FRST
FRST Logfile: Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 05-07-2014 01
Ran by Richard (administrator) on RPC on 05-07-2014 17:41:57
Running from C:\Users\Richard\Downloads
Platform: Windows 8.1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Cherished Technololgy LIMITED) C:\ProgramData\IePluginServices\PluginService.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
() C:\Windows\Microsoft\SystemUpdatekb70007\WindowsUpdater.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-Service.exe
(BlueStack Systems) C:\Program Files (x86)\BlueStacks\HD-Network.exe
(BlueStack Systems) C:\Program Files (x86)\BlueStacks\HD-BlockDevice.exe
(BlueStack Systems) C:\Program Files (x86)\BlueStacks\HD-SharedFolder.exe
(The Privoxy team - www.privoxy.org) C:\Program Files (x86)\MSR\Privoxy\privoxy.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Electronic Arts) C:\Program Files (x86)\Origin\Origin.exe
(Skillbrains) C:\Users\Richard\AppData\Local\Skillbrains\lightshot\5.1.4.2\Lightshot.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-Agent.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\IPC\AdobeIPCBroker.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
() C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\HEX\Adobe CEF Helper.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-Frontend.exe
(Microsoft Corporation) C:\Windows\SysWOW64\WWAHost.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\SyncServer.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Farbar) C:\Users\Richard\Downloads\FRST64 (1).exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [558496 2014-02-27] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [766208 2013-09-11] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2688920 2014-05-26] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [BlueStacks Agent] => C:\Program Files (x86)\BlueStacks\HD-Agent.exe [832272 2014-05-01] (BlueStack Systems, Inc.)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [43848 2014-04-23] (Apple Inc.)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-01-17] (Apple Inc.)
HKLM-x32\...\Run: [Registry Helper] => "C:\Program Files (x86)\Registry Helper\RegistryHelper.Exe" /boot
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [256896 2014-05-07] (Oracle Corporation)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-05-26] (Apple Inc.)
HKLM-x32\...\Run: [fst_de_43] => [X]
HKU\S-1-5-21-1255441821-4204227492-208625417-1001\...\Run: [Overwolf] => C:\Program Files (x86)\Overwolf\Overwolf.exe -silent
HKU\S-1-5-21-1255441821-4204227492-208625417-1001\...\Run: [LightShot] => C:\Users\Richard\AppData\Local\Skillbrains\lightshot\Lightshot.exe [226560 2014-06-18] ()
HKU\S-1-5-21-1255441821-4204227492-208625417-1001\...\Run: [EADM] => C:\Program Files (x86)\Origin\Origin.exe [3595608 2014-06-26] (Electronic Arts)
HKU\S-1-5-21-1255441821-4204227492-208625417-1001\...\MountPoints2: {622f202c-de87-11e3-824f-806e6f6e6963} - "E:\DVDSetup.exe"
AppInit_DLLs: C:\PROGRA~2\SupTab\SEARCH~2.DLL => C:\PROGRA~2\SupTab\SEARCH~2.DLL File Not Found
AppInit_DLLs-x32: C:\PROGRA~2\SupTab\SEARCH~1.DLL => C:\Program Files (x86)\SupTab\SearchProtect32.dll [91248 2014-05-08] (Skytech Co., Ltd.)
ShellIconOverlayIdentifiers: AccExtIco1 -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll ()
ShellIconOverlayIdentifiers: AccExtIco2 -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll ()
ShellIconOverlayIdentifiers: AccExtIco3 -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll ()
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
==================== Internet (Whitelisted) ====================
ProxyEnable: Internet Explorer proxy is enabled.
ProxyServer: http=127.0.0.1:8118;https=127.0.0.1:8118
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.trovi.com/?gd=&ctid=CT3329031&octid=EB_ORIGINAL_CTID&ISID=M6459F0B9-A2D7-4355-8358-7E7B0DED6AEE&SearchSource=55&CUI=&UM=5&UP=SPB018B2C0-667F-47DB-BB9E-3F3E8478F072&SSPV=
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://t.de.msn.com/
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x3448D3C29572CF01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.sweet-page.com/web/?type=ds&ts=1401017456&from=cor&uid=WDCXWD2500AAKS-00VSA0_WD-WMART061209512095&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.sweet-page.com/web/?type=ds&ts=1401017456&from=cor&uid=WDCXWD2500AAKS-00VSA0_WD-WMART061209512095&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.sweet-page.com/web/?type=ds&ts=1401017456&from=cor&uid=WDCXWD2500AAKS-00VSA0_WD-WMART061209512095&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.sweet-page.com/web/?type=ds&ts=1401017456&from=cor&uid=WDCXWD2500AAKS-00VSA0_WD-WMART061209512095&q={searchTerms}
SearchScopes: HKCU - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://de.search.yahoo.com/search?p={searchTerms}&fr=vc_trans_8140&type=protegere
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://de.search.yahoo.com/search?p={searchTerms}&fr=vc_trans_8140&type=protegere
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
FireFox:
========
FF Plugin: adobe.com/AdobeAAMDetect_x86_64 - C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @esn/npbattlelog,version=2.3.2 - C:\Program Files (x86)\Battlelog Web Plugins\2.3.2\npbattlelog.dll No File
FF Plugin-x32: @esn/npbattlelog,version=2.4.0 - C:\Program Files (x86)\Battlelog Web Plugins\2.4.0\npbattlelog.dll (EA Digital Illusions CE AB)
FF Plugin-x32: @java.com/DTPlugin,version=10.60.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.60.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect - C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll (Adobe Systems)
Chrome:
=======
CHR HomePage: https://www.google.de/
CHR StartupUrls: "hxxp://www.google.de/"
CHR Extension: (Google Docs) - C:\Users\Richard\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-05-23]
CHR Extension: (Google Drive) - C:\Users\Richard\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-05-23]
CHR Extension: (YouTube) - C:\Users\Richard\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-05-23]
CHR Extension: (Google-Suche) - C:\Users\Richard\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-05-23]
CHR Extension: (Google Wallet) - C:\Users\Richard\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-05-20]
CHR Extension: (Google Mail) - C:\Users\Richard\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-05-23]
CHR Extension: (Extutil) - C:\Users\Richard\AppData\Local\Temp\D7ADFCCA-EE7E-442C-9999-C4D14FEF360B [2014-06-17]
CHR Extension: (Managera) - C:\Users\Richard\AppData\Local\Temp\38fdaae5-8e0e-493c-88ec-e05c3be06e42 [2014-06-17]
==================== Services (Whitelisted) =================
R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [344064 2013-09-11] (Advanced Micro Devices, Inc.) [File not signed]
R2 BstHdAndroidSvc; C:\Program Files (x86)\BlueStacks\HD-Service.exe [402192 2014-05-01] (BlueStack Systems, Inc.)
R2 BstHdLogRotatorSvc; C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe [385808 2014-05-01] (BlueStack Systems, Inc.)
R2 BstHdUpdaterSvc; C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe [774928 2014-05-01] (BlueStack Systems, Inc.)
R2 IePluginServices; C:\ProgramData\IePluginServices\PluginService.exe [704112 2014-05-08] (Cherished Technololgy LIMITED)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76152 2014-06-28] ()
R2 SystemUpdatekb70007; C:\Windows\Microsoft\SystemUpdatekb70007\WindowsUpdater.exe [18944 2014-05-08] () [File not signed]
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347880 2014-03-24] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2014-03-24] (Microsoft Corporation)
S3 OverwolfUpdaterService; C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [X]
==================== Drivers (Whitelisted) ====================
S0 amdkmafd; C:\Windows\System32\drivers\amdkmafd.sys [21160 2012-09-23] (Advanced Micro Devices, Inc.)
