Trojaner-Board

Trojaner-Board (https://www.trojaner-board.de/)
-   Log-Analyse und Auswertung (https://www.trojaner-board.de/log-analyse-auswertung/)
-   -   OTL Scan wegen Play Now Radio Trojaner (https://www.trojaner-board.de/150096-otl-scan-wegen-play-now-radio-trojaner.html)

--- 21.02.2014 15:06
OTL Scan wegen Play Now Radio Trojaner
 
Hallo, ich hatte Play Now Radio auf meinem PC, also den Werbe-Trojaner und habe hier die OTL Fils, wie es in der Info Seite stand ;)

http://www.trojaner-board.de/85104-o...-oldtimer.html

vielen dank schonmal!

das OTL File kann ich nicht anhängen, da es 220 MB groß ist... was soll ich tun?

--- 21.02.2014 15:08
Zitat:
Zitat von --- (Beitrag 1256207)
Hallo, ich hatte Play Now Radio auf meinem PC, also den Werbe-Trojaner und habe hier die OTL Fils, wie es in der Info Seite stand ;)

http://www.trojaner-board.de/85104-o...-oldtimer.html

vielen dank schonmal!

das OTL File kann ich nicht anhängen, da es 220 MB groß ist... was soll ich tun?
OTL Logfile:
Code:
OTL logfile created on: 21.02.2014 14:50:39 - Run 1
OTL by OldTimer - Version 3.2.69.0    Folder = C:\Users\Tobias\Downloads
64bit- An unknown product  (Version = 6.2.9200) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.16518)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
7,95 Gb Total Physical Memory | 5,16 Gb Available Physical Memory | 64,88% Memory free
9,20 Gb Paging File | 5,71 Gb Available in Paging File | 62,08% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 111,79 Gb Total Space | 65,35 Gb Free Space | 58,46% Space Free | Partition Type: NTFS
Drive D: | 931,51 Gb Total Space | 807,03 Gb Free Space | 86,64% Space Free | Partition Type: NTFS
 
Computer Name: BRANDY | User Name: Tobias | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 60 Days
 
========== Processes (SafeList) ==========
 
PRC -  File not found
PRC - C:\Users\Tobias\Downloads\OTL.exe (OldTimer Tools)
PRC - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
PRC - D:\Steam\Steam.exe (Valve Corporation)
PRC - C:\Program Files (x86)\Common Files\Steam\SteamService.exe (Valve Corporation)
PRC - C:\Users\Tobias\AppData\Roaming\playnowradio\playnowradio\1.3.4.8\playnowradio.exe (Pay By Ads LTD)
PRC - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation)
PRC - C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe (NVIDIA Corporation)
PRC - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe (NVIDIA Corporation)
PRC - C:\Users\Tobias\AppData\Roaming\Spotify\spotify.exe (Spotify Ltd)
PRC - C:\Users\Tobias\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe (Spotify Ltd)
PRC - C:\Users\Tobias\AppData\Roaming\Spotify\Data\SpotifyHelper.exe ()
PRC - C:\Programme\AVAST Software\Avast\AvastUI.exe (AVAST Software)
PRC - C:\Programme\AVAST Software\Avast\AvastSvc.exe (AVAST Software)
PRC - C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXSTM.exe (SEIKO EPSON CORPORATION)
PRC - C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXRCV.exe (SEIKO EPSON CORPORATION)
PRC - C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe (SEIKO EPSON CORPORATION)
 
 
========== Modules (No Company Name) ==========
 
MOD - C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.117\ppGoogleNaClPluginChrome.dll ()
MOD - C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.117\PepperFlash\pepflashplayer.dll ()
MOD - C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.117\pdf.dll ()
MOD - C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.117\libglesv2.dll ()
MOD - C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.117\libegl.dll ()
MOD - C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.117\ffmpegsumo.dll ()
MOD - C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.117\chrome_elf.dll ()
MOD - D:\Steam\bin\chromehtml.dll ()
MOD - C:\Users\Tobias\AppData\Roaming\playnowradio\playnowradio\1.3.4.8\chrmXtn.dll ()
MOD - D:\Steam\SDL2.dll ()
MOD - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll ()
MOD - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll ()
MOD - C:\Users\Tobias\AppData\Roaming\Spotify\Data\libcef.dll ()
MOD - C:\Users\Tobias\AppData\Roaming\Spotify\Data\libglesv2.dll ()
MOD - C:\Users\Tobias\AppData\Roaming\Spotify\Data\SpotifyHelper.exe ()
MOD - C:\Users\Tobias\AppData\Roaming\Spotify\Data\libegl.dll ()
MOD - D:\Steam\bin\libcef.dll ()
MOD - C:\Programme\AVAST Software\Avast\libcef.dll ()
MOD - D:\Steam\libavresample-1.dll ()
MOD - D:\Steam\libavutil-52.dll ()
MOD - D:\Steam\bin\avcodec-53.dll ()
MOD - D:\Steam\bin\avformat-53.dll ()
MOD - D:\Steam\bin\avutil-51.dll ()
 
