Trojaner-Board - Your File Download und Fast and Safe.

FRST Logfile:

FRST Logfile:

Code:

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 31-07-2014 02

Ran by Ralfi (administrator) on RALFI-PC on 01-08-2014 13:24:37

Running from C:\Users\Ralfi\Downloads

Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland)

Internet Explorer Version 11

Boot Mode: Normal
 
 

==================== Processes (Whitelisted) =================
 

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe

(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe

(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe

(Cherished Technololgy LIMITED) C:\ProgramData\IePluginServices\PluginService.exe

(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe

(Qualcomm Atheros) C:\Program Files\Qualcomm Atheros\Network Manager\KillerService.exe

(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe

(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

(LogMeIn Inc.) D:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe

(LogMeIn, Inc.) D:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe

(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE

(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe

(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe

(Akamai Technologies, Inc.) C:\Users\Ralfi\AppData\Local\Akamai\netsession_win.exe

(Akamai Technologies, Inc.) C:\Users\Ralfi\AppData\Local\Akamai\netsession_win.exe

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe

(LogMeIn Inc.) D:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe

(LogMeIn, Inc.) D:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe

(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe

(Spotify Ltd) C:\Users\Ralfi\AppData\Roaming\Spotify\spotify.exe

(Spotify Ltd) C:\Users\Ralfi\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe

() C:\Program Files\Qualcomm Atheros\Network Manager\NetworkManager.exe

(Razer Inc.) C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe

(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe

(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe

(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\IPC\AdobeIPCBroker.exe

() C:\Users\Ralfi\AppData\Roaming\Spotify\Data\SpotifyHelper.exe

() C:\Users\Ralfi\AppData\Roaming\Spotify\Data\SpotifyHelper.exe

() C:\Users\Ralfi\AppData\Roaming\Spotify\Data\SpotifyHelper.exe

() C:\Users\Ralfi\AppData\Roaming\Spotify\Data\SpotifyHelper.exe

() C:\Users\Ralfi\AppData\Roaming\Spotify\Data\SpotifyHelper.exe

() C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe

(Microsoft Corporation) C:\Windows\System32\dllhost.exe

(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\HEX\Adobe CEF Helper.exe

() C:\Users\Ralfi\AppData\Roaming\Spotify\Data\SpotifyHelper.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
 
 

==================== Registry (Whitelisted) ==================
 

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 

HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2403104 2014-07-25] (NVIDIA Corporation)

HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart

HKLM\...\Run: [IntelTBRunOnce] => wscript.exe //b //nologo "C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs"

HKLM\...\Run: [MSC] => C:\Program Files\Microsoft Security Client\msseces.exe [1271072 2014-03-11] (Microsoft Corporation)

HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [558496 2014-02-27] (Adobe Systems Incorporated)

HKLM-x32\...\Run: [] => [X]

HKLM-x32\...\Run: [Razer Synapse] => C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe [585048 2014-05-31] (Razer Inc.)

HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-09-13] (Apple Inc.)

HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2688920 2014-05-26] (Adobe Systems Incorporated)

HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [256896 2014-07-11] (Oracle Corporation)

HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => D:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [3816784 2014-07-21] (LogMeIn Inc.)

HKLM-x32\...\Run: [BlockAndSurf] => C:\Program Files (x86)\ver8BlockAndSurf\BlockAndSurf.exe

HKU\S-1-5-21-1657400046-2498356473-2034691632-1001\...\Run: [Akamai NetSession Interface] => C:\Users\Ralfi\AppData\Local\Akamai\netsession_win.exe [4672920 2014-04-17] (Akamai Technologies, Inc.)

HKU\S-1-5-21-1657400046-2498356473-2034691632-1001\...\Run: [Spotify] => C:\Users\Ralfi\AppData\Roaming\Spotify\Spotify.exe [6162488 2014-07-17] (Spotify Ltd)

HKU\S-1-5-21-1657400046-2498356473-2034691632-1001\...\Run: [Spotify Web Helper] => C:\Users\Ralfi\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1178168 2014-07-17] (Spotify Ltd)

AppInit_DLLs: C:\PROGRA~2\SupTab\SEARCH~2.DLL => C:\PROGRA~2\SupTab\SEARCH~2.DLL File Not Found

