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglv64.dll 2015-12-08 17:42 - 2015-12-08 17:42 - 18496280 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvwgf2umx.dll 2015-12-08 17:42 - 2015-12-08 17:42 - 18397840 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglv32.dll 2015-12-08 17:42 - 2015-12-08 17:42 - 16570048 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvopencl.dll 2015-12-08 17:42 - 2015-12-08 17:42 - 15942648 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvwgf2um.dll 2015-12-08 17:42 - 2015-12-08 17:42 - 15847936 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvd3dumx.dll 2015-12-08 17:42 - 2015-12-08 17:42 - 14853032 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll 2015-12-08 17:42 - 2015-12-08 17:42 - 13542336 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvopencl.dll 2015-12-08 17:42 - 2015-12-08 17:42 - 12878928 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvd3dum.dll 2015-12-08 17:42 - 2015-12-08 17:42 - 12049688 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll 2015-12-08 17:42 - 2015-12-08 17:42 - 11227280 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvlddmkm.sys 2015-12-08 17:42 - 2015-12-08 17:42 - 03549088 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll 2015-12-08 17:42 - 2015-12-08 17:42 - 03135528 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll 2015-12-08 17:42 - 2015-12-08 17:42 - 02885448 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll 2015-12-08 17:42 - 2015-12-08 17:42 - 02505360 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll 2015-12-08 17:42 - 2015-12-08 17:42 - 01914184 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6435891.dll 2015-12-08 17:42 - 2015-12-08 17:42 - 01581208 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvhdagenco6420103.dll 2015-12-08 17:42 - 2015-12-08 17:42 - 01573520 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6435891.dll 2015-12-08 17:42 - 2015-12-08 17:42 - 01025088 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncMFTH264.dll 2015-12-08 17:42 - 2015-12-08 17:42 - 00886416 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll 2015-12-08 17:42 - 2015-12-08 17:42 - 00870544 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll 2015-12-08 17:42 - 2015-12-08 17:42 - 00831960 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncMFTH264.dll 2015-12-08 17:42 - 2015-12-08 17:42 - 00698512 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll 2015-12-08 17:42 - 2015-12-08 17:42 - 00682824 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll 2015-12-08 17:42 - 2015-12-08 17:42 - 00609968 _____ C:\WINDOWS\system32\nvmcumd.dll 2015-12-08 17:42 - 2015-12-08 17:42 - 00548376 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvumdshimx.dll 2015-12-08 17:42 - 2015-12-08 17:42 - 00512144 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvDecMFTMjpeg.dll 2015-12-08 17:42 - 2015-12-08 17:42 - 00509600 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll 2015-12-08 17:42 - 2015-12-08 17:42 - 00455496 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvDecMFTMjpeg.dll 2015-12-08 17:42 - 2015-12-08 17:42 - 00453944 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvumdshim.dll 2015-12-08 17:42 - 2015-12-08 17:42 - 00431296 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll 2015-12-08 17:42 - 2015-12-08 17:42 - 00422728 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll 2015-12-08 17:42 - 2015-12-08 17:42 - 00378184 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll 2015-12-08 17:42 - 2015-12-08 17:42 - 00214168 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvhda64v.sys 2015-12-08 17:42 - 2015-12-08 17:42 - 00186144 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvinitx.dll 2015-12-08 17:42 - 2015-12-08 17:42 - 00164520 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvinit.dll 2015-12-08 17:42 - 2015-12-08 17:42 - 00160096 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglshim64.dll 2015-12-08 17:42 - 2015-12-08 17:42 - 00137240 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglshim32.dll 2015-12-08 17:42 - 2015-12-08 17:42 - 00047952 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvhdap64.dll 2015-12-08 17:42 - 2015-11-20 15:35 - 00146696 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avipbb.sys 2015-12-08 17:42 - 2015-11-20 15:35 - 00135880 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avgntflt.sys 2015-12-08 17:42 - 2015-11-20 15:35 - 00073032 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avnetflt.sys 2015-12-08 17:42 - 2015-11-20 15:35 - 00035488 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avkmgr.sys 2015-12-08 17:39 - 2015-12-08 17:43 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira 2015-12-08 17:39 - 2015-12-08 17:42 - 00000000 ____D C:\ProgramData\Avira 2015-12-08 17:39 - 2015-12-08 17:42 - 00000000 ____D C:\Program Files (x86)\Avira 2015-12-08 17:39 - 2015-12-08 17:39 - 00001287 _____ C:\Users\Public\Desktop\Avira Launcher.lnk 2015-12-08 17:38 - 2015-12-08 17:38 - 04600536 _____ (Avira Operations GmbH & Co. KG) C:\Users\theda\Downloads\avira_de_av_56670780c823c__ws.exe 2015-12-08 17:38 - 2015-12-08 17:38 - 00000000 ____D C:\ProgramData\Package Cache 2015-12-08 17:35 - 2015-12-18 16:06 - 00000000 ___RD C:\Users\theda\OneDrive 2015-12-08 17:35 - 2015-12-09 17:49 - 00002387 _____ C:\Users\theda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk 2015-12-08 17:34 - 2015-12-08 17:38 - 00000000 ____D C:\Users\theda\AppData\Local\MicrosoftEdge 2015-12-08 17:34 - 2015-12-08 17:34 - 00000000 ____D C:\Users\theda\AppData\Local\NVIDIA 2015-12-08 17:34 - 2015-12-08 17:34 - 00000000 ____D C:\ProgramData\Microsoft OneDrive 2015-12-08 17:33 - 2015-12-18 16:05 - 00000000 ____D C:\ProgramData\NVIDIA 2015-12-08 17:33 - 2015-12-08 17:35 - 00000000 ____D C:\Users\theda\AppData\Local\Comms 2015-12-08 17:33 - 2015-11-05 16:08 - 06358648 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll 2015-12-08 17:33 - 2015-11-05 16:08 - 02983216 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc64.dll 2015-12-08 17:33 - 2015-11-05 16:08 - 02554672 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll 2015-12-08 17:33 - 2015-11-05 16:08 - 00938616 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvvsvc.exe 2015-12-08 17:33 - 2015-11-05 16:08 - 00385328 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmctray.dll 2015-12-08 17:33 - 2015-11-05 16:08 - 00062584 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll 2015-12-08 17:33 - 2015-10-28 14:49 - 06027430 _____ C:\WINDOWS\system32\nvcoproc.bin 2015-12-08 17:32 - 2015-12-08 17:42 - 00121672 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll 2015-12-08 17:32 - 2015-12-08 17:42 - 00113808 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll 2015-12-08 17:31 - 2015-12-08 17:49 - 00000000 ____D C:\Users\theda\AppData\Local\PackageStaging 2015-12-08 17:31 - 2015-12-08 17:31 - 00000000 ____D C:\Users\theda\AppData\Local\Publishers 2015-12-08 17:30 - 2015-12-11 15:18 - 00000000 ____D C:\Users\theda\AppData\Local\Packages 2015-12-08 17:30 - 2015-12-09 17:48 - 00000000 __RHD C:\Users\Public\AccountPictures 2015-12-08 17:30 - 2015-12-08 17:30 - 01898312 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6435354.dll 2015-12-08 17:30 - 2015-12-08 17:30 - 01557648 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6435354.dll 2015-12-08 17:30 - 2015-12-08 17:30 - 00016148 _____ C:\WINDOWS\system32\DESKTOP-4AC1IMP_defaultuser0_HistoryPrediction.bin 2015-12-08 17:30 - 2015-12-08 17:30 - 00000000 ____D C:\Users\theda\AppData\Roaming\Adobe 2015-12-08 17:30 - 2015-12-08 17:30 - 00000000 ____D C:\Users\theda\AppData\Local\VirtualStore 2015-12-08 17:30 - 2015-12-08 17:30 - 00000000 ____D C:\Users\theda\AppData\Local\TileDataLayer 2015-12-08 17:29 - 2015-12-18 15:34 - 00000000 ____D C:\Users\theda 2015-12-08 17:29 - 2015-12-08 17:29 - 00000020 ___SH C:\Users\theda\ntuser.ini 2015-12-08 17:29 - 2015-12-08 17:29 - 00000000 _SHDL C:\Users\theda\Vorlagen 2015-12-08 17:29 - 2015-12-08 17:29 - 00000000 _SHDL C:\Users\theda\Startmenü 2015-12-08 17:29 - 2015-12-08 17:29 - 00000000 _SHDL C:\Users\theda\Netzwerkumgebung 2015-12-08 17:29 - 2015-12-08 17:29 - 00000000 _SHDL C:\Users\theda\Lokale Einstellungen 2015-12-08 17:29 - 2015-12-08 17:29 - 00000000 _SHDL C:\Users\theda\Eigene Dateien 2015-12-08 17:29 - 2015-12-08 17:29 - 00000000 _SHDL C:\Users\theda\Druckumgebung 2015-12-08 17:29 - 2015-12-08 17:29 - 00000000 _SHDL C:\Users\theda\AppData\Roaming\Microsoft\Windows\Start Menu\Programme 2015-12-08 17:29 - 2015-12-08 17:29 - 00000000 _SHDL C:\Users\theda\AppData\Local\Verlauf 2015-12-08 17:29 - 2015-12-08 17:29 - 00000000 _SHDL C:\Users\theda\AppData\Local\Anwendungsdaten 2015-12-08 17:29 - 2015-12-08 17:29 - 00000000 _SHDL C:\Users\theda\Anwendungsdaten 2015-12-08 17:14 - 2015-12-18 16:09 - 01790124 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2015-12-08 17:11 - 2015-07-10 11:59 - 02718208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll 2015-12-08 17:10 - 2015-12-08 17:10 - 00000000 ____D C:\ProgramData\USOShared 2015-12-08 16:53 - 2015-12-08 16:53 - 00000000 _____ C:\Recovery.txt 2015-12-08 16:51 - 2015-12-08 20:43 - 00000000 ___DC C:\WINDOWS\Panther 2015-12-08 16:51 - 2015-12-08 16:52 - 00000000 ____D C:\Windows.old 2015-12-08 16:51 - 2015-12-08 16:51 - 00008192 _____ C:\WINDOWS\system32\config\userdiff 2015-12-08 16:51 - 2015-12-08 16:51 - 00000000 ____D C:\WINDOWS\InfusedApps 2015-12-08 16:51 - 2015-12-08 16:51 - 00000000 ____D C:\Program Files\Elantech 2015-12-08 16:50 - 2015-12-08 16:50 - 00000000 ____D C:\Program Files\ASUS 2015-12-08 16:49 - 2015-12-08 16:49 - 00000000 ____D C:\WINDOWS\Setup 2015-12-08 16:43 - 2015-12-08 16:43 - 00000000 ____D C:\WINDOWS\SysWOW64\XPSViewer 2015-12-08 16:43 - 2015-12-08 16:43 - 00000000 ____D C:\WINDOWS\OCR 2015-12-08 16:43 - 2015-12-08 16:43 - 00000000 ____D C:\Program Files\Reference Assemblies 2015-12-08 16:43 - 2015-12-08 16:43 - 00000000 ____D C:\Program Files\MSBuild 2015-12-08 16:43 - 2015-12-08 16:43 - 00000000 ____D C:\Program Files (x86)\Reference Assemblies 2015-12-08 16:43 - 2015-12-08 16:43 - 00000000 ____D C:\Program Files (x86)\MSBuild 2015-12-08 16:42 - 2015-12-18 16:09 - 00771100 _____ C:\WINDOWS\system32\perfh007.dat 2015-12-08 16:42 - 2015-12-18 16:09 - 00153964 _____ C:\WINDOWS\system32\perfc007.dat 2015-12-08 16:42 - 2015-12-08 16:42 - 00305634 _____ C:\WINDOWS\system32\perfi007.dat 2015-12-08 16:42 - 2015-12-08 16:42 - 00040390 _____ C:\WINDOWS\system32\perfd007.dat 2015-12-08 16:42 - 2015-12-08 16:42 - 00000000 ____D C:\WINDOWS\SysWOW64\winrm 2015-12-08 16:42 - 2015-12-08 16:42 - 00000000 ____D C:\WINDOWS\SysWOW64\WCN 2015-12-08 16:42 - 2015-12-08 16:42 - 00000000 ____D C:\WINDOWS\SysWOW64\sysprep 2015-12-08 16:42 - 2015-12-08 16:42 - 00000000 ____D C:\WINDOWS\SysWOW64\slmgr 2015-12-08 16:42 - 2015-12-08 16:42 - 00000000 ____D C:\WINDOWS\SysWOW64\Printing_Admin_Scripts 2015-12-08 16:42 - 2015-12-08 16:42 - 00000000 ____D C:\WINDOWS\SysWOW64\de 2015-12-08 16:42 - 2015-12-08 16:42 - 00000000 ____D C:\WINDOWS\SysWOW64\0409 2015-12-08 16:42 - 2015-12-08 16:42 - 00000000 ____D C:\WINDOWS\system32\winrm 2015-12-08 16:42 - 2015-12-08 16:42 - 00000000 ____D C:\WINDOWS\system32\WCN 2015-12-08 16:42 - 2015-12-08 16:42 - 00000000 ____D C:\WINDOWS\system32\slmgr 2015-12-08 16:42 - 2015-12-08 16:42 - 00000000 ____D C:\WINDOWS\system32\Printing_Admin_Scripts 2015-12-08 16:42 - 2015-12-08 16:42 - 00000000 ____D C:\WINDOWS\system32\de 2015-12-08 16:42 - 2015-12-08 16:42 - 00000000 ____D C:\WINDOWS\system32\0409 2015-12-08 16:42 - 2015-12-08 16:42 - 00000000 ____D C:\WINDOWS\DigitalLocker 2015-12-08 16:39 - 2015-12-01 01:32 - 00826872 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe 2015-12-08 16:39 - 2015-12-01 01:32 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl 2015-12-08 16:38 - 2015-12-08 16:53 - 00028672 _____ C:\WINDOWS\system32\config\BCD-Template 2015-12-08 16:38 - 2015-12-08 16:36 - 00229888 _____ (Microsoft Corporation) C:\WINDOWS\system32\msclmd.dll 2015-12-08 16:38 - 2015-12-08 16:36 - 00215943 _____ C:\WINDOWS\SysWOW64\dssec.dat 2015-12-08 16:38 - 2015-12-08 16:36 - 00215943 _____ C:\WINDOWS\system32\dssec.dat 2015-12-08 16:38 - 2015-12-08 16:36 - 00208384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msclmd.dll 2015-12-08 16:38 - 2015-12-08 16:36 - 00017463 _____ C:\WINDOWS\system32\Drivers\etc\services 2015-12-08 16:38 - 2015-12-08 16:36 - 00015462 _____ C:\WINDOWS\system32\OEMDefaultAssociations.xml 2015-12-08 16:38 - 2015-12-08 16:36 - 00008798 _____ C:\WINDOWS\SysWOW64\icrav03.rat 2015-12-08 16:38 - 2015-12-08 16:36 - 00008798 _____ C:\WINDOWS\system32\icrav03.rat 2015-12-08 16:38 - 2015-12-08 16:36 - 00003683 _____ C:\WINDOWS\system32\Drivers\etc\lmhosts.sam 2015-12-08 16:38 - 2015-12-08 16:36 - 00001988 _____ C:\WINDOWS\SysWOW64\ticrf.rat 2015-12-08 16:38 - 2015-12-08 16:36 - 00001988 _____ C:\WINDOWS\system32\ticrf.rat 2015-12-08 16:38 - 2015-12-08 16:36 - 00001358 _____ C:\WINDOWS\system32\Drivers\etc\protocol 2015-12-08 16:38 - 2015-12-08 16:36 - 00000858 _____ C:\WINDOWS\system32\DefaultQuestions.json 2015-12-08 16:38 - 2015-12-08 16:36 - 00000741 _____ C:\WINDOWS\SysWOW64\NOISE.DAT 2015-12-08 16:38 - 2015-12-08 16:36 - 00000741 _____ C:\WINDOWS\system32\NOISE.DAT 2015-12-08 16:38 - 2015-12-08 16:36 - 00000407 _____ C:\WINDOWS\system32\Drivers\etc\networks 2015-12-08 16:38 - 2015-12-08 