 
========== Services (SafeList) ==========
 
SRV:64bit: - (IEEtwCollectorService) -- C:\Windows\SysNative\IEEtwCollector.exe (Microsoft Corporation)
SRV:64bit: - (WSService) -- C:\Windows\SysNative\WSService.dll (Microsoft Corporation)
SRV:64bit: - (AppXSvc) -- C:\Windows\SysNative\AppXDeploymentServer.dll (Microsoft Corporation)
SRV:64bit: - (workfolderssvc) -- C:\Windows\SysNative\workfolderssvc.dll (Microsoft Corporation)
SRV:64bit: - (AppReadiness) -- C:\Windows\SysNative\AppReadiness.dll (Microsoft Corporation)
SRV:64bit: - (Wcmsvc) -- C:\Windows\SysNative\wcmsvc.dll (Microsoft Corporation)
SRV:64bit: - (BrokerInfrastructure) -- C:\Windows\SysNative\bisrv.dll (Microsoft Corporation)
SRV:64bit: - (wlidsvc) -- C:\Windows\SysNative\wlidsvc.dll (Microsoft Corporation)
SRV:64bit: - (lfsvc) -- C:\Windows\SysNative\GeofenceMonitorService.dll (Microsoft Corporation)
SRV:64bit: - (PrintNotify) -- C:\Windows\SysNative\spool\drivers\x64\3\PrintConfig.dll (Microsoft Corporation)
SRV:64bit: - (WEPHOSTSVC) -- C:\Windows\SysNative\wephostsvc.dll (Microsoft Corporation)
SRV:64bit: - (EFS) -- C:\Windows\SysNative\efssvc.dll (Microsoft Corporation)
SRV:64bit: - (WiaRpc) -- C:\Windows\SysNative\wiarpc.dll (Microsoft Corporation)
SRV:64bit: - (svsvc) -- C:\Windows\SysNative\svsvc.dll (Microsoft Corporation)
SRV:64bit: - (fhsvc) -- C:\Windows\SysNative\fhsvc.dll (Microsoft Corporation)
SRV:64bit: - (NcaSvc) -- C:\Windows\SysNative\NcaSvc.dll (Microsoft Corporation)
SRV:64bit: - (vmicvss) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:64bit: - (vmictimesync) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:64bit: - (vmicshutdown) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:64bit: - (vmicrdv) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:64bit: - (vmickvpexchange) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:64bit: - (vmicheartbeat) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:64bit: - (vmicguestinterface) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:64bit: - (LSM) -- C:\Windows\SysNative\lsm.dll (Microsoft Corporation)
SRV:64bit: - (smphost) -- C:\Windows\SysNative\smphost.dll (Microsoft Corporation)
SRV:64bit: - (Netlogon) -- C:\Windows\SysNative\netlogon.dll (Microsoft Corporation)
SRV:64bit: - (SystemEventsBroker) -- C:\Windows\SysNative\SystemEventsBrokerServer.dll (Microsoft Corporation)
SRV:64bit: - (ScDeviceEnum) -- C:\Windows\SysNative\ScDeviceEnum.dll (Microsoft Corporation)
SRV:64bit: - (KeyIso) -- C:\Windows\SysNative\keyiso.dll (Microsoft Corporation)
SRV:64bit: - (TimeBroker) -- C:\Windows\SysNative\TimeBrokerServer.dll (Microsoft Corporation)
SRV:64bit: - (netprofm) -- C:\Windows\SysNative\netprofmsvc.dll (Microsoft Corporation)
SRV:64bit: - (NcbService) -- C:\Windows\SysNative\ncbservice.dll (Microsoft Corporation)
SRV:64bit: - (VaultSvc) -- C:\Windows\SysNative\vaultsvc.dll (Microsoft Corporation)
SRV:64bit: - (DeviceAssociationService) -- C:\Windows\SysNative\das.dll (Microsoft Corporation)
SRV:64bit: - (AudioEndpointBuilder) -- C:\Windows\SysNative\AudioEndpointBuilder.dll (Microsoft Corporation)
SRV:64bit: - (DsmSvc) -- C:\Windows\SysNative\DeviceSetupManager.dll (Microsoft Corporation)
SRV:64bit: - (NcdAutoSetup) -- C:\Windows\SysNative\NcdAutoSetup.dll (Microsoft Corporation)
SRV:64bit: - (EpsonScanSvc) -- C:\Windows\SysNative\escsvc64.exe (Seiko Epson Corporation)
SRV - (Steam Client Service) -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe (Valve Corporation)
SRV - (Stereo Service) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation)
SRV - (NvNetworkService) -- C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe (NVIDIA Corporation)
SRV - (NvStreamSvc) -- C:\Programme\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe (NVIDIA Corporation)
SRV - (avast! Antivirus) -- C:\Programme\AVAST Software\Avast\AvastSvc.exe (AVAST Software)
SRV - (TeamViewer9) -- C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe (TeamViewer GmbH)
SRV - (SkypeUpdate) -- C:\Program Files (x86)\Skype\Updater\Updater.exe (Skype Technologies)
SRV - (lfsvc) -- C:\Windows\SysWOW64\GeofenceMonitorService.dll (Microsoft Corporation)
SRV - (PrintNotify) -- C:\Windows\system32\spool\drivers\x64\3\PrintConfig.dll (Microsoft Corporation)
SRV - (StorSvc) -- C:\Windows\SysWOW64\StorSvc.dll (Microsoft Corporation)
SRV - (smphost) -- C:\Windows\SysWOW64\smphost.dll (Microsoft Corporation)
SRV - (osppsvc) -- C:\Programme\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE (Microsoft Corporation)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - (nvvad_WaveExtensible) -- C:\Windows\SysNative\drivers\nvvad64v.sys (NVIDIA Corporation)
DRV:64bit: - (aswStm) -- C:\Windows\SysNative\drivers\aswstm.sys (AVAST Software)
DRV:64bit: - (aswSnx) -- C:\Windows\SysNative\drivers\aswSnx.sys (AVAST Software)
DRV:64bit: - (aswSP) -- C:\Windows\SysNative\drivers\aswSP.sys (AVAST Software)
DRV:64bit: - (aswVmm) -- C:\Windows\SysNative\drivers\aswVmm.sys ()
DRV:64bit: - (aswMonFlt) -- C:\Windows\SysNative\drivers\aswMonFlt.sys (AVAST Software)
DRV:64bit: - (aswRvrt) -- C:\Windows\SysNative\drivers\aswRvrt.sys ()
DRV:64bit: - (aswRdr) -- C:\Windows\SysNative\drivers\aswRdr2.sys (AVAST Software)
DRV:64bit: - (NVHDA) -- C:\Windows\SysNative\drivers\nvhda64v.sys (NVIDIA Corporation)
DRV:64bit: - (intelpep) -- C:\Windows\SysNative\drivers\intelpep.sys (Microsoft Corporation)
DRV:64bit: - (USBXHCI) -- C:\Windows\SysNative\drivers\USBXHCI.SYS (Microsoft Corporation)
DRV:64bit: - (pdc) -- C:\Windows\SysNative\drivers\pdc.sys (Microsoft Corporation)
DRV:64bit: - (spaceport) -- C:\Windows\SysNative\drivers\spaceport.sys (Microsoft Corporation)
DRV:64bit: - (SerCx2) -- C:\Windows\SysNative\drivers\SerCx2.sys (Microsoft Corporation)
DRV:64bit: - (WFPLWFS) -- C:\Windows\SysNative\drivers\wfplwfs.sys (Microsoft Corporation)
DRV:64bit: - (stornvme) -- C:\Windows\SysNative\drivers\stornvme.sys (Microsoft Corporation)
DRV:64bit: - (sdbus) -- C:\Windows\SysNative\drivers\sdbus.sys (Microsoft Corporation)
DRV:64bit: - (USBHUB3) -- C:\Windows\SysNative\drivers\USBHUB3.SYS (Microsoft Corporation)
DRV:64bit: - (VerifierExt) -- C:\Windows\SysNative\drivers\VerifierExt.sys (Microsoft Corporation)
DRV:64bit: - (RdpVideoMiniport) -- C:\Windows\SysNative\drivers\rdpvideominiport.sys (Microsoft Corporation)
DRV:64bit: - (terminpt) -- C:\Windows\SysNative\drivers\terminpt.sys (Microsoft Corporation)
DRV:64bit: - (condrv) -- C:\Windows\SysNative\drivers\condrv.sys (Microsoft Corporation)
DRV:64bit: - (Fs_Rec) -- C:\Windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation)
DRV:64bit: - (dam) -- C:\Windows\SysNative\drivers\dam.sys (Microsoft Corporation)
DRV:64bit: - (acpiex) -- C:\Windows\SysNative\drivers\acpiex.sys (Microsoft Corporation)
DRV:64bit: - (TPM) -- C:\Windows\SysNative\drivers\tpm.sys (Microsoft Corporation)
DRV:64bit: - (mvumis) -- C:\Windows\SysNative\drivers\mvumis.sys (Marvell Semiconductor, Inc.)
DRV:64bit: - (GPIOClx0101) -- C:\Windows\SysNative\drivers\msgpioclx.sys (Microsoft Corporation)
DRV:64bit: - (msgpiowin32) -- C:\Windows\SysNative\drivers\msgpiowin32.sys (Microsoft Corporation)
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:64bit: - (LSI_SSS) -- C:\Windows\SysNative\drivers\lsi_sss.sys (LSI Corporation)
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (LSI_SAS3) -- C:\Windows\SysNative\drivers\lsi_sas3.sys (LSI Corporation)
DRV:64bit: - (ADP80XX) -- C:\Windows\SysNative\drivers\adp80xx.sys (PMC-Sierra)
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (3ware) -- C:\Windows\SysNative\drivers\3ware.sys (LSI)
DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (EhStorTcgDrv) -- C:\Windows\SysNative\drivers\EhStorTcgDrv.sys (Microsoft Corporation)
DRV:64bit: - (EhStorClass) -- C:\Windows\SysNative\drivers\EhStorClass.sys (Microsoft Corporation)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (VSTXRAID) -- C:\Windows\SysNative\drivers\VSTXRAID.SYS (VIA Corporation)
DRV:64bit: - (UCX01000) -- C:\Windows\SysNative\drivers\UCX01000.SYS (Microsoft Corporation)
DRV:64bit: - (UASPStor) -- C:\Windows\SysNative\drivers\uaspstor.sys (Microsoft Corporation)
DRV:64bit: - (sdstor) -- C:\Windows\SysNative\drivers\sdstor.sys (Microsoft Corporation)
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology, Inc.)
DRV:64bit: - (storahci) -- C:\Windows\SysNative\drivers\storahci.sys (Microsoft Corporation)
DRV:64bit: - (SpbCx) -- C:\Windows\SysNative\drivers\SpbCx.sys (Microsoft Corporation)
DRV:64bit: - (SerCx) -- C:\Windows\SysNative\drivers\SerCx.sys (Microsoft Corporation)
DRV:64bit: - (wpcfltr) -- C:\Windows\SysNative\drivers\wpcfltr.sys (Microsoft Corporation)
DRV:64bit: - (CLFS) -- C:\Windows\SysNative\drivers\clfs.sys (Microsoft Corporation)
DRV:64bit: - (ReFS) -- C:\Windows\SysNative\drivers\refs.sys (Microsoft Corporation)
DRV:64bit: - (UEFI) -- C:\Windows\SysNative\drivers\uefi.sys (Microsoft Corporation)
DRV:64bit: - (vpci) -- C:\Windows\SysNative\drivers\vpci.sys (Microsoft Corporation)
DRV:64bit: - (WpdUpFltr) -- C:\Windows\SysNative\drivers\WpdUpFltr.sys (Microsoft Corporation)
DRV:64bit: - (WdFilter) -- C:\Windows\SysNative\drivers\WdFilter.sys (Microsoft Corporation)
DRV:64bit: - (WdNisDrv) -- C:\Windows\SysNative\drivers\WdNisDrv.sys (Microsoft Corporation)
DRV:64bit: - (WdBoot) -- C:\Windows\SysNative\drivers\WdBoot.sys (Microsoft Corporation)
DRV:64bit: - (ahcache) -- C:\Windows\SysNative\drivers\ahcache.sys (Microsoft Corporation)
DRV:64bit: - (BasicDisplay) -- C:\Windows\SysNative\drivers\BasicDisplay.sys (Microsoft Corporation)
DRV:64bit: - (BasicRender) -- C:\Windows\SysNative\drivers\BasicRender.sys (Microsoft Corporation)
DRV:64bit: - (HyperVideo) -- C:\Windows\SysNative\drivers\HyperVideo.sys (Microsoft Corporation)
DRV:64bit: - (mshidumdf) -- C:\Windows\SysNative\drivers\mshidumdf.sys (Microsoft Corporation)
DRV:64bit: - (acpitime) -- C:\Windows\SysNative\drivers\acpitime.sys (Microsoft Corporation)
DRV:64bit: - (acpipagr) -- C:\Windows\SysNative\drivers\acpipagr.sys (Microsoft Corporation)
DRV:64bit: - (BthAvrcpTg) -- C:\Windows\SysNative\drivers\BthAvrcpTg.sys (Microsoft Corporation)
DRV:64bit: - (kdnic) -- C:\Windows\SysNative\drivers\kdnic.sys (Microsoft Corporation)
DRV:64bit: - (xusb22) -- C:\Windows\SysNative\drivers\xusb22.sys (Microsoft Corporation)
DRV:64bit: - (gencounter) -- C:\Windows\SysNative\drivers\vmgencounter.sys (Microsoft Corporation)
DRV:64bit: - (npsvctrig) -- C:\Windows\SysNative\drivers\npsvctrig.sys (Microsoft Corporation)
DRV:64bit: - (bthhfhid) -- C:\Windows\SysNative\drivers\BthhfHid.sys (Microsoft Corporation)
DRV:64bit: - (hyperkbd) -- C:\Windows\SysNative\drivers\hyperkbd.sys (Microsoft Corporation)
DRV:64bit: - (TsUsbGD) -- C:\Windows\SysNative\drivers\TsUsbGD.sys (Microsoft Corporation)
DRV:64bit: - (BthHFEnum) -- C:\Windows\SysNative\drivers\bthhfenum.sys (Microsoft Corporation)
DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV:64bit: - (hidi2c) -- C:\Windows\SysNative\drivers\hidi2c.sys (Microsoft Corporation)
DRV:64bit: - (dmvsc) -- C:\Windows\SysNative\drivers\dmvsc.sys (Microsoft Corporation)
DRV:64bit: - (netvsc) -- C:\Windows\SysNative\drivers\netvsc63.sys (Microsoft Corporation)
DRV:64bit: - (NdisVirtualBus) -- C:\Windows\SysNative\drivers\NdisVirtualBus.sys (Microsoft Corporation)
DRV:64bit: - (NdisImPlatform) -- C:\Windows\SysNative\drivers\NdisImPlatform.sys (Microsoft Corporation)
DRV:64bit: - (MsLldp) -- C:\Windows\SysNative\drivers\mslldp.sys (Microsoft Corporation)
DRV:64bit: - (Ndu) -- C:\Windows\SysNative\drivers\Ndu.sys (Microsoft Corporation)
DRV:64bit: - (FxPPM) -- C:\Windows\SysNative\drivers\fxppm.sys (Microsoft Corporation)
DRV:64bit: - (RTL8168) -- C:\Windows\SysNative\drivers\Rt630x64.sys (Realtek                                            )
DRV:64bit: - (bcmfn2) -- C:\Windows\SysNative\drivers\bcmfn2.sys (Windows (R) Win 7 DDK provider)
DRV:64bit: - (iaStorAV) -- C:\Windows\SysNative\drivers\iaStorAV.sys (Intel Corporation)
DRV:64bit: - (iaLPSSi_GPIO) -- C:\Windows\SysNative\drivers\iaLPSSi_GPIO.sys (Intel Corporation)
DRV:64bit: - (iaLPSSi_I2C) -- C:\Windows\SysNative\drivers\iaLPSSi_I2C.sys (Intel Corporation)
DRV:64bit: - (NvStUSB) -- C:\Windows\SysNative\drivers\nvstusb.sys (NVIDIA Corporation)
DRV:64bit: - (MEIx64) -- C:\Windows\SysNative\drivers\HECIx64.sys (Intel Corporation)
DRV:64bit: - (USBAAPL64) -- C:\Windows\SysNative\drivers\usbaapl64.sys (Apple, Inc.)
DRV:64bit: - (GEARAspiWDM) -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys (GEAR Software Inc.)
DRV:64bit: - (MBfilt) -- C:\Windows\SysNative\drivers\MBfilt64.sys (Creative Technology Ltd.)
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {006ee092-9658-4fd6-bd8e-a21a348e59f5}
IE - HKLM\..\SearchScopes\{006ee092-9658-4fd6-bd8e-a21a348e59f5}: "URL" = hxxp://feed.helperbar.com/?publisher=YahooOC&dpid=YahooOC&co=DE&userid=3eee6870-bf8c-c51b-b4a8-dd7514ba2e08&searchtype=ds&p={searchTerms}&fr=linkury-tb&installDate=13/01/2014&type=hp1000
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
 