R2 AODDriver4.2.0; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [42240 2013-07-31] (Advanced Micro Devices)
R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdWB6.sys [222720 2013-09-24] (Advanced Micro Devices)
R2 BstHdDrv; C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [123152 2014-05-01] (BlueStack Systems)
R3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [123224 2014-03-24] (Microsoft Corporation)
S3 MSICDSetup; \??\E:\CDriver64.sys [X]
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2014-07-05 17:41 - 2014-07-05 17:42 - 00013517 _____ () C:\Users\Richard\Downloads\FRST.txt
2014-07-05 17:41 - 2014-07-05 17:42 - 00000000 ____D () C:\FRST
2014-07-05 17:41 - 2014-07-05 17:41 - 02084352 _____ (Farbar) C:\Users\Richard\Downloads\FRST64 (1).exe
2014-07-05 17:40 - 2014-07-05 17:40 - 02084352 _____ (Farbar) C:\Users\Richard\Downloads\FRST64.exe
2014-06-27 14:09 - 2014-06-27 14:09 - 00000124 _____ () C:\Windows\setupact.log
2014-06-27 14:09 - 2014-06-27 14:09 - 00000000 _____ () C:\Windows\setuperr.log
2014-06-24 16:19 - 2014-05-30 12:21 - 23414784 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-06-24 16:19 - 2014-05-30 11:45 - 02768384 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-06-24 16:19 - 2014-05-30 11:28 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-06-24 16:19 - 2014-05-30 11:20 - 00752640 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-06-24 16:19 - 2014-05-30 11:18 - 17271296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-06-24 16:19 - 2014-05-30 11:08 - 05782528 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-06-24 16:19 - 2014-05-30 11:06 - 00452096 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-06-24 16:19 - 2014-05-30 10:46 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-06-24 16:19 - 2014-05-30 10:44 - 00295424 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-06-24 16:19 - 2014-05-30 10:43 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-06-24 16:19 - 2014-05-30 10:38 - 02179072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-06-24 16:19 - 2014-05-30 10:35 - 00608768 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-06-24 16:19 - 2014-05-30 10:29 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-06-24 16:19 - 2014-05-30 10:27 - 00592896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-06-24 16:19 - 2014-05-30 10:23 - 02040832 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-06-24 16:19 - 2014-05-30 10:16 - 00368128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-06-24 16:19 - 2014-05-30 10:04 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-06-24 16:19 - 2014-05-30 10:02 - 00242688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-06-24 16:19 - 2014-05-30 09:56 - 04244992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-06-24 16:19 - 2014-05-30 09:56 - 02266112 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-06-24 16:19 - 2014-05-30 09:54 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-06-24 16:19 - 2014-05-30 09:49 - 01964544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-06-24 16:19 - 2014-05-30 09:43 - 13522944 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-06-24 16:19 - 2014-05-30 09:40 - 11725312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-06-24 16:19 - 2014-05-30 09:30 - 01398272 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-06-24 16:19 - 2014-05-30 09:21 - 01790976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-06-24 16:19 - 2014-05-30 09:15 - 01143296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-06-24 16:19 - 2014-05-30 09:13 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-06-24 16:19 - 2014-05-30 09:13 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-06-24 16:19 - 2014-02-06 13:30 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-06-24 16:19 - 2014-02-06 13:07 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-06-24 16:19 - 2014-02-06 13:06 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-06-24 16:19 - 2014-02-06 12:56 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-06-24 16:19 - 2014-02-06 12:49 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-06-24 16:19 - 2014-02-06 12:48 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-06-24 16:19 - 2014-02-06 12:17 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-06-24 16:19 - 2014-02-06 12:00 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-06-24 16:19 - 2014-02-06 11:52 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-06-24 16:19 - 2014-02-06 11:52 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-06-24 16:19 - 2014-02-06 11:47 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-06-24 16:19 - 2014-02-06 11:25 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-06-24 16:18 - 2014-05-10 05:46 - 02151424 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-06-24 16:18 - 2014-05-10 05:22 - 01312256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2014-06-24 16:17 - 2014-05-03 09:14 - 00079872 _____ (Microsoft Corporation) C:\Windows\system32\WSReset.exe
2014-06-24 16:17 - 2014-05-03 06:21 - 00249344 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2014-06-24 16:17 - 2014-05-03 06:07 - 00189952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2014-06-24 16:17 - 2014-05-03 05:41 - 00921088 _____ (Microsoft Corporation) C:\Windows\system32\WSShared.dll
2014-06-24 16:17 - 2014-05-03 05:38 - 00754688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSShared.dll
2014-06-24 16:17 - 2014-04-03 09:59 - 02518872 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2014-06-24 16:17 - 2014-04-03 09:59 - 00428888 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2014-06-24 16:16 - 2014-05-09 01:06 - 00295424 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ks.sys
2014-06-24 16:09 - 2014-04-30 13:16 - 01336648 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2014-06-24 16:09 - 2014-04-30 05:51 - 01064448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2014-06-24 16:08 - 2014-05-05 06:02 - 03360256 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2014-06-24 16:03 - 2014-04-11 05:30 - 00449536 _____ (Microsoft Corporation) C:\Windows\system32\defragsvc.dll
2014-06-24 16:03 - 2014-03-19 09:24 - 00064512 _____ (Microsoft Corporation) C:\Windows\system32\tsgqec.dll
2014-06-24 16:02 - 2014-04-18 16:57 - 00032600 _____ (Microsoft Corporation) C:\Windows\system32\ploptin.dll
2014-06-24 16:02 - 2014-04-18 16:44 - 01466856 _____ (Microsoft Corporation) C:\Windows\system32\propsys.dll
2014-06-24 16:02 - 2014-04-18 15:29 - 01200288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\propsys.dll
2014-06-24 16:02 - 2014-04-18 11:44 - 00055296 _____ (Microsoft Corporation) C:\Windows\system32\energyprov.dll
2014-06-24 16:02 - 2014-04-18 10:32 - 00805376 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll
2014-06-24 16:02 - 2014-04-18 10:21 - 01126912 _____ (Microsoft Corporation) C:\Windows\system32\SearchFolder.dll
2014-06-24 16:02 - 2014-04-18 09:51 - 00836608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchFolder.dll
2014-06-24 16:02 - 2014-04-14 11:20 - 00324888 _____ (Microsoft Corporation) C:\Windows\system32\MFCaptureEngine.dll
2014-06-24 16:02 - 2014-04-14 10:01 - 00285144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFCaptureEngine.dll
2014-06-24 16:02 - 2014-04-11 06:51 - 00250368 _____ (Microsoft Corporation) C:\Windows\system32\rdpencom.dll
2014-06-24 16:02 - 2014-04-11 06:23 - 00209920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdpencom.dll
2014-06-24 16:02 - 2014-04-09 13:53 - 00337240 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Classpnp.sys
2014-06-24 16:02 - 2014-04-09 08:39 - 00191488 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll
2014-06-24 16:02 - 2014-04-09 07:44 - 00144384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpchttp.dll
2014-06-24 16:02 - 2014-04-09 06:35 - 01411584 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-06-24 16:02 - 2014-04-09 05:33 - 00135168 _____ (Microsoft Corporation) C:\Windows\system32\wscsvc.dll
2014-06-24 16:02 - 2014-04-06 18:34 - 00372568 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storport.sys
2014-06-24 16:02 - 2014-04-06 18:34 - 00275800 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\msiscsi.sys
2014-06-24 16:02 - 2014-04-06 18:32 - 00125496 _____ (Microsoft Corporation) C:\Windows\system32\dwmapi.dll
2014-06-24 16:02 - 2014-04-06 18:30 - 00201920 _____ (Microsoft Corporation) C:\Windows\system32\MSVideoDSP.dll
2014-06-24 16:02 - 2014-04-06 18:24 - 00360792 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fltMgr.sys
2014-06-24 16:02 - 2014-04-06 18:20 - 00881616 _____ (Microsoft Corporation) C:\Windows\system32\mfplat.dll
2014-06-24 16:02 - 2014-04-06 18:20 - 00467496 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
2014-06-24 16:02 - 2014-04-06 18:20 - 00463256 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
2014-06-24 16:02 - 2014-04-06 18:20 - 00364640 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll
2014-06-24 16:02 - 2014-04-06 18:20 - 00244880 _____ (Microsoft Corporation) C:\Windows\system32\audiodg.exe
2014-06-24 16:02 - 2014-04-06 18:20 - 00233912 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2014-06-24 16:02 - 2014-04-06 18:20 - 00028408 _____ (Microsoft Corporation) C:\Windows\system32\mfpmp.exe
2014-06-24 16:02 - 2014-04-06 17:23 - 00098584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dwmapi.dll
2014-06-24 16:02 - 2014-04-06 17:22 - 00178184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSVideoDSP.dll
2014-06-24 16:02 - 2014-04-06 17:16 - 00707048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfplat.dll
2014-06-24 16:02 - 2014-04-06 17:16 - 00406504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioEng.dll
2014-06-24 16:02 - 2014-04-06 17:16 - 00326024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll
2014-06-24 16:02 - 2014-04-06 17:16 - 00305768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AUDIOKSE.dll
2014-06-24 16:02 - 2014-04-06 14:58 - 00070656 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2014-06-24 16:02 - 2014-04-06 14:51 - 00467968 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2014-06-24 16:02 - 2014-04-06 14:33 - 00335872 _____ (Microsoft Corporation) C:\Windows\system32\MDEServer.exe
2014-06-24 16:02 - 2014-04-06 14:24 - 00271872 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2014-06-24 16:02 - 2014-04-06 14:06 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2014-06-24 16:02 - 2014-04-06 13:26 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\BootMenuUX.dll
2014-06-24 16:02 - 2014-04-06 13:20 - 00201216 _____ (Microsoft Corporation) C:\Windows\system32\AudioEndpointBuilder.dll
2014-06-24 16:02 - 2014-04-06 13:01 - 00834048 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2014-06-24 16:02 - 2014-04-06 12:52 - 00955904 _____ (Microsoft Corporation) C:\Windows\system32\MFMediaEngine.dll
2014-06-24 16:02 - 2014-04-06 12:51 - 01230336 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.dll
2014-06-24 16:02 - 2014-04-06 12:37 - 00800768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFMediaEngine.dll
2014-06-24 16:02 - 2014-04-06 12:36 - 00888320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.dll
2014-06-24 16:02 - 2014-04-06 12:05 - 01222656 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.Streaming.dll
2014-06-24 16:02 - 2014-04-06 11:59 - 00982016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.Streaming.dll
2014-06-24 16:02 - 2014-04-03 10:12 - 02124840 _____ (Microsoft Corporation) C:\Windows\system32\d3d9.dll
2014-06-24 16:02 - 2014-04-03 10:12 - 00307304 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2014-06-24 16:02 - 2014-04-03 10:12 - 00130144 _____ (Microsoft Corporation) C:\Windows\system32\gpapi.dll
2014-06-24 16:02 - 2014-04-03 06:03 - 00230808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2014-06-24 16:02 - 2014-04-03 06:03 - 00111528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gpapi.dll
2014-06-24 16:02 - 2014-04-03 05:53 - 01797896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d9.dll
2014-06-24 16:02 - 2014-04-03 04:53 - 00677376 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys
2014-06-24 16:02 - 2014-04-03 04:51 - 01584128 _____ (Microsoft Corporation) C:\Windows\system32\workfolderssvc.dll
2014-06-24 16:02 - 2014-04-03 04:23 - 00563200 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2014-06-24 16:02 - 2014-04-03 04:23 - 00402432 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2014-06-24 16:02 - 2014-04-03 04:23 - 00046592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tlscsp.dll
2014-06-24 16:02 - 2014-04-03 04:22 - 00047616 _____ (Microsoft Corporation) C:\Windows\system32\tlscsp.dll
2014-06-24 16:02 - 2014-03-31 02:41 - 00011776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d8thk.dll
2014-06-24 16:02 - 2014-03-31 02:01 - 00186880 _____ (Microsoft Corporation) C:\Windows\system32\WorkFoldersShell.dll
2014-06-24 16:02 - 2014-03-31 01:43 - 00761856 _____ (Microsoft Corporation) C:\Windows\system32\WorkfoldersControl.dll
2014-06-24 16:02 - 2014-03-31 00:54 - 01308160 _____ (Microsoft Corporation) C:\Windows\system32\gpsvc.dll
2014-06-24 16:02 - 2014-03-31 00:49 - 01287168 _____ (Microsoft Corporation) C:\Windows\system32\mispace.dll
2014-06-24 16:02 - 2014-03-31 00:35 - 01029120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mispace.dll
2014-06-24 16:02 - 2014-03-31 00:11 - 00721408 _____ (Microsoft Corporation) C:\Windows\system32\SkyDriveTelemetry.dll
2014-06-24 16:02 - 2014-03-30 23:47 - 00872448 _____ (Microsoft Corporation) C:\Windows\system32\SkyDrive.exe
2014-06-24 16:02 - 2014-03-28 17:58 - 00407016 _____ (Microsoft Corporation) C:\Windows\system32\services.exe
2014-06-24 16:02 - 2014-03-27 08:16 - 00246272 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys
2014-06-24 16:02 - 2014-03-27 07:36 - 00281600 _____ (Microsoft Corporation) C:\Windows\system32\resutils.dll
2014-06-24 16:02 - 2014-03-27 06:59 - 00426496 _____ (Microsoft Corporation) C:\Windows\system32\clusapi.dll
2014-06-24 16:02 - 2014-03-27 06:48 - 00219136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\resutils.dll
2014-06-24 16:02 - 2014-03-27 06:19 - 00313344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\clusapi.dll
2014-06-24 16:02 - 2014-03-27 05:46 - 00323072 _____ (Microsoft Corporation) C:\Windows\system32\srvsvc.dll
2014-06-24 16:02 - 2014-03-27 05:15 - 00718336 _____ (Microsoft Corporation) C:\Windows\system32\swprv.dll
2014-06-24 16:02 - 2014-03-27 05:10 - 01436160 _____ (Microsoft Corporation) C:\Windows\system32\VSSVC.exe
2014-06-24 16:02 - 2014-03-25 00:58 - 00206848 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2014-06-24 16:02 - 2014-03-20 05:48 - 00263424 _____ (Microsoft Corporation) C:\Windows\system32\SystemSettingsAdminFlows.exe
2014-06-24 16:02 - 2014-03-19 10:15 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\wlanhlp.dll
2014-06-24 16:02 - 2014-03-19 09:17 - 00011264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wlanhlp.dll
2014-06-24 16:02 - 2014-03-19 07:45 - 00443904 _____ (Microsoft Corporation) C:\Windows\system32\wlansec.dll
2014-06-24 16:02 - 2014-03-19 07:19 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\wlanapi.dll
2014-06-24 16:02 - 2014-03-19 07:07 - 00370176 _____ (Microsoft Corporation) C:\Windows\system32\wlanmsm.dll
2014-06-24 16:02 - 2014-03-19 07:00 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wlanapi.dll
2014-06-24 16:02 - 2014-03-19 06:51 - 00300544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wlanmsm.dll
2014-06-24 16:02 - 2014-03-18 10:19 - 00077312 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\hdaudbus.sys
2014-06-24 16:02 - 2014-03-17 07:09 - 00462336 _____ (Microsoft Corporation) C:\Windows\system32\XpsGdiConverter.dll
2014-06-24 16:02 - 2014-03-17 06:11 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XpsGdiConverter.dll
2014-06-24 16:02 - 2014-03-17 05:01 - 00486912 _____ (Microsoft Corporation) C:\Windows\system32\winspool.drv
2014-06-24 16:02 - 2014-03-17 04:47 - 01025024 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll
2014-06-24 16:02 - 2014-03-17 04:45 - 00370176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winspool.drv
2014-06-24 16:02 - 2014-03-14 08:26 - 00491520 _____ (Microsoft Corporation) C:\Windows\system32\GeofenceMonitorService.dll
2014-06-24 16:02 - 2014-03-14 08:10 - 00357376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\GeofenceMonitorService.dll
2014-06-24 16:02 - 2014-03-06 14:42 - 00310616 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\volsnap.sys
2014-06-24 16:02 - 2014-01-27 20:21 - 00053248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tsgqec.dll
2014-06-24 16:01 - 2014-05-19 08:31 - 00057856 _____ (Microsoft Corporation) C:\Windows\system32\drvcfg.exe
2014-06-24 16:01 - 2014-05-19 08:21 - 00110592 _____ (Microsoft Corporation) C:\Windows\system32\drvinst.exe
2014-06-24 16:01 - 2014-05-19 07:23 - 00098816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drvinst.exe
2014-06-24 16:01 - 2014-04-30 06:43 - 01975296 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2014-06-24 16:01 - 2014-04-30 06:26 - 01345536 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2014-06-24 16:01 - 2014-04-30 05:47 - 01509888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2014-06-24 16:01 - 2014-04-18 11:32 - 13287936 _____ (Microsoft Corporation) C:\Windows\system32\twinui.dll
2014-06-24 16:01 - 2014-04-18 10:58 - 11792384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinui.dll
2014-06-24 16:01 - 2014-04-18 10:09 - 08652800 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Search.dll
2014-06-24 16:01 - 2014-04-18 09:49 - 05833216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Search.dll
2014-06-24 16:01 - 2014-04-11 08:13 - 01200128 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\bthport.sys