16:36 - 00000389 _____ C:\WINDOWS\system32\AutoWorkplace.exe.config 2015-12-08 16:37 - 2015-12-18 14:38 - 00000000 ___HD C:\Program Files\WindowsApps 2015-12-08 16:37 - 2015-12-18 14:38 - 00000000 ____D C:\WINDOWS\AppReadiness 2015-12-08 16:37 - 2015-12-11 23:09 - 00000000 ____D C:\Program Files\Common Files\microsoft shared 2015-12-08 16:37 - 2015-12-11 17:34 - 00000000 ____D C:\WINDOWS\rescache 2015-12-08 16:37 - 2015-12-09 17:42 - 00000000 ___SD C:\WINDOWS\SysWOW64\F12 2015-12-08 16:37 - 2015-12-09 17:42 - 00000000 ____D C:\WINDOWS\SysWOW64\oobe 2015-12-08 16:37 - 2015-12-09 17:42 - 00000000 ____D C:\WINDOWS\SysWOW64\Dism 2015-12-08 16:37 - 2015-12-09 17:41 - 00000000 ___SD C:\WINDOWS\system32\F12 2015-12-08 16:37 - 2015-12-09 17:41 - 00000000 ___RD C:\WINDOWS\PurchaseDialog 2015-12-08 16:37 - 2015-12-09 17:41 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel 2015-12-08 16:37 - 2015-12-09 17:41 - 00000000 ___RD C:\WINDOWS\DevicesFlow 2015-12-08 16:37 - 2015-12-09 17:41 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns 2015-12-08 16:37 - 2015-12-09 17:41 - 00000000 ____D C:\WINDOWS\system32\SystemResetPlatform 2015-12-08 16:37 - 2015-12-09 17:41 - 00000000 ____D C:\WINDOWS\system32\oobe 2015-12-08 16:37 - 2015-12-09 17:41 - 00000000 ____D C:\WINDOWS\system32\Dism 2015-12-08 16:37 - 2015-12-09 17:41 - 00000000 ____D C:\WINDOWS\system32\appraiser 2015-12-08 16:37 - 2015-12-09 17:41 - 00000000 ____D C:\WINDOWS\Provisioning 2015-12-08 16:37 - 2015-12-09 17:41 - 00000000 ____D C:\WINDOWS\L2Schemas 2015-12-08 16:37 - 2015-12-09 17:41 - 00000000 ____D C:\Program Files\Windows Journal 2015-12-08 16:37 - 2015-12-09 02:09 - 00000000 ____D C:\Program Files\Windows NT 2015-12-08 16:37 - 2015-12-09 02:06 - 00000000 ____D C:\WINDOWS\system32\Sysprep 2015-12-08 16:37 - 2015-12-08 17:33 - 00000000 ____D C:\WINDOWS\Help 2015-12-08 16:37 - 2015-12-08 17:31 - 00000000 ___RD C:\WINDOWS\PrintDialog 2015-12-08 16:37 - 2015-12-08 17:31 - 00000000 ___RD C:\WINDOWS\MiracastView 2015-12-08 16:37 - 2015-12-08 17:29 - 00000000 ____D C:\WINDOWS\system32\WinBioDatabase 2015-12-08 16:37 - 2015-12-08 17:11 - 00000000 ____D C:\WINDOWS\system32\spool 2015-12-08 16:37 - 2015-12-08 17:11 - 00000000 ____D C:\WINDOWS\system32\FxsTmp 2015-12-08 16:37 - 2015-12-08 17:10 - 00000000 ____D C:\ProgramData\USOPrivate 2015-12-08 16:37 - 2015-12-08 16:43 - 00000000 ____D C:\WINDOWS\SysWOW64\MUI 2015-12-08 16:37 - 2015-12-08 16:43 - 00000000 ____D C:\WINDOWS\system32\MUI 2015-12-08 16:37 - 2015-12-08 16:42 - 00000000 ___SD C:\WINDOWS\SysWOW64\DiagSvcs 2015-12-08 16:37 - 2015-12-08 16:42 - 00000000 ___SD C:\WINDOWS\system32\dsc 2015-12-08 16:37 - 2015-12-08 16:42 - 00000000 ___SD C:\WINDOWS\system32\DiagSvcs 2015-12-08 16:37 - 2015-12-08 16:42 - 00000000 ____D C:\WINDOWS\SysWOW64\setup 2015-12-08 16:37 - 2015-12-08 16:42 - 00000000 ____D C:\WINDOWS\SysWOW64\Com 2015-12-08 16:37 - 2015-12-08 16:42 - 00000000 ____D C:\WINDOWS\system32\setup 2015-12-08 16:37 - 2015-12-08 16:42 - 00000000 ____D C:\WINDOWS\system32\migwiz 2015-12-08 16:37 - 2015-12-08 16:42 - 00000000 ____D C:\WINDOWS\system32\Com 2015-12-08 16:37 - 2015-12-08 16:42 - 00000000 ____D C:\WINDOWS\PolicyDefinitions 2015-12-08 16:37 - 2015-12-08 16:42 - 00000000 ____D C:\WINDOWS\IME 2015-12-08 16:37 - 2015-12-08 16:42 - 00000000 ____D C:\Program Files\Windows Photo Viewer 2015-12-08 16:37 - 2015-12-08 16:42 - 00000000 ____D C:\Program Files\Windows Defender 2015-12-08 16:37 - 2015-12-08 16:42 - 00000000 ____D C:\Program Files\Common Files\System 2015-12-08 16:37 - 2015-12-08 16:42 - 00000000 ____D C:\Program Files (x86)\Windows Photo Viewer 2015-12-08 16:37 - 2015-12-08 16:42 - 00000000 ____D C:\Program Files (x86)\Windows Defender 2015-12-08 16:37 - 2015-12-08 16:38 - 00000000 __RSD C:\WINDOWS\Media 2015-12-08 16:37 - 2015-12-08 16:38 - 00000000 ___SD C:\WINDOWS\SysWOW64\Nui 2015-12-08 16:37 - 2015-12-08 16:38 - 00000000 ___SD C:\WINDOWS\system32\Nui 2015-12-08 16:37 - 2015-12-08 16:38 - 00000000 ___RD C:\WINDOWS\Offline Web Pages 2015-12-08 16:37 - 2015-12-08 16:38 - 00000000 ____D C:\WINDOWS\SysWOW64\WinMetadata 2015-12-08 16:37 - 2015-12-08 16:38 - 00000000 ____D C:\WINDOWS\SysWOW64\migwiz 2015-12-08 16:37 - 2015-12-08 16:38 - 00000000 ____D C:\WINDOWS\SysWOW64\icsxml 2015-12-08 16:37 - 2015-12-08 16:38 - 00000000 ____D C:\WINDOWS\SysWOW64\downlevel 2015-12-08 16:37 - 2015-12-08 16:38 - 00000000 ____D C:\WINDOWS\SysWOW64\Bthprops 2015-12-08 16:37 - 2015-12-08 16:38 - 00000000 ____D C:\WINDOWS\SysWOW64\AdvancedInstallers 2015-12-08 16:37 - 2015-12-08 16:38 - 00000000 ____D C:\WINDOWS\system32\WinMetadata 2015-12-08 16:37 - 2015-12-08 16:38 - 00000000 ____D C:\WINDOWS\system32\SecureBootUpdates 2015-12-08 16:37 - 2015-12-08 16:38 - 00000000 ____D C:\WINDOWS\system32\MsDtc 2015-12-08 16:37 - 2015-12-08 16:38 - 00000000 ____D C:\WINDOWS\system32\MailContactsCalendarSync 2015-12-08 16:37 - 2015-12-08 16:38 - 00000000 ____D C:\WINDOWS\system32\icsxml 2015-12-08 16:37 - 2015-12-08 16:38 - 00000000 ____D C:\WINDOWS\system32\ias 2015-12-08 16:37 - 2015-12-08 16:38 - 00000000 ____D C:\WINDOWS\system32\downlevel 2015-12-08 16:37 - 2015-12-08 16:38 - 00000000 ____D C:\WINDOWS\system32\Bthprops 2015-12-08 16:37 - 2015-12-08 16:38 - 00000000 ____D C:\WINDOWS\system32\AdvancedInstallers 2015-12-08 16:37 - 2015-12-08 16:38 - 00000000 ____D C:\WINDOWS\ShellNew 2015-12-08 16:37 - 2015-12-08 16:38 - 00000000 ____D C:\WINDOWS\Registration 2015-12-08 16:37 - 2015-12-08 16:37 - 00000000 __SHD C:\Program Files\Windows Sidebar 2015-12-08 16:37 - 2015-12-08 16:37 - 00000000 __SHD C:\Program Files (x86)\Windows Sidebar 2015-12-08 16:37 - 2015-12-08 16:37 - 00000000 __RHD C:\Users\Public\Libraries 2015-12-08 16:37 - 2015-12-08 16:37 - 00000000 ___SD C:\WINDOWS\SysWOW64\Configuration 2015-12-08 16:37 - 2015-12-08 16:37 - 00000000 ___SD C:\WINDOWS\system32\Configuration 2015-12-08 16:37 - 2015-12-08 16:37 - 00000000 ___SD C:\WINDOWS\Downloaded Program Files 2015-12-08 16:37 - 2015-12-08 16:37 - 00000000 ___RD C:\WINDOWS\DesktopTileResources 2015-12-08 16:37 - 2015-12-08 16:37 - 00000000 ___HD C:\WINDOWS\ELAMBKUP 2015-12-08 16:37 - 2015-12-08 16:37 - 00000000 ____D C:\WINDOWS\Web 2015-12-08 16:37 - 2015-12-08 16:37 - 00000000 ____D C:\WINDOWS\Vss 2015-12-08 16:37 - 2015-12-08 16:37 - 00000000 ____D C:\WINDOWS\tracing 2015-12-08 16:37 - 2015-12-08 16:37 - 00000000 ____D C:\WINDOWS\TAPI 2015-12-08 16:37 - 2015-12-08 16:37 - 00000000 ____D C:\WINDOWS\SysWOW64\SMI 2015-12-08 16:37 - 2015-12-08 16:37 - 00000000 ____D C:\WINDOWS\SysWOW64\ras 2015-12-08 16:37 - 2015-12-08 16:37 - 00000000 ____D C:\WINDOWS\SysWOW64\NDF 2015-12-08 16:37 - 2015-12-08 16:37 - 00000000 ____D C:\WINDOWS\SysWOW64\MsDtc 2015-12-08 16:37 - 2015-12-08 16:37 - 00000000 ____D C:\WINDOWS\SysWOW64\Macromed 2015-12-08 16:37 - 2015-12-08 16:37 - 00000000 ____D C:\WINDOWS\SysWOW64\Ipmi 2015-12-08 16:37 - 2015-12-08 16:37 - 00000000 ____D C:\WINDOWS\SysWOW64\InputMethod 2015-12-08 16:37 - 2015-12-08 16:37 - 00000000 ____D C:\WINDOWS\SysWOW64\inetsrv 2015-12-08 16:37 - 2015-12-08 16:37 - 00000000 ____D C:\WINDOWS\SysWOW64\IME 2015-12-08 16:37 - 2015-12-08 16:37 - 00000000 ____D C:\WINDOWS\SysWOW64\GroupPolicyUsers 2015-12-08 16:37 - 2015-12-08 16:37 - 00000000 ____D C:\WINDOWS\SysWOW64\GroupPolicy 2015-12-08 16:37 - 2015-12-08 16:37 - 00000000 ____D C:\WINDOWS\SysWOW64\FxsTmp 2015-12-08 16:37 - 2015-12-08 16:37 - 00000000 ____D C:\WINDOWS\SysWOW64\AppLocker 2015-12-08 16:37 - 2015-12-08 16:37 - 00000000 ____D C:\WINDOWS\SystemResources 2015-12-08 16:37 - 2015-12-08 16:37 - 00000000 ____D C:\WINDOWS\SystemApps 2015-12-08 16:37 - 2015-12-08 16:37 - 00000000 ____D C:\WINDOWS\system32\winevt 2015-12-08 16:37 - 2015-12-08 16:37 - 00000000 ____D C:\WINDOWS\system32\ras 2015-12-08 16:37 - 2015-12-08 16:37 - 00000000 ____D C:\WINDOWS\system32\ProximityToast 2015-12-08 16:37 - 2015-12-08 16:37 - 00000000 ____D C:\WINDOWS\system32\PointOfService 2015-12-08 16:37 - 2015-12-08 16:37 - 00000000 ____D C:\WINDOWS\system32\NDF 2015-12-08 16:37 - 2015-12-08 16:37 - 00000000 ____D C:\WINDOWS\system32\Macromed 2015-12-08 16:37 - 2015-12-08 16:37 - 00000000 ____D C:\WINDOWS\system32\Ipmi 2015-12-08 16:37 - 2015-12-08 16:37 - 00000000 ____D C:\WINDOWS\system32\InputMethod 2015-12-08 16:37 - 2015-12-08 16:37 - 00000000 ____D C:\WINDOWS\system32\inetsrv 2015-12-08 16:37 - 2015-12-08 16:37 - 00000000 ____D C:\WINDOWS\system32\IME 2015-12-08 16:37 - 2015-12-08 16:37 - 00000000 ____D C:\WINDOWS\system32\GroupPolicyUsers 2015-12-08 16:37 - 2015-12-08 16:37 - 00000000 ____D C:\WINDOWS\system32\GroupPolicy 2015-12-08 16:37 - 2015-12-08 16:37 - 00000000 ____D C:\WINDOWS\system32\config\Journal 2015-12-08 16:37 - 2015-12-08 16:37 - 00000000 ____D C:\WINDOWS\system32\AppLocker 2015-12-08 16:37 - 2015-12-08 16:37 - 00000000 ____D C:\WINDOWS\System 2015-12-08 16:37 - 2015-12-08 16:37 - 00000000 ____D C:\WINDOWS\SKB 2015-12-08 16:37 - 2015-12-08 16:37 - 00000000 ____D C:\WINDOWS\security 2015-12-08 16:37 - 2015-12-08 16:37 - 00000000 ____D C:\WINDOWS\schemas 2015-12-08 16:37 - 2015-12-08 16:37 - 00000000 ____D C:\WINDOWS\SchCache 2015-12-08 16:37 - 2015-12-08 16:37 - 00000000 ____D C:\WINDOWS\Resources 2015-12-08 16:37 - 2015-12-08 16:37 - 00000000 ____D C:\WINDOWS\PLA 2015-12-08 16:37 - 2015-12-08 16:37 - 00000000 ____D C:\WINDOWS\Performance 2015-12-08 16:37 - 2015-12-08 16:37 - 00000000 ____D C:\WINDOWS\ModemLogs 2015-12-08 16:37 - 2015-12-08 16:37 - 00000000 ____D C:\WINDOWS\LiveKernelReports 2015-12-08 16:37 - 2015-12-08 16:37 - 00000000 ____D C:\WINDOWS\InputMethod 2015-12-08 16:37 - 2015-12-08 16:37 - 00000000 ____D C:\WINDOWS\Globalization 2015-12-08 16:37 - 2015-12-08 16:37 - 00000000 ____D C:\WINDOWS\Cursors 2015-12-08 16:37 - 2015-12-08 16:37 - 00000000 ____D C:\WINDOWS\Branding 2015-12-08 16:37 - 2015-12-08 16:37 - 00000000 ____D C:\WINDOWS\appcompat 2015-12-08 16:37 - 2015-12-08 16:37 - 00000000 ____D C:\WINDOWS\addins 2015-12-08 16:37 - 2015-12-08 16:37 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft 2015-12-08 16:37 - 2015-12-08 16:37 - 00000000 ____D C:\ProgramData\Comms 2015-12-08 16:37 - 2015-12-08 16:37 - 00000000 ____D C:\Program Files\Windows Portable Devices 2015-12-08 16:37 - 2015-12-08 16:37 - 00000000 ____D C:\Program Files\Windows Multimedia Platform 2015-12-08 16:37 - 2015-12-08 16:37 - 00000000 ____D C:\Program Files\Common Files\Services 2015-12-08 16:37 - 2015-12-08 16:37 - 00000000 ____D C:\Program Files (x86)\Windows Portable Devices 2015-12-08 16:37 - 2015-12-08 16:37 - 00000000 ____D C:\Program Files (x86)\Windows NT 2015-12-08 16:37 - 2015-12-08 16:37 - 00000000 ____D C:\Program Files (x86)\Windows Multimedia Platform 2015-12-08 16:37 - 2015-12-08 16:35 - 00000219 _____ C:\WINDOWS\system.ini 2015-12-08 16:37 - 2015-12-08 16:35 - 00000092 _____ C:\WINDOWS\win.ini 2015-12-08 16:36 - 2015-12-18 16:09 - 00000000 ____D C:\WINDOWS\INF 2015-12-08 16:25 - 2015-12-08 20:13 - 00000000 ____D C:\WINDOWS\CbsTemp 2015-12-08 16:23 - 2015-12-18 16:04 - 00262144 ___SH C:\WINDOWS\system32\config\BBI 2015-12-08 16:23 - 2015-12-08 17:10 - 00032768 ___SH C:\WINDOWS\system32\config\ELAM 2015-12-08 16:23 - 2015-12-08 16:42 - 00000000 ____D C:\WINDOWS\servicing 2015-12-08 16:23 - 2015-12-08 16:37 - 00000000 ____D C:\WINDOWS\system32\SMI 2015-12-08 16:23 - 2015-07-10 10:11 - 00000164 _____ C:\WINDOWS\system32\config\FP 2015-12-08 16:06 - 2015-12-08 16:54 - 00000000 ___HD C:\$SysReset ==================== Ein Monat: Geänderte Dateien und Ordner ======== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.) 2015-12-08 20:40 - 2015-10-30 20:27 - 00000000 ___HD C:\$WINDOWS.~BT 2015-12-08 17:48 - 2014-04-16 09:02 - 00245256 _____ (Creative Technology Limited) C:\WINDOWS\system32\AFXCo64.dll 2015-12-08 17:48 - 2014-04-16 09:02 - 00035320 _____ (Creative Technology Ltd.) C:\WINDOWS\system32\Drivers\afxfilt.sys 2015-12-08 17:42 - 2015-07-31 14:42 - 00034493 _____ C:\WINDOWS\system32\nvinfo.pb 2015-12-08 16:32 - 2015-07-10 11:59 - 00065536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthmodem.sys ==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse ======= 2015-12-09 02:04 - 2015-12-09 02:04 - 0000000 ____H () C:\ProgramData\DP45977C.lfl Einige Dateien in TEMP: ==================== C:\Users\theda\AppData\Local\Temp\avgnt.exe ==================== Bamital & volsnap ================= (Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.) C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert C:\WINDOWS\explorer.exe => Datei ist digital signiert C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert C:\WINDOWS\system32\services.exe => Datei ist digital signiert C:\WINDOWS\system32\User32.dll => Datei ist digital signiert C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert LastRegBack: 2015-12-09 01:55 ==================== Ende von FRST.txt ============================ |
|
18.12.2015, 18:53
| #4 |
| /// Malwareteam | Win10: googel chrome und skype watch4 werbung und unseriöse andere werbung Hi, watch4.de ist eine Plage... Schritt # 1: SpyHunterCleaner Deaktiviere bitte dein Antivirenprogramm, da es die Entfernung von SpyHunter blockieren kann. Bitte downloade SpyHunterCleaner und speichere die Datei auf dem Desktop. (Bebilderte Anleitung)
Schritt # 2: watch4.de Änderung der Privatsphäre-Einstellungen (Häkchen entfernen)   Bitte lade Dir von hier BlueLifeHosts editor herunter und entpacke die Datei auf Deinem Desktop.