 
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
 
 
IE - HKU\S-1-5-21-2424416262-4043019819-4036457769-1002\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.arlt.com
IE - HKU\S-1-5-21-2424416262-4043019819-4036457769-1002\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = hxxp://feed.helperbar.com/?publisher=YahooOC&dpid=YahooOC&co=DE&userid=3eee6870-bf8c-c51b-b4a8-dd7514ba2e08&searchtype=ds&p={searchTerms}&fr=linkury-tb&installDate=13/01/2014&type=hp1000
IE - HKU\S-1-5-21-2424416262-4043019819-4036457769-1002\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = hxxp://feed.helperbar.com/?publisher=YahooOC&dpid=YahooOC&co=DE&userid=3eee6870-bf8c-c51b-b4a8-dd7514ba2e08&searchtype=ds&p={searchTerms}&fr=linkury-tb&installDate=13/01/2014&type=hp1000
IE - HKU\S-1-5-21-2424416262-4043019819-4036457769-1002\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://search.gophoto.it/?pl=2&ch=v1noadmin_1402
IE - HKU\S-1-5-21-2424416262-4043019819-4036457769-1002\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = hxxp://feed.helperbar.com/?publisher=YahooOC&dpid=YahooOC&co=DE&userid=3eee6870-bf8c-c51b-b4a8-dd7514ba2e08&searchtype=ds&p={searchTerms}&fr=linkury-tb&installDate=13/01/2014&type=hp1000
IE - HKU\S-1-5-21-2424416262-4043019819-4036457769-1002\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = hxxp://feed.helperbar.com/?publisher=YahooOC&dpid=YahooOC&co=DE&userid=3eee6870-bf8c-c51b-b4a8-dd7514ba2e08&searchtype=ds&p={searchTerms}&fr=linkury-tb&installDate=13/01/2014&type=hp1000
IE - HKU\S-1-5-21-2424416262-4043019819-4036457769-1002\..\SearchScopes,DefaultScope = {BF9A4D10-3415-4DF8-8E70-359485AA8BA2}
IE - HKU\S-1-5-21-2424416262-4043019819-4036457769-1002\..\SearchScopes\{006ee092-9658-4fd6-bd8e-a21a348e59f5}: "URL" = hxxp://feed.helperbar.com/?publisher=YahooOC&dpid=YahooOC&co=DE&userid=3eee6870-bf8c-c51b-b4a8-dd7514ba2e08&searchtype=ds&p={searchTerms}&fr=linkury-tb&installDate=13/01/2014&type=hp1000
IE - HKU\S-1-5-21-2424416262-4043019819-4036457769-1002\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE11SR
IE - HKU\S-1-5-21-2424416262-4043019819-4036457769-1002\..\SearchScopes\{BF9A4D10-3415-4DF8-8E70-359485AA8BA2}: "URL" = hxxp://search.gophoto.it/?pl=1&q={searchTerms}&ch=v1noadmin_1402
IE - HKU\S-1-5-21-2424416262-4043019819-4036457769-1002\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-2424416262-4043019819-4036457769-1002\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
 
 
========== FireFox ==========
 
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:  File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=16.4.3508.0205: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\ubisoft.com/uplaypc: C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll ()
 
 
 
========== Chrome  ==========
 
CHR - default_search_provider: Search The Web (GoPhotoIt) (Enabled)
CHR - default_search_provider: search_url = hxxp://search.gophoto.it/?pl=1&ch=v1noadmin_1402&q={searchTerms}
CHR - default_search_provider: suggest_url = ,
CHR - homepage: hxxp://search.gophoto.it/?pl=2&ch=v1noadmin_1402
CHR - plugin: Error reading preferences file
CHR - Extension: Google Docs = C:\Users\Tobias\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\
CHR - Extension: Google Drive = C:\Users\Tobias\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: YouTube = C:\Users\Tobias\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: Adblock Plus = C:\Users\Tobias\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.7.4_0\
CHR - Extension: Google-Suche = C:\Users\Tobias\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: avast! Online Security = C:\Users\Tobias\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\9.0.2013.75_0\
CHR - Extension: Earthly Raindrop = C:\Users\Tobias\AppData\Local\Google\Chrome\User Data\Default\Extensions\nhfafifkblojjoeogacijogdmkjhkgkh\1_0\
CHR - Extension: Google Wallet = C:\Users\Tobias\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\
CHR - Extension: Google Mail = C:\Users\Tobias\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\
 
O1 HOSTS File: ([2013.08.22 14:25:41 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Programme\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O2:64bit: - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Programme\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Programme\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~3\Office14\URLREDIR.DLL (Microsoft Corporation)
O3:64bit: - HKLM\..\Toolbar: (no name) - {ae07101b-46d4-4a98-af68-0333ea26e113} - No CLSID value found.
O3:64bit: - HKLM\..\Toolbar: (avast! Online Security) - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - C:\Programme\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - {ae07101b-46d4-4a98-af68-0333ea26e113} - No CLSID value found.
O3 - HKLM\..\Toolbar: (avast! Online Security) - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - C:\Programme\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O4:64bit: - HKLM..\Run: [NvBackend] C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe (NVIDIA Corporation)
O4:64bit: - HKLM..\Run: [Nvtmru] "C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe" File not found
O4:64bit: - HKLM..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [ShadowPlay] C:\Windows\SysNative\nvspcap64.dll (NVIDIA Corporation)
O4:64bit: - HKLM..\Run: [WrtMon.exe] C:\Windows\SysNative\spool\drivers\x64\3\WrtMon.exe (NewSoft Technology Corporation)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [AvastUI.exe] C:\Program Files\AVAST Software\Avast\AvastUI.exe (AVAST Software)
O4 - HKLM..\Run: [EEventManager] C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe (SEIKO EPSON CORPORATION)
O4 - HKLM..\Run: [FUFAXRCV] C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXRCV.exe (SEIKO EPSON CORPORATION)
O4 - HKLM..\Run: [FUFAXSTM] C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXSTM.exe (SEIKO EPSON CORPORATION)
O4 - HKU\S-1-5-21-2424416262-4043019819-4036457769-1002..\Run: [EPLTarget\P0000000000000000] C:\Windows\system32\spool\DRIVERS\x64\3\E_YATIIUE.EXE /EPT "EPLTarget\P0000000000000000" /M "WF-2540 Series" /EF "HKCU" File not found
O4 - HKU\S-1-5-21-2424416262-4043019819-4036457769-1002..\Run: [Spotify] C:\Users\Tobias\AppData\Roaming\Spotify\Spotify.exe (Spotify Ltd)
O4 - HKU\S-1-5-21-2424416262-4043019819-4036457769-1002..\Run: [Spotify Web Helper] C:\Users\Tobias\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe (Spotify Ltd)
O4 - HKLM..\RunOnce: [20131224] C:\Program Files\AVAST Software\Avast\setup\emupdate\3619485b-4da8-41f9-9f50-9add26fdbaa2.exe (AVAST Software)
O4 - Startup: C:\Users\Tobias\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk = C:\Users\Tobias\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableCursorSuppression = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8:64bit: - Extra context menu item: An OneNote s&enden - res://C:\PROGRA~2\MICROS~3\Office14\ONBttnIE.dll/105 File not found
O8:64bit: - Extra context menu item: Nach Microsoft E&xcel exportieren - res://C:\PROGRA~2\MICROS~3\Office14\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: An OneNote s&enden - res://C:\PROGRA~2\MICROS~3\Office14\ONBttnIE.dll/105 File not found
O8 - Extra context menu item: Nach Microsoft E&xcel exportieren - res://C:\PROGRA~2\MICROS~3\Office14\EXCEL.EXE/3000 File not found
O9:64bit: - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9:64bit: - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9:64bit: - Extra Button: Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programme\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9:64bit: - Extra 'Tools' menuitem : Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programme\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{47AA7E10-1FAC-49FA-8A87-5E0E682218A8}: DhcpNameServer = 192.168.1.1
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
O18:64bit: - Protocol\Filter\text/xml {807573E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
========== Files/Folders - Created Within 60 Days ==========
 