2014-06-24 16:01 - 2014-04-08 04:01 - 00589656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fvevol.sys
2014-06-24 16:01 - 2014-04-06 18:31 - 21268952 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2014-06-24 16:01 - 2014-04-06 18:20 - 02140888 _____ (Microsoft Corporation) C:\Windows\system32\mfcore.dll
2014-06-24 16:01 - 2014-04-06 18:20 - 01403856 _____ (Microsoft Corporation) C:\Windows\system32\winmde.dll
2014-06-24 16:01 - 2014-04-06 18:20 - 01379064 _____ (Microsoft Corporation) C:\Windows\system32\wmpmde.dll
2014-06-24 16:01 - 2014-04-06 18:20 - 00765408 _____ (Microsoft Corporation) C:\Windows\system32\mfmpeg2srcsnk.dll
2014-06-24 16:01 - 2014-04-06 18:20 - 00609448 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2014-06-24 16:01 - 2014-04-06 18:20 - 00491744 _____ (Microsoft Corporation) C:\Windows\system32\mfsvr.dll
2014-06-24 16:01 - 2014-04-06 17:22 - 18755672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2014-06-24 16:01 - 2014-04-06 17:16 - 02144984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfcore.dll
2014-06-24 16:01 - 2014-04-06 17:16 - 01209616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winmde.dll
2014-06-24 16:01 - 2014-04-06 17:16 - 00669856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfmpeg2srcsnk.dll
2014-06-24 16:01 - 2014-04-06 17:16 - 00518544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll
2014-06-24 16:01 - 2014-04-06 17:16 - 00387896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfsvr.dll
2014-06-24 16:01 - 2014-04-06 16:10 - 04190720 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-06-24 16:01 - 2014-04-06 13:55 - 16872448 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Xaml.dll
2014-06-24 16:01 - 2014-04-06 13:54 - 12711424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Xaml.dll
2014-06-24 16:01 - 2014-04-03 04:53 - 04269056 _____ (Microsoft Corporation) C:\Windows\system32\SyncEngine.dll
2014-06-24 16:01 - 2014-04-01 08:23 - 00384856 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\spaceport.sys
2014-06-24 16:01 - 2014-03-31 07:42 - 07425368 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2014-06-24 16:01 - 2014-03-20 02:44 - 06645248 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2014-06-24 16:01 - 2014-03-20 01:33 - 05774848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2014-06-24 16:01 - 2014-03-19 10:07 - 00443904 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\nwifi.sys
2014-06-24 16:01 - 2014-03-19 08:36 - 01057280 _____ (Microsoft Corporation) C:\Windows\system32\rdvidcrl.dll
2014-06-24 16:01 - 2014-03-19 07:56 - 00855552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdvidcrl.dll
2014-06-24 16:01 - 2014-03-19 07:02 - 01527296 _____ (Microsoft Corporation) C:\Windows\system32\wlansvc.dll
2014-06-24 16:01 - 2014-03-19 06:31 - 02100736 _____ (Microsoft Corporation) C:\Windows\system32\SystemSettingsAdminFlowUI.dll
2014-06-24 16:01 - 2014-03-19 06:18 - 02688000 _____ (Microsoft Corporation) C:\Windows\system32\SettingsHandlers.dll
2014-06-24 16:01 - 2014-03-18 07:00 - 07173120 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Data.Pdf.dll
2014-06-24 16:01 - 2014-03-18 06:52 - 05104640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Data.Pdf.dll
2014-06-24 15:54 - 2014-05-01 15:31 - 03048904 _____ (Microsoft Corporation) C:\Windows\system32\WpcMon.exe
2014-06-24 15:54 - 2014-05-01 15:31 - 00055328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wpcfltr.sys
2014-06-24 15:54 - 2014-05-01 09:14 - 03118080 _____ (Microsoft Corporation) C:\Windows\system32\Wpc.dll
2014-06-24 15:54 - 2014-05-01 09:05 - 02861056 _____ (Microsoft Corporation) C:\Windows\system32\WpcWebSync.dll
2014-06-24 15:54 - 2014-05-01 08:51 - 02344448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Wpc.dll
2014-06-24 15:54 - 2014-05-01 07:24 - 02834944 _____ (Microsoft Corporation) C:\Windows\system32\wpccpl.dll
2014-06-24 15:44 - 2014-06-24 15:44 - 409852636 _____ () C:\Windows\MEMORY.DMP
2014-06-24 15:42 - 2014-06-24 15:42 - 06010880 _____ () C:\Program Files (x86)\GUT8CC4.tmp
2014-06-24 15:42 - 2014-06-24 15:42 - 00000000 ____D () C:\Program Files (x86)\GUM8CC3.tmp
2014-06-22 15:23 - 2014-06-22 15:23 - 00231200 _____ (Premium Installer ) C:\Users\Richard\Downloads\Player-Chrome.exe
2014-06-22 13:23 - 2014-06-22 13:23 - 00000000 ____D () C:\Users\Richard\AppData\Local\Origin
2014-06-22 13:23 - 2014-06-22 13:23 - 00000000 ____D () C:\Program Files (x86)\Origin Games
2014-06-22 13:22 - 2014-07-05 15:37 - 00000000 ____D () C:\Program Files (x86)\Origin
2014-06-22 13:22 - 2014-06-22 13:22 - 00000991 _____ () C:\Users\Public\Desktop\Origin.lnk
2014-06-22 13:22 - 2014-06-22 13:22 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Origin
2014-06-22 13:21 - 2014-06-22 13:21 - 17088680 _____ (Electronic Arts, Inc.) C:\Users\Richard\Downloads\OriginThinSetup_9.4.10.297.exe
2014-06-21 22:05 - 2014-06-21 22:05 - 29239096 _____ () C:\Users\Richard\Downloads\MSIAfterburnerSetup301.zip
2014-06-21 17:44 - 2014-06-21 17:45 - 00000098 _____ () C:\Users\Richard\Downloads\fed74bc8-2697-44d0-8fb9-790c9536b967 (1).htm
2014-06-21 15:21 - 2014-07-05 16:47 - 00000400 _____ () C:\Windows\Tasks\update-sys.job
2014-06-21 15:21 - 2014-07-05 15:50 - 00000400 _____ () C:\Windows\Tasks\update-S-1-5-21-1255441821-4204227492-208625417-1001.job
2014-06-21 15:21 - 2014-06-21 15:21 - 02274800 _____ (Skillbrains ) C:\Users\Richard\Downloads\setup-lightshot.exe
2014-06-21 15:21 - 2014-06-21 15:21 - 00003270 _____ () C:\Windows\System32\Tasks\update-sys
2014-06-21 15:21 - 2014-06-21 15:21 - 00003252 _____ () C:\Windows\System32\Tasks\update-S-1-5-21-1255441821-4204227492-208625417-1001
2014-06-21 15:21 - 2014-06-21 15:21 - 00000440 _____ () C:\Users\Richard\AppData\Local\UserProducts.xml
2014-06-21 15:21 - 2014-06-21 15:21 - 00000003 _____ () C:\Users\Richard\AppData\Local\updater.log
2014-06-21 15:21 - 2014-06-21 15:21 - 00000000 ____D () C:\Users\Richard\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Lightshot
2014-06-21 15:21 - 2014-06-21 15:21 - 00000000 ____D () C:\Users\Richard\AppData\Local\Skillbrains
2014-06-21 15:21 - 2014-06-21 15:21 - 00000000 ____D () C:\Program Files (x86)\Skillbrains
2014-06-21 14:08 - 2014-06-21 14:08 - 02247960 _____ () C:\Users\Richard\Downloads\battlelog-web-plugins_2.4.0_141 (5).exe
2014-06-18 19:26 - 2014-06-18 19:26 - 02247960 _____ () C:\Users\Richard\Downloads\battlelog-web-plugins_2.4.0_141 (4).exe
2014-06-18 19:26 - 2014-06-18 19:26 - 00841664 _____ () C:\Users\Richard\Downloads\Setup (1).exe
2014-06-18 18:39 - 2014-06-18 18:39 - 02247960 _____ () C:\Users\Richard\Downloads\battlelog-web-plugins_2.4.0_141 (3).exe
2014-06-17 20:39 - 2014-06-17 20:39 - 00841232 _____ () C:\Users\Richard\Downloads\Setup.exe
2014-06-17 17:16 - 2014-06-17 17:16 - 02247960 _____ () C:\Users\Richard\Downloads\battlelog-web-plugins_2.4.0_141 (2).exe
2014-06-17 17:09 - 2014-06-17 17:09 - 00998800 _____ () C:\Users\Richard\Downloads\Player.exe
2014-06-15 15:37 - 2014-06-15 15:37 - 00003112 _____ () C:\Windows\System32\Tasks\{9C591B28-5E25-4063-B9C3-361DA89FE18A}
2014-06-15 15:37 - 2014-06-15 15:37 - 00000000 ____D () C:\Program Files (x86)\predm
2014-06-15 15:36 - 2014-07-05 17:37 - 00000290 _____ () C:\Windows\Tasks\SpeedUpMyPC Maintenance.job
2014-06-15 15:36 - 2014-07-05 15:38 - 00000284 _____ () C:\Windows\Tasks\SpeedUpMyPC Startup.job
2014-06-15 15:36 - 2014-06-15 15:36 - 00003186 _____ () C:\Windows\System32\Tasks\SpeedUpMyPC Maintenance
2014-06-15 15:36 - 2014-06-15 15:36 - 00002490 _____ () C:\Windows\System32\Tasks\SpeedUpMyPC Startup
2014-06-15 15:36 - 2014-06-15 15:36 - 00000000 ____D () C:\Users\Richard\AppData\Roaming\Uniblue
2014-06-15 15:36 - 2014-06-15 15:36 - 00000000 ____D () C:\Program Files (x86)\Uniblue
2014-06-15 15:35 - 2014-06-15 15:36 - 00000000 ____D () C:\Program Files (x86)\MSR
2014-06-15 15:35 - 2014-06-15 15:35 - 00000000 ____D () C:\Users\Richard\AppData\Roaming\InetStat
2014-06-15 15:34 - 2014-06-15 15:34 - 00340480 _____ () C:\Users\Richard\Downloads\MediaCenterSetup__5271_i871485915_il5527.exe
2014-06-15 15:33 - 2014-06-15 15:33 - 00340480 _____ () C:\Users\Richard\Downloads\MediaCenterSetup__5271_i871480044_il5527.exe
2014-06-15 12:48 - 2014-06-29 20:52 - 00297088 _____ () C:\Windows\SysWOW64\PnkBstrB.xtr
2014-06-15 12:46 - 2014-06-15 12:46 - 00711649 _____ () C:\Users\Richard\Downloads\pbsetup.zip
2014-06-08 21:08 - 2014-06-08 21:08 - 00000220 _____ () C:\Users\Richard\Desktop\The Ship.url
2014-06-08 21:08 - 2014-06-08 21:08 - 00000220 _____ () C:\Users\Richard\Desktop\The Ship Single Player.url
2014-06-08 20:35 - 2014-06-08 20:35 - 00003496 _____ () C:\Windows\System32\Tasks\AdobeAAMUpdater-1.0-MicrosoftAccount-richard.cray@outlook.de
2014-06-08 20:34 - 2014-06-08 20:35 - 00000000 ____D () C:\ProgramData\regid.1986-12.com.adobe
2014-06-08 20:34 - 2014-06-08 20:34 - 00000000 ____D () C:\Users\Richard\AppData\Roaming\PDAppFlex