Schritt # 3: Frage Treten die Probleme noch auf? Schritt # 4: Bitte Posten
|
|
18.12.2015, 19:49
| #5 |
| | Win10: googel chrome und skype watch4 werbung und unseriöse andere werbung also es hat alles geklappt aber auf manchen seiten hab ich halt immer noch so Werbung verdienen sie 12600 Euro in der Woche obwohl ich adblocker habe und zu Skype da hab ich keine Werbung mehr an nur noch so Leere Werbe banner |
|
18.12.2015, 21:35
| #6 |
| /// Malwareteam | Win10: googel chrome und skype watch4 werbung und unseriöse andere werbung Hi, AdBlock wird nich mehr weiterentwickelt, könnte also daran liegen. Ich empfehle  uBlock Origin. Aber wir machen noch Abschlussscans.Schritt # 1: MBAM Lade dir, falls nicht schon vorhanden,  Malwarebytes Anti-Malware herunter, installiere und starte es.
Schritt # 2: ESET ESET Online Scanner
Schritt # 3: FRST Bitte noch ein frisches FRST-Log. Schritt # 4: Bitte Posten
__________________ --> Win10: googel chrome und skype watch4 werbung und unseriöse andere werbung |
|
19.12.2015, 00:48
| #7 |
| | Win10: googel chrome und skype watch4 werbung und unseriöse andere werbung ok hab ich alles gemacht ich hab auch deinen adblocker benutzt bei ihm konnte ich die nervige werbung direkt ausstellen danke dafür Code:
ATTFilter Malwarebytes Anti-Malware www.malwarebytes.org Suchlaufdatum: 18.12.2015 Suchlaufzeit: 21:59 Protokolldatei: Administrator: Ja Version: 2.2.0.1024 Malware-Datenbank: v2015.12.18.05 Rootkit-Datenbank: v2015.12.18.01 Lizenz: Premium-Version Malware-Schutz: Aktiviert Schutz vor bösartigen Websites: Aktiviert Selbstschutz: Deaktiviert Betriebssystem: Windows 10 CPU: x64 Dateisystem: NTFS Benutzer: theda Suchlauftyp: Bedrohungssuchlauf Ergebnis: Abgeschlossen Durchsuchte Objekte: 331941 Abgelaufene Zeit: 13 Min., 50 Sek. Speicher: Aktiviert Start: Aktiviert Dateisystem: Aktiviert Archive: Aktiviert Rootkits: Aktiviert Heuristik: Aktiviert PUP: Aktiviert PUM: Aktiviert Prozesse: 0 (keine bösartigen Elemente erkannt) Module: 0 (keine bösartigen Elemente erkannt) Registrierungsschlüssel: 0 (keine bösartigen Elemente erkannt) Registrierungswerte: 0 (keine bösartigen Elemente erkannt) Registrierungsdaten: 0 (keine bösartigen Elemente erkannt) Ordner: 0 (keine bösartigen Elemente erkannt) Dateien: 0 (keine bösartigen Elemente erkannt) Physische Sektoren: 0 (keine bösartigen Elemente erkannt) (end) Code:
ATTFilter ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=b2006ca25f99364f88ad9983440a730a
# end=init
# utc_time=2015-12-18 09:18:21
# local_time=2015-12-18 10:18:21 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# osver=6.2.9200 NT
Update Init
Update Download
Update Finalize
Updated modules version: 27266
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=b2006ca25f99364f88ad9983440a730a
# end=updated
# utc_time=2015-12-18 09:20:33
# local_time=2015-12-18 10:20:33 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# osver=6.2.9200 NT
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7777
# api_version=3.1.1
# EOSSerial=b2006ca25f99364f88ad9983440a730a
# engine=27266
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2015-12-18 10:08:17
# local_time=2015-12-18 11:08:17 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# lang=1031
# osver=6.2.9200 NT
# compatibility_mode_1=''
# compatibility_mode=5893 16776573 100 94 12771 13950509 0 0
# scanned=198779
# found=2
# cleaned=0
# scan_time=2864
sh=5B5EA2F5CEC496F99D245A68C884C09F5849E037 ft=1 fh=038fab3ea954bf64 vn="Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung" ac=I fn="C:\Users\theda\AppData\Local\Temp\DMR\dmr_72.exe"
sh=B1136EB5DE75C7CA2DDF79348BE3B3448A3D6725 ft=1 fh=d85ed77db6ac3343 vn="Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung" ac=I fn="C:\Users\theda\Downloads\Revo Uninstaller - CHIP-Installer.exe"
Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:17-12-2015 durchgeführt von theda (Administrator) auf DESKTOP-4AC1IMP (19-12-2015 00:44:30) Gestartet von C:\Users\theda\Downloads Geladene Profile: theda (Verfügbare Profile: theda) Platform: Windows 10 Home (X64) Sprache: Deutsch (Deutschland) Internet Explorer Version 11 (Standard-Browser: Chrome) Start-Modus: Normal Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Prozesse (Nicht auf der Ausnahmeliste) ================= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.) (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\sched.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avguard.exe () C:\Program Files (x86)\ASUS\AXSP\1.02.00\atkexComSvc.exe (Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe (Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe (Malwarebytes) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe (Malwarebytes) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe (Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe (Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe (Malwarebytes) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avshadow.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe (ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe (Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe (Spotify Ltd) C:\Users\theda\AppData\Roaming\Spotify\SpotifyWebHelper.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avgnt.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe (TeamSpeak Systems GmbH) C:\Users\theda\AppData\Local\TeamSpeak 3 Client\ts3client_win64.exe () C:\Riot Games\League of Legends\RADS\system\rads_user_kernel.exe () C:\Riot Games\League of Legends\RADS\projects\lol_launcher\releases\0.0.1.5\deploy\LoLLauncher.exe () C:\Riot Games\League of Legends\RADS\projects\lol_patcher\releases\0.0.0.45\deploy\LoLPatcher.exe () C:\Riot Games\League of Legends\RADS\projects\lol_air_client\releases\0.0.1.177\deploy\LolClient.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe () C:\Riot Games\League of Legends\RADS\solutions\lol_game_client_sln\releases\0.0.1.114\deploy\League of Legends.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Microsoft Corporation) C:\Windows\System32\consent.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe ==================== Registry (Nicht auf der Ausnahmeliste) =========================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.) HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [2598696 2012-02-29] (ELAN Microelectronics Corp.) HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8492800 2015-06-24] (Realtek Semiconductor) HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [1795728 2015-12-08] (NVIDIA Corporation) HKLM-x32\...\Run: [Avira SystrayStartTrigger] => C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe [66320 2015-11-23] (Avira Operations GmbH & Co. KG) HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\Antivirus\avgnt.exe [803200 2015-11-20] (Avira Operations GmbH & Co. KG) HKU\S-1-5-21-1466943259-3680391096-1312351822-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [50748544 2015-12-01] (Skype Technologies S.A.) HKU\S-1-5-21-1466943259-3680391096-1312351822-1001\...\Run: [Spotify Web Helper] => C:\Users\theda\AppData\Roaming\Spotify\SpotifyWebHelper.exe [2346096 2015-12-15] (Spotify Ltd) HKU\S-1-5-21-1466943259-3680391096-1312351822-1001\...\Run: [Spotify] => C:\Users\theda\AppData\Roaming\Spotify\Spotify.exe [8387696 2015-12-15] (Spotify Ltd) ==================== Internet (Nicht auf der Ausnahmeliste) ==================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.) Hosts: Es ist mehr als ein Eintrag in der Hosts Datei zu finden. Siehe Hosts-Bereich in Addition.txt Tcpip\Parameters: [DhcpNameServer] 192.168.178.1 Tcpip\..\Interfaces\{97b9f7da-ebcb-4a32-a7cb-9456e797d549}: [DhcpNameServer] 192.168.178.1 Internet Explorer: ================== BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-10-12] (Microsoft Corporation) BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-10-12] (Microsoft Corporation) Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-10-12] (Microsoft Corporation) Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-10-12] (Microsoft Corporation) FireFox: ======== FF ProfilePath: C:\Users\theda\AppData\Roaming\Mozilla\Firefox\Profiles\ZlNLRcpM.default FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-11-05] (NVIDIA Corporation) FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-11-05] (NVIDIA Corporation) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-08] (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-08] (Google Inc.) FF Extension: Avira Browser Safety - C:\Users\theda\AppData\Roaming\Mozilla\Firefox\Profiles\ZlNLRcpM.default\Extensions\abs@avira.com [2015-12-08] [ist nicht signiert] Chrome: ======= CHR Profile: C:\Users\theda\AppData\Local\Google\Chrome\User Data\Default CHR Extension: (Google Präsentationen) - C:\Users\theda\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-12-08] CHR Extension: (Google Docs) - C:\Users\theda\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-12-08] CHR Extension: (Google Drive) - C:\Users\theda\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-12-08] CHR Extension: (YouTube) - C:\Users\theda\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-12-08] CHR Extension: (uBlock Origin) - C:\Users\theda\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2015-12-18] CHR Extension: (Google-Suche) - C:\Users\theda\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-12-08] CHR Extension: (Google Tabellen) - C:\Users\theda\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-12-08] CHR Extension: (Avira Browserschutz) - C:\Users\theda\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2015-12-15] CHR Extension: (Google Docs Offline) - C:\Users\theda\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-12-08] CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\theda\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-12-08] CHR Extension: (Google Mail) - C:\Users\theda\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-12-08] CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx ==================== Dienste (Nicht auf der Ausnahmeliste) ======================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) R2 AntiVirMailService; C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe [948392 2015-11-20] (Avira Operations GmbH & Co. KG) R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\Antivirus\sched.exe [466408 2015-11-20] (Avira Operations GmbH & Co. KG) R2 AntiVirService; C:\Program Files (x86)\Avira\Antivirus\avguard.exe [466408 2015-11-20] (Avira Operations GmbH & Co. KG) R2 AntiVirWebService; C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe [1418560 2015-11-20] (Avira Operations GmbH & Co. KG) R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\1.02.00\atkexComSvc.exe [936728 2014-01-28] () R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [249624 2015-11-23] (Avira Operations GmbH & Co. KG) R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1433216 2015-10-12] (Microsoft Corporation) R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1773696 2015-10-12] (Microsoft Corporation) R2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1513784 2015-10-05] (Malwarebytes) R2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1135416 2015-10-05] (Malwarebytes) R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [362928 2015-07-10] (Microsoft Corporation) R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-07-10] (Microsoft Corporation) ===================== Treiber (Nicht auf der Ausnahmeliste) ========================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) R3 AFXfilt; C:\Windows\system32\drivers\AFXfilt.sys [35320 2015-12-08] (Creative Technology Ltd.) R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [15232 2014-01-28] () R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [135880 2015-11-20] (Avira Operations GmbH & Co. KG) R1 avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [146696 2015-11-20] (Avira Operations GmbH & Co. KG) R1 avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [35488 2015-11-20] (Avira Operations GmbH & Co. KG) R2 avnetflt; C:\Windows\system32\DRIVERS\avnetflt.sys [73032 2015-11-20] (Avira Operations GmbH & Co. KG) R3 cthdb; C:\Windows\system32\DRIVERS\cthdb.sys [37160 2015-06-19] (Creative Technology Ltd) R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25816 2015-10-05] (Malwarebytes) R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [192216 2015-12-19] (Malwarebytes) R3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [64216 2015-10-05] (Malwarebytes Corporation) R3 MEIx64; C:\Windows\System32\drivers\TeeDriverx64.sys [129312 2014-09-30] (Intel Corporation) R3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [888064 2015-12-08] (Realtek ) S3 UdeCx; C:\Windows\System32\drivers\udecx.sys [44032 2015-07-10] () S0 WdBoot; C:\Windows\System32\drivers\WdBoot.sys [44568 2015-07-10] (Microsoft Corporation) R0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [291680 2015-07-10] (Microsoft Corporation) R2 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [119648 2015-07-10] (Microsoft Corporation) S3 wfpcapture; \SystemRoot\System32\drivers\wfpcapture.sys [X] ==================== NetSvcs (Nicht auf der Ausnahmeliste) =================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) ==================== Ein Monat: Erstellte Dateien und Ordner ======== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.) 