[2014.02.21 14:38:31 | 000,000,000 | ---D | C] -- C:\Users\Tobias\Documents\Drucker
[2014.02.21 14:37:35 | 000,000,000 | ---D | C] -- C:\Users\Tobias\Documents\Spiele
[2014.02.20 19:24:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft OneDrive
[2014.02.18 21:58:01 | 000,000,000 | ---D | C] -- C:\Users\Tobias\AppData\Roaming\playnowradio
[2014.02.18 16:54:14 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AGEIA Technologies
[2014.02.18 16:53:54 | 000,599,840 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvStreaming.exe
[2014.02.18 16:53:22 | 000,000,000 | ---D | C] -- C:\Windows\LastGood
[2014.02.18 16:52:44 | 015,740,232 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvwgf2um.dll
[2014.02.18 16:52:44 | 011,589,272 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvopencl.dll
[2014.02.18 16:52:44 | 009,690,424 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvopencl.dll
[2014.02.18 16:52:44 | 000,832,424 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvumdshim.dll
[2014.02.18 16:52:43 | 031,432,480 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvoglv64.dll
[2014.02.18 16:52:43 | 025,256,224 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcompiler.dll
[2014.02.18 16:52:43 | 023,683,360 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvoglv32.dll
[2014.02.18 16:52:43 | 017,715,784 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvd3dumx.dll
[2014.02.18 16:52:43 | 017,560,352 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcompiler.dll
[2014.02.18 16:52:43 | 011,636,176 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuda.dll
[2014.02.18 16:52:43 | 009,728,064 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuda.dll
[2014.02.18 16:52:43 | 003,142,432 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuvid.dll
[2014.02.18 16:52:43 | 002,956,576 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuvid.dll
[2014.02.18 16:52:43 | 002,782,496 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuvenc.dll
[2014.02.18 16:52:43 | 002,410,784 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuvenc.dll
[2014.02.18 16:52:43 | 001,885,472 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvdispco6433489.dll
[2014.02.18 16:52:43 | 001,515,296 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvdispgenco6433489.dll
[2014.02.18 16:52:43 | 000,892,192 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\NvIFR64.dll
[2014.02.18 16:52:43 | 000,875,296 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\NvFBC64.dll
[2014.02.18 16:52:43 | 000,863,520 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\NvIFR.dll
[2014.02.18 16:52:43 | 000,844,576 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\NvFBC.dll
[2014.02.18 16:52:43 | 000,483,104 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvEncodeAPI64.dll
[2014.02.18 16:52:43 | 000,408,352 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvEncodeAPI.dll
[2014.02.18 16:52:43 | 000,378,656 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\NvIFROpenGL.dll
[2014.02.18 16:52:43 | 000,353,504 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvoglshim64.dll
[2014.02.18 16:52:43 | 000,333,600 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\NvIFROpenGL.dll
[2014.02.18 16:52:43 | 000,305,600 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvoglshim32.dll
[2014.02.18 16:52:43 | 000,174,296 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvinitx.dll
[2014.02.18 16:52:43 | 000,148,528 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvinit.dll
[2014.02.17 22:42:29 | 000,000,000 | ---D | C] -- C:\Users\Tobias\AppData\Local\Dreambelievers
[2014.02.13 20:12:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cheat Engine 6.3
[2014.02.13 11:44:18 | 000,570,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msdrm.dll
[2014.02.13 11:41:45 | 004,604,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d2d1.dll
[2014.02.13 11:41:45 | 002,397,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10warp.dll
[2014.02.13 11:40:54 | 000,051,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieetwproxystub.dll
[2014.02.13 11:40:54 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwcollectorres.dll
[2014.02.13 11:40:53 | 001,964,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2014.02.13 11:40:53 | 000,553,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript9diag.dll
[2014.02.13 11:40:53 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll
[2014.02.13 11:40:53 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwproxystub.dll
[2014.02.13 11:40:53 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll
[2014.02.13 11:40:53 | 000,032,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll
[2014.02.13 11:40:52 | 002,041,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2014.02.13 11:40:52 | 000,627,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2014.02.13 11:40:52 | 000,111,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwcollector.exe
[2014.02.13 11:40:52 | 000,066,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll
[2014.02.13 11:40:51 | 000,703,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll
[2014.02.13 11:40:51 | 000,218,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe
[2014.02.13 11:40:51 | 000,164,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll
[2014.02.13 11:40:51 | 000,139,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2014.02.13 11:40:51 | 000,112,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2014.02.13 11:40:50 | 005,768,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2014.02.13 11:40:50 | 000,817,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dll
[2014.02.13 11:40:50 | 000,708,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9diag.dll
[2014.02.13 11:40:50 | 000,195,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msrating.dll
[2014.02.13 11:39:47 | 013,209,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\twinui.dll
[2014.02.13 11:39:47 | 011,702,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\twinui.dll
[2014.02.13 11:39:47 | 007,416,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\Windows.UI.Search.dll
[2014.02.13 11:39:47 | 004,961,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\Windows.UI.Search.dll
[2014.02.13 11:39:46 | 001,462,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\propsys.dll
[2014.02.13 11:39:46 | 001,105,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SearchFolder.dll
[2014.02.13 11:39:18 | 000,548,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2014.02.13 11:38:50 | 001,113,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KernelBase.dll
[2014.02.13 11:37:55 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\pcaui.exe
[2014.02.13 11:37:55 | 000,017,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\pcaui.exe
[2014.02.13 11:36:33 | 004,217,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SyncEngine.dll
[2014.02.13 11:36:33 | 002,804,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\actxprxy.dll
[2014.02.13 11:36:33 | 000,919,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MrmCoreR.dll
[2014.02.13 11:36:33 | 000,870,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SkyDrive.exe
[2014.02.13 11:36:33 | 000,720,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SkyDriveTelemetry.dll
[2014.02.13 11:36:33 | 000,628,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MrmCoreR.dll
[2014.02.13 11:36:33 | 000,121,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SkyDriveShell.dll
[2014.02.13 11:36:33 | 000,115,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winbici.dll
[2014.02.13 11:36:33 | 000,105,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\SkyDriveShell.dll
[2014.02.01 21:32:26 | 000,000,000 | ---D | C] -- C:\Users\Tobias\AppData\Roaming\TuneUp Software
[2014.02.01 21:32:18 | 000,000,000 | ---D | C] -- C:\ProgramData\TuneUp Software
[2014.02.01 21:32:17 | 000,000,000 | -HSD | C] -- C:\ProgramData\{FE8D473A-6F06-4F99-B5F4-BED72B2A038C}
[2014.02.01 21:32:17 | 000,000,000 | -H-D | C] -- C:\ProgramData\Common Files
[2014.02.01 15:26:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MAXON
[2014.02.01 15:24:16 | 000,000,000 | ---D | C] -- C:\Users\Tobias\AppData\Roaming\MAXON
[2014.02.01 15:23:15 | 000,000,000 | ---D | C] -- C:\Users\Tobias\Documents\Intro
[2014.02.01 11:04:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
[2014.02.01 11:04:54 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2014.02.01 08:28:08 | 000,000,000 | ---D | C] -- C:\Users\Tobias\AppData\Roaming\Identities
[2014.01.30 20:35:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
[2014.01.30 20:35:18 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\DESIGNER
[2014.01.30 20:33:36 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Office
[2014.01.30 20:33:28 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Analysis Services
[2014.01.30 20:33:15 | 000,000,000 | ---D | C] -- C:\Users\Tobias\AppData\Local\Microsoft Help
[2014.01.30 20:33:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft Help
[2014.01.30 20:33:01 | 000,000,000 | RH-D | C] -- C:\MSOCache
[2014.01.30 20:26:31 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\EPSON
[2014.01.30 20:10:57 | 000,000,000 | ---D | C] -- C:\Users\Tobias\AppData\Roaming\Epson
[2014.01.30 20:10:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Epson Software
[2014.01.30 20:10:47 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Epson Software
[2014.01.30 20:10:29 | 000,558,592 | ---- | C] (SEIKO EPSON CORPORATION) -- C:\Windows\SysNative\ensppmon.dll
[2014.01.30 20:10:29 | 000,558,592 | ---- | C] (SEIKO EPSON CORPORATION) -- C:\Windows\SysNative\enppmon.dll
[2014.01.30 20:10:29 | 000,535,552 | ---- | C] (SEIKO EPSON CORPORATION) -- C:\Windows\SysNative\ensppui.dll
[2014.01.30 20:10:29 | 000,535,552 | ---- | C] (SEIKO EPSON CORPORATION) -- C:\Windows\SysNative\enppui.dll
[2014.01.30 20:10:29 | 000,219,648 | ---- | C] (SEIKO EPSON CORPORATION) -- C:\Windows\SysNative\enspres.dll
[2014.01.30 20:10:29 | 000,219,648 | ---- | C] (SEIKO EPSON CORPORATION) -- C:\Windows\SysNative\enpres.dll
[2014.01.30 20:10:28 | 000,000,000 | ---D | C] -- C:\Program Files\EpsonNet
[2014.01.30 20:10:25 | 000,466,432 | ---- | C] (Seiko Epson Corporation) -- C:\Windows\SysNative\esxw2ud.dll
[2014.01.30 20:10:25 | 000,135,824 | ---- | C] (Seiko Epson Corporation) -- C:\Windows\SysNative\escsvc64.exe
[2014.01.30 20:10:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EPSON
[2014.01.30 20:10:22 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\epson
[2014.01.30 20:09:29 | 000,120,320 | ---- | C] (SEIKO EPSON CORPORATION) -- C:\Windows\SysNative\E_YLMIUE.DLL
[2014.01.30 20:09:29 | 000,010,752 | ---- | C] (SEIKO EPSON CORP.) -- C:\Windows\SysNative\E_GCINST.DLL
[2014.01.30 20:09:28 | 000,083,968 | ---- | C] (SEIKO EPSON CORPORATION) -- C:\Windows\SysNative\E_YD4BIUE.DLL
[2014.01.30 20:09:27 | 000,000,000 | ---D | C] -- C:\ProgramData\EPSON
[2014.01.30 19:32:52 | 000,000,000 | ---D | C] -- C:\Users\Tobias\AppData\Local\NewSoft
[2014.01.30 19:32:52 | 000,000,000 | ---D | C] -- C:\Users\Tobias\Documents\My PageManager
[2014.01.30 19:32:52 | 000,000,000 | ---D | C] -- C:\Users\Tobias\AppData\Roaming\.oit
[2014.01.30 19:32:29 | 000,000,000 | ---D | C] -- C:\Users\Tobias\AppData\Roaming\NewSoft
[2014.01.30 19:31:44 | 000,087,392 | ---- | C] (Twain Working Group) -- C:\Windows\TWAIN.DLL
[2014.01.30 19:31:44 | 000,069,632 | ---- | C] (Twain Working Group) -- C:\Windows\Twunk_32.exe
[2014.01.30 19:31:44 | 000,048,560 | ---- | C] (Twain Working Group) -- C:\Windows\Twunk_16.exe
[2014.01.30 19:31:43 | 000,027,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\CTL3DV2.DLL
[2014.01.30 19:31:42 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\NewSoft
[2014.01.30 19:31:24 | 000,000,000 | -H-D | C] -- C:\Program Files (x86)\InstallShield Installation Information
[2014.01.28 15:18:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
[2014.01.28 15:18:28 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
[2014.01.28 15:18:28 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\iTunes
[2014.01.28 15:18:28 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2014.01.28 15:18:28 | 000,000,000 | ---D | C] -- C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
[2014.01.23 18:24:51 | 001,884,448 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvdispco6433221.dll
[2014.01.23 18:24:51 | 001,511,712 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvdispgenco6433221.dll
[2014.01.23 18:24:51 | 000,197,408 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\drivers\nvhda64v.sys
[2014.01.23 18:24:51 | 000,031,520 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvhdap64.dll
[2014.01.23 18:23:41 | 000,039,200 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\drivers\nvvad64v.sys
[2014.01.23 18:23:41 | 000,033,056 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvaudcap32v.dll
[2014.01.17 15:23:35 | 000,461,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dpnet.dll
[2014.01.17 15:23:35 | 000,377,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dpnet.dll
[2014.01.17 15:23:35 | 000,214,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dplayx.dll
[2014.01.17 15:23:35 | 000,066,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dpnathlp.dll
[2014.01.17 15:23:35 | 000,059,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dpnathlp.dll
[2014.01.17 15:23:35 | 000,045,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dpwsockx.dll
[2014.01.17 15:23:35 | 000,034,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dpnsvr.exe