2014-06-06 18:00 - 2014-06-06 18:00 - 00001329 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Creative Cloud.lnk
2014-06-06 18:00 - 2014-06-06 18:00 - 00001317 _____ () C:\Users\Public\Desktop\Adobe Creative Cloud.lnk
2014-06-05 19:58 - 2014-06-05 19:58 - 00001795 _____ () C:\Users\Public\Desktop\iTunes.lnk
2014-06-05 19:58 - 2014-06-05 19:58 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2014-06-05 19:57 - 2014-06-05 19:58 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-06-05 19:57 - 2014-06-05 19:58 - 00000000 ____D () C:\Program Files\iTunes
2014-06-05 19:57 - 2014-06-05 19:58 - 00000000 ____D () C:\Program Files (x86)\iTunes
2014-06-05 19:57 - 2014-06-05 19:57 - 00000000 ____D () C:\Program Files\iPod
2014-06-05 19:54 - 2014-06-05 19:54 - 112616784 _____ (Apple Inc.) C:\Users\Richard\Downloads\iTunes64Setup.exe
==================== One Month Modified Files and Folders =======
2014-07-05 17:42 - 2014-07-05 17:41 - 00013517 _____ () C:\Users\Richard\Downloads\FRST.txt
2014-07-05 17:42 - 2014-07-05 17:41 - 00000000 ____D () C:\FRST
2014-07-05 17:41 - 2014-07-05 17:41 - 02084352 _____ (Farbar) C:\Users\Richard\Downloads\FRST64 (1).exe
2014-07-05 17:40 - 2014-07-05 17:40 - 02084352 _____ (Farbar) C:\Users\Richard\Downloads\FRST64.exe
2014-07-05 17:37 - 2014-06-15 15:36 - 00000290 _____ () C:\Windows\Tasks\SpeedUpMyPC Maintenance.job
2014-07-05 17:30 - 2014-05-18 14:39 - 00003598 _____ () C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1255441821-4204227492-208625417-1001
2014-07-05 17:00 - 2014-05-18 14:28 - 02003466 _____ () C:\Windows\WindowsUpdate.log
2014-07-05 17:00 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\system32\sru
2014-07-05 16:48 - 2014-05-18 14:37 - 00001120 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-07-05 16:47 - 2014-06-21 15:21 - 00000400 _____ () C:\Windows\Tasks\update-sys.job
2014-07-05 15:50 - 2014-06-21 15:21 - 00000400 _____ () C:\Windows\Tasks\update-S-1-5-21-1255441821-4204227492-208625417-1001.job
2014-07-05 15:48 - 2014-05-18 14:38 - 00002195 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-07-05 15:48 - 2014-05-18 14:37 - 00001116 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-07-05 15:43 - 2014-05-18 17:59 - 00000000 ____D () C:\Users\Richard\AppData\Local\Adobe
2014-07-05 15:38 - 2014-06-15 15:36 - 00000284 _____ () C:\Windows\Tasks\SpeedUpMyPC Startup.job
2014-07-05 15:38 - 2014-05-18 14:34 - 00000000 __RDO () C:\Users\Richard\OneDrive
2014-07-05 15:37 - 2014-06-22 13:22 - 00000000 ____D () C:\Program Files (x86)\Origin
2014-07-05 15:35 - 2014-05-18 18:56 - 00000000 _____ () C:\Windows\system32\Drivers\lvuvc.hs
2014-07-05 15:35 - 2013-08-22 16:45 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-06-29 20:52 - 2014-06-15 12:48 - 00297088 _____ () C:\Windows\SysWOW64\PnkBstrB.xtr
2014-06-29 20:52 - 2014-05-25 14:56 - 00297088 _____ () C:\Windows\SysWOW64\PnkBstrB.exe
2014-06-29 20:52 - 2014-05-25 14:56 - 00290184 _____ () C:\Windows\SysWOW64\PnkBstrB.ex0
2014-06-29 16:11 - 2013-08-22 15:25 - 00262144 ___SH () C:\Windows\system32\config\ELAM
2014-06-29 11:45 - 2014-05-25 13:36 - 00000000 ____D () C:\ProgramData\Origin
2014-06-28 12:51 - 2014-05-25 14:56 - 00076152 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2014-06-27 14:13 - 2014-03-18 12:03 - 01776918 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-06-27 14:13 - 2014-03-18 11:25 - 00764340 _____ () C:\Windows\system32\perfh007.dat
2014-06-27 14:13 - 2014-03-18 11:25 - 00159160 _____ () C:\Windows\system32\perfc007.dat
2014-06-27 14:09 - 2014-06-27 14:09 - 00000124 _____ () C:\Windows\setupact.log
2014-06-27 14:09 - 2014-06-27 14:09 - 00000000 _____ () C:\Windows\setuperr.log
2014-06-26 17:13 - 2014-05-18 14:33 - 00000000 ____D () C:\Users\Richard
2014-06-25 16:56 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\rescache
2014-06-25 15:43 - 2014-05-18 14:37 - 00004092 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-06-25 15:43 - 2014-05-18 14:37 - 00003856 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-06-24 16:58 - 2013-08-22 16:44 - 05020056 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-06-24 16:57 - 2013-08-22 15:25 - 00262144 ___SH () C:\Windows\system32\config\BBI
2014-06-24 16:55 - 2013-08-22 17:36 - 00000000 ___RD () C:\Windows\ToastData
2014-06-24 16:55 - 2013-08-22 17:36 - 00000000 ___RD () C:\Windows\ImmersiveControlPanel
2014-06-24 16:55 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\WinStore
2014-06-24 16:55 - 2013-08-22 15:36 - 00000000 ____D () C:\Windows\system32\oobe
2014-06-24 16:21 - 2013-08-22 17:20 - 00000000 ____D () C:\Windows\CbsTemp
2014-06-24 16:00 - 2014-05-18 19:02 - 00000000 ____D () C:\Windows\system32\MRT
2014-06-24 15:55 - 2014-05-18 19:02 - 95414520 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-06-24 15:44 - 2014-06-24 15:44 - 409852636 _____ () C:\Windows\MEMORY.DMP
2014-06-24 15:42 - 2014-06-24 15:42 - 06010880 _____ () C:\Program Files (x86)\GUT8CC4.tmp
2014-06-24 15:42 - 2014-06-24 15:42 - 00000000 ____D () C:\Program Files (x86)\GUM8CC3.tmp
2014-06-22 19:02 - 2014-03-18 03:50 - 00013658 _____ () C:\Windows\PFRO.log
2014-06-22 15:23 - 2014-06-22 15:23 - 00231200 _____ (Premium Installer ) C:\Users\Richard\Downloads\Player-Chrome.exe
2014-06-22 13:23 - 2014-06-22 13:23 - 00000000 ____D () C:\Users\Richard\AppData\Local\Origin
2014-06-22 13:23 - 2014-06-22 13:23 - 00000000 ____D () C:\Program Files (x86)\Origin Games
2014-06-22 13:22 - 2014-06-22 13:22 - 00000991 _____ () C:\Users\Public\Desktop\Origin.lnk
2014-06-22 13:22 - 2014-06-22 13:22 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Origin
2014-06-22 13:21 - 2014-06-22 13:21 - 17088680 _____ (Electronic Arts, Inc.) C:\Users\Richard\Downloads\OriginThinSetup_9.4.10.297.exe
2014-06-21 22:05 - 2014-06-21 22:05 - 29239096 _____ () C:\Users\Richard\Downloads\MSIAfterburnerSetup301.zip
2014-06-21 19:47 - 2014-05-18 15:09 - 00000000 ____D () C:\Program Files (x86)\Steam
2014-06-21 17:45 - 2014-06-21 17:44 - 00000098 _____ () C:\Users\Richard\Downloads\fed74bc8-2697-44d0-8fb9-790c9536b967 (1).htm
2014-06-21 15:21 - 2014-06-21 15:21 - 02274800 _____ (Skillbrains ) C:\Users\Richard\Downloads\setup-lightshot.exe
2014-06-21 15:21 - 2014-06-21 15:21 - 00003270 _____ () C:\Windows\System32\Tasks\update-sys
2014-06-21 15:21 - 2014-06-21 15:21 - 00003252 _____ () C:\Windows\System32\Tasks\update-S-1-5-21-1255441821-4204227492-208625417-1001
2014-06-21 15:21 - 2014-06-21 15:21 - 00000440 _____ () C:\Users\Richard\AppData\Local\UserProducts.xml
2014-06-21 15:21 - 2014-06-21 15:21 - 00000003 _____ () C:\Users\Richard\AppData\Local\updater.log
2014-06-21 15:21 - 2014-06-21 15:21 - 00000000 ____D () C:\Users\Richard\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Lightshot
2014-06-21 15:21 - 2014-06-21 15:21 - 00000000 ____D () C:\Users\Richard\AppData\Local\Skillbrains
2014-06-21 15:21 - 2014-06-21 15:21 - 00000000 ____D () C:\Program Files (x86)\Skillbrains
2014-06-21 14:08 - 2014-06-21 14:08 - 02247960 _____ () C:\Users\Richard\Downloads\battlelog-web-plugins_2.4.0_141 (5).exe
2014-06-18 21:22 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\AppReadiness
2014-06-18 19:26 - 2014-06-18 19:26 - 02247960 _____ () C:\Users\Richard\Downloads\battlelog-web-plugins_2.4.0_141 (4).exe
2014-06-18 19:26 - 2014-06-18 19:26 - 00841664 _____ () C:\Users\Richard\Downloads\Setup (1).exe
2014-06-18 18:39 - 2014-06-18 18:39 - 02247960 _____ () C:\Users\Richard\Downloads\battlelog-web-plugins_2.4.0_141 (3).exe
2014-06-17 20:39 - 2014-06-17 20:39 - 00841232 _____ () C:\Users\Richard\Downloads\Setup.exe
2014-06-17 17:16 - 2014-06-17 17:16 - 02247960 _____ () C:\Users\Richard\Downloads\battlelog-web-plugins_2.4.0_141 (2).exe
2014-06-17 17:09 - 2014-06-17 17:09 - 00998800 _____ () C:\Users\Richard\Downloads\Player.exe
2014-06-15 15:37 - 2014-06-15 15:37 - 00003112 _____ () C:\Windows\System32\Tasks\{9C591B28-5E25-4063-B9C3-361DA89FE18A}
2014-06-15 15:37 - 2014-06-15 15:37 - 00000000 ____D () C:\Program Files (x86)\predm
2014-06-15 15:36 - 2014-06-15 15:36 - 00003186 _____ () C:\Windows\System32\Tasks\SpeedUpMyPC Maintenance
2014-06-15 15:36 - 2014-06-15 15:36 - 00002490 _____ () C:\Windows\System32\Tasks\SpeedUpMyPC Startup
2014-06-15 15:36 - 2014-06-15 15:36 - 00000000 ____D () C:\Users\Richard\AppData\Roaming\Uniblue
2014-06-15 15:36 - 2014-06-15 15:36 - 00000000 ____D () C:\Program Files (x86)\Uniblue
2014-06-15 15:36 - 2014-06-15 15:35 - 00000000 ____D () C:\Program Files (x86)\MSR
2014-06-15 15:35 - 2014-06-15 15:35 - 00000000 ____D () C:\Users\Richard\AppData\Roaming\InetStat
2014-06-15 15:34 - 2014-06-15 15:34 - 00340480 _____ () C:\Users\Richard\Downloads\MediaCenterSetup__5271_i871485915_il5527.exe
2014-06-15 15:33 - 2014-06-15 15:33 - 00340480 _____ () C:\Users\Richard\Downloads\MediaCenterSetup__5271_i871480044_il5527.exe
2014-06-15 12:46 - 2014-06-15 12:46 - 00711649 _____ () C:\Users\Richard\Downloads\pbsetup.zip
2014-06-15 12:46 - 2014-05-25 15:41 - 00000000 ____D () C:\Users\Richard\AppData\Local\PunkBuster