AppInit_DLLs:  C:\PROGRA~3\FASTAN~1\FASTAN~2.DLL => C:\PROGRA~3\FASTAN~1\FASTAN~2.DLL File Not Found

AppInit_DLLs-x32: c:\progra~2\suptab\search~1.dll => "c:\progra~2\suptab\search~1.dll" File Not Found

AppInit_DLLs-x32:  c:\progra~3\fastan~1\fastan~1.dll => "c:\progra~3\fastan~1\fastan~1.dll" File Not Found

Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\avsinit.vbs ()

Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Killer Network Manager.lnk

ShortcutTarget: Killer Network Manager.lnk -> C:\Windows\Installer\{4E08CC97-912D-458B-8705-9A14C325532F}\NetworkManager.exe_130C27D738F34C89BDDF21BCFD74B56D.exe (Flexera Software LLC)

Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Packer.exe.lnk

ShortcutTarget: Packer.exe.lnk -> C:\Users\Ralfi\AppData\Local\Temp\Phx6F79\Packer.exe (No File)

ShellIconOverlayIdentifiers:  AccExtIco1 -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll ()

ShellIconOverlayIdentifiers:  AccExtIco2 -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll ()

ShellIconOverlayIdentifiers:  AccExtIco3 -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll ()

GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
 

==================== Internet (Whitelisted) ====================
 

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRbkHo3StKZmhdFMQ5NhCfKoItf6XvwT60786OsN2fRsWr7MwcQfr2EbcdLMt3Ct2FO17TGBNcHASbNpo6Iw-vzcVWme3lQf07uMjETncfwcSmIsiWYei7_8X4GInn5FevqtFlpL1O4oA-Kei6Iibfd0wIO81d0KZwpE2yNEW2ervjkoHvySL560ZhcfMMYjhZ1uuveyWb8bHowKk2o5Nqg,,&q={searchTerms}

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0xC6CBF700806BCF01

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE

HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRbkHo3StKZmhdFMQ5NhCfKoItf6XvwT60786OsN2fRsWr7MwcQfr2EbcdLMt3Ct2FO17TGBNcHASbNpo6Iw-vzcVWme3lQf07uMjETncfwcSmIsiWYei7_8X4GInn5FevqtFlpL1O4oA-Kei6Iibfd0wIO81d0KZwpE2yNEW2ervjkoHvySL560ZhcfMMYjhZ1uuveyWb8bHowKk2o5Nqg,,&q={searchTerms}

HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.sweet-page.com/web/?type=ds&ts=1401467900&from=cor&uid=SamsungXSSDX840XEVOX120GB_S1BUNSAF401702D&q={searchTerms}

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank

HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.sweet-page.com/web/?type=ds&ts=1401467900&from=cor&uid=SamsungXSSDX840XEVOX120GB_S1BUNSAF401702D&q={searchTerms}

HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.sweet-page.com/web/?type=ds&ts=1401467900&from=cor&uid=SamsungXSSDX840XEVOX120GB_S1BUNSAF401702D&q={searchTerms}

HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank

HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.sweet-page.com/web/?type=ds&ts=1401467900&from=cor&uid=SamsungXSSDX840XEVOX120GB_S1BUNSAF401702D&q={searchTerms}

SearchScopes: HKLM-x32 - {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRbkHo3StKZmhdFMQ5NhCfKoItf6XvwT60786OsN2fRsWr7MwcQfr2EbcdLMt3Ct2FO17TGBNcHASbNpo6Iw-vzcVWme3lQf07uMjETncfwcSmIsiWYei7_8X4GInn5FevqtFlpL1O4oA-Kei6Iibfd0wIO81d0KZwpE2yNEW2ervjkoHvySL560ZhcfMMYjhZ1uuuo7GdMC-9TiA676hKw,,&q={searchTerms}

SearchScopes: HKCU - {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRbkHo3StKZmhdFMQ5NhCfKoItf6XvwT60786OsN2fRsWr7MwcQfr2EbcdLMt3Ct2FO17TGBNcHASbNpo6Iw-vzcVWme3lQf07uMjETncfwcSmIsiWYei7_8X4GInn5FevqtFlpL1O4oA-Kei6Iibfd0wIO81d0KZwpE2yNEW2ervjkoHvySL560ZhcfMMYjhZ1uuveyWb8bHowKk2o5Nqg,,&q={searchTerms}

BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)

BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)

BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)

BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)

BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)

BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)

Toolbar: HKLM - No Name - {ae07101b-46d4-4a98-af68-0333ea26e113} -  No File

Toolbar: HKLM-x32 - No Name - {ae07101b-46d4-4a98-af68-0333ea26e113} -  No File

DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab

Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)

Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
 

FireFox:

========

FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_14_0_0_145.dll ()

FF Plugin: @java.com/DTPlugin,version=10.55.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)

FF Plugin: @java.com/JavaPlugin,version=10.55.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)

FF Plugin: adobe.com/AdobeAAMDetect_x86_64 - C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems)

FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_145.dll ()

FF Plugin-x32: @esn/npbattlelog,version=2.4.0 - C:\Program Files (x86)\Battlelog Web Plugins\2.4.0\npbattlelog.dll (EA Digital Illusions CE AB)

FF Plugin-x32: @java.com/DTPlugin,version=10.65.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)

FF Plugin-x32: @java.com/JavaPlugin,version=10.65.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)

FF Plugin-x32: @ngm.nexoneu.com/NxGame - C:\ProgramData\NexonEU\NGM\npNxGameEU.dll (Nexon)

FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)

FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)

FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll No File

FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll No File

FF Plugin-x32: adobe.com/AdobeAAMDetect - C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll (Adobe Systems)

FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 - C:\Users\Ralfi\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
 

Chrome: 

=======

CHR HomePage: hxxp://search.babylon.com/?affID=113480&tt=bandext_3312_4&babsrc=HP_ss&mntrId=341c704c00000000000000ff6cb80bd8

CHR StartupUrls: "hxxp://www.google.com/", "hxxp://feed.helperbar.com/?publisher=YahooOC&dpid=YahooOC&co=DE&userid=5dcb2ce2-d62c-8a2c-991a-d2d3523f08f4&searchtype=hp&fr=linkury-tb&installDate={installDate}&type=hp1000", "hxxp://feed.helperbar.com/?publisher=YahooOC&dpid=YahooOC&co=DE&userid=5dcb2ce2-d62c-8a2c-991a-d2d3523f08f4&searchtype=hp&fr=linkury-tb&installDate=09/01/2014&type=hp1000", "hxxp://www.sweet-page.com/?type=hp&ts=1399647427&from=cor&uid=SamsungXSSDX840XEVOX120GB_S1BUNSAF401702D", "hxxp://www.sweet-page.com/?type=hppp&ts=1399676034&from=cor&uid=SamsungXSSDX840XEVOX120GB_S1BUNSAF401702D", "hxxp://www.sweet-page.com/?type=hppp&ts=1399704410&from=cor&uid=SamsungXSSDX840XEVOX120GB_S1BUNSAF401702D", "hxxp://www.sweet-page.com/?type=hppp&ts=1399708660&from=cor&uid=SamsungXSSDX840XEVOX120GB_S1BUNSAF401702D", "hxxp://www.sweet-page.com/?type=hppp&ts=1399721255&from=cor&uid=SamsungXSSDX840XEVOX120GB_S1BUNSAF401702D", "hxxp://www.sweet-page.com/?type=hp&ts=1400380906&from=cor&uid=SamsungXSSDX840XEVOX120GB_S1BUNSAF401702D", "hxxp://www.sweet-page.com/?type=hp&ts=1400609547&from=cor&uid=SamsungXSSDX840XEVOX120GB_S1BUNSAF401702D", "hxxp://www.sweet-page.com/?type=hp&ts=1401467900&from=cor&uid=SamsungXSSDX840XEVOX120GB_S1BUNSAF401702D"

CHR Extension: (Google Docs) - C:\Users\Ralfi\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-05-09]

CHR Extension: (Google Drive) - C:\Users\Ralfi\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-05-09]

CHR Extension: (American Racing 2) - C:\Users\Ralfi\AppData\Local\Google\Chrome\User Data\Default\Extensions\bfpfdjclhabpjncikdngdoldjjjegnbe [2014-05-09]

CHR Extension: (YouTube) - C:\Users\Ralfi\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-05-09]

CHR Extension: (Adblock Plus) - C:\Users\Ralfi\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2014-05-09]

CHR Extension: (Google-Suche) - C:\Users\Ralfi\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-05-09]

CHR Extension: (Google Wallet) - C:\Users\Ralfi\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-05-09]