[2014.01.17 15:23:35 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dpnsvr.exe
[2014.01.17 15:23:35 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dplaysvr.exe
[2014.01.17 15:23:35 | 000,023,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dpmodemx.dll
[2014.01.17 15:23:35 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dpnhupnp.dll
[2014.01.17 15:23:35 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dpnhupnp.dll
[2014.01.17 15:23:35 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dpnhpast.dll
[2014.01.17 15:23:35 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dpnhpast.dll
[2014.01.17 15:23:06 | 000,000,000 | ---D | C] -- C:\Users\Tobias\AppData\Roaming\GameRanger
[2014.01.17 15:19:04 | 003,395,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WSService.dll
[2014.01.17 15:19:04 | 000,249,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\Windows.ApplicationModel.Store.TestingFramework.dll
[2014.01.17 15:19:04 | 000,189,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\Windows.ApplicationModel.Store.TestingFramework.dll
[2014.01.17 15:19:03 | 000,848,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WSShared.dll
[2014.01.17 15:19:03 | 000,695,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WSShared.dll
[2014.01.17 15:19:03 | 000,206,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WSClient.dll
[2014.01.17 15:19:03 | 000,174,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WSClient.dll
[2014.01.17 15:19:02 | 000,084,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WSCollect.exe
[2014.01.17 15:18:28 | 000,787,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\uDWM.dll
[2014.01.13 19:13:51 | 000,000,000 | ---D | C] -- C:\Users\Tobias\AppData\Roaming\WindSolutions
[2014.01.13 19:13:09 | 000,000,000 | ---D | C] -- C:\ProgramData\WindSolutions
[2014.01.13 18:47:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft
[2014.01.13 18:47:10 | 000,000,000 | ---D | C] -- C:\Users\Tobias\AppData\Roaming\Apple Computer
[2014.01.13 18:47:10 | 000,000,000 | ---D | C] -- C:\Users\Tobias\AppData\Local\Apple Computer
[2014.01.13 18:47:09 | 000,033,240 | ---- | C] (GEAR Software Inc.) -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys
[2014.01.13 18:47:09 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\DRVSTORE
[2014.01.13 18:47:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple Computer
[2014.01.13 18:45:57 | 000,000,000 | ---D | C] -- C:\Users\Tobias\AppData\Roaming\OpenCandy
[2014.01.13 18:45:57 | 000,000,000 | ---D | C] -- C:\Users\Tobias\AppData\Roaming\DVDVideoSoft
[2014.01.13 18:45:57 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\DVDVideoSoft
[2014.01.13 18:45:57 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\DVDVideoSoft
[2014.01.13 18:45:41 | 000,000,000 | ---D | C] -- C:\Users\Tobias\AppData\Local\Apple
[2014.01.13 18:45:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Apple Software Update
[2014.01.13 18:45:36 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Apple
[2014.01.13 18:45:33 | 000,000,000 | ---D | C] -- C:\Program Files\Bonjour
[2014.01.13 18:45:33 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Bonjour
[2014.01.13 18:45:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple
[2014.01.13 18:45:29 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Apple
[2014.01.13 18:45:14 | 000,000,000 | ---D | C] -- C:\Users\Tobias\AppData\Local\Programs
[2014.01.12 12:21:59 | 000,000,000 | ---D | C] -- C:\Users\Tobias\AppData\Local\Spotify
[2014.01.12 12:21:47 | 000,000,000 | ---D | C] -- C:\Users\Tobias\AppData\Roaming\Spotify
[2014.01.12 11:09:10 | 000,000,000 | ---D | C] -- C:\Users\Tobias\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ubisoft
[2014.01.06 18:46:11 | 000,000,000 | ---D | C] -- C:\Users\Tobias\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
[2014.01.06 18:45:38 | 000,000,000 | ---D | C] -- C:\Users\Tobias\AppData\Roaming\Dropbox
[2014.01.06 11:14:54 | 000,000,000 | ---D | C] -- C:\Users\Tobias\AppData\Local\Paint.NET
[2014.01.06 11:04:29 | 000,000,000 | ---D | C] -- C:\Users\Tobias\AppData\Roaming\FastStone
[2014.01.06 11:04:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FastStone Capture
[2014.01.06 11:04:28 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\FastStone Capture
[2014.01.04 19:47:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Oracle
[2014.01.04 19:47:45 | 000,000,000 | ---D | C] -- C:\Program Files\Java
[2014.01.04 17:56:36 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\TeamViewer
[2014.01.02 20:59:37 | 000,000,000 | ---D | C] -- C:\Users\Tobias\AppData\Roaming\Skype
[2014.01.02 20:59:35 | 000,000,000 | R--D | C] -- C:\Program Files (x86)\Skype
[2014.01.02 20:59:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
[2014.01.02 20:59:35 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Skype
[2014.01.02 20:59:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Skype
[2013.12.29 01:28:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
[2013.12.28 23:45:07 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Fraps
[2013.12.28 23:45:07 | 000,000,000 | ---D | C] -- C:\Fraps
[2013.12.28 23:44:28 | 000,000,000 | ---D | C] -- C:\Users\Tobias\AppData\Roaming\WinRAR
[2013.12.28 23:43:50 | 000,000,000 | ---D | C] -- C:\Users\Tobias\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
[2013.12.28 23:43:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
[2013.12.28 21:40:16 | 000,000,000 | ---D | C] -- C:\Users\Tobias\AppData\Local\CrashRpt
[2013.12.28 21:14:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Package Cache
[2013.12.28 00:54:48 | 000,000,000 | ---D | C] -- C:\Users\Tobias\AppData\Roaming\Doublefine
[2013.12.27 01:35:06 | 000,000,000 | R--D | C] -- C:\Windows\BrowserChoice
[2013.12.27 01:34:49 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\MRT
[2013.12.26 22:11:49 | 000,000,000 | ---D | C] -- C:\Users\Tobias\AppData\Roaming\Origin
[2013.12.26 22:10:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Origin
[2013.12.26 19:22:59 | 000,000,000 | R--D | C] -- C:\Users\Tobias\SkyDrive
[2013.12.26 18:20:10 | 001,085,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\twinui.appcore.dll
[2013.12.26 18:20:10 | 000,869,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\twinui.appcore.dll
[2013.12.26 18:20:00 | 018,577,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\Windows.UI.Xaml.dll
[2013.12.26 18:19:58 | 013,925,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\Windows.UI.Xaml.dll
[2013.12.26 18:19:39 | 002,328,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\explorer.exe
[2013.12.26 18:19:38 | 002,065,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\explorer.exe
[2013.12.26 18:19:38 | 001,584,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\workfolderssvc.dll
[2013.12.26 18:19:38 | 001,067,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mfasfsrcsnk.dll
[2013.12.26 18:19:38 | 000,883,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfasfsrcsnk.dll
[2013.12.26 18:19:37 | 006,639,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mstscax.dll
[2013.12.26 18:19:37 | 002,134,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d9.dll
[2013.12.26 18:19:37 | 001,287,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kernel32.dll
[2013.12.26 18:19:36 | 002,617,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\authui.dll
[2013.12.26 18:19:36 | 001,399,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winmde.dll
[2013.12.26 18:19:36 | 001,160,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\Windows.Web.Http.dll
[2013.12.26 18:19:36 | 000,481,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mfsvr.dll
[2013.12.26 18:19:35 | 005,769,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mstscax.dll
[2013.12.26 18:19:35 | 001,373,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wmpmde.dll
[2013.12.26 18:19:35 | 001,231,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\Windows.Media.dll
[2013.12.26 18:19:35 | 001,011,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\TSWorkspace.dll
[2013.12.26 18:19:35 | 000,920,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\UIAutomationCore.dll
[2013.12.26 18:19:35 | 000,708,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iuilp.dll
[2013.12.26 18:19:35 | 000,656,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dnsapi.dll
[2013.12.26 18:19:35 | 000,380,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfsvr.dll
[2013.12.26 18:19:34 | 002,295,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\authui.dll
[2013.12.26 18:19:34 | 001,204,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\winmde.dll
[2013.12.26 18:19:34 | 001,147,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\UIAutomationCore.dll
[2013.12.26 18:19:34 | 000,761,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WorkfoldersControl.dll
[2013.12.26 18:19:34 | 000,699,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10level9.dll
[2013.12.26 18:19:34 | 000,631,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WWAHost.exe
[2013.12.26 18:19:34 | 000,533,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\AppReadiness.dll
[2013.12.26 18:19:33 | 000,578,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\Windows.Networking.BackgroundTransfer.dll
[2013.12.26 18:19:33 | 000,518,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WWAHost.exe
[2013.12.26 18:19:33 | 000,411,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\Windows.Networking.BackgroundTransfer.dll
[2013.12.26 18:19:33 | 000,331,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\eapphost.dll
[2013.12.26 18:19:33 | 000,171,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kd_02_8086.dll
[2013.12.26 18:19:33 | 000,031,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ploptin.dll
[2013.12.26 18:19:32 | 000,888,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\Windows.Media.dll
[2013.12.26 18:19:32 | 000,795,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\TSWorkspace.dll
[2013.12.26 18:19:32 | 000,607,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\comdlg32.dll
[2013.12.26 18:19:32 | 000,558,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\apphelp.dll
[2013.12.26 18:19:32 | 000,465,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\AudioSes.dll
[2013.12.26 18:19:32 | 000,391,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tsmf.dll
[2013.12.26 18:19:32 | 000,345,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\tsmf.dll
[2013.12.26 18:19:32 | 000,325,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\eapp3hst.dll
[2013.12.26 18:19:32 | 000,317,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wintrust.dll
[2013.12.26 18:19:32 | 000,270,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\portcls.sys
[2013.12.26 18:19:31 | 000,762,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\Windows.Web.Http.dll
[2013.12.26 18:19:31 | 000,286,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\pcsvDevice.dll
[2013.12.26 18:19:31 | 000,262,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\eapphost.dll
[2013.12.26 18:19:31 | 000,134,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\psmsrv.dll
[2013.12.26 18:19:31 | 000,132,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msched.dll
[2013.12.26 18:19:31 | 000,104,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ncryptsslp.dll
[2013.12.26 18:19:31 | 000,088,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ncryptsslp.dll
[2013.12.26 18:19:30 | 000,830,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\samsrv.dll
[2013.12.26 18:19:30 | 000,044,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wldp.dll
[2013.12.26 18:19:29 | 000,381,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WUSettingsProvider.dll
[2013.12.26 18:19:29 | 000,184,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dafWfdProvider.dll
[2013.12.26 18:19:29 | 000,113,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\shsetup.dll
[2013.12.26 18:19:29 | 000,092,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dafBth.dll
[2013.12.26 18:19:29 | 000,083,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\TSWbPrxy.exe
[2013.12.26 18:19:29 | 000,057,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\stornvme.sys
[2013.12.26 18:19:29 | 000,054,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuauclt.exe
[2013.12.26 18:19:28 | 000,335,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\eappcfg.dll
[2013.12.26 18:19:28 | 000,272,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\eappcfg.dll
[2013.12.26 18:19:28 | 000,245,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\eapp3hst.dll
[2013.12.26 18:19:28 | 000,103,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WiFiDisplay.dll
[2013.12.26 18:19:28 | 000,101,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\eappgnui.dll
[2013.12.26 18:19:28 | 000,094,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\shsetup.dll
[2013.12.26 18:19:28 | 000,093,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\eappgnui.dll
[2013.12.26 18:19:27 | 001,704,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wucltux.dll
[2013.12.26 18:19:27 | 000,186,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WorkFoldersShell.dll
[2013.12.26 18:19:27 | 000,049,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ftp.exe
[2013.12.26 18:19:26 | 000,338,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpclip.exe
[2013.12.26 18:19:26 | 000,226,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\miutils.dll