2014-06-14 12:52 - 2014-05-30 13:59 - 00000000 ____D () C:\Users\Richard\AppData\Roaming\.minecraft
2014-06-13 22:35 - 2014-05-25 21:10 - 00000000 ____D () C:\Users\Richard\AppData\Roaming\TS3Client
2014-06-08 21:08 - 2014-06-08 21:08 - 00000220 _____ () C:\Users\Richard\Desktop\The Ship.url
2014-06-08 21:08 - 2014-06-08 21:08 - 00000220 _____ () C:\Users\Richard\Desktop\The Ship Single Player.url
2014-06-08 20:35 - 2014-06-08 20:35 - 00003496 _____ () C:\Windows\System32\Tasks\AdobeAAMUpdater-1.0-MicrosoftAccount-richard.cray@outlook.de
2014-06-08 20:35 - 2014-06-08 20:34 - 00000000 ____D () C:\ProgramData\regid.1986-12.com.adobe
2014-06-08 20:35 - 2014-05-18 14:33 - 00000000 ____D () C:\Users\Richard\AppData\Roaming\Adobe
2014-06-08 20:34 - 2014-06-08 20:34 - 00000000 ____D () C:\Users\Richard\AppData\Roaming\PDAppFlex
2014-06-08 20:33 - 2014-05-18 18:58 - 00339968 ___SH () C:\Users\Richard\Desktop\Thumbs.db
2014-06-06 18:00 - 2014-06-06 18:00 - 00001329 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Creative Cloud.lnk
2014-06-06 18:00 - 2014-06-06 18:00 - 00001317 _____ () C:\Users\Public\Desktop\Adobe Creative Cloud.lnk
2014-06-06 18:00 - 2014-05-18 14:42 - 00000000 ____D () C:\ProgramData\Package Cache
2014-06-06 17:59 - 2014-05-18 18:01 - 00000000 ____D () C:\Program Files (x86)\Adobe
2014-06-05 19:58 - 2014-06-05 19:58 - 00001795 _____ () C:\Users\Public\Desktop\iTunes.lnk
2014-06-05 19:58 - 2014-06-05 19:58 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2014-06-05 19:58 - 2014-06-05 19:57 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-06-05 19:58 - 2014-06-05 19:57 - 00000000 ____D () C:\Program Files\iTunes
2014-06-05 19:58 - 2014-06-05 19:57 - 00000000 ____D () C:\Program Files (x86)\iTunes
2014-06-05 19:57 - 2014-06-05 19:57 - 00000000 ____D () C:\Program Files\iPod
2014-06-05 19:54 - 2014-06-05 19:54 - 112616784 _____ (Apple Inc.) C:\Users\Richard\Downloads\iTunes64Setup.exe
Some content of TEMP:
====================
C:\Users\Richard\AppData\Local\Temp\1_Offer_4.exe
C:\Users\Richard\AppData\Local\Temp\CreativeCloudSet-Up.exe
C:\Users\Richard\AppData\Local\Temp\f.exe
C:\Users\Richard\AppData\Local\Temp\nsf2907.exe
C:\Users\Richard\AppData\Local\Temp\nsg2C63.exe
C:\Users\Richard\AppData\Local\Temp\nskE95A.exe
C:\Users\Richard\AppData\Local\Temp\nsl95C5.exe
C:\Users\Richard\AppData\Local\Temp\nswECA7.exe
C:\Users\Richard\AppData\Local\Temp\PreExe_ID_13667.exe
C:\Users\Richard\AppData\Local\Temp\SearchProtectINT.exe
C:\Users\Richard\AppData\Local\Temp\speedupmypc.exe
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2014-07-05 17:30
==================== End Of Log ============================
--- --- ---
Addition Code:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 05-07-2014 01
Ran by Richard at 2014-07-05 17:43:17
Running from C:\Users\Richard\Downloads
Boot Mode: Normal
==========================================================
==================== Security Center ========================
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
Adobe After Effects CC (HKLM-x32\...\{317243C1-6580-4F43-AED7-37D4438C3DD5}) (Version: 12.1 - Adobe Systems Incorporated)
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 2.5.0.367 - Adobe Systems Incorporated)
Adobe Photoshop CC (HKLM-x32\...\{2D99B50E-431D-4AA8-85C1-172A6F8BCF09}) (Version: 14.0 - Adobe Systems Incorporated)
AMD Accelerated Video Transcoding (Version: 13.20.100.30911 - Advanced Micro Devices, Inc.) Hidden
AMD Catalyst Control Center (x32 Version: 2013.0911.2154.37488 - Ihr Firmenname) Hidden
AMD Catalyst Install Manager (HKLM\...\{00957033-C081-5235-665A-A014A6E2FF7B}) (Version: 8.0.915.0 - Advanced Micro Devices, Inc.)
AMD Fuel (Version: 2013.0911.2154.37488 - Ihr Firmenname) Hidden
Apple Application Support (HKLM-x32\...\{D9DAD0FF-495A-472B-9F10-BAE430A26682}) (Version: 3.0.3 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{787136D2-F0F8-4625-AA3F-72D7795AC842}) (Version: 7.1.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Battlefield 3™ (HKLM-x32\...\{76285C16-411A-488A-BCE3-C83CB933D8CF}) (Version: 1.6.0.0 - Electronic Arts)
Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.4.0 - EA Digital Illusions CE AB)
BlueStacks App Player (HKLM-x32\...\BlueStacks App Player) (Version: 0.8.9.3088 - BlueStack Systems, Inc.)
BlueStacks Notification Center (HKLM-x32\...\{4C02AFA8-074D-44FE-B0E1-A73D4AA65390}) (Version: 0.8.9.3088 - BlueStack Systems, Inc.)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Catalyst Control Center - Branding (x32 Version: 1.00.0000 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Graphics Previews Common (x32 Version: 2013.0911.2154.37488 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center InstallProxy (x32 Version: 2013.0911.2154.37488 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Localization All (x32 Version: 2013.0911.2154.37488 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Standard (x32 Version: 2013.0911.2153.37488 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Traditional (x32 Version: 2013.0911.2153.37488 - Advanced Micro Devices, Inc.) Hidden
CCC Help Czech (x32 Version: 2013.0911.2153.37488 - Advanced Micro Devices, Inc.) Hidden
CCC Help Danish (x32 Version: 2013.0911.2153.37488 - Advanced Micro Devices, Inc.) Hidden
CCC Help Dutch (x32 Version: 2013.0911.2153.37488 - Advanced Micro Devices, Inc.) Hidden
CCC Help English (x32 Version: 2013.0911.2153.37488 - Advanced Micro Devices, Inc.) Hidden
CCC Help Finnish (x32 Version: 2013.0911.2153.37488 - Advanced Micro Devices, Inc.) Hidden
CCC Help French (x32 Version: 2013.0911.2153.37488 - Advanced Micro Devices, Inc.) Hidden
CCC Help German (x32 Version: 2013.0911.2153.37488 - Advanced Micro Devices, Inc.) Hidden
CCC Help Greek (x32 Version: 2013.0911.2153.37488 - Advanced Micro Devices, Inc.) Hidden
CCC Help Hungarian (x32 Version: 2013.0911.2153.37488 - Advanced Micro Devices, Inc.) Hidden
CCC Help Italian (x32 Version: 2013.0911.2153.37488 - Advanced Micro Devices, Inc.) Hidden
CCC Help Japanese (x32 Version: 2013.0911.2153.37488 - Advanced Micro Devices, Inc.) Hidden
CCC Help Korean (x32 Version: 2013.0911.2153.37488 - Advanced Micro Devices, Inc.) Hidden
CCC Help Norwegian (x32 Version: 2013.0911.2153.37488 - Advanced Micro Devices, Inc.) Hidden
CCC Help Polish (x32 Version: 2013.0911.2153.37488 - Advanced Micro Devices, Inc.) Hidden
CCC Help Portuguese (x32 Version: 2013.0911.2153.37488 - Advanced Micro Devices, Inc.) Hidden
CCC Help Russian (x32 Version: 2013.0911.2153.37488 - Advanced Micro Devices, Inc.) Hidden
CCC Help Spanish (x32 Version: 2013.0911.2153.37488 - Advanced Micro Devices, Inc.) Hidden
CCC Help Swedish (x32 Version: 2013.0911.2153.37488 - Advanced Micro Devices, Inc.) Hidden
CCC Help Thai (x32 Version: 2013.0911.2153.37488 - Advanced Micro Devices, Inc.) Hidden
CCC Help Turkish (x32 Version: 2013.0911.2153.37488 - Advanced Micro Devices, Inc.) Hidden
ccc-utility64 (Version: 2013.0911.2154.37488 - Advanced Micro Devices, Inc.) Hidden
Cinema 4D version R12 (HKLM-x32\...\{7D9D8134-9FA3-4FFF-ADA1-BF609F29997A}_is1) (Version: R12 - Salat Production)
Free YouTube to MP3 Converter version 3.12.38.530 (HKLM-x32\...\Free YouTube to MP3 Converter_is1) (Version: 3.12.38.530 - DVDVideoSoft Ltd.)
Garry's Mod (HKLM-x32\...\Steam App 4000) (Version: - Facepunch Studios)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 35.0.1916.153 - Google Inc.)
Google Update Helper (x32 Version: 1.3.24.15 - Google Inc.) Hidden
iTunes (HKLM\...\{5A68A656-979F-4168-8795-E2E368AA4DC2}) (Version: 11.2.2.3 - Apple Inc.)
Java 7 Update 60 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217060FF}) (Version: 7.0.600 - Oracle)
Java Auto Updater (x32 Version: 2.1.60.19 - Oracle, Inc.) Hidden
League of Legends (HKLM-x32\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games )
League of Legends (x32 Version: 3.0.1 - Riot Games ) Hidden
Lightshot-5.1.4.2 (HKLM-x32\...\{30A5B3C9-2084-4063-A32A-628A98DE512B}_is1) (Version: 5.1.4.2 - Skillbrains)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.60610 (Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.60610 (Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (x32 Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (x32 Version: 11.0.61030 - Microsoft Corporation) Hidden
MSI Afterburner 2.3.1 (HKLM-x32\...\Afterburner) (Version: 2.3.1 - MSI Co., LTD)
NVIDIA PhysX (HKLM-x32\...\{8B922CF8-8A6C-41CE-A858-F1755D7F5D29}) (Version: 9.12.1031 - NVIDIA Corporation)
OpenOffice 4.1.0 (HKLM-x32\...\{E19483E2-6C18-494D-A307-D4498BCFD2C7}) (Version: 4.10.9764 - Apache Software Foundation)
Origin (HKLM-x32\...\Origin) (Version: 9.4.10.297 - Electronic Arts, Inc.)
PDF Settings CC (x32 Version: 12.0 - Adobe Systems Incorporated) Hidden
PlanetSide 2 (HKCU\...\SOE-PlanetSide 2 PSG) (Version: 1.0.3.183 - Sony Online Entertainment)
QuickTime 7 (HKLM-x32\...\{111EE7DF-FC45-40C7-98A7-753AC46B12FB}) (Version: 7.75.80.95 - Apple Inc.)