2015-12-19 00:38 - 2015-12-19 00:38 - 00016148 _____ C:\WINDOWS\system32\DESKTOP-4AC1IMP_theda_HistoryPrediction.bin 2015-12-19 00:38 - 2015-12-19 00:38 - 00000000 ___HD C:\OneDriveTemp 2015-12-18 22:18 - 2015-12-18 22:18 - 00000000 ____D C:\Program Files (x86)\ESET 2015-12-18 22:17 - 2015-12-18 22:18 - 02870984 _____ (ESET) C:\Users\theda\Downloads\esetsmartinstaller_deu.exe 2015-12-18 19:42 - 2015-12-18 19:42 - 00000000 ____D C:\WINDOWS\system32\Drivers\etc\BACKUP 2015-12-18 19:38 - 2015-12-18 19:38 - 00508823 _____ C:\Users\theda\Desktop\bl_hst_edit.zip 2015-12-18 19:38 - 2015-12-18 19:38 - 00000228 _____ C:\Users\theda\Desktop\antiskypewerbung.zip 2015-12-18 19:33 - 2015-12-09 04:39 - 00301728 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe 2015-12-18 19:31 - 2015-12-18 19:32 - 00305152 _____ C:\Users\theda\Downloads\SpyHunterCleaner-reboot.exe 2015-12-18 19:30 - 2015-12-18 19:30 - 00496640 _____ C:\Users\theda\Downloads\SpyHunterCleaner.exe 2015-12-18 16:16 - 2015-12-18 16:17 - 00020210 _____ C:\Users\theda\Downloads\Addition.txt 2015-12-18 16:15 - 2015-12-19 00:44 - 00013733 _____ C:\Users\theda\Downloads\FRST.txt 2015-12-18 16:15 - 2015-12-19 00:44 - 00000000 ____D C:\FRST 2015-12-18 16:15 - 2015-12-18 16:15 - 02370048 _____ (Farbar) C:\Users\theda\Downloads\FRST64.exe 2015-12-18 16:15 - 2015-12-18 16:15 - 01721344 _____ (Farbar) C:\Users\theda\Downloads\FRST.exe 2015-12-18 16:07 - 2015-12-18 16:07 - 01466656 _____ C:\Users\theda\Downloads\Revo Uninstaller - CHIP-Installer.exe 2015-12-18 15:35 - 2015-12-18 15:35 - 00000000 _____ C:\autoexec.bat 2015-12-18 15:29 - 2015-12-18 15:29 - 00000000 ____D C:\AdwCleaner 2015-12-18 15:28 - 2015-12-18 15:28 - 01740288 _____ C:\Users\theda\Downloads\adwcleaner_5.025.exe 2015-12-16 04:20 - 2015-12-16 04:21 - 00000000 ____D C:\Users\theda\OneDrive\Dokumente\Anno 2205 2015-12-14 05:35 - 2015-12-19 00:39 - 00000000 ____D C:\Users\theda\AppData\Roaming\Spotify 2015-12-14 05:35 - 2015-12-19 00:38 - 00000000 ____D C:\Users\theda\AppData\Local\Spotify 2015-12-14 05:35 - 2015-12-14 05:35 - 00234200 _____ (Spotify Ltd) C:\Users\theda\Downloads\SpotifySetup.exe 2015-12-14 05:35 - 2015-12-14 05:35 - 00001850 _____ C:\Users\theda\Desktop\Spotify.lnk 2015-12-14 05:35 - 2015-12-14 05:35 - 00001836 _____ C:\Users\theda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Spotify.lnk 2015-12-11 23:25 - 2015-12-11 23:25 - 00000000 ____D C:\Users\theda\OneDrive\Dokumente\ANNO 2070 2015-12-11 23:21 - 2015-12-11 23:21 - 00000000 ____D C:\ProgramData\Solidshield 2015-12-11 22:49 - 2015-12-11 22:49 - 00000000 ____D C:\WINDOWS\System32\Tasks\Games 2015-12-11 22:36 - 2015-12-11 22:36 - 00000000 ____D C:\Users\theda\AppData\Roaming\Ubisoft 2015-12-11 22:35 - 2010-06-02 04:55 - 00527192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_7.dll 2015-12-11 22:35 - 2010-06-02 04:55 - 00518488 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_7.dll 2015-12-11 22:35 - 2010-06-02 04:55 - 00239960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_7.dll 2015-12-11 22:35 - 2010-06-02 04:55 - 00176984 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_7.dll 2015-12-11 22:35 - 2010-06-02 04:55 - 00077656 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAPOFX1_5.dll 2015-12-11 22:35 - 2010-06-02 04:55 - 00074072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAPOFX1_5.dll 2015-12-11 22:35 - 2010-05-26 11:41 - 02526056 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_43.dll 2015-12-11 22:35 - 2010-05-26 11:41 - 02401112 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_43.dll 2015-12-11 22:35 - 2010-05-26 11:41 - 02106216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_43.dll 2015-12-11 22:35 - 2010-05-26 11:41 - 01998168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_43.dll 2015-12-11 22:35 - 2010-05-26 11:41 - 01907552 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dcsx_43.dll 2015-12-11 22:35 - 2010-05-26 11:41 - 01868128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dcsx_43.dll 2015-12-11 22:35 - 2010-05-26 11:41 - 00511328 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_43.dll 2015-12-11 22:35 - 2010-05-26 11:41 - 00470880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_43.dll 2015-12-11 22:35 - 2010-05-26 11:41 - 00276832 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx11_43.dll 2015-12-11 22:35 - 2010-05-26 11:41 - 00248672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx11_43.dll 2015-12-11 22:35 - 2010-02-04 10:01 - 00530776 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_6.dll 2015-12-11 22:35 - 2010-02-04 10:01 - 00528216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_6.dll 2015-12-11 22:35 - 2010-02-04 10:01 - 00238936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_6.dll 2015-12-11 22:35 - 2010-02-04 10:01 - 00176984 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_6.dll 2015-12-11 22:35 - 2010-02-04 10:01 - 00078680 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAPOFX1_4.dll 2015-12-11 22:35 - 2010-02-04 10:01 - 00074072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAPOFX1_4.dll 2015-12-11 22:35 - 2010-02-04 10:01 - 00024920 _____ (Microsoft Corporation) C:\WINDOWS\system32\X3DAudio1_7.dll 2015-12-11 22:35 - 2010-02-04 10:01 - 00022360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\X3DAudio1_7.dll 2015-12-11 22:35 - 2009-09-04 17:44 - 00517960 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_5.dll 2015-12-11 22:35 - 2009-09-04 17:44 - 00515416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_5.dll 2015-12-11 22:35 - 2009-09-04 17:44 - 00238936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_5.dll 2015-12-11 22:35 - 2009-09-04 17:44 - 00176968 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_5.dll 2015-12-11 22:35 - 2009-09-04 17:44 - 00073544 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAPOFX1_3.dll 2015-12-11 22:35 - 2009-09-04 17:44 - 00069464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAPOFX1_3.dll 2015-12-11 22:35 - 2009-09-04 17:29 - 05554512 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dcsx_42.dll 2015-12-11 22:35 - 2009-09-04 17:29 - 05501792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dcsx_42.dll 2015-12-11 22:35 - 2009-09-04 17:29 - 02582888 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_42.dll 2015-12-11 22:35 - 2009-09-04 17:29 - 02475352 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_42.dll 2015-12-11 22:35 - 2009-09-04 17:29 - 01974616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_42.dll 2015-12-11 22:35 - 2009-09-04 17:29 - 01892184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_42.dll 2015-12-11 22:35 - 2009-09-04 17:29 - 00523088 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_42.dll 2015-12-11 22:35 - 2009-09-04 17:29 - 00453456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_42.dll 2015-12-11 22:35 - 2009-09-04 17:29 - 00285024 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx11_42.dll 2015-12-11 22:35 - 2009-09-04 17:29 - 00235344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx11_42.dll 2015-12-11 22:35 - 2009-03-16 14:18 - 00521560 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_4.dll 2015-12-11 22:35 - 2009-03-16 14:18 - 00517448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_4.dll 2015-12-11 22:35 - 2009-03-16 14:18 - 00235352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_4.dll 2015-12-11 22:35 - 2009-03-16 14:18 - 00174936 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_4.dll 2015-12-11 22:35 - 2009-03-16 14:18 - 00024920 _____ (Microsoft Corporation) C:\WINDOWS\system32\X3DAudio1_6.dll 2015-12-11 22:35 - 2009-03-16 14:18 - 00022360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\X3DAudio1_6.dll 2015-12-11 22:35 - 2009-03-09 15:27 - 05425496 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_41.dll 2015-12-11 22:35 - 2009-03-09 15:27 - 04178264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_41.dll 2015-12-11 22:35 - 2009-03-09 15:27 - 02430312 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_41.dll 2015-12-11 22:35 - 2009-03-09 15:27 - 01846632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_41.dll 2015-12-11 22:35 - 2009-03-09 15:27 - 00520544 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_41.dll 2015-12-11 22:35 - 2009-03-09 15:27 - 00453456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_41.dll 2015-12-11 22:35 - 2008-10-27 10:04 - 00518480 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_3.dll 2015-12-11 22:35 - 2008-10-27 10:04 - 00514384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_3.dll 2015-12-11 22:35 - 2008-10-27 10:04 - 00235856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_3.dll 2015-12-11 22:35 - 2008-10-27 10:04 - 00175440 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_3.dll 2015-12-11 22:35 - 2008-10-27 10:04 - 00074576 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAPOFX1_2.dll 2015-12-11 22:35 - 2008-10-27 10:04 - 00070992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAPOFX1_2.dll 2015-12-11 22:35 - 2008-10-27 10:04 - 00025936 _____ (Microsoft Corporation) C:\WINDOWS\system32\X3DAudio1_5.dll 2015-12-11 22:35 - 2008-10-27 10:04 - 00023376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\X3DAudio1_5.dll 2015-12-11 22:35 - 2008-10-15 06:22 - 05631312 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_40.dll 2015-12-11 22:35 - 2008-10-15 06:22 - 04379984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_40.dll 2015-12-11 22:35 - 2008-10-15 06:22 - 02605920 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_40.dll 2015-12-11 22:35 - 2008-10-15 06:22 - 02036576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_40.dll 2015-12-11 22:35 - 2008-10-15 06:22 - 00519000 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_40.dll 2015-12-11 22:35 - 2008-10-15 06:22 - 00452440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_40.dll 2015-12-11 22:35 - 2008-07-31 10:41 - 00238088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_2.dll 2015-12-11 22:35 - 2008-07-31 10:41 - 00177672 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_2.dll 2015-12-11 22:35 - 2008-07-31 10:41 - 00072200 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAPOFX1_1.dll 2015-12-11 22:35 - 2008-07-31 10:40 - 00513544 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_2.dll 2015-12-11 22:35 - 2008-07-10 11:00 - 04992520 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_39.dll 2015-12-11 22:35 - 2008-07-10 11:00 - 01942552 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_39.dll 2015-12-11 22:35 - 2008-07-10 11:00 - 00540688 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_39.dll 2015-12-11 22:35 - 2008-05-30 14:19 - 00511496 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_1.dll 2015-12-11 22:35 - 2008-05-30 14:19 - 00507400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_1.dll 2015-12-11 22:35 - 2008-05-30 14:18 - 00238088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_1.dll 2015-12-11 22:35 - 2008-05-30 14:18 - 00177672 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_1.dll 2015-12-11 22:35 - 2008-05-30 14:17 - 00068104 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAPOFX1_0.dll 2015-12-11 22:35 - 2008-05-30 14:17 - 00065032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAPOFX1_0.dll 2015-12-11 22:35 - 2008-05-30 14:17 - 00025608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\X3DAudio1_4.dll 2015-12-11 22:35 - 2008-05-30 14:16 - 00028168 _____ (Microsoft Corporation) C:\WINDOWS\system32\X3DAudio1_4.dll 2015-12-11 22:35 - 2008-05-30 14:11 - 04991496 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_38.dll 2015-12-11 22:35 - 2008-05-30 14:11 - 03850760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_38.dll 2015-12-11 22:35 - 2008-05-30 14:11 - 01941528 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_38.dll 2015-12-11 22:35 - 2008-05-30 14:11 - 01491992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_38.dll 2015-12-11 22:35 - 2008-05-30 14:11 - 00540688 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_38.dll 2015-12-11 22:35 - 2008-05-30 14:11 - 00467984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_38.dll 2015-12-11 22:35 - 2008-03-05 16:04 - 00489480 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_0.dll 2015-12-11 22:35 - 2008-03-05 16:03 - 00479752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_0.dll 2015-12-11 22:35 - 2008-03-05 16:03 - 00238088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_0.dll 2015-12-11 22:35 - 2008-03-05 16:03 - 00177672 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_0.dll 2015-12-11 22:35 - 2008-03-05 16:00 - 00028168 _____ (Microsoft Corporation) C:\WINDOWS\system32\X3DAudio1_3.dll 2015-12-11 22:35 - 2008-03-05 16:00 - 00025608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\X3DAudio1_3.dll 2015-12-11 22:35 - 2008-03-05 15:56 - 04910088 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_37.dll 2015-12-11 22:35 - 2008-03-05 15:56 - 03786760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_37.dll 2015-12-11 22:35 - 2008-03-05 15:56 - 01860120 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_37.dll 2015-12-11 22:35 - 2008-03-05 15:56 - 01420824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_37.dll 2015-12-11 22:35 - 2008-02-05 23:07 - 00529424 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_37.dll 2015-12-11 22:35 - 2008-02-05 23:07 - 00462864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_37.dll 2015-12-11 22:34 - 2007-10-22 03:40 - 00411656 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_10.dll 2015-12-11 22:34 - 2007-10-22 03:39 - 00267272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_10.dll 2015-12-11 22:34 - 2007-10-22 03:37 - 00021000 _____ (Microsoft Corporation) C:\WINDOWS\system32\X3DAudio1_2.dll 2015-12-11 22:34 - 2007-10-22 03:37 - 00017928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\X3DAudio1_2.dll 2015-12-11 22:34 - 2007-10-12 15:14 - 05081608 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_36.dll 2015-12-11 22:34 - 2007-10-12 15:14 - 03734536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_36.dll 2015-12-11 22:34 - 2007-10-12 15:14 - 02006552 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_36.dll 2015-12-11 22:34 - 2007-10-12 15:14 - 01374232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_36.dll 2015-12-11 22:34 - 2007-10-02 09:56 - 00508264 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_36.dll 2015-12-11 22:34 - 2007-10-02 09:56 - 00444776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_36.dll 2015-12-11 22:34 - 2007-07-20 00:57 - 00411496 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_9.dll 2015-12-11 22:34 - 2007-07-20 00:57 - 00267112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_9.dll 2015-12-11 22:34 - 2007-07-19 18:14 - 05073256 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_35.dll 2015-12-11 22:34 - 2007-07-19 18:14 - 03727720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_35.dll 2015-12-11 22:34 - 2007-07-19 18:14 - 01985904 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_35.dll 2015-12-11 22:34 - 2007-07-19 18:14 - 01358192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_35.dll 2015-12-11 22:34 - 2007-07-19 18:14 - 00508264 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_35.dll 2015-12-11 22:34 - 2007-07-19 18:14 - 00444776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_35.dll 2015-12-11 22:34 - 2007-06-20 20:49 - 00409960 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_8.dll 2015-12-11 22:34 - 2007-06-20 20:46 - 00266088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_8.dll 