[2013.12.26 18:19:26 | 000,180,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\miutils.dll
[2013.12.26 18:19:26 | 000,053,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ftp.exe
[2013.12.26 18:18:05 | 007,399,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe
[2013.12.26 18:18:05 | 002,143,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dwmcore.dll
[2013.12.26 18:18:05 | 002,140,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d11.dll
[2013.12.26 18:18:05 | 001,302,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\AppXDeploymentServer.dll
[2013.12.26 18:18:04 | 002,570,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SettingsHandlers.dll
[2013.12.26 18:18:04 | 001,765,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3d11.dll
[2013.12.26 18:18:04 | 001,765,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dwmcore.dll
[2013.12.26 18:18:04 | 000,516,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxgi.dll
[2013.12.26 18:18:03 | 002,896,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msftedit.dll
[2013.12.26 18:18:03 | 000,747,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wlidcli.dll
[2013.12.26 18:18:03 | 000,637,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SettingSyncHost.exe
[2013.12.26 18:18:03 | 000,479,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\SettingSyncHost.exe
[2013.12.26 18:18:03 | 000,358,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dcomp.dll
[2013.12.26 18:18:02 | 001,756,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WMPDMC.exe
[2013.12.26 18:18:02 | 001,345,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winresume.exe
[2013.12.26 18:18:02 | 000,744,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SettingSyncCore.dll
[2013.12.26 18:18:02 | 000,382,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\dxgmms1.sys
[2013.12.26 18:18:02 | 000,225,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dcomp.dll
[2013.12.26 18:18:02 | 000,160,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\AppxAllUserStore.dll
[2013.12.26 18:18:02 | 000,139,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\AppxAllUserStore.dll
[2013.12.26 18:18:01 | 002,266,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msftedit.dll
[2013.12.26 18:18:01 | 001,642,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winload.efi
[2013.12.26 18:18:01 | 001,506,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winload.exe
[2013.12.26 18:18:01 | 001,476,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winresume.efi
[2013.12.26 18:18:01 | 000,584,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\SettingSyncCore.dll
[2013.12.26 18:18:01 | 000,566,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wpncore.dll
[2013.12.26 18:18:01 | 000,372,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\spaceport.sys
[2013.12.26 18:18:01 | 000,254,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\AppXDeploymentClient.dll
[2013.12.26 18:18:01 | 000,198,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\AppXDeploymentClient.dll
[2013.12.26 18:18:00 | 001,843,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\Display.dll
[2013.12.26 18:18:00 | 001,391,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WMPDMC.exe
[2013.12.26 18:18:00 | 000,922,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\AppXDeploymentExtensions.dll
[2013.12.26 18:18:00 | 000,325,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\USBXHCI.SYS
[2013.12.26 18:18:00 | 000,146,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\SerCx2.sys
[2013.12.26 18:18:00 | 000,086,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\pdc.sys
[2013.12.26 18:18:00 | 000,039,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\intelpep.sys
[2013.12.26 18:18:00 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\CredentialMigrationHandler.dll
[2013.12.26 18:18:00 | 000,027,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\CredentialMigrationHandler.dll
[2013.12.26 18:17:59 | 001,816,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\Display.dll
[2013.12.26 18:17:59 | 000,544,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wlidcli.dll
[2013.12.26 18:12:14 | 001,286,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msctf.dll
[2013.12.26 18:12:14 | 001,217,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\Windows.Media.Streaming.dll
[2013.12.26 18:12:13 | 000,977,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\Windows.Media.Streaming.dll
[2013.12.26 18:12:13 | 000,294,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\Windows.Devices.Sensors.dll
[2013.12.26 18:12:13 | 000,225,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\Windows.Devices.Sensors.dll
[2013.12.26 18:11:26 | 000,075,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\imagehlp.dll
[2013.12.26 18:10:59 | 000,393,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WMPhoto.dll
[2013.12.26 18:10:59 | 000,348,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WMPhoto.dll
[2013.12.26 18:10:30 | 000,136,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\wfplwfs.sys
[2013.12.26 18:10:03 | 001,341,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\gdi32.dll
[2013.12.26 18:09:36 | 000,872,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mfplat.dll
[2013.12.26 18:09:36 | 000,698,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfplat.dll
[2013.12.26 18:08:13 | 000,197,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\scrrun.dll
[2013.12.26 18:08:13 | 000,156,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\scrrun.dll
[2013.12.26 18:06:48 | 000,615,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MDMAgent.exe
[2013.12.26 18:06:48 | 000,287,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mdmregistration.dll
[2013.12.26 18:06:48 | 000,240,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mdmregistration.dll
[2013.12.26 18:06:21 | 001,943,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\crypt32.dll
[2013.12.25 22:59:03 | 000,000,000 | ---D | C] -- C:\Users\Tobias\AppData\Local\Unity
[2013.12.25 22:58:58 | 000,000,000 | ---D | C] -- C:\Users\Tobias\AppData\Local\Deployment
[2013.12.25 22:58:58 | 000,000,000 | ---D | C] -- C:\Users\Tobias\AppData\Local\Apps
[2013.12.25 22:41:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft-Maus- und Tastatur-Center
[2013.12.25 22:41:54 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Mouse and Keyboard Center
[2013.12.25 21:13:49 | 000,000,000 | ---D | C] -- C:\Users\Tobias\AppData\Local\4A Games
[2013.12.25 21:10:41 | 000,000,000 | ---D | C] -- C:\Users\Tobias\AppData\Roaming\NVIDIA
[2013.12.25 01:14:10 | 000,000,000 | ---D | C] -- C:\Users\Tobias\AppData\Local\Skyrim
[2013.12.25 00:45:16 | 000,000,000 | ---D | C] -- C:\Users\Tobias\AppData\Local\PunkBuster
[2013.12.25 00:38:40 | 000,000,000 | ---D | C] -- C:\Users\Tobias\AppData\Local\Ubisoft Game Launcher
[2013.12.25 00:38:30 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Ubisoft
[2013.12.24 16:14:25 | 000,000,000 | ---D | C] -- C:\Users\Tobias\AppData\Local\ElevatedDiagnostics
[2013.12.24 14:03:02 | 000,000,000 | R--D | C] -- C:\Users\Tobias\SkyDrive.old
[2013.12.24 13:58:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
[2013.12.24 13:50:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast
[2013.12.24 13:50:15 | 001,034,464 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSnx.sys
[2013.12.24 13:50:15 | 000,422,216 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSP.sys
[2013.12.24 13:50:15 | 000,092,544 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswRdr2.sys
[2013.12.24 13:50:15 | 000,079,672 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswstm.sys
[2013.12.24 13:50:15 | 000,078,648 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswMonFlt.sys
[2013.12.24 13:50:14 | 000,334,136 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\aswBoot.exe
[2013.12.24 13:50:13 | 000,043,152 | ---- | C] (AVAST Software) -- C:\Windows\avastSS.scr
[2013.12.24 13:49:57 | 000,000,000 | ---D | C] -- C:\Program Files\AVAST Software
[2013.12.24 13:39:32 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Steam
[2013.12.24 13:05:34 | 000,000,000 | ---D | C] -- C:\Users\Tobias\AppData\Roaming\AVAST Software
[2013.12.24 13:04:58 | 000,000,000 | ---D | C] -- C:\Users\Tobias\AppData\Local\NVIDIA Corporation
[2013.12.24 13:04:51 | 001,179,576 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvspcap64.dll
[2013.12.24 13:04:51 | 001,048,152 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvspcap.dll
[2013.12.24 13:04:27 | 000,000,000 | ---D | C] -- C:\Users\Tobias\AppData\Local\NVIDIA
[2013.12.24 13:04:27 | 000,000,000 | ---D | C] -- C:\Program Files\Google
[2013.12.24 13:04:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
[2013.12.24 13:03:55 | 000,000,000 | ---D | C] -- C:\Users\Tobias\AppData\Local\Google
[2013.12.24 13:03:55 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Google
[2013.12.24 13:02:35 | 000,000,000 | ---D | C] -- C:\ProgramData\AVAST Software
[2013.12.24 13:01:47 | 000,000,000 | ---D | C] -- C:\Users\Tobias\AppData\Roaming\Macromedia
[2013.12.24 12:56:20 | 000,000,000 | R--D | C] -- C:\Users\Tobias\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
[2013.12.24 12:56:20 | 000,000,000 | R--D | C] -- C:\Users\Tobias\Searches
[2013.12.24 12:56:20 | 000,000,000 | R--D | C] -- C:\Users\Tobias\Contacts
[2013.12.24 12:56:20 | 000,000,000 | R--D | C] -- C:\Users\Tobias\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
[2013.12.24 12:56:20 | 000,000,000 | ---D | C] -- C:\Users\Tobias\AppData\Local\VirtualStore
[2013.12.24 12:56:20 | 000,000,000 | ---D | C] -- C:\Users\Tobias\AppData\Roaming\Adobe
[2013.12.24 12:56:19 | 000,000,000 | ---D | C] -- C:\Users\Tobias\AppData\Local\Packages
[2013.12.24 12:56:18 | 000,000,000 | --SD | C] -- C:\Users\Tobias\AppData\Roaming\Microsoft
[2013.12.24 12:56:18 | 000,000,000 | R--D | C] -- C:\Users\Tobias\Videos
[2013.12.24 12:56:18 | 000,000,000 | R--D | C] -- C:\Users\Tobias\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
[2013.12.24 12:56:18 | 000,000,000 | R--D | C] -- C:\Users\Tobias\Saved Games
[2013.12.24 12:56:18 | 000,000,000 | R--D | C] -- C:\Users\Tobias\Pictures
[2013.12.24 12:56:18 | 000,000,000 | R--D | C] -- C:\Users\Tobias\Music
[2013.12.24 12:56:18 | 000,000,000 | R--D | C] -- C:\Users\Tobias\Links
[2013.12.24 12:56:18 | 000,000,000 | R--D | C] -- C:\Users\Tobias\Favorites
[2013.12.24 12:56:18 | 000,000,000 | R--D | C] -- C:\Users\Tobias\Downloads
[2013.12.24 12:56:18 | 000,000,000 | R--D | C] -- C:\Users\Tobias\Documents
[2013.12.24 12:56:18 | 000,000,000 | R--D | C] -- C:\Users\Tobias\Desktop
[2013.12.24 12:56:18 | 000,000,000 | R--D | C] -- C:\Users\Tobias\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
[2013.12.24 12:56:18 | 000,000,000 | R--D | C] -- C:\Users\Tobias\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
[2013.12.24 12:56:18 | 000,000,000 | -HSD | C] -- C:\Users\Tobias\Vorlagen
[2013.12.24 12:56:18 | 000,000,000 | -HSD | C] -- C:\Users\Tobias\AppData\Local\Verlauf
[2013.12.24 12:56:18 | 000,000,000 | -HSD | C] -- C:\Users\Tobias\AppData\Local\Temporary Internet Files
[2013.12.24 12:56:18 | 000,000,000 | -HSD | C] -- C:\Users\Tobias\Startmenü
[2013.12.24 12:56:18 | 000,000,000 | -HSD | C] -- C:\Users\Tobias\SendTo
[2013.12.24 12:56:18 | 000,000,000 | -HSD | C] -- C:\Users\Tobias\Recent
[2013.12.24 12:56:18 | 000,000,000 | -HSD | C] -- C:\Users\Tobias\Netzwerkumgebung
[2013.12.24 12:56:18 | 000,000,000 | -HSD | C] -- C:\Users\Tobias\Lokale Einstellungen
[2013.12.24 12:56:18 | 000,000,000 | -HSD | C] -- C:\Users\Tobias\Documents\Eigene Videos
[2013.12.24 12:56:18 | 000,000,000 | -HSD | C] -- C:\Users\Tobias\Documents\Eigene Musik
[2013.12.24 12:56:18 | 000,000,000 | -HSD | C] -- C:\Users\Tobias\Eigene Dateien
[2013.12.24 12:56:18 | 000,000,000 | -HSD | C] -- C:\Users\Tobias\Documents\Eigene Bilder
[2013.12.24 12:56:18 | 000,000,000 | -HSD | C] -- C:\Users\Tobias\Druckumgebung
[2013.12.24 12:56:18 | 000,000,000 | -HSD | C] -- C:\Users\Tobias\Cookies
[2013.12.24 12:56:18 | 000,000,000 | -HSD | C] -- C:\Users\Tobias\AppData\Local\Anwendungsdaten
[2013.12.24 12:56:18 | 000,000,000 | -HSD | C] -- C:\Users\Tobias\Anwendungsdaten
[2013.12.24 12:56:18 | 000,000,000 | -H-D | C] -- C:\Users\Tobias\AppData
[2013.12.24 12:56:18 | 000,000,000 | ---D | C] -- C:\Users\Tobias\AppData\Local\Temp
[2013.12.24 12:56:18 | 000,000,000 | ---D | C] -- C:\Users\Tobias\AppData\Local\Microsoft
[2013.12.24 12:56:18 | 000,000,000 | ---D | C] -- C:\Users\Tobias\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
[2013.12.24 12:56:16 | 000,000,000 | ---D | C] -- C:\Windows\SoftwareDistribution
[2013.12.24 12:38:43 | 000,000,000 | -HSD | C] -- C:\ProgramData\Vorlagen
[2013.12.24 12:38:43 | 000,000,000 | -HSD | C] -- C:\ProgramData\Startmenü
[2013.12.24 12:38:43 | 000,000,000 | -HSD | C] -- C:\Programme
[2013.12.24 12:38:43 | 000,000,000 | -HSD | C] -- C:\Program Files\Gemeinsame Dateien
[2013.12.24 12:38:43 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Eigene Videos
[2013.12.24 12:38:43 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Eigene Musik
[2013.12.24 12:38:43 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Eigene Bilder
[2013.12.24 12:38:43 | 000,000,000 | -HSD | C] -- C:\Dokumente und Einstellungen
[2013.12.24 12:38:43 | 000,000,000 | -HSD | C] -- C:\ProgramData\Dokumente
[2013.12.24 12:38:43 | 000,000,000 | -HSD | C] -- C:\ProgramData\Anwendungsdaten
[3 C:\Windows\SysNative\*.tmp files -> C:\Windows\SysNative\*.tmp -> ]
[2 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
 