Steam (HKLM-x32\...\Steam) (Version: - Valve Corporation)
System Update kb70007 (x32 Version: 1.0.0 - MSR) Hidden
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.13 - TeamSpeak Systems GmbH)
The Ship (HKLM-x32\...\Steam App 2400) (Version: - Outerlight Ltd.)
The Ship Single Player (HKLM-x32\...\Steam App 2420) (Version: - Outerlight Ltd.)
Thief (HKLM-x32\...\Steam App 239160) (Version: - Eidos-Montréal)
WinRAR 5.10 beta 4 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.10.4 - win.rar GmbH)
==================== Restore Points =========================
15-06-2014 13:36:26 Uniblue SpeedUpMyPC installation
24-06-2014 13:53:32 Windows Update
==================== Hosts content: ==========================
2013-08-22 15:25 - 2013-08-22 15:25 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
Task: {05293577-D647-4185-B859-C94839A0B2E3} - System32\Tasks\Microsoft\Windows\SettingSync\NetworkStateChangeTask
Task: {0B545118-B563-42FC-8D07-B78F602FCF34} - System32\Tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask => Rundll32.exe WSClient.dll,RefreshBannedAppsList
Task: {0BD10B2F-8948-49D3-954A-490F723BF72D} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {1DE0CA86-2FC0-42EE-B3E5-675AE49C6571} - System32\Tasks\Microsoft\Windows\DiskFootprint\Diagnostics
Task: {2085BF56-520D-4951-B7C0-DF34AF90CC6A} - System32\Tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask => Rundll32.exe sysmain.dll,PfSvWsSwapAssessmentTask
Task: {2559CBD2-D54B-411A-84C9-E2A689E2115A} - System32\Tasks\Microsoft\Windows\DiskCleanup\SilentCleanup => C:\Windows\system32\cleanmgr.exe [2014-03-18] (Microsoft Corporation)
Task: {2C9C0C6C-2A74-46F2-858A-4389D253EAD0} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCachePrepopulate
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\Windows\System32\AutoWorkplace.exe [2013-08-22] (Microsoft Corporation)
Task: {3B6D8A73-F20B-4C93-B8FB-56A154F172D2} - System32\Tasks\Microsoft\Windows\Time Zone\SynchronizeTimeZone => C:\Windows\system32\tzsync.exe [2013-08-22] (Microsoft Corporation)
Task: {4675977C-4A6F-4BFF-B2B3-57DE74174A83} - System32\Tasks\SpeedUpMyPC Maintenance => C:\Program Files (x86)\Uniblue\SpeedUpMyPC\speedupmypc.exe [2014-05-02] (Uniblue Systems Limited) <==== ATTENTION
Task: {49754026-21E1-41FC-94FD-727AFE414FE7} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCacheRebalance
Task: {4E8FE48C-B975-4948-AB49-D1670B331FA3} - System32\Tasks\Microsoft\Windows\Shell\FamilySafetyUpload
Task: {577E49AD-4C8F-420E-B862-972C3B9DE141} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-05-18] (Google Inc.)
Task: {6AA91E8C-DDBD-4979-8464-4062F7681A19} - System32\Tasks\Microsoft\Windows\Plug and Play\Plug and Play Cleanup
Task: {6DFCB649-0769-4F83-BB10-F60F235F6D3D} - System32\Tasks\Microsoft\Windows\SkyDrive\Idle Sync Maintenance Task
Task: {73B1B253-CE67-4501-AE1A-377DD1D68B65} - System32\Tasks\Microsoft\Windows\Application Experience\StartupAppTask => Rundll32.exe Startupscan.dll,SusRunTask
Task: {77F1D869-6E65-4079-A2A0-E2023408EF97} - System32\Tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState => Rundll32.exe Windows.Storage.ApplicationData.dll,CleanupTemporaryState
Task: {7BB1EC61-3140-48A7-9245-3DD56ECC42BA} - System32\Tasks\Microsoft\Windows\WOF\WIM-Hash-Management
Task: {872D0E53-FD2E-41E3-B431-698AF82882CE} - System32\Tasks\Microsoft\Windows\SkyDrive\Routine Maintenance Task
Task: {8895CDA1-FA18-4129-9256-9CDBE2395FF0} - System32\Tasks\update-sys => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe [2014-03-25] ()
Task: {8CC813C9-712A-41EF-9512-B233444FC669} - System32\Tasks\Microsoft\Windows\AppxDeploymentClient\Pre-staged app cleanup => Rundll32.exe %windir%\system32\AppxDeploymentClient.dll,AppxPreStageCleanupRunTask
Task: {9FF4C139-5234-410C-B7FA-23EE2FD2AB53} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Maintenance Work
Task: {CFD7C21A-808B-487B-A6EC-8A10E44E8360} - System32\Tasks\Microsoft\Windows\SettingSync\BackupTask
Task: {D073BC9C-71AD-4BD0-912F-A20D141347F9} - System32\Tasks\AdobeAAMUpdater-1.0-MicrosoftAccount-richard.cray@outlook.de => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2014-02-27] (Adobe Systems Incorporated)
Task: {D30BB5D7-5ED5-4AA6-928F-D674DE88A4EB} - System32\Tasks\SpeedUpMyPC Startup => C:\Program Files (x86)\Uniblue\SpeedUpMyPC\speedupmypc.exe [2014-05-02] (Uniblue Systems Limited) <==== ATTENTION
Task: {D4F1838F-B2D1-4B45-AEF2-FB800DF0E0ED} - System32\Tasks\Microsoft\Windows\WOF\WIM-Hash-Validation
Task: {D88FEC9E-A82A-46F9-87E2-B6B97B301C1A} - System32\Tasks\Microsoft\Windows\WS\License Validation => Rundll32.exe WSClient.dll,WSpTLR licensing
Task: {DA46820F-FF8A-4B5E-A6B2-B12185DCFFFB} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Logon Synchronization
Task: {E6D378FA-E068-4BCB-80DE-56D43A249507} - System32\Tasks\Microsoft\Windows\RecoveryEnvironment\VerifyWinRE
Task: {E9165A73-FD8B-4FC4-85CD-92A7C2384599} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\Windows\system32\MRT.exe [2014-06-24] (Microsoft Corporation)
Task: {EDFA06B4-E595-46C8-8904-F08E6EBC3271} - System32\Tasks\Microsoft\Windows\WindowsUpdate\Scheduled Start With Network => Sc.exe start wuauserv
Task: {F5784B6D-E4A6-4346-A92D-F57CDA70A1A2} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-05-18] (Google Inc.)
Task: {F69796B4-1A50-4468-8D56-18DE516C4D44} - System32\Tasks\update-S-1-5-21-1255441821-4204227492-208625417-1001 => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe [2014-03-25] ()
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\SpeedUpMyPC Maintenance.job => C:\Program Files (x86)\Uniblue\SpeedUpMyPC\speedupmypc.exe <==== ATTENTION
Task: C:\Windows\Tasks\SpeedUpMyPC Startup.job => C:\Program Files (x86)\Uniblue\SpeedUpMyPC\speedupmypc.exe <==== ATTENTION
Task: C:\Windows\Tasks\update-S-1-5-21-1255441821-4204227492-208625417-1001.job => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe
Task: C:\Windows\Tasks\update-sys.job => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe
==================== Loaded Modules (whitelisted) =============
2014-05-25 14:56 - 2014-06-28 12:51 - 00076152 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2014-06-15 15:35 - 2014-05-08 11:45 - 00018944 _____ () C:\Windows\Microsoft\SystemUpdatekb70007\WindowsUpdater.exe
2014-05-23 02:10 - 2014-05-23 02:10 - 00671904 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll
2013-09-11 21:57 - 2013-09-11 21:57 - 00102400 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Proxy.Native.dll
2014-05-23 02:10 - 2014-05-23 02:10 - 05341856 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe
2014-04-23 16:05 - 2014-04-23 16:05 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-04-23 16:04 - 2014-04-23 16:04 - 01044808 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2014-06-15 15:35 - 2014-05-08 11:45 - 00061952 _____ () C:\Windows\Microsoft\SystemUpdatekb70007\InstallerLibrary.dll
2014-06-15 15:35 - 2014-05-08 11:45 - 00016896 _____ () C:\Windows\Microsoft\SystemUpdatekb70007\Installer.dll
2014-06-15 15:36 - 2014-07-05 15:35 - 00086528 _____ () C:\Program Files (x86)\MSR\Privoxy\mgwz.dll
2014-06-22 13:22 - 2014-06-26 17:33 - 00962560 _____ () C:\Program Files (x86)\Origin\platforms\qwindows.dll
2014-06-22 13:22 - 2014-06-26 17:33 - 00024064 _____ () C:\Program Files (x86)\Origin\imageformats\qgif.dll
2014-06-22 13:22 - 2014-06-26 17:33 - 00025088 _____ () C:\Program Files (x86)\Origin\imageformats\qico.dll
2014-06-22 13:22 - 2014-06-26 17:33 - 00217088 _____ () C:\Program Files (x86)\Origin\imageformats\qjpeg.dll
2014-06-22 13:22 - 2014-06-26 17:33 - 00261632 _____ () C:\Program Files (x86)\Origin\imageformats\qmng.dll
2014-06-22 13:22 - 2014-06-26 17:33 - 00019968 _____ () C:\Program Files (x86)\Origin\imageformats\qtga.dll
2014-06-22 13:22 - 2014-06-26 17:33 - 00302592 _____ () C:\Program Files (x86)\Origin\imageformats\qtiff.dll
2014-06-22 13:22 - 2014-06-26 17:33 - 00018944 _____ () C:\Program Files (x86)\Origin\imageformats\qwbmp.dll
2014-05-26 05:52 - 2014-05-26 05:52 - 32733088 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\HEX\libcef.dll
2014-06-11 13:43 - 2014-06-05 15:58 - 00716616 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\libglesv2.dll
2014-06-11 13:43 - 2014-06-05 15:58 - 00126280 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\libegl.dll
2014-05-12 22:22 - 2014-05-12 22:22 - 02217128 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\plugins\ExchangePlugin\ExManCoreLib\ExManZxpSign.dll
2014-06-11 13:43 - 2014-06-05 15:58 - 04217672 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\pdf.dll
2014-06-11 13:43 - 2014-06-05 15:58 - 00414536 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\ppGoogleNaClPluginChrome.dll
2014-06-11 13:43 - 2014-06-05 15:58 - 01732424 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\ffmpegsumo.dll
2014-05-26 11:55 - 2014-05-26 11:55 - 00294264 _____ () C:\Program Files (x86)\Battlelog Web Plugins\launcher-141.dll
2014-06-11 13:43 - 2014-06-05 15:58 - 14612296 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\PepperFlash\pepflashplayer.dll
==================== Alternate Data Streams (whitelisted) =========