2015-12-11 22:34 - 2007-05-16 16:45 - 04496232 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_34.dll 2015-12-11 22:34 - 2007-05-16 16:45 - 03497832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_34.dll 2015-12-11 22:34 - 2007-05-16 16:45 - 01401200 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_34.dll 2015-12-11 22:34 - 2007-05-16 16:45 - 01124720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_34.dll 2015-12-11 22:34 - 2007-05-16 16:45 - 00506728 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_34.dll 2015-12-11 22:34 - 2007-05-16 16:45 - 00443752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_34.dll 2015-12-11 22:34 - 2007-04-04 18:55 - 00403304 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_7.dll 2015-12-11 22:34 - 2007-04-04 18:55 - 00261480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_7.dll 2015-12-11 22:34 - 2007-04-04 18:54 - 00107368 _____ (Microsoft Corporation) C:\WINDOWS\system32\xinput1_3.dll 2015-12-11 22:34 - 2007-04-04 18:53 - 00081768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xinput1_3.dll 2015-12-11 22:34 - 2007-03-15 16:57 - 00506728 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_33.dll 2015-12-11 22:34 - 2007-03-15 16:57 - 00443752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_33.dll 2015-12-11 22:34 - 2007-03-12 16:42 - 04494184 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_33.dll 2015-12-11 22:34 - 2007-03-12 16:42 - 03495784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_33.dll 2015-12-11 22:34 - 2007-03-12 16:42 - 01400176 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_33.dll 2015-12-11 22:34 - 2007-03-12 16:42 - 01123696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_33.dll 2015-12-11 22:34 - 2007-03-05 12:42 - 00017688 _____ (Microsoft Corporation) C:\WINDOWS\system32\x3daudio1_1.dll 2015-12-11 22:34 - 2007-03-05 12:42 - 00015128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\x3daudio1_1.dll 2015-12-11 22:34 - 2007-01-24 15:27 - 00393576 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_6.dll 2015-12-11 22:34 - 2007-01-24 15:27 - 00255848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_6.dll 2015-12-11 22:34 - 2006-12-08 12:02 - 00251672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_5.dll 2015-12-11 22:34 - 2006-12-08 12:00 - 00390424 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_5.dll 2015-12-11 22:34 - 2006-11-29 13:06 - 04398360 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_32.dll 2015-12-11 22:34 - 2006-11-29 13:06 - 03426072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_32.dll 2015-12-11 22:34 - 2006-11-29 13:06 - 00469264 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10.dll 2015-12-11 22:34 - 2006-11-29 13:06 - 00440080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10.dll 2015-12-11 22:34 - 2006-09-28 16:05 - 03977496 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_31.dll 2015-12-11 22:34 - 2006-09-28 16:05 - 02414360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_31.dll 2015-12-11 22:34 - 2006-09-28 16:05 - 00237848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_4.dll 2015-12-11 22:34 - 2006-09-28 16:04 - 00364824 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_4.dll 2015-12-11 22:34 - 2006-07-28 09:31 - 00083736 _____ (Microsoft Corporation) C:\WINDOWS\system32\xinput1_2.dll 2015-12-11 22:34 - 2006-07-28 09:30 - 00363288 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_3.dll 2015-12-11 22:34 - 2006-07-28 09:30 - 00236824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_3.dll 2015-12-11 22:34 - 2006-07-28 09:30 - 00062744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xinput1_2.dll 2015-12-11 22:34 - 2006-05-31 07:24 - 00230168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_2.dll 2015-12-11 22:34 - 2006-05-31 07:22 - 00354072 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_2.dll 2015-12-11 22:34 - 2006-03-31 12:41 - 03927248 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_30.dll 2015-12-11 22:34 - 2006-03-31 12:40 - 02388176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_30.dll 2015-12-11 22:34 - 2006-03-31 12:40 - 00352464 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_1.dll 2015-12-11 22:34 - 2006-03-31 12:39 - 00229584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_1.dll 2015-12-11 22:34 - 2006-03-31 12:39 - 00083664 _____ (Microsoft Corporation) C:\WINDOWS\system32\xinput1_1.dll 2015-12-11 22:34 - 2006-03-31 12:39 - 00062672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xinput1_1.dll 2015-12-11 22:34 - 2006-02-03 08:43 - 03830992 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_29.dll 2015-12-11 22:34 - 2006-02-03 08:43 - 02332368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_29.dll 2015-12-11 22:34 - 2006-02-03 08:42 - 00355536 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_0.dll 2015-12-11 22:34 - 2006-02-03 08:42 - 00230096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_0.dll 2015-12-11 22:34 - 2006-02-03 08:41 - 00016592 _____ (Microsoft Corporation) C:\WINDOWS\system32\x3daudio1_0.dll 2015-12-11 22:34 - 2006-02-03 08:41 - 00014032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\x3daudio1_0.dll 2015-12-11 22:34 - 2005-12-05 18:09 - 03815120 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_28.dll 2015-12-11 22:34 - 2005-12-05 18:09 - 02323664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_28.dll 2015-12-11 22:34 - 2005-07-22 19:59 - 03807440 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_27.dll 2015-12-11 22:34 - 2005-07-22 19:59 - 02319568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_27.dll 2015-12-11 22:34 - 2005-05-26 15:34 - 03767504 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_26.dll 2015-12-11 22:34 - 2005-05-26 15:34 - 02297552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_26.dll 2015-12-11 22:34 - 2005-03-18 17:19 - 03823312 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_25.dll 2015-12-11 22:34 - 2005-03-18 17:19 - 02337488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_25.dll 2015-12-11 22:34 - 2005-02-05 19:45 - 03544272 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_24.dll 2015-12-11 22:34 - 2005-02-05 19:45 - 02222800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_24.dll 2015-12-11 21:58 - 2015-12-11 21:58 - 00000000 ____D C:\Users\theda\AppData\Local\CEF 2015-12-11 21:57 - 2015-12-11 23:06 - 00000000 ____D C:\Users\theda\AppData\Local\Ubisoft Game Launcher 2015-12-11 21:57 - 2015-12-11 21:57 - 66123432 _____ (Ubisoft) C:\Users\theda\Downloads\UplayInstaller.exe 2015-12-11 21:57 - 2015-12-11 21:57 - 00001278 _____ C:\Users\theda\Desktop\Uplay.lnk 2015-12-11 21:57 - 2015-12-11 21:57 - 00000000 ____D C:\Users\theda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ubisoft 2015-12-11 21:57 - 2015-12-11 21:57 - 00000000 ____D C:\Program Files (x86)\Ubisoft 2015-12-10 18:20 - 2015-12-10 18:20 - 00000000 ____D C:\WINDOWS\system32\SleepStudy 2015-12-09 02:09 - 2015-12-19 00:37 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT 2015-12-09 02:09 - 2015-12-09 02:09 - 00000000 _SHDL C:\Users\Default\Vorlagen 2015-12-09 02:09 - 2015-12-09 02:09 - 00000000 _SHDL C:\Users\Default\Startmenü 2015-12-09 02:09 - 2015-12-09 02:09 - 00000000 _SHDL C:\Users\Default\Netzwerkumgebung 2015-12-09 02:09 - 2015-12-09 02:09 - 00000000 _SHDL C:\Users\Default\Lokale Einstellungen 2015-12-09 02:09 - 2015-12-09 02:09 - 00000000 _SHDL C:\Users\Default\Eigene Dateien 2015-12-09 02:09 - 2015-12-09 02:09 - 00000000 _SHDL C:\Users\Default\Druckumgebung 2015-12-09 02:09 - 2015-12-09 02:09 - 00000000 _SHDL C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programme 2015-12-09 02:09 - 2015-12-09 02:09 - 00000000 _SHDL C:\Users\Default\AppData\Local\Verlauf 2015-12-09 02:09 - 2015-12-09 02:09 - 00000000 _SHDL C:\Users\Default\AppData\Local\Anwendungsdaten 2015-12-09 02:09 - 2015-12-09 02:09 - 00000000 _SHDL C:\Users\Default\Anwendungsdaten 2015-12-09 02:09 - 2015-12-09 02:09 - 00000000 _SHDL C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programme 2015-12-09 02:09 - 2015-12-09 02:09 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Verlauf 2015-12-09 02:09 - 2015-12-09 02:09 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Anwendungsdaten 2015-12-09 02:09 - 2015-12-09 02:09 - 00000000 _SHDL C:\Users\Default User 2015-12-09 02:09 - 2015-12-09 02:09 - 00000000 _SHDL C:\Users\All Users 2015-12-09 02:09 - 2015-12-09 02:09 - 00000000 _SHDL C:\Programme 2015-12-09 02:09 - 2015-12-09 02:09 - 00000000 _SHDL C:\ProgramData\Vorlagen 2015-12-09 02:09 - 2015-12-09 02:09 - 00000000 _SHDL C:\ProgramData\Startmenü 2015-12-09 02:09 - 2015-12-09 02:09 - 00000000 _SHDL C:\ProgramData\Microsoft\Windows\Start Menu\Programme 2015-12-09 02:09 - 2015-12-09 02:09 - 00000000 _SHDL C:\ProgramData\Dokumente 2015-12-09 02:09 - 2015-12-09 02:09 - 00000000 _SHDL C:\ProgramData\Anwendungsdaten 2015-12-09 02:09 - 2015-12-09 02:09 - 00000000 _SHDL C:\Program Files\Gemeinsame Dateien 2015-12-09 02:09 - 2015-12-09 02:09 - 00000000 _SHDL C:\Dokumente und Einstellungen 2015-12-09 02:04 - 2015-12-09 02:04 - 00000000 ____H C:\ProgramData\DP45977C.lfl 2015-12-09 02:04 - 2015-12-09 02:04 - 00000000 ____D C:\ProgramData\Creative 2015-12-09 02:03 - 2015-12-09 02:03 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_ASMBSW_01_11_00.Wdf 2015-12-09 02:03 - 2015-12-09 02:03 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_TeeDriverx64_01011.Wdf 2015-12-09 02:03 - 2015-12-09 02:03 - 00000000 ____D C:\WINDOWS\SysWOW64\RTCOM 2015-12-09 02:03 - 2015-12-09 02:03 - 00000000 ____D C:\WINDOWS\system32\DAX2 2015-12-09 02:03 - 2015-12-09 02:03 - 00000000 ____D C:\Program Files\Realtek 2015-12-09 02:03 - 2015-12-09 02:03 - 00000000 ____D C:\Program Files (x86)\ASUS 2015-12-09 02:03 - 2014-01-28 04:16 - 00028672 _____ (ASUSTek Computer Inc.) C:\WINDOWS\SysWOW64\AsIO.dll 2015-12-09 02:03 - 2014-01-28 04:16 - 00015232 _____ C:\WINDOWS\SysWOW64\Drivers\AsIO.sys 2015-12-09 02:00 - 2015-12-08 17:44 - 00000000 ____D C:\ProgramData\NVIDIA Corporation 2015-12-09 02:00 - 2015-12-08 17:33 - 00000000 ____D C:\Program Files\NVIDIA Corporation 2015-12-09 02:00 - 2015-12-08 17:33 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation 2015-12-09 01:55 - 2015-12-09 17:44 - 00189344 _____ C:\WINDOWS\system32\FNTCACHE.DAT 2015-12-09 01:55 - 2015-12-09 01:55 - 00000000 ____D C:\WINDOWS\ServiceProfiles 2015-12-08 22:12 - 2015-12-18 22:22 - 00001137 _____ C:\Users\theda\Desktop\nativelog.txt 2015-12-08 22:11 - 2015-12-08 22:11 - 00000000 ____D C:\Users\theda\AppData\Roaming\NVIDIA 2015-12-08 22:06 - 2015-12-18 22:22 - 00000000 ____D C:\Users\theda\AppData\Roaming\.minecraft 2015-12-08 22:06 - 2015-12-08 22:06 - 00000000 ____D C:\Users\theda\AppData\Roaming\java 2015-12-08 22:02 - 2015-12-08 22:06 - 00000000 ____D C:\Program Files (x86)\Minecraft 2015-12-08 22:02 - 2015-12-08 22:02 - 02314240 _____ C:\Users\theda\Downloads\MinecraftInstaller.msi 2015-12-08 22:02 - 2015-12-08 22:02 - 00001030 _____ C:\Users\Public\Desktop\Minecraft.lnk 2015-12-08 22:02 - 2015-12-08 22:02 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Minecraft 2015-12-08 20:55 - 2015-12-08 20:55 - 00000000 ____D C:\Users\theda\AppData\Local\NetworkTiles 2015-12-08 20:13 - 2015-12-08 20:15 - 00000000 ____D C:\WINDOWS\system32\MRT 2015-12-08 20:13 - 2015-11-23 19:10 - 140158008 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe 2015-12-08 20:08 - 2015-12-01 08:01 - 02115936 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys 2015-12-08 20:08 - 2015-12-01 06:51 - 07523840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll 2015-12-08 20:08 - 2015-12-01 05:59 - 05455360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll 2015-12-08 20:08 - 2015-11-25 06:42 - 04532304 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe 2015-12-08 20:08 - 2015-11-25 06:33 - 03622272 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll 2015-12-08 20:08 - 2015-11-25 06:27 - 01366680 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll 2015-12-08 20:08 - 2015-11-25 06:12 - 04047288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe 2015-12-08 20:08 - 2015-11-25 06:09 - 01310880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll 2015-12-08 20:08 - 2015-11-25 06:01 - 02879024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll 2015-12-08 20:08 - 2015-11-25 05:49 - 01569280 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Globalization.dll 2015-12-08 20:08 - 2015-11-25 05:44 - 21872640 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll 2015-12-08 20:08 - 2015-11-25 05:42 - 24592384 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll 2015-12-08 20:08 - 2015-11-25 05:36 - 01710592 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRHInproc.dll 2015-12-08 20:08 - 2015-11-25 05:35 - 00929792 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRH.dll 2015-12-08 20:08 - 2015-11-25 05:35 - 00845824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Magnify.exe 2015-12-08 20:08 - 2015-11-25 05:34 - 12504576 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll 2015-12-08 20:08 - 2015-11-25 05:31 - 00121344 _____ (Microsoft Corporation) C:\WINDOWS\system32\DAMM.dll 2015-12-08 20:08 - 2015-11-25 05:30 - 00171008 _____ (Microsoft Corporation) C:\WINDOWS\system32\dot3mm.dll 2015-12-08 20:08 - 2015-11-25 05:29 - 01649152 _____ (Microsoft Corporation) C:\WINDOWS\system32\comsvcs.dll 2015-12-08 20:08 - 2015-11-25 05:29 - 00355328 _____ (Microsoft Corporation) C:\WINDOWS\system32\ninput.dll 2015-12-08 20:08 - 2015-11-25 05:28 - 00523776 _____ (Microsoft Corporation) C:\WINDOWS\system32\catsrvut.dll 2015-12-08 20:08 - 2015-11-25 05:27 - 02180608 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll 2015-12-08 20:08 - 2015-11-25 05:25 - 00324096 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvc.dll 2015-12-08 20:08 - 2015-11-25 05:23 - 19323392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll 2015-12-08 20:08 - 2015-11-25 05:23 - 03588096 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys 2015-12-08 20:08 - 2015-11-25 05:23 - 00587776 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieui.dll 2015-12-08 20:08 - 2015-11-25 05:22 - 01717248 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll 2015-12-08 20:08 - 2015-11-25 05:22 - 00603648 _____ (Microsoft Corporation) C:\WINDOWS\system32\duser.dll 2015-12-08 20:08 - 2015-11-25 05:19 - 01795584 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll 2015-12-08 20:08 - 2015-11-25 05:18 - 