========== Files - Modified Within 60 Days ==========
 
[2014.02.21 14:19:48 | 000,002,271 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2014.02.21 14:18:22 | 000,001,124 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2014.02.21 14:01:57 | 000,001,120 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2014.02.21 14:01:45 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2014.02.20 17:14:41 | 001,776,918 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2014.02.20 17:14:41 | 000,764,340 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2014.02.20 17:14:41 | 000,722,278 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2014.02.20 17:14:41 | 000,159,160 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2014.02.20 17:14:41 | 000,135,394 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2014.02.18 16:54:13 | 000,002,153 | ---- | M] () -- C:\Users\Public\Desktop\3D Vision Photo Viewer.lnk
[2014.02.13 19:10:45 | 268,435,456 | -HS- | M] () -- C:\swapfile.sys
[2014.02.13 19:10:44 | 2530,050,047 | -HS- | M] () -- C:\hiberfil.sys
[2014.02.08 19:34:51 | 031,432,480 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvoglv64.dll
[2014.02.08 19:34:51 | 025,256,224 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcompiler.dll
[2014.02.08 19:34:51 | 023,683,360 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvoglv32.dll
[2014.02.08 19:34:51 | 018,257,576 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvwgf2umx.dll
[2014.02.08 19:34:51 | 017,715,784 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvd3dumx.dll
[2014.02.08 19:34:51 | 017,560,352 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcompiler.dll
[2014.02.08 19:34:51 | 015,740,232 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvwgf2um.dll
[2014.02.08 19:34:51 | 014,669,032 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvd3dum.dll
[2014.02.08 19:34:51 | 011,636,176 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuda.dll
[2014.02.08 19:34:51 | 011,589,272 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvopencl.dll
[2014.02.08 19:34:51 | 009,728,064 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuda.dll
[2014.02.08 19:34:51 | 009,690,424 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvopencl.dll
[2014.02.08 19:34:51 | 003,142,432 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuvid.dll
[2014.02.08 19:34:51 | 003,090,184 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvapi64.dll
[2014.02.08 19:34:51 | 002,956,576 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuvid.dll
[2014.02.08 19:34:51 | 002,782,496 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuvenc.dll
[2014.02.08 19:34:51 | 002,713,728 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvapi.dll
[2014.02.08 19:34:51 | 002,410,784 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuvenc.dll
[2014.02.08 19:34:51 | 001,885,472 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvdispco6433489.dll
[2014.02.08 19:34:51 | 001,515,296 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvdispgenco6433489.dll
[2014.02.08 19:34:51 | 000,947,296 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvumdshimx.dll
[2014.02.08 19:34:51 | 000,892,192 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\NvIFR64.dll
[2014.02.08 19:34:51 | 000,875,296 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\NvFBC64.dll
[2014.02.08 19:34:51 | 000,863,520 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\NvIFR.dll
[2014.02.08 19:34:51 | 000,844,576 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\NvFBC.dll
[2014.02.08 19:34:51 | 000,832,424 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvumdshim.dll
[2014.02.08 19:34:51 | 000,483,104 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvEncodeAPI64.dll
[2014.02.08 19:34:51 | 000,408,352 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvEncodeAPI.dll
[2014.02.08 19:34:51 | 000,378,656 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\NvIFROpenGL.dll
[2014.02.08 19:34:51 | 000,353,504 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvoglshim64.dll
[2014.02.08 19:34:51 | 000,333,600 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\NvIFROpenGL.dll
[2014.02.08 19:34:51 | 000,305,600 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvoglshim32.dll
[2014.02.08 19:34:51 | 000,174,296 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvinitx.dll
[2014.02.08 19:34:51 | 000,148,528 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvinit.dll
[2014.02.08 19:34:51 | 000,061,216 | ---- | M] (Khronos Group) -- C:\Windows\SysNative\OpenCL.dll
[2014.02.08 19:34:51 | 000,053,024 | ---- | M] (Khronos Group) -- C:\Windows\SysWow64\OpenCL.dll
[2014.02.08 19:34:51 | 000,024,544 | ---- | M] () -- C:\Windows\SysNative\nvinfo.pb
[2014.02.08 18:42:36 | 006,712,608 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcpl.dll
[2014.02.08 18:42:36 | 003,498,272 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvsvc64.dll
[2014.02.08 18:42:32 | 002,559,776 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvsvcr.dll
[2014.02.08 18:42:32 | 000,386,336 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvmctray.dll
[2014.02.08 18:42:32 | 000,063,776 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvshext.dll
[2014.02.08 17:18:30 | 000,599,840 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvStreaming.exe
[2014.02.06 12:30:12 | 000,004,096 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwcollectorres.dll
[2014.02.06 12:07:39 | 000,066,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll
[2014.02.06 12:06:47 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwproxystub.dll
[2014.02.06 11:56:03 | 000,033,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll
[2014.02.06 11:49:03 | 000,139,264 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2014.02.06 11:48:45 | 000,111,616 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwcollector.exe
[2014.02.06 11:48:11 | 000,708,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9diag.dll
[2014.02.06 11:32:49 | 000,218,624 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe
[2014.02.06 11:17:15 | 000,195,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msrating.dll
[2014.02.06 11:11:37 | 005,768,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2014.02.06 11:01:36 | 000,061,952 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll
[2014.02.06 11:00:46 | 000,051,200 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieetwproxystub.dll
[2014.02.06 10:57:13 | 000,627,200 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2014.02.06 10:52:21 | 000,032,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll
[2014.02.06 10:50:32 | 002,041,856 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2014.02.06 10:47:22 | 000,112,128 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2014.02.06 10:46:27 | 000,553,472 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript9diag.dll
[2014.02.06 10:25:43 | 000,164,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll
[2014.02.06 10:09:30 | 001,964,032 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2014.02.06 09:40:06 | 000,817,664 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dll
[2014.02.06 09:34:31 | 000,703,488 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll
[2014.02.05 18:52:50 | 003,573,739 | ---- | M] () -- C:\Windows\SysNative\nvcoproc.bin
[2014.02.01 21:34:46 | 000,001,321 | ---- | M] () -- C:\Users\Tobias\Desktop\Movie Maker.lnk
[2014.02.01 21:32:06 | 000,001,259 | ---- | M] () -- C:\Users\Public\Desktop\DVDVideoSoft Free Studio.lnk
[2014.02.01 21:32:06 | 000,001,107 | ---- | M] () -- C:\Users\Public\Desktop\Free YouTube Download.lnk
[2014.02.01 11:04:55 | 000,000,834 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2014.01.30 21:47:26 | 000,693,240 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2014.01.30 21:47:26 | 000,105,464 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2014.01.30 20:45:10 | 000,475,624 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2014.01.30 20:35:30 | 000,003,247 | ---- | M] () -- C:\Users\Tobias\Desktop\Microsoft Outlook 2010.lnk
[2014.01.30 20:35:30 | 000,003,111 | ---- | M] () -- C:\Users\Tobias\Desktop\Microsoft PowerPoint 2010.lnk
[2014.01.30 20:35:30 | 000,003,063 | ---- | M] () -- C:\Users\Tobias\Desktop\Microsoft Excel 2010.lnk
[2014.01.30 20:35:30 | 000,003,045 | ---- | M] () -- C:\Users\Tobias\Desktop\Microsoft Word 2010.lnk
[2014.01.30 19:58:59 | 000,000,264 | ---- | M] () -- C:\Windows\setup.iss
[2014.01.28 15:18:37 | 000,001,795 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk
[2014.01.28 12:08:31 | 000,000,199 | ---- | M] () -- C:\Users\Tobias\Desktop\Counter-Strike Global Offensive.url
[2014.01.28 12:06:02 | 000,001,537 | ---- | M] () -- C:\Users\Tobias\Desktop\Internet Explorer.lnk
[2014.01.21 03:53:40 | 001,048,152 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvspcap.dll
[2014.01.21 03:53:29 | 001,179,576 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvspcap64.dll
[2014.01.17 15:23:35 | 000,461,312 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dpnet.dll
[2014.01.17 15:23:35 | 000,377,856 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\dpnet.dll
[2014.01.17 15:23:35 | 000,214,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\dplayx.dll
[2014.01.17 15:23:35 | 000,066,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dpnathlp.dll
[2014.01.17 15:23:35 | 000,059,904 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\dpnathlp.dll
[2014.01.17 15:23:35 | 000,045,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\dpwsockx.dll
[2014.01.17 15:23:35 | 000,034,304 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dpnsvr.exe
[2014.01.17 15:23:35 | 000,033,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\dpnsvr.exe
[2014.01.17 15:23:35 | 000,030,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\dplaysvr.exe
[2014.01.17 15:23:35 | 000,023,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\dpmodemx.dll
[2014.01.17 15:23:35 | 000,009,216 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\dpnhupnp.dll
[2014.01.17 15:23:35 | 000,009,216 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dpnhupnp.dll
[2014.01.17 15:23:35 | 000,009,216 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\dpnhpast.dll
[2014.01.17 15:23:35 | 000,009,216 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dpnhpast.dll
[2014.01.13 18:47:24 | 000,001,552 | ---- | M] () -- C:\Users\Public\Desktop\Free YouTube to MP3 Converter.lnk
[2014.01.13 18:44:01 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_User_WpdMtpDr_01_11_00.Wdf
[2014.01.12 12:21:58 | 000,001,854 | ---- | M] () -- C:\Users\Tobias\Desktop\Spotify.lnk
[2014.01.12 11:09:10 | 000,001,221 | ---- | M] () -- C:\Users\Tobias\Desktop\Uplay.lnk
[2014.01.09 09:25:10 | 002,804,224 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\actxprxy.dll
[2014.01.09 08:59:06 | 000,115,712 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\winbici.dll
[2014.01.09 08:49:48 | 000,919,040 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\MrmCoreR.dll
[2014.01.09 08:44:45 | 000,720,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\SkyDriveTelemetry.dll
[2014.01.09 08:43:12 | 000,121,344 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\SkyDriveShell.dll
[2014.01.09 08:29:28 | 000,105,984 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\SkyDriveShell.dll
[2014.01.09 08:28:45 | 000,628,736 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\MrmCoreR.dll
[2014.01.09 08:28:44 | 004,217,344 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\SyncEngine.dll
[2014.01.09 08:18:50 | 000,870,912 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\SkyDrive.exe
[2014.01.07 08:03:30 | 000,018,944 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\pcaui.exe
[2014.01.07 06:59:03 | 000,017,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\pcaui.exe
[2014.01.07 06:00:20 | 002,397,184 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10warp.dll
[2014.01.06 18:48:26 | 000,001,088 | ---- | M] () -- C:\Users\Tobias\Desktop\Dropbox.lnk
[2014.01.06 18:46:20 | 000,001,098 | ---- | M] () -- C:\Users\Tobias\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
[2014.01.06 11:15:06 | 000,000,915 | ---- | M] () -- C:\Users\Public\Desktop\Paint.NET.lnk
[2014.01.06 11:05:09 | 000,001,091 | ---- | M] () -- C:\Users\Public\Desktop\FastStone Capture.lnk
[2014.01.04 21:50:05 | 001,462,216 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\propsys.dll
[2014.01.04 17:56:37 | 000,001,182 | ---- | M] () -- C:\Users\Public\Desktop\TeamViewer 9.lnk
[2014.01.04 15:30:03 | 013,209,088 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\twinui.dll
[2014.01.04 15:23:19 | 011,702,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\twinui.dll
[2014.01.04 14:42:04 | 001,105,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\SearchFolder.dll
[2014.01.04 14:40:27 | 007,416,832 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\Windows.UI.Search.dll
[2014.01.04 14:28:24 | 004,961,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\Windows.UI.Search.dll
[2014.01.02 20:59:35 | 000,002,715 | ---- | M] () -- C:\Users\Public\Desktop\Skype.lnk
[2013.12.28 23:46:30 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_User_LocationProvider_01_11_00.Wdf
[2013.12.28 23:45:07 | 000,000,580 | ---- | M] () -- C:\Users\Public\Desktop\Fraps.lnk
[2013.12.28 18:01:16 | 000,281,688 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.xtr
[2013.12.28 00:08:46 | 000,281,688 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.ex0
[2013.12.27 19:42:26 | 000,039,200 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\drivers\nvvad64v.sys
[2013.12.27 19:42:16 | 000,035,104 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvaudcap64v.dll
[2013.12.27 19:42:16 | 000,033,056 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvaudcap32v.dll
[2013.12.24 13:58:31 | 000,000,520 | ---- | M] () -- C:\Users\Public\Desktop\Steam.lnk
[2013.12.24 13:50:21 | 000,001,982 | ---- | M] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk
[2013.12.24 13:50:19 | 000,079,672 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswstm.sys
[2013.12.24 13:50:14 | 001,034,464 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSnx.sys
[2013.12.24 13:50:14 | 000,422,216 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSP.sys
[2013.12.24 13:50:14 | 000,334,136 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\aswBoot.exe
[2013.12.24 13:50:14 | 000,207,904 | ---- | M] () -- C:\Windows\SysNative\drivers\aswVmm.sys
[2013.12.24 13:50:14 | 000,078,648 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswMonFlt.sys
[2013.12.24 13:50:14 | 000,065,776 | ---- | M] () -- C:\Windows\SysNative\drivers\aswRvrt.sys
[2013.12.24 13:50:13 | 000,092,544 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswRdr2.sys
[2013.12.24 13:50:13 | 000,043,152 | ---- | M] (AVAST Software) -- C:\Windows\avastSS.scr
[2013.12.24 13:26:00 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\config.nt
[3 C:\Windows\SysNative\*.tmp files -> C:\Windows\SysNative\*.tmp -> ]
[2 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2014.02.18 16:54:13 | 000,002,153 | ---- | C] () -- C:\Users\Public\Desktop\3D Vision Photo Viewer.lnk
[2014.02.13 11:39:46 | 000,009,701 | ---- | C] () -- C:\Windows\SysWow64\connectedsearch-results.searchconnector-ms
[2014.02.13 11:39:46 | 000,009,701 | ---- | C] () -- C:\Windows\SysNative\connectedsearch-results.searchconnector-ms
[2014.02.01 21:34:46 | 000,001,321 | ---- | C] () -- C:\Users\Tobias\Desktop\Movie Maker.lnk
[2014.02.01 21:32:06 | 000,001,107 | ---- | C] () -- C:\Users\Public\Desktop\Free YouTube Download.lnk
[2014.02.01 11:04:55 | 000,000,834 | ---- | C] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2014.02.01 10:41:06 | 000,003,111 | ---- | C] () -- C:\Users\Tobias\Desktop\Microsoft PowerPoint 2010.lnk
[2014.02.01 10:40:58 | 000,003,063 | ---- | C] () -- C:\Users\Tobias\Desktop\Microsoft Excel 2010.lnk
[2014.02.01 10:40:52 | 000,003,247 | ---- | C] () -- C:\Users\Tobias\Desktop\Microsoft Outlook 2010.lnk
[2014.01.30 20:35:30 | 000,003,045 | ---- | C] () -- C:\Users\Tobias\Desktop\Microsoft Word 2010.lnk
[2014.01.30 19:32:27 | 000,000,264 | ---- | C] () -- C:\Windows\setup.iss
[2014.01.28 15:18:37 | 000,001,795 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk
[2014.01.28 12:08:31 | 000,000,199 | ---- | C] () -- C:\Users\Tobias\Desktop\Counter-Strike Global Offensive.url
[2014.01.28 12:06:02 | 000,001,537 | ---- | C] () -- C:\Users\Tobias\Desktop\Internet Explorer.lnk
[2014.01.17 15:19:02 | 000,138,240 | ---- | C] () -- C:\Windows\SysNative\OEMLicense.dll
[2014.01.17 15:19:02 | 000,103,936 | ---- | C] () -- C:\Windows\SysWow64\OEMLicense.dll
[2014.01.13 18:47:24 | 000,001,552 | ---- | C] () -- C:\Users\Public\Desktop\Free YouTube to MP3 Converter.lnk
[2014.01.13 18:47:24 | 000,001,259 | ---- | C] () -- C:\Users\Public\Desktop\DVDVideoSoft Free Studio.lnk
[2014.01.13 18:45:40 | 000,002,535 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
[2014.01.13 18:44:01 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_User_WpdMtpDr_01_11_00.Wdf
[2014.01.12 12:21:58 | 000,001,854 | ---- | C] () -- C:\Users\Tobias\Desktop\Spotify.lnk
[2014.01.12 12:21:58 | 000,001,840 | ---- | C] () -- C:\Users\Tobias\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Spotify.lnk
[2014.01.12 11:09:10 | 000,001,221 | ---- | C] () -- C:\Users\Tobias\Desktop\Uplay.lnk
[2014.01.06 18:48:26 | 000,001,088 | ---- | C] () -- C:\Users\Tobias\Desktop\Dropbox.lnk
[2014.01.06 18:46:20 | 000,001,098 | ---- | C] () -- C:\Users\Tobias\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
[2014.01.06 11:15:06 | 000,000,915 | ---- | C] () -- C:\Users\Public\Desktop\Paint.NET.lnk
[2014.01.06 11:15:06 | 000,000,915 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Paint.NET.lnk
[2014.01.06 11:04:28 | 000,001,091 | ---- | C] () -- C:\Users\Public\Desktop\FastStone Capture.lnk
[2014.01.04 17:56:37 | 000,001,194 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 9.lnk
[2014.01.04 17:56:37 | 000,001,182 | ---- | C] () -- C:\Users\Public\Desktop\TeamViewer 9.lnk
[2014.01.02 20:59:35 | 000,002,715 | ---- | C] () -- C:\Users\Public\Desktop\Skype.lnk
[2013.12.28 23:46:30 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_User_LocationProvider_01_11_00.Wdf
[2013.12.28 23:44:54 | 000,000,580 | ---- | C] () -- C:\Users\Public\Desktop\Fraps.lnk
[2013.12.27 14:44:39 | 000,002,143 | R-S- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Browser Choice.lnk
[2013.12.26 18:19:29 | 000,385,528 | ---- | C] () -- C:\Windows\SysNative\ApnDatabase.xml
[2013.12.25 00:45:21 | 000,281,688 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.xtr
[2013.12.25 00:38:33 | 000,281,688 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.ex0
[2013.12.24 13:58:31 | 000,000,520 | ---- | C] () -- C:\Users\Public\Desktop\Steam.lnk
[2013.12.24 13:50:21 | 000,001,982 | ---- | C] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk
[2013.12.24 13:50:15 | 000,207,904 | ---- | C] () -- C:\Windows\SysNative\drivers\aswVmm.sys
[2013.12.24 13:50:15 | 000,065,776 | ---- | C] () -- C:\Windows\SysNative\drivers\aswRvrt.sys
[2013.12.24 13:26:00 | 000,000,000 | ---- | C] () -- C:\Windows\SysWow64\config.nt
[2013.12.24 13:04:18 | 000,002,271 | ---- | C] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2013.12.24 13:03:57 | 000,001,124 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013.12.24 13:03:57 | 000,001,120 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013.12.24 12:56:20 | 000,001,454 | ---- | C] () -- C:\Users\Tobias\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
[2013.08.22 16:36:43 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat
[2013.08.22 16:36:42 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT
[2013.08.22 15:46:23 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2013.08.22 08:01:23 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2013.08.22 04:32:36 | 000,046,080 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2013.08.22 00:55:20 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2013.08.22 00:52:39 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat
 