AlternateDataStreams: C:\Users\Richard\OneDrive:ms-properties
==================== Safe Mode (whitelisted) ===================
==================== EXE Association (whitelisted) =============
==================== MSCONFIG/TASK MANAGER disabled items =========
HKLM\...\StartupApproved\Run32: => "APSDaemon"
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (06/29/2014 08:25:23 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: bf3.exe, Version: 1.6.0.0, Zeitstempel: 0x511c9356
Name des fehlerhaften Moduls: bf3.exe, Version: 1.6.0.0, Zeitstempel: 0x511c9356
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0133655d
ID des fehlerhaften Prozesses: 0x2280
Startzeit der fehlerhaften Anwendung: 0xbf3.exe0
Pfad der fehlerhaften Anwendung: bf3.exe1
Pfad des fehlerhaften Moduls: bf3.exe2
Berichtskennung: bf3.exe3
Vollständiger Name des fehlerhaften Pakets: bf3.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: bf3.exe5
Error: (06/29/2014 01:01:44 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm wwahost.exe, Version 6.3.9600.17031 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 1290
Startzeit: 01cf938884709042
Endzeit: 70
Anwendungspfad: C:\Windows\syswow64\wwahost.exe
Berichts-ID: bc434348-ff7c-11e3-8264-000761cd115e
Vollständiger Name des fehlerhaften Pakets: Microsoft.SkypeApp_2.5.0.1005_x86__kzf8qxf38zg5c
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: App
Error: (06/29/2014 00:59:52 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm LiveComm.exe, Version 17.5.9600.20413 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 178c
Startzeit: 01cf93888476f96f
Endzeit: 4294967295
Anwendungspfad: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20413_x64__8wekyb3d8bbwe\LiveComm.exe
Berichts-ID: 799b9d0d-ff7c-11e3-8264-000761cd115e
Vollständiger Name des fehlerhaften Pakets: microsoft.windowscommunicationsapps_17.5.9600.20413_x64__8wekyb3d8bbwe
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: ppleae38af2e007f4358a809ac99a64a67c1
Error: (06/28/2014 03:15:03 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm wwahost.exe, Version 6.3.9600.17031 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 13ec
Startzeit: 01cf92c216c51606
Endzeit: 4294967295
Anwendungspfad: C:\Windows\syswow64\wwahost.exe
Berichts-ID: 33c9f52d-fec6-11e3-8264-000761cd115e
Vollständiger Name des fehlerhaften Pakets: Microsoft.SkypeApp_2.5.0.1005_x86__kzf8qxf38zg5c
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: App
Error: (06/28/2014 00:40:47 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm speedupmypc.exe, Version 6.0.3.7 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 1a30
Startzeit: 01cf92b961a6205c
Endzeit: 4294967295
Anwendungspfad: C:\Program Files (x86)\Uniblue\SpeedUpMyPC\speedupmypc.exe
Berichts-ID: a96f5e1a-feb0-11e3-8264-000761cd115e
Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:
Error: (06/28/2014 00:21:58 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.VC80.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"1".
Die abhängige Assemblierung "Microsoft.VC80.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".
Error: (06/28/2014 00:21:58 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.VC80.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"1".
Die abhängige Assemblierung "Microsoft.VC80.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".
Error: (06/28/2014 00:21:42 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.VC80.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"1".
Die abhängige Assemblierung "Microsoft.VC80.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".
Error: (06/28/2014 00:21:42 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.VC80.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"1".
Die abhängige Assemblierung "Microsoft.VC80.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".
Error: (06/27/2014 03:41:06 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.VC80.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"1".
Die abhängige Assemblierung "Microsoft.VC80.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".
System errors:
=============
Error: (07/05/2014 03:35:35 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Das System wurde zuvor am 29.06.2014 um 21:29:39 unerwartet heruntergefahren.
Error: (06/27/2014 10:59:17 PM) (Source: DCOM) (EventID: 10010) (User: RPC)
Description: {4545DEA0-2DFC-4906-A728-6D986BA399A9}
Error: (06/27/2014 10:59:17 PM) (Source: DCOM) (EventID: 10010) (User: RPC)
Description: {4545DEA0-2DFC-4906-A728-6D986BA399A9}
Error: (06/26/2014 08:20:03 PM) (Source: DCOM) (EventID: 10010) (User: RPC)
Description: {4545DEA0-2DFC-4906-A728-6D986BA399A9}
Error: (06/26/2014 08:20:03 PM) (Source: DCOM) (EventID: 10010) (User: RPC)
Description: {4545DEA0-2DFC-4906-A728-6D986BA399A9}
Error: (06/26/2014 08:20:03 PM) (Source: DCOM) (EventID: 10010) (User: RPC)
Description: {4545DEA0-2DFC-4906-A728-6D986BA399A9}
Error: (06/26/2014 08:20:03 PM) (Source: DCOM) (EventID: 10010) (User: RPC)
Description: {4545DEA0-2DFC-4906-A728-6D986BA399A9}
Error: (06/26/2014 05:01:37 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "BlueStacks Android Service" wurde mit folgendem Fehler beendet:
%%1064
Error: (06/26/2014 05:01:28 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Das System wurde zuvor am 25.06.2014 um 21:22:49 unerwartet heruntergefahren.
Error: (06/25/2014 09:38:13 PM) (Source: DCOM) (EventID: 10010) (User: RPC)
Description: {4545DEA0-2DFC-4906-A728-6D986BA399A9}
Microsoft Office Sessions:
=========================
Error: (06/29/2014 08:25:23 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: bf3.exe1.6.0.0511c9356bf3.exe1.6.0.0511c9356c00000050133655d228001cf93c4c4f3c287D:\Program Files (x86)\Origin Games\Battlefield 3\bf3.exeD:\Program Files (x86)\Origin Games\Battlefield 3\bf3.exebb817b2c-ffba-11e3-8264-000761cd115e
Error: (06/29/2014 01:01:44 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: wwahost.exe6.3.9600.17031129001cf93888470904270C:\Windows\syswow64\wwahost.exebc434348-ff7c-11e3-8264-000761cd115eMicrosoft.SkypeApp_2.5.0.1005_x86__kzf8qxf38zg5cApp
Error: (06/29/2014 00:59:52 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: LiveComm.exe17.5.9600.20413178c01cf93888476f96f4294967295C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20413_x64__8wekyb3d8bbwe\LiveComm.exe799b9d0d-ff7c-11e3-8264-000761cd115emicrosoft.windowscommunicationsapps_17.5.9600.20413_x64__8wekyb3d8bbweppleae38af2e007f4358a809ac99a64a67c1
Error: (06/28/2014 03:15:03 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: wwahost.exe6.3.9600.1703113ec01cf92c216c516064294967295C:\Windows\syswow64\wwahost.exe33c9f52d-fec6-11e3-8264-000761cd115eMicrosoft.SkypeApp_2.5.0.1005_x86__kzf8qxf38zg5cApp
Error: (06/28/2014 00:40:47 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: speedupmypc.exe6.0.3.71a3001cf92b961a6205c4294967295C:\Program Files (x86)\Uniblue\SpeedUpMyPC\speedupmypc.exea96f5e1a-feb0-11e3-8264-000761cd115e
Error: (06/28/2014 00:21:58 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Microsoft.VC80.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"C:\Program Files (x86)\Cinema 4D R12\resource\modules\python\res\Python.win32.framework\Lib\distutils\command\wininst-8_d.exe
Error: (06/28/2014 00:21:58 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Microsoft.VC80.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"C:\Program Files (x86)\Cinema 4D R12\resource\modules\python\res\Python.win64.framework\Lib\distutils\command\wininst-8_d.exe
Error: (06/28/2014 00:21:42 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Microsoft.VC80.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"C:\Program Files (x86)\Cinema 4D R12\resource\modules\python\res\Python.win32.framework\Lib\distutils\command\wininst-8_d.exe
Error: (06/28/2014 00:21:42 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Microsoft.VC80.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"C:\Program Files (x86)\Cinema 4D R12\resource\modules\python\res\Python.win64.framework\Lib\distutils\command\wininst-8_d.exe
Error: (06/27/2014 03:41:06 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Microsoft.VC80.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"C:\Program Files (x86)\Cinema 4D R12\resource\modules\python\res\Python.win32.framework\Lib\distutils\command\wininst-8_d.exe
==================== Memory info ===========================
Percentage of memory in use: 70%
Total physical RAM: 4093.24 MB
Available physical RAM: 1206.11 MB
Total Pagefile: 8957.24 MB
Available Pagefile: 1874.05 MB
Total Virtual: 131072 MB
Available Virtual: 131071.81 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:86.3 GB) (Free:0.4 GB) NTFS
Drive d: (Daten) (Fixed) (Total:146.48 GB) (Free:74.37 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 233 GB) (Disk ID: 09980997)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=86 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=146 GB) - (Type=07 NTFS)
==================== End Of Log ============================
|
Hinweis:
FRST 32-Bit | FRST 64-Bit
AdwCleaner auf deinen Desktop.