01233920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Globalization.dll 2015-12-08 20:08 - 2015-11-25 05:17 - 00774656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRH.dll 2015-12-08 20:08 - 2015-11-25 05:16 - 01442816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRHInproc.dll 2015-12-08 20:08 - 2015-11-25 05:16 - 00786432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Magnify.exe 2015-12-08 20:08 - 2015-11-25 05:11 - 00296960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ninput.dll 2015-12-08 20:08 - 2015-11-25 05:10 - 18801664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll 2015-12-08 20:08 - 2015-11-25 05:10 - 01328128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comsvcs.dll 2015-12-08 20:08 - 2015-11-25 05:10 - 00415744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\catsrvut.dll 2015-12-08 20:08 - 2015-11-25 05:05 - 11263488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll 2015-12-08 20:08 - 2015-11-25 05:04 - 01467392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll 2015-12-08 20:08 - 2015-11-25 05:04 - 00480768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\duser.dll 2015-12-08 20:08 - 2015-11-25 05:04 - 00474624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieui.dll 2015-12-08 20:07 - 2015-12-01 07:03 - 00008192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\gpuenergydrv.sys 2015-12-08 20:07 - 2015-12-01 06:54 - 00771072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll 2015-12-08 20:07 - 2015-12-01 06:49 - 04792320 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll 2015-12-08 20:07 - 2015-12-01 06:02 - 03580416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll 2015-12-08 20:07 - 2015-11-25 06:42 - 00168288 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkUXBroker.exe 2015-12-08 20:07 - 2015-11-25 06:41 - 01822280 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll 2015-12-08 20:07 - 2015-11-25 06:40 - 00516448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS 2015-12-08 20:07 - 2015-11-25 06:32 - 00113184 _____ (Microsoft Corporation) C:\WINDOWS\system32\userenv.dll 2015-12-08 20:07 - 2015-11-25 06:11 - 01532984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll 2015-12-08 20:07 - 2015-11-25 05:59 - 00092992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\userenv.dll 2015-12-08 20:07 - 2015-11-25 05:49 - 00498688 _____ (Microsoft Corporation) C:\WINDOWS\system32\WlanMediaManager.dll 2015-12-08 20:07 - 2015-11-25 05:49 - 00467456 _____ (Microsoft Corporation) C:\WINDOWS\system32\MBMediaManager.dll 2015-12-08 20:07 - 2015-11-25 05:49 - 00270336 _____ (Microsoft Corporation) C:\WINDOWS\system32\RasMediaManager.dll 2015-12-08 20:07 - 2015-11-25 05:48 - 00146944 _____ (Microsoft Corporation) C:\WINDOWS\system32\EthernetMediaManager.dll 2015-12-08 20:07 - 2015-11-25 05:48 - 00126464 _____ (Microsoft Corporation) C:\WINDOWS\system32\DAMediaManager.dll 2015-12-08 20:07 - 2015-11-25 05:37 - 02350592 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll 2015-12-08 20:07 - 2015-11-25 05:36 - 00022528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usb8023.sys 2015-12-08 20:07 - 2015-11-25 05:30 - 00147968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rmcast.sys 2015-12-08 20:07 - 2015-11-25 05:30 - 00080896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hdaudbus.sys 2015-12-08 20:07 - 2015-11-25 05:28 - 00572928 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll 2015-12-08 20:07 - 2015-11-25 05:26 - 00849408 _____ (Microsoft Corporation) C:\WINDOWS\system32\comdlg32.dll 2015-12-08 20:07 - 2015-11-25 05:26 - 00181760 _____ (Microsoft Corporation) C:\WINDOWS\system32\shutdownux.dll 2015-12-08 20:07 - 2015-11-25 05:25 - 00067072 _____ (Microsoft Corporation) C:\WINDOWS\system32\profext.dll 2015-12-08 20:07 - 2015-11-25 05:22 - 01383424 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys 2015-12-08 20:07 - 2015-11-25 05:22 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\system32\kbdgeoqw.dll 2015-12-08 20:07 - 2015-11-25 05:22 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\system32\KBDAZST.DLL 2015-12-08 20:07 - 2015-11-25 05:22 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\system32\KBDAZEL.DLL 2015-12-08 20:07 - 2015-11-25 05:22 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\system32\KBDAZE.DLL 2015-12-08 20:07 - 2015-11-25 05:19 - 00185344 _____ (Microsoft Corporation) C:\WINDOWS\system32\psmsrv.dll 2015-12-08 20:07 - 2015-11-25 05:13 - 02153984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll 2015-12-08 20:07 - 2015-11-25 05:10 - 00503296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll 2015-12-08 20:07 - 2015-11-25 05:08 - 00749568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comdlg32.dll 2015-12-08 20:07 - 2015-11-25 05:07 - 00053248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\profext.dll 2015-12-08 20:07 - 2015-11-25 05:04 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kbdgeoqw.dll 2015-12-08 20:07 - 2015-11-25 05:04 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KBDAZST.DLL 2015-12-08 20:07 - 2015-11-25 05:04 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KBDAZEL.DLL 2015-12-08 20:07 - 2015-11-25 05:04 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KBDAZE.DLL 2015-12-08 20:07 - 2015-11-25 03:52 - 00775312 _____ C:\WINDOWS\SysWOW64\locale.nls 2015-12-08 20:07 - 2015-11-25 03:52 - 00775312 _____ C:\WINDOWS\system32\locale.nls 2015-12-08 20:02 - 2015-12-08 20:02 - 00000000 ____D C:\Users\theda\AppData\Local\ElevatedDiagnostics 2015-12-08 19:52 - 2015-12-08 19:52 - 31017664 _____ (TeamSpeak Systems GmbH) C:\Users\theda\Downloads\TeamSpeak3-Client-win64-3.0.18.2 (1).exe 2015-12-08 19:49 - 2015-12-19 00:39 - 00000000 ____D C:\Users\theda\AppData\Roaming\TS3Client 2015-12-08 19:49 - 2015-12-19 00:38 - 00001136 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job 2015-12-08 19:49 - 2015-12-18 23:54 - 00001140 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job 2015-12-08 19:49 - 2015-12-16 20:56 - 00002252 _____ C:\Users\Public\Desktop\Google Chrome.lnk 2015-12-08 19:49 - 2015-12-08 19:52 - 00001284 _____ C:\Users\theda\Desktop\TeamSpeak 3 Client.lnk 2015-12-08 19:49 - 2015-12-08 19:49 - 00004198 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA 2015-12-08 19:49 - 2015-12-08 19:49 - 00003966 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore 2015-12-08 19:49 - 2015-12-08 19:49 - 00000000 ____D C:\Users\theda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TeamSpeak 3 Client 2015-12-08 19:49 - 2015-12-08 19:49 - 00000000 ____D C:\Users\theda\AppData\Local\TeamSpeak 3 Client 2015-12-08 19:49 - 2015-12-08 19:49 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome 2015-12-08 19:49 - 2015-12-08 19:49 - 00000000 ____D C:\Program Files (x86)\Google 2015-12-08 19:48 - 2015-12-08 20:46 - 00000000 ____D C:\Users\theda\AppData\Local\Google 2015-12-08 19:48 - 2015-12-08 19:48 - 00927824 _____ (Google Inc.) C:\Users\theda\Downloads\ChromeSetup.exe 2015-12-08 19:47 - 2015-12-08 19:48 - 31017664 _____ (TeamSpeak Systems GmbH) C:\Users\theda\Downloads\TeamSpeak3-Client-win64-3.0.18.2.exe 2015-12-08 18:49 - 2015-12-08 18:49 - 00001327 _____ C:\Users\Public\Desktop\World of Warcraft.lnk 2015-12-08 18:49 - 2015-12-08 18:49 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\World of Warcraft 2015-12-08 18:47 - 2015-12-18 20:25 - 00000000 ____D C:\Program Files (x86)\World of Warcraft 2015-12-08 18:47 - 2015-12-08 18:47 - 00000000 ____D C:\Data 2015-12-08 18:46 - 2015-12-19 00:34 - 00000000 ____D C:\Users\theda\AppData\Local\Battle.net 2015-12-08 18:46 - 2015-12-08 18:47 - 00000000 ____D C:\Users\theda\AppData\Roaming\Battle.net 2015-12-08 18:46 - 2015-12-08 18:46 - 00001191 _____ C:\Users\Public\Desktop\Battle.net.lnk 2015-12-08 18:46 - 2015-12-08 18:46 - 00000000 ____D C:\Users\theda\AppData\Local\Blizzard Entertainment 2015-12-08 18:46 - 2015-12-08 18:46 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battle.net 2015-12-08 18:46 - 2015-12-08 18:46 - 00000000 ____D C:\ProgramData\Blizzard Entertainment 2015-12-08 18:45 - 2015-12-18 19:38 - 00000000 ____D C:\Program Files (x86)\Battle.net 2015-12-08 18:44 - 2015-12-08 18:44 - 02950200 _____ (Blizzard Entertainment) C:\Users\theda\Downloads\Battle.net-Setup.exe 2015-12-08 18:44 - 2015-12-08 18:44 - 00000000 ____D C:\ProgramData\Battle.net 2015-12-08 18:41 - 2015-12-08 18:41 - 00000000 ____D C:\Users\theda\AppData\Roaming\LolClient 2015-12-08 18:13 - 2015-12-19 00:38 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys 2015-12-08 18:13 - 2015-12-08 18:13 - 00000000 ____D C:\Users\theda\Tracing 2015-12-08 18:12 - 2015-12-19 00:39 - 00000000 ____D C:\Users\theda\AppData\Roaming\Skype 2015-12-08 18:12 - 2015-12-08 18:18 - 00000000 ___RD C:\Program Files (x86)\Skype 2015-12-08 18:12 - 2015-12-08 18:12 - 22908888 _____ (Malwarebytes ) C:\Users\theda\Downloads\mbam-setup-web.NT-2.2.0.1024.exe 2015-12-08 18:12 - 2015-12-08 18:12 - 00002642 _____ C:\Users\Public\Desktop\Skype.lnk 2015-12-08 18:12 - 2015-12-08 18:12 - 00001175 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk 2015-12-08 18:12 - 2015-12-08 18:12 - 00000000 ____D C:\ProgramData\Skype 2015-12-08 18:12 - 2015-12-08 18:12 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype 2015-12-08 18:12 - 2015-12-08 18:12 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 2015-12-08 18:12 - 2015-12-08 18:12 - 00000000 ____D C:\ProgramData\Malwarebytes 2015-12-08 18:12 - 2015-12-08 18:12 - 00000000 ____D C:\Program Files (x86)\ Malwarebytes Anti-Malware 2015-12-08 18:12 - 2015-10-05 09:50 - 00109272 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamchameleon.sys 2015-12-08 18:12 - 2015-10-05 09:50 - 00064216 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys 2015-12-08 18:12 - 2015-10-05 09:50 - 00025816 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys 2015-12-08 18:11 - 2015-12-08 18:11 - 01504384 _____ (Skype Technologies S.A.) C:\Users\theda\Downloads\SkypeSetup.exe 2015-12-08 17:59 - 2015-12-08 17:59 - 00001585 _____ C:\Users\Public\Desktop\League of Legends.lnk 2015-12-08 17:59 - 2015-12-08 17:59 - 00000000 ____D C:\Riot Games 2015-12-08 17:59 - 2015-12-08 17:59 - 00000000 ____D C:\ProgramData\Riot Games 2015-12-08 17:59 - 2015-12-08 17:59 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\League of Legends 2015-12-08 17:59 - 2008-07-31 10:41 - 00068616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAPOFX1_1.dll 2015-12-08 17:59 - 2008-07-31 10:40 - 00509448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_2.dll 2015-12-08 17:59 - 2008-07-12 08:18 - 03851784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_39.dll 2015-12-08 17:59 - 2008-07-12 08:18 - 01493528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_39.dll 2015-12-08 17:59 - 2008-07-12 08:18 - 00467984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_39.dll 2015-12-08 17:58 - 2015-12-08 17:59 - 00000000 ____D C:\Users\theda\AppData\Roaming\Riot Games 2015-12-08 17:58 - 2015-12-08 17:58 - 30668968 _____ (Riot Games) C:\Users\theda\Downloads\LeagueofLegends_EUW_Installer_9_15_2014.exe 2015-12-08 17:57 - 2015-12-08 17:57 - 00000000 ____D C:\Users\theda\AppData\Roaming\Macromedia 2015-12-08 17:55 - 2015-12-08 17:55 - 00002134 _____ C:\Users\Public\Desktop\3D Vision Photo Viewer.lnk 2015-12-08 17:55 - 2015-12-08 17:55 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation 2015-12-08 17:50 - 2015-12-08 17:50 - 00888064 _____ (Realtek ) C:\WINDOWS\system32\Drivers\rt640x64.sys 2015-12-08 17:50 - 2015-12-08 17:50 - 00082544 _____ (Realtek Semiconductor Corporation) C:\WINDOWS\system32\RtNicProp64.dll 2015-12-08 17:48 - 2015-12-08 17:48 - 02339728 _____ (Creative Technology Ltd.) C:\WINDOWS\system32\AFXAPO64.dll 2015-12-08 17:48 - 2015-12-08 17:48 - 01972952 _____ (Creative Technology Ltd.) C:\WINDOWS\SysWOW64\AFXAPO32.dll 2015-12-08 17:48 - 2015-12-08 17:48 - 00743120 _____ (Creative Technology Ltd) C:\WINDOWS\SysWOW64\APOIM64.exe 2015-12-08 17:48 - 2015-12-08 17:48 - 00349192 _____ (Creative Technology Ltd.) C:\WINDOWS\system32\AFXCTL64.dll 2015-12-08 17:48 - 2015-12-08 17:48 - 00304136 _____ (Creative Technology Ltd.) C:\WINDOWS\SysWOW64\AFXCTL32.dll 2015-12-08 17:48 - 2015-12-08 17:48 - 00051208 _____ (Creative Technology Ltd.) C:\WINDOWS\SysWOW64\AddCat.exe 2015-12-08 17:48 - 2015-12-08 17:48 - 00031240 _____ (Creative Technology Ltd.) C:\WINDOWS\SysWOW64\CtEpDef32.exe 2015-12-08 17:48 - 2015-12-08 17:48 - 00020254 _____ C:\WINDOWS\SysWOW64\AFXAPO64.hda 2015-12-08 17:48 - 2015-12-08 17:48 - 00020254 _____ C:\WINDOWS\system32\AFXAPO64.hda 2015-12-08 17:48 - 2015-12-08 17:48 - 00019390 _____ C:\WINDOWS\system32\CtAfx.ini 2015-12-08 17:45 - 2015-12-08 17:45 - 00000000 ____D C:\Users\theda\AppData\Roaming\Avira 2015-12-08 17:43 - 2015-12-08 17:43 - 00000000 ____D C:\Users\theda\AppData\Roaming\Mozilla 2015-12-08 17:43 - 2015-11-05 15:41 - 00102520 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvStreaming.exe 2015-12-08 17:42 - 2015-12-08 17:42 - 42922824 _____ C:\WINDOWS\system32\nvcompiler.dll 2015-12-08 17:42 - 2015-12-08 17:42 - 37890888 _____ C:\WINDOWS\SysWOW64\nvcompiler.dll 2015-12-08 17:42 - 2015-12-08 17:42 - 22352528 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglv64.dll 2015-12-08 17:42 - 2015-12-08 17:42 - 18496280 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvwgf2umx.dll 2015-12-08 17:42 - 2015-12-08 17:42 - 18397840 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglv32.dll 2015-12-08 17:42 - 2015-12-08 17:42 - 16570048 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvopencl.dll 2015-12-08 17:42 - 2015-12-08 17:42 - 15942648 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvwgf2um.dll 2015-12-08 17:42 - 2015-12-08 17:42 - 15847936 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvd3dumx.dll 2015-12-08 17:42 - 2015-12-08 17:42 - 14853032 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll 2015-12-08 17:42 - 2015-12-08 17:42 - 13542336 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvopencl.dll 2015-12-08 17:42 - 2015-12-08 17:42 - 12878928 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvd3dum.dll 2015-12-08 17:42 - 2015-12-08 17:42 - 12049688 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll 2015-12-08 17:42 - 2015-12-08 17:42 - 11227280 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvlddmkm.sys 2015-12-08 17:42 - 2015-12-08 17:42 - 03549088 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll 2015-12-08 17:42 - 2015-12-08 17:42 - 03135528 