========== ZeroAccess Check ==========
 
[2013.12.13 17:46:03 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2013.11.05 21:21:27 | 021,196,664 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013.11.05 19:51:37 | 018,642,504 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2013.08.22 10:49:49 | 000,921,088 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2013.08.22 03:45:10 | 000,691,712 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2013.08.22 10:45:17 | 000,483,840 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
 
========== LOP Check ==========
 
[2014.02.02 09:43:20 | 000,000,000 | ---D | M] -- C:\Users\Tobias\AppData\Roaming\.oit
[2013.12.24 13:05:34 | 000,000,000 | ---D | M] -- C:\Users\Tobias\AppData\Roaming\AVAST Software
[2013.12.28 00:54:48 | 000,000,000 | ---D | M] -- C:\Users\Tobias\AppData\Roaming\Doublefine
[2014.02.21 14:02:20 | 000,000,000 | ---D | M] -- C:\Users\Tobias\AppData\Roaming\Dropbox
[2014.02.01 21:32:17 | 000,000,000 | ---D | M] -- C:\Users\Tobias\AppData\Roaming\DVDVideoSoft
[2014.01.30 20:47:08 | 000,000,000 | ---D | M] -- C:\Users\Tobias\AppData\Roaming\Epson
[2014.01.26 14:04:20 | 000,000,000 | ---D | M] -- C:\Users\Tobias\AppData\Roaming\GameRanger
[2014.02.01 15:26:08 | 000,000,000 | ---D | M] -- C:\Users\Tobias\AppData\Roaming\MAXON
[2014.01.30 19:32:29 | 000,000,000 | ---D | M] -- C:\Users\Tobias\AppData\Roaming\NewSoft
[2014.02.01 21:31:57 | 000,000,000 | ---D | M] -- C:\Users\Tobias\AppData\Roaming\OpenCandy
[2013.12.27 14:44:57 | 000,000,000 | ---D | M] -- C:\Users\Tobias\AppData\Roaming\Origin
[2014.02.18 21:58:01 | 000,000,000 | ---D | M] -- C:\Users\Tobias\AppData\Roaming\playnowradio
[2014.02.21 14:02:15 | 000,000,000 | ---D | M] -- C:\Users\Tobias\AppData\Roaming\Spotify
[2014.02.01 21:32:26 | 000,000,000 | ---D | M] -- C:\Users\Tobias\AppData\Roaming\TuneUp Software
[2014.01.13 19:13:51 | 000,000,000 | ---D | M] -- C:\Users\Tobias\AppData\Roaming\WindSolutions
 
========== Purity Check ==========
 
 
 
========== Alternate Data Streams ==========
 
@Alternate Data Stream - 220 bytes -> C:\Users\Tobias\SkyDrive:ms-properties

< End of report >
--- --- ---

schrauber 13.03.2014 20:42
hi,

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST Download FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
  • Starte jetzt FRST.
  • Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
  • Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
  • Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)



Alle Zeitangaben in WEZ +1. Es ist jetzt 09:41 Uhr.

Copyright ©2000-2025, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131