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll 2015-12-08 17:42 - 2015-12-08 17:42 - 02885448 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll 2015-12-08 17:42 - 2015-12-08 17:42 - 02505360 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll 2015-12-08 17:42 - 2015-12-08 17:42 - 01914184 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6435891.dll 2015-12-08 17:42 - 2015-12-08 17:42 - 01581208 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvhdagenco6420103.dll 2015-12-08 17:42 - 2015-12-08 17:42 - 01573520 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6435891.dll 2015-12-08 17:42 - 2015-12-08 17:42 - 01025088 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncMFTH264.dll 2015-12-08 17:42 - 2015-12-08 17:42 - 00886416 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll 2015-12-08 17:42 - 2015-12-08 17:42 - 00870544 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll 2015-12-08 17:42 - 2015-12-08 17:42 - 00831960 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncMFTH264.dll 2015-12-08 17:42 - 2015-12-08 17:42 - 00698512 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll 2015-12-08 17:42 - 2015-12-08 17:42 - 00682824 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll 2015-12-08 17:42 - 2015-12-08 17:42 - 00609968 _____ C:\WINDOWS\system32\nvmcumd.dll 2015-12-08 17:42 - 2015-12-08 17:42 - 00548376 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvumdshimx.dll 2015-12-08 17:42 - 2015-12-08 17:42 - 00512144 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvDecMFTMjpeg.dll 2015-12-08 17:42 - 2015-12-08 17:42 - 00509600 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll 2015-12-08 17:42 - 2015-12-08 17:42 - 00455496 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvDecMFTMjpeg.dll 2015-12-08 17:42 - 2015-12-08 17:42 - 00453944 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvumdshim.dll 2015-12-08 17:42 - 2015-12-08 17:42 - 00431296 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll 2015-12-08 17:42 - 2015-12-08 17:42 - 00422728 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll 2015-12-08 17:42 - 2015-12-08 17:42 - 00378184 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll 2015-12-08 17:42 - 2015-12-08 17:42 - 00214168 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvhda64v.sys 2015-12-08 17:42 - 2015-12-08 17:42 - 00186144 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvinitx.dll 2015-12-08 17:42 - 2015-12-08 17:42 - 00164520 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvinit.dll 2015-12-08 17:42 - 2015-12-08 17:42 - 00160096 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglshim64.dll 2015-12-08 17:42 - 2015-12-08 17:42 - 00137240 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglshim32.dll 2015-12-08 17:42 - 2015-12-08 17:42 - 00047952 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvhdap64.dll 2015-12-08 17:42 - 2015-11-20 15:35 - 00146696 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avipbb.sys 2015-12-08 17:42 - 2015-11-20 15:35 - 00135880 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avgntflt.sys 2015-12-08 17:42 - 2015-11-20 15:35 - 00073032 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avnetflt.sys 2015-12-08 17:42 - 2015-11-20 15:35 - 00035488 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avkmgr.sys 2015-12-08 17:39 - 2015-12-08 17:43 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira 2015-12-08 17:39 - 2015-12-08 17:42 - 00000000 ____D C:\ProgramData\Avira 2015-12-08 17:39 - 2015-12-08 17:42 - 00000000 ____D C:\Program Files (x86)\Avira 2015-12-08 17:39 - 2015-12-08 17:39 - 00001287 _____ C:\Users\Public\Desktop\Avira Launcher.lnk 2015-12-08 17:38 - 2015-12-08 17:38 - 04600536 _____ (Avira Operations GmbH & Co. KG) C:\Users\theda\Downloads\avira_de_av_56670780c823c__ws.exe 2015-12-08 17:38 - 2015-12-08 17:38 - 00000000 ____D C:\ProgramData\Package Cache 2015-12-08 17:35 - 2015-12-19 00:38 - 00000000 ___RD C:\Users\theda\OneDrive 2015-12-08 17:35 - 2015-12-09 17:49 - 00002387 _____ C:\Users\theda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk 2015-12-08 17:34 - 2015-12-08 17:38 - 00000000 ____D C:\Users\theda\AppData\Local\MicrosoftEdge 2015-12-08 17:34 - 2015-12-08 17:34 - 00000000 ____D C:\Users\theda\AppData\Local\NVIDIA 2015-12-08 17:34 - 2015-12-08 17:34 - 00000000 ____D C:\ProgramData\Microsoft OneDrive 2015-12-08 17:33 - 2015-12-19 00:37 - 00000000 ____D C:\ProgramData\NVIDIA 2015-12-08 17:33 - 2015-12-08 17:35 - 00000000 ____D C:\Users\theda\AppData\Local\Comms 2015-12-08 17:33 - 2015-11-05 16:08 - 06358648 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll 2015-12-08 17:33 - 2015-11-05 16:08 - 02983216 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc64.dll 2015-12-08 17:33 - 2015-11-05 16:08 - 02554672 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll 2015-12-08 17:33 - 2015-11-05 16:08 - 00938616 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvvsvc.exe 2015-12-08 17:33 - 2015-11-05 16:08 - 00385328 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmctray.dll 2015-12-08 17:33 - 2015-11-05 16:08 - 00062584 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll 2015-12-08 17:33 - 2015-10-28 14:49 - 06027430 _____ C:\WINDOWS\system32\nvcoproc.bin 2015-12-08 17:32 - 2015-12-08 17:42 - 00121672 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll 2015-12-08 17:32 - 2015-12-08 17:42 - 00113808 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll 2015-12-08 17:31 - 2015-12-08 17:49 - 00000000 ____D C:\Users\theda\AppData\Local\PackageStaging 2015-12-08 17:31 - 2015-12-08 17:31 - 00000000 ____D C:\Users\theda\AppData\Local\Publishers 2015-12-08 17:30 - 2015-12-11 15:18 - 00000000 ____D C:\Users\theda\AppData\Local\Packages 2015-12-08 17:30 - 2015-12-09 17:48 - 00000000 __RHD C:\Users\Public\AccountPictures 2015-12-08 17:30 - 2015-12-08 17:30 - 01898312 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6435354.dll 2015-12-08 17:30 - 2015-12-08 17:30 - 01557648 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6435354.dll 2015-12-08 17:30 - 2015-12-08 17:30 - 00016148 _____ C:\WINDOWS\system32\DESKTOP-4AC1IMP_defaultuser0_HistoryPrediction.bin 2015-12-08 17:30 - 2015-12-08 17:30 - 00000000 ____D C:\Users\theda\AppData\Roaming\Adobe 2015-12-08 17:30 - 2015-12-08 17:30 - 00000000 ____D C:\Users\theda\AppData\Local\VirtualStore 2015-12-08 17:30 - 2015-12-08 17:30 - 00000000 ____D C:\Users\theda\AppData\Local\TileDataLayer 2015-12-08 17:29 - 2015-12-18 15:34 - 00000000 ____D C:\Users\theda 2015-12-08 17:29 - 2015-12-08 17:29 - 00000020 ___SH C:\Users\theda\ntuser.ini 2015-12-08 17:29 - 2015-12-08 17:29 - 00000000 _SHDL C:\Users\theda\Vorlagen 2015-12-08 17:29 - 2015-12-08 17:29 - 00000000 _SHDL C:\Users\theda\Startmenü 2015-12-08 17:29 - 2015-12-08 17:29 - 00000000 _SHDL C:\Users\theda\Netzwerkumgebung 2015-12-08 17:29 - 2015-12-08 17:29 - 00000000 _SHDL C:\Users\theda\Lokale Einstellungen 2015-12-08 17:29 - 2015-12-08 17:29 - 00000000 _SHDL C:\Users\theda\Eigene Dateien 2015-12-08 17:29 - 2015-12-08 17:29 - 00000000 _SHDL C:\Users\theda\Druckumgebung 2015-12-08 17:29 - 2015-12-08 17:29 - 00000000 _SHDL C:\Users\theda\AppData\Roaming\Microsoft\Windows\Start Menu\Programme 2015-12-08 17:29 - 2015-12-08 17:29 - 00000000 _SHDL C:\Users\theda\AppData\Local\Verlauf 2015-12-08 17:29 - 2015-12-08 17:29 - 00000000 _SHDL C:\Users\theda\AppData\Local\Anwendungsdaten 2015-12-08 17:29 - 2015-12-08 17:29 - 00000000 _SHDL C:\Users\theda\Anwendungsdaten 2015-12-08 17:14 - 2015-12-19 00:43 - 01790124 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2015-12-08 17:11 - 2015-07-10 11:59 - 02718208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll 2015-12-08 17:10 - 2015-12-08 17:10 - 00000000 ____D C:\ProgramData\USOShared 2015-12-08 16:53 - 2015-12-08 16:53 - 00000000 _____ C:\Recovery.txt 2015-12-08 16:51 - 2015-12-08 20:43 - 00000000 ___DC C:\WINDOWS\Panther 2015-12-08 16:51 - 2015-12-08 16:52 - 00000000 ____D C:\Windows.old 2015-12-08 16:51 - 2015-12-08 16:51 - 00008192 _____ C:\WINDOWS\system32\config\userdiff 2015-12-08 16:51 - 2015-12-08 16:51 - 00000000 ____D C:\WINDOWS\InfusedApps 2015-12-08 16:51 - 2015-12-08 16:51 - 00000000 ____D C:\Program Files\Elantech 2015-12-08 16:50 - 2015-12-08 16:50 - 00000000 ____D C:\Program Files\ASUS 2015-12-08 16:49 - 2015-12-08 16:49 - 00000000 ____D C:\WINDOWS\Setup 2015-12-08 16:43 - 2015-12-08 16:43 - 00000000 ____D C:\WINDOWS\SysWOW64\XPSViewer 2015-12-08 16:43 - 2015-12-08 16:43 - 00000000 ____D C:\WINDOWS\OCR 2015-12-08 16:43 - 2015-12-08 16:43 - 00000000 ____D C:\Program Files\Reference Assemblies 2015-12-08 16:43 - 2015-12-08 16:43 - 00000000 ____D C:\Program Files\MSBuild 2015-12-08 16:43 - 2015-12-08 16:43 - 00000000 ____D C:\Program Files (x86)\Reference Assemblies 2015-12-08 16:43 - 2015-12-08 16:43 - 00000000 ____D C:\Program Files (x86)\MSBuild 2015-12-08 16:42 - 2015-12-19 00:43 - 00771100 _____ C:\WINDOWS\system32\perfh007.dat 2015-12-08 16:42 - 2015-12-19 00:43 - 00153964 _____ C:\WINDOWS\system32\perfc007.dat 2015-12-08 16:42 - 2015-12-08 16:42 - 00305634 _____ C:\WINDOWS\system32\perfi007.dat 2015-12-08 16:42 - 2015-12-08 16:42 - 00040390 _____ C:\WINDOWS\system32\perfd007.dat 2015-12-08 16:42 - 2015-12-08 16:42 - 00000000 ____D C:\WINDOWS\SysWOW64\winrm 2015-12-08 16:42 - 2015-12-08 16:42 - 00000000 ____D C:\WINDOWS\SysWOW64\WCN 2015-12-08 16:42 - 2015-12-08 16:42 - 00000000 ____D C:\WINDOWS\SysWOW64\sysprep 2015-12-08 16:42 - 2015-12-08 16:42 - 00000000 ____D C:\WINDOWS\SysWOW64\slmgr 2015-12-08 16:42 - 2015-12-08 16:42 - 00000000 ____D C:\WINDOWS\SysWOW64\Printing_Admin_Scripts 2015-12-08 16:42 - 2015-12-08 16:42 - 00000000 ____D C:\WINDOWS\SysWOW64\de 2015-12-08 16:42 - 2015-12-08 16:42 - 00000000 ____D C:\WINDOWS\SysWOW64\0409 2015-12-08 16:42 - 2015-12-08 16:42 - 00000000 ____D C:\WINDOWS\system32\winrm 2015-12-08 16:42 - 2015-12-08 16:42 - 00000000 ____D C:\WINDOWS\system32\WCN 2015-12-08 16:42 - 2015-12-08 16:42 - 00000000 ____D C:\WINDOWS\system32\slmgr 2015-12-08 16:42 - 2015-12-08 16:42 - 00000000 ____D C:\WINDOWS\system32\Printing_Admin_Scripts 2015-12-08 16:42 - 2015-12-08 16:42 - 00000000 ____D C:\WINDOWS\system32\de 2015-12-08 16:42 - 2015-12-08 16:42 - 00000000 ____D C:\WINDOWS\system32\0409 2015-12-08 16:42 - 2015-12-08 16:42 - 00000000 ____D C:\WINDOWS\DigitalLocker 2015-12-08 16:39 - 2015-12-01 01:32 - 00826872 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe 2015-12-08 16:39 - 2015-12-01 01:32 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl 2015-12-08 16:38 - 2015-12-08 16:53 - 00028672 _____ C:\WINDOWS\system32\config\BCD-Template 2015-12-08 16:38 - 2015-12-08 16:36 - 00229888 _____ (Microsoft Corporation) C:\WINDOWS\system32\msclmd.dll 2015-12-08 16:38 - 2015-12-08 16:36 - 00215943 _____ C:\WINDOWS\SysWOW64\dssec.dat 2015-12-08 16:38 - 2015-12-08 16:36 - 00215943 _____ C:\WINDOWS\system32\dssec.dat 2015-12-08 16:38 - 2015-12-08 16:36 - 00208384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msclmd.dll 2015-12-08 16:38 - 2015-12-08 16:36 - 00017463 _____ C:\WINDOWS\system32\Drivers\etc\services 2015-12-08 16:38 - 2015-12-08 16:36 - 00015462 _____ C:\WINDOWS\system32\OEMDefaultAssociations.xml 2015-12-08 16:38 - 2015-12-08 16:36 - 00008798 _____ C:\WINDOWS\SysWOW64\icrav03.rat 2015-12-08 16:38 - 2015-12-08 16:36 - 00008798 _____ C:\WINDOWS\system32\icrav03.rat 2015-12-08 16:38 - 2015-12-08 16:36 - 00003683 _____ C:\WINDOWS\system32\Drivers\etc\lmhosts.sam 2015-12-08 16:38 - 2015-12-08 16:36 - 00001988 _____ C:\WINDOWS\SysWOW64\ticrf.rat 2015-12-08 16:38 - 2015-12-08 16:36 - 00001988 _____ C:\WINDOWS\system32\ticrf.rat 2015-12-08 16:38 - 2015-12-08 16:36 - 00001358 _____ C:\WINDOWS\system32\Drivers\etc\protocol 2015-12-08 16:38 - 2015-12-08 16:36 - 00000858 _____ C:\WINDOWS\system32\DefaultQuestions.json 2015-12-08 16:38 - 2015-12-08 16:36 - 00000741 _____ C:\WINDOWS\SysWOW64\NOISE.DAT 2015-12-08 16:38 - 2015-12-08 16:36 - 00000741 _____ C:\WINDOWS\system32\NOISE.DAT 2015-12-08 16:38 - 2015-12-08 16:36 - 00000407 _____ C:\WINDOWS\system32\Drivers\etc\networks 2015-12-08 16:38 - 2015-12-08 16:36 - 00000389 _____ C:\WINDOWS\system32\AutoWorkplace.exe.config 2015-12-08 16:37 - 2015-12-18 14:38 - 00000000 ___HD C:\Program Files\WindowsApps 2015-12-08 16:37 - 2015-12-18 14:38 - 00000000 ____D C:\WINDOWS\AppReadiness 2015-12-08 16:37 - 2015-12-11 23:09 - 00000000 ____D C:\Program Files\Common Files\microsoft shared 2015-12-08 16:37 - 2015-12-11 17:34 - 00000000 ____D C:\WINDOWS\rescache 2015-12-08 16:37 - 2015-12-09 17:42 - 00000000 ___SD C:\WINDOWS\SysWOW64\F12 2015-12-08 16:37 - 2015-12-09 17:42 - 00000000 ____D C:\WINDOWS\SysWOW64\oobe 2015-12-08 16:37 - 2015-12-09 17:42 - 00000000 ____D C:\WINDOWS\SysWOW64\Dism 2015-12-08 16:37 - 2015-12-09 17:41 - 00000000 ___SD C:\WINDOWS\system32\F12 2015-12-08 16:37 - 2015-12-09 17:41 - 00000000 ___RD C:\WINDOWS\PurchaseDialog 2015-12-08 16:37 - 2015-12-09 17:41 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel 2015-12-08 16:37 - 2015-12-09 17:41 - 00000000 ___RD C:\WINDOWS\DevicesFlow 2015-12-08 16:37 - 2015-12-09 17:41 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns 2015-12-08 16:37 - 2015-12-09 17:41 - 00000000 ____D C:\WINDOWS\system32\SystemResetPlatform 2015-12-08 16:37 - 2015-12-09 17:41 - 00000000 ____D C:\WINDOWS\system32\oobe 2015-12-08 16:37 - 2015-12-09 17:41 - 00000000 ____D C:\WINDOWS\system32\Dism 2015-12-08 16:37 - 2015-12-09 17:41 - 00000000 ____D C:\WINDOWS\system32\appraiser 2015-12-08 16:37 - 2015-12-09 17:41 - 00000000 ____D C:\WINDOWS\Provisioning 2015-12-08 16:37 - 2015-12-09 17:41 - 00000000 ____D C:\WINDOWS\L2Schemas 2015-12-08 16:37 - 2015-12-09 17:41 - 00000000 ____D C:\Program Files\Windows Journal 2015-12-08 16:37 - 2015-12-09 02:09 - 00000000 ____D C:\Program Files\Windows NT 2015-12-08 16:37 - 2015-12-09 02:06 - 00000000 ____D C:\WINDOWS\system32\Sysprep 2015-12-08 16:37 - 2015-12-08 17:33 - 00000000 ____D C:\WINDOWS\Help 2015-12-08 16:37 - 2015-12-08 17:31 - 00000000 ___RD C:\WINDOWS\PrintDialog 2015-12-08 16:37 - 2015-12-08 17:31 - 00000000 ___RD C:\WINDOWS\MiracastView 2015-12-08 16:37 - 2015-12-08 17:29 - 00000000 ____D C:\WINDOWS\system32\WinBioDatabase 2015-12-08 16:37 - 2015-12-08 17:11 - 00000000 ____D C:\WINDOWS\system32\spool 2015-12-08 16:37 - 2015-12-08 17:11 - 00000000 ____D C:\WINDOWS\system32\FxsTmp 2015-12-08 16:37 - 2015-12-08 17:10 - 00000000 ____D C:\ProgramData\USOPrivate 2015-12-08 16:37 - 2015-12-08 16:43 - 00000000 ____D C:\WINDOWS\SysWOW64\MUI 2015-12-08 16:37 - 2015-12-08 16:43 - 00000000 ____D C:\WINDOWS\system32\MUI 2015-12-08 16:37 - 2015-12-08 16:42 - 00000000 ___SD C:\WINDOWS\SysWOW64\DiagSvcs 2015-12-08 16:37 - 2015-12-08 16:42 - 00000000 ___SD C:\WINDOWS\system32\dsc 2015-12-08 16:37 - 2015-12-08 16:42 - 00000000 ___SD C:\WINDOWS\system32\DiagSvcs 2015-12-08 16:37 - 2015-12-08 16:42 - 00000000 ____D C:\WINDOWS\SysWOW64\setup 2015-12-08 16:37 - 2015-12-08 16:42 - 00000000 ____D C:\WINDOWS\SysWOW64\Com 2015-12-08 16:37 - 2015-12-08 16:42 - 00000000 ____D C:\WINDOWS\system32\setup 2015-12-08 16:37 - 2015-12-08 16:42 - 00000000 ____D C:\WINDOWS\system32\migwiz 2015-12-08 16:37 - 2015-12-08 16:42 - 00000000 ____D C:\WINDOWS\system32\Com 2015-12-08 16:37 - 2015-12-08 16:42 - 00000000 ____D C:\WINDOWS\PolicyDefinitions 2015-12-08 16:37 - 2015-12-08 16:42 - 00000000 ____D C:\WINDOWS\IME 2015-12-08 16:37 - 2015-12-08 16:42 - 00000000 ____D C:\Program Files\Windows Photo Viewer 2015-12-08 16:37 - 2015-12-08 16:42 - 00000000 ____D C:\Program Files\Windows Defender 2015-12-08 16:37 - 2015-12-08 16:42 - 00000000 ____D C:\Program Files\Common Files\System 2015-12-08 16:37 - 2015-12-08 16:42 - 00000000 ____D C:\Program Files (x86)\Windows Photo Viewer 2015-12-08 16:37 - 2015-12-08 16:42 - 00000000 ____D C:\Program Files (x86)\Windows Defender 2015-12-08 16:37 - 2015-12-08 16:38 - 00000000 __RSD C:\WINDOWS\Media 2015-12-08 16:37 - 2015-12-08 16:38 - 00000000 ___SD C:\WINDOWS\SysWOW64\Nui 2015-12-08 16:37 - 2015-12-08 16:38 - 00000000 ___SD C:\WINDOWS\system32\Nui 2015-12-08 16:37 - 2015-12-08 16:38 - 00000000 ___RD C:\WINDOWS\Offline Web Pages 2015-12-08 16:37 - 2015-12-08 16:38 - 00000000 ____D C:\WINDOWS\SysWOW64\WinMetadata 2015-12-08 16:37 - 2015-12-08 16:38 - 00000000 ____D C:\WINDOWS\SysWOW64\migwiz 2015-12-08 16:37 - 2015-12-08 16:38 - 00000000 ____D C:\WINDOWS\SysWOW64\icsxml 2015-12-08 16:37 - 2015-12-08 16:38 - 00000000 ____D C:\WINDOWS\SysWOW64\downlevel 2015-12-08 16:37 - 2015-12-08 16:38 - 00000000 ____D C:\WINDOWS\SysWOW64\Bthprops 2015-12-08 16:37 - 2015-12-08 16:38 - 00000000 ____D C:\WINDOWS\SysWOW64\AdvancedInstallers 2015-12-08 16:37 - 2015-12-08 16:38 - 00000000 ____D C:\WINDOWS\system32\WinMetadata 2015-12-08 16:37 - 2015-12-08 16:38 - 00000000 ____D C:\WINDOWS\system32\SecureBootUpdates 2015-12-08 16:37 - 2015-12-08 16:38 - 00000000 ____D C:\WINDOWS\system32\MsDtc 2015-12-08 16:37 - 2015-12-08 16:38 - 00000000 ____D C:\WINDOWS\system32\MailContactsCalendarSync 2015-12-08 16:37 - 2015-12-08 16:38 - 00000000 ____D C:\WINDOWS\system32\icsxml 2015-12-08 16:37 - 2015-12-08 16:38 - 00000000 ____D C:\WINDOWS\system32\ias 2015-12-08 16:37 - 2015-12-08 16:38 - 00000000 ____D C:\WINDOWS\system32\downlevel 2015-12-08 16:37 - 2015-12-08 16:38 - 00000000 ____D C:\WINDOWS\system32\Bthprops 2015-12-08 16:37 - 2015-12-08 16:38 - 00000000 ____D C:\WINDOWS\system32\AdvancedInstallers 2015-12-08 16:37 - 2015-12-08 16:38 - 00000000 ____D C:\WINDOWS\ShellNew 2015-12-08 16:37 - 2015-12-08 16:38 - 00000000 ____D C:\WINDOWS\Registration 2015-12-08 16:37 - 2015-12-08 16:37 - 00000000 __SHD C:\Program Files\Windows Sidebar 2015-12-08 16:37 - 2015-12-08 16:37 - 00000000 __SHD C:\Program Files (x86)\Windows Sidebar 2015-12-08 16:37 - 2015-12-08 16:37 - 00000000 __RHD C:\Users\Public\Libraries 2015-12-08 16:37 - 2015-12-08 16:37 - 00000000 ___SD C:\WINDOWS\SysWOW64\Configuration 2015-12-08 16:37 - 2015-12-08 16:37 - 00000000 ___SD C:\WINDOWS\system32\Configuration 2015-12-08 16:37 - 2015-12-08 16:37 - 00000000 ___SD C:\WINDOWS\Downloaded Program Files 2015-12-08 16:37 - 2015-12-08 16:37 - 00000000 ___RD C:\WINDOWS\DesktopTileResources 2015-12-08 16:37 - 2015-12-08 16:37 - 00000000 ___HD C:\WINDOWS\ELAMBKUP 2015-12-08 16:37 - 2015-12-08 16:37 - 00000000 ____D C:\WINDOWS\Web 2015-12-08 16:37 - 2015-12-08 16:37 - 00000000 ____D C:\WINDOWS\Vss 2015-12-08 16:37 - 2015-12-08 16:37 - 00000000 ____D C:\WINDOWS\tracing 2015-12-08 16:37 - 2015-12-08 16:37 - 00000000 ____D C:\WINDOWS\TAPI 2015-12-08 16:37 - 2015-12-08 16:37 - 00000000 ____D C:\WINDOWS\SysWOW64\SMI 2015-12-08 16:37 - 2015-12-08 16:37 - 00000000 ____D C:\WINDOWS\SysWOW64\ras 2015-12-08 16:37 - 2015-12-08 16:37 - 00000000 ____D C:\WINDOWS\SysWOW64\NDF 2015-12-08 16:37 - 2015-12-08 16:37 - 00000000 ____D C:\WINDOWS\SysWOW64\MsDtc 2015-12-08 16:37 - 2015-12-08 16:37 - 00000000 ____D C:\WINDOWS\SysWOW64\Macromed 2015-12-08 16:37 - 2015-12-08 16:37 - 00000000 ____D C:\WINDOWS\SysWOW64\Ipmi 2015-12-08 16:37 - 2015-12-08 16:37 - 00000000 ____D C:\WINDOWS\SysWOW64\InputMethod 2015-12-08 16:37 - 2015-12-08 16:37 - 00000000 ____D C:\WINDOWS\SysWOW64\inetsrv 2015-12-08 16:37 - 2015-12-08 16:37 - 00000000 ____D C:\WINDOWS\SysWOW64\IME 2015-12-08 16:37 - 2015-12-08 16:37 - 00000000 ____D C:\WINDOWS\SysWOW64\GroupPolicyUsers 2015-12-08 16:37 - 2015-12-08 16:37 - 00000000 ____D C:\WINDOWS\SysWOW64\GroupPolicy 2015-12-08 16:37 - 2015-12-08 16:37 - 00000000 ____D C:\WINDOWS\SysWOW64\FxsTmp 2015-12-08 16:37 - 2015-12-08 16:37 - 00000000 ____D C:\WINDOWS\SysWOW64\AppLocker 2015-12-08 16:37 - 2015-12-08 16:37 - 00000000 ____D C:\WINDOWS\SystemResources 2015-12-08 16:37 - 2015-12-08 16:37 - 00000000 ____D C:\WINDOWS\SystemApps 2015-12-08 16:37 - 2015-12-08 16:37 - 00000000 ____D C:\WINDOWS\system32\winevt 2015-12-08 16:37 - 2015-12-08 16:37 - 00000000 ____D C:\WINDOWS\system32\ras 2015-12-08 16:37 - 2015-12-08 16:37 - 00000000 ____D C:\WINDOWS\system32\ProximityToast 2015-12-08 16:37 - 2015-12-08 16:37 - 00000000 ____D C:\WINDOWS\system32\PointOfService 2015-12-08 16:37 - 2015-12-08 16:37 - 00000000 ____D C:\WINDOWS\system32\NDF 2015-12-08 16:37 - 2015-12-08 16:37 - 00000000 ____D C:\WINDOWS\system32\Macromed 2015-12-08 16:37 - 2015-12-08 16:37 - 00000000 ____D C:\WINDOWS\system32\Ipmi 2015-12-08 16:37 - 2015-12-08 16:37 - 00000000 ____D C:\WINDOWS\system32\InputMethod 2015-12-08 16:37 - 2015-12-08 16:37 - 00000000 ____D C:\WINDOWS\system32\inetsrv 2015-12-08 16:37 - 2015-12-08 16:37 - 00000000 ____D C:\WINDOWS\system32\IME 2015-12-08 16:37 - 2015-12-08 16:37 - 00000000 ____D C:\WINDOWS\system32\GroupPolicyUsers 2015-12-08 16:37 - 2015-12-08 16:37 - 00000000 ____D C:\WINDOWS\system32\GroupPolicy 2015-12-08 16:37 - 2015-12-08 16:37 - 00000000 ____D C:\WINDOWS\system32\config\Journal 2015-12-08 16:37 - 2015-12-08 16:37 - 00000000 ____D C:\WINDOWS\system32\AppLocker 2015-12-08 16:37 - 2015-12-08 16:37 - 00000000 ____D C:\WINDOWS\System 2015-12-08 16:37 - 2015-12-08 16:37 - 00000000 ____D C:\WINDOWS\SKB 2015-12-08 16:37 - 2015-12-08 16:37 - 00000000 ____D C:\WINDOWS\security 2015-12-08 16:37 - 2015-12-08 16:37 - 00000000 ____D C:\WINDOWS\schemas 2015-12-08 16:37 - 2015-12-08 16:37 - 00000000 ____D C:\WINDOWS\SchCache 2015-12-08 16:37 - 2015-12-08 16:37 - 00000000 ____D C:\WINDOWS\Resources 2015-12-08 16:37 - 2015-12-08 16:37 - 00000000 ____D C:\WINDOWS\PLA 2015-12-08 16:37 - 2015-12-08 16:37 - 00000000 ____D C:\WINDOWS\Performance 2015-12-08 16:37 - 2015-12-08 16:37 - 00000000 ____D C:\WINDOWS\ModemLogs 2015-12-08 16:37 - 2015-12-08 16:37 - 00000000 ____D C:\WINDOWS\LiveKernelReports 2015-12-08 16:37 - 2015-12-08 16:37 - 00000000 ____D C:\WINDOWS\InputMethod 2015-12-08 16:37 - 2015-12-08 16:37 - 00000000 ____D C:\WINDOWS\Globalization 2015-12-08 16:37 - 2015-12-08 16:37 - 00000000 ____D C:\WINDOWS\Cursors 2015-12-08 16:37 - 2015-12-08 16:37 - 00000000 ____D C:\WINDOWS\Branding 2015-12-08 16:37 - 2015-12-08 16:37 - 00000000 ____D C:\WINDOWS\appcompat 2015-12-08 16:37 - 2015-12-08 16:37 - 00000000 ____D C:\WINDOWS\addins 2015-12-08 16:37 - 2015-12-08 16:37 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft 2015-12-08 16:37 - 2015-12-08 16:37 - 00000000 ____D C:\ProgramData\Comms 2015-12-08 16:37 - 2015-12-08 16:37 - 00000000 ____D C:\Program Files\Windows Portable Devices 2015-12-08 16:37 - 2015-12-08 16:37 - 00000000 ____D C:\Program Files\Windows Multimedia Platform 2015-12-08 16:37 - 2015-12-08 16:37 - 00000000 ____D C:\Program Files\Common Files\Services 2015-12-08 16:37 - 2015-12-08 16:37 - 00000000 ____D C:\Program Files (x86)\Windows Portable Devices 2015-12-08 16:37 - 2015-12-08 16:37 - 00000000 ____D C:\Program Files (x86)\Windows NT 2015-12-08 16:37 - 2015-12-08 16:37 - 00000000 ____D C:\Program Files (x86)\Windows Multimedia Platform 2015-12-08 16:37 - 2015-12-08 16:35 - 00000219 _____ C:\WINDOWS\system.ini 2015-12-08 16:37 - 2015-12-08 16:35 - 00000092 _____ C:\WINDOWS\win.ini 2015-12-08 16:36 - 2015-12-19 00:43 - 00000000 ____D C:\WINDOWS\INF 2015-12-08 16:25 - 2015-12-08 20:13 - 00000000 ____D C:\WINDOWS\CbsTemp 2015-12-08 16:23 - 2015-12-19 00:37 - 00262144 ___SH C:\WINDOWS\system32\config\BBI 2015-12-08 16:23 - 2015-12-08 17:10 - 00032768 ___SH C:\WINDOWS\system32\config\ELAM 2015-12-08 16:23 - 2015-12-08 16:42 - 00000000 ____D C:\WINDOWS\servicing 2015-12-08 16:23 - 2015-12-08 16:37 - 00000000 ____D C:\WINDOWS\system32\SMI 2015-12-08 16:23 - 2015-07-10 10:11 - 00000164 _____ C:\WINDOWS\system32\config\FP 2015-12-08 16:06 - 2015-12-08 16:54 - 00000000 ___HD C:\$SysReset ==================== Ein Monat: Geänderte Dateien und Ordner ======== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.) 2015-12-08 20:40 - 2015-10-30 20:27 - 00000000 ___HD C:\$WINDOWS.~BT 2015-12-08 17:48 - 2014-04-16 09:02 - 00245256 _____ (Creative Technology Limited) C:\WINDOWS\system32\AFXCo64.dll 2015-12-08 17:48 - 2014-04-16 09:02 - 00035320 _____ (Creative Technology Ltd.) C:\WINDOWS\system32\Drivers\afxfilt.sys 2015-12-08 17:42 - 2015-07-31 14:42 - 00034493 _____ C:\WINDOWS\system32\nvinfo.pb 2015-12-08 16:32 - 2015-07-10 11:59 - 00065536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthmodem.sys ==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse ======= 2015-12-09 02:04 - 2015-12-09 02:04 - 0000000 ____H () C:\ProgramData\DP45977C.lfl Einige Dateien in TEMP: ==================== C:\Users\theda\AppData\Local\Temp\avgnt.exe ==================== Bamital & volsnap ================= (Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.) C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert C:\WINDOWS\explorer.exe => Datei ist digital signiert C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert C:\WINDOWS\system32\services.exe => Datei ist digital signiert C:\WINDOWS\system32\User32.dll => Datei ist digital signiert C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert LastRegBack: 2015-12-18 17:47 ==================== Ende von FRST.txt ============================ |
|
19.12.2015, 12:04
| #8 |
| /// Malwareteam | Win10: googel chrome und skype watch4 werbung und unseriöse andere werbung Hi, treten die Probleme noch auf? |
|
19.12.2015, 16:09
| #9 |
| | Win10: googel chrome und skype watch4 werbung und unseriöse andere werbung nein vielen dank  |
|
19.12.2015, 16:25
| #10 |
| /// Malwareteam | Win10: googel chrome und skype watch4 werbung und unseriöse andere werbung Hi, Dann wären wir hier durch. Deine Logs sind sauber  Falls du deine Passwörter nicht regelmäßig änderst - jetzt ist der Zeitpunkt dafür! Schritt # 1: Entfernen unserer Tools Die Reihenfolge ist hier entscheidend.
Abschließend noch ein paar Tipps von mir: Schritt # 2: Empfohlene Software Habe immer ein aktuelles Antivirenprogramm deiner Wahl installiert und aktiviere die automatischen Updates (standardmäßig eingeschaltet). Ich empfehle:
Verwende nach Möglichkeit nicht den Internet Explorer, da dieser viele Sicherheitslücken enthält. Achte aber darauf, dass er immer up to date bleibt, weil viele Programme diesen zum Anzeigen von Websites benutzen. Alternativ kannst du verwenden:Dazu sind folgende Add-ons empfehlenswert: uBlock Origin (Chrome) --> Blockiert Werbung. Werbung kann sehr nervig sein, aber auch auf schädliche Links verweisen. uBlock ist effizienter als der Konkurrent AdblockPlus. Ghostery --> Blockiert Tracker und Cookies, welche dich im Internet nachverfolgen können. Stelle jedoch bei der Installation sicher, dass du Ghostrank nicht zustimmst.Du kannst auch  Malwarebytes Anti-Exploit verwenden, um aktuelle Sicherheitslücken zu stopfen.Halte immer deine Plug-ins und Software aktuell, vor allem:
PluginCheck Filehippo App Manager Schritt # 3: Tipps um eine Neuinfektion zu vermeiden Downloade nach Möglichkeit immer direkt von der Herstellerseite oder alternativ von einem sauberen Download-Portal wie FilePony.de. Von Downloadern wie die von Chip, Softonic und Sourceforge raten wir ab: CHIP-Installer - was ist das? - Anleitungen Auch versuchen sich immer mehr Programme durch Installationsroutinen auf den PC "durchzumogeln". Das klappt ganz gut, weil viele Anwender sich diese nicht genau durchlesen und schnell durchklicken. Manchmal steht auch in den Lizenzvereinbarungen, dass ein Programm, was eigentlich als Freeware angepriesen wird, nur genutzt werden kann, wenn man sich bestimmte Toolbars oder andere Programme mitinstallieren lässt. Da hilft es nur aufmerksam zu sein. Ein Tool, welches dich dabei gut unterstützen kann, ist:  Unchecky. Dieses überwacht im Hintergrund Installationsprozesse und hakt automatisch nervige Adwarekomponenten wie Toolbars ab. Falls man etwas übersieht, warnt noch ein Pop-up, bevor man fortfahren kann.Wir raten von jeglichen Optimizern, Cleanern, SpeedUps und Ähnlichem ab, da diese Softwareprodukte meist keinen Performancegewinn bringen. Du kannst jedoch regelmäßig deinen PC mit der windowsinternen Datenträgerbereinigung behandeln. Überprüfe regelmäßig (mind. 1x pro Monat) deinen PC mit Malwarebytes Anti-Malware und  ESET.Falls du dir unsicher bist, ob ein Download wirklich sauber ist, kannst du immer https://www.virustotal.com/ zurate ziehen. Schritt # 4: Unterstütze uns! Wenn du uns mit einer kleinen Spende unterstützen möchtest, so kannst du dies hier tun: http://www.trojaner-board.de/79994-s...ndenkonto.html  Es reicht aber auch schon ein simples  hier, wenn du mit uns zufrieden warst.  unsere Facebook-Seite!Bitte gib mir bescheid, wenn du das alles gelesen hast und alles klar ist, damit ich dieses Thema aus meinen Abos löschen kann. |
|
| Themen zu Win10: googel chrome und skype watch4 werbung und unseriöse andere werbung |
| antivirus, avg, avira, browser, computer, cpu, desktop, dnsapi.dll, esgscanner.sys, geld, google, home, internet, mozilla, onedrive, problem, realtek, registry, revo uninstaller, services.exe, software, svchost.exe, system, teamspeak, udp, verdienen, werbung, windows, windowsapps, zugriff verweigert |
Emsisoft Anti-Malware
Microsoft Security Essentials
Mozilla Firefox
Google Chrome
Flash Player
Java
PDF Reader
Linear-Darstellung