CHR Extension: (cosstminn) - C:\Users\Ralfi\AppData\Local\Google\Chrome\User Data\Default\Extensions\nomemmocgpnaangbinabcokhlflpmmbn [2014-07-30]

CHR Extension: (Google Mail) - C:\Users\Ralfi\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-05-09]

CHR Extension: (cosstminn) - C:\Users\Ralfi\AppData\Local\Google\Chrome\User Data\Default\Extensions\nomemmocgpnaangbinabcokhlflpmmbn\2.0 [2014-07-30]

CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
 

==================== Services (Whitelisted) =================
 

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 

R2 Hamachi2Svc; D:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe [2544976 2014-07-21] (LogMeIn Inc.)

R2 IePluginServices; C:\ProgramData\IePluginServices\PluginService.exe [704112 2014-05-08] (Cherished Technololgy LIMITED)

R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [23808 2014-03-11] (Microsoft Corporation)

R3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [347872 2014-03-11] (Microsoft Corporation)

R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1720608 2014-07-25] (NVIDIA Corporation)

R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [18956064 2014-07-25] (NVIDIA Corporation)

R2 Qualcomm Atheros Killer Service V2; C:\Program Files\Qualcomm Atheros\Network Manager\KillerService.exe [343040 2013-08-08] (Qualcomm Atheros) [File not signed]

S2 gupdate; "C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /svc [X]

S3 gupdatem; "C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /medsvc [X]
 

==================== Drivers (Whitelisted) ====================
 

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 

R1 BfLwf; C:\Windows\System32\DRIVERS\bflwfx64.sys [67888 2013-02-13] (Qualcomm Atheros, Inc.)

R3 ISCT; C:\Windows\System32\DRIVERS\ISCTD64.sys [46568 2013-02-13] ()

R3 Ke2200; C:\Windows\System32\DRIVERS\e22w7x64.sys [154320 2013-03-20] (Qualcomm Atheros, Inc.)

R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [268512 2014-01-25] (Microsoft Corporation)

R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [133928 2014-03-11] (Microsoft Corporation)

R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [20256 2014-07-25] (NVIDIA Corporation)

R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [40392 2014-03-31] (NVIDIA Corporation)

R3 rzendpt; C:\Windows\System32\DRIVERS\rzendpt.sys [39080 2014-05-19] (Razer Inc)

S3 taphss6; C:\Windows\System32\DRIVERS\taphss6.sys [42184 2014-05-17] (Anchorfree Inc.)

S3 DIRECTIO; \??\UNC\srv1c027-b.wds8-b.intern\reminst\Test\BitPro64\DirectIo.sys [X]

S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X]

S3 FairplayKD; \??\C:\ProgramData\MTA San Andreas All\Common\temp\FairplayKD.sys [X]

S3 MSICDSetup; \??\D:\CDriver64.sys [X]

S3 NTIOLib_1_0_C; \??\D:\NTIOLib_X64.sys [X]

S3 xhunter1; \??\C:\Windows\xhunter1.sys [X]
 

==================== NetSvcs (Whitelisted) ===================
 

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
 
 

==================== One Month Created Files and Folders ========
 

(If an entry is included in the fixlist, the file\folder will be moved.)
 

2014-08-01 13:24 - 2014-08-01 13:24 - 02094080 _____ (Farbar) C:\Users\Ralfi\Downloads\FRST64.exe

2014-08-01 13:24 - 2014-08-01 13:24 - 00022302 _____ () C:\Users\Ralfi\Downloads\FRST.txt

2014-08-01 13:24 - 2014-08-01 13:24 - 00000000 ____D () C:\FRST

2014-08-01 12:50 - 2014-05-14 18:23 - 02477536 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll

2014-08-01 12:50 - 2014-05-14 18:23 - 00058336 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe

2014-08-01 12:50 - 2014-05-14 18:23 - 00044512 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll

2014-08-01 12:50 - 2014-05-14 18:21 - 02620928 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll

2014-08-01 12:50 - 2014-05-14 09:23 - 00198600 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll

2014-08-01 12:50 - 2014-05-14 09:23 - 00179656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll

2014-08-01 12:50 - 2014-05-14 09:20 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe

2014-08-01 12:50 - 2014-05-14 09:17 - 00033792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe

2014-08-01 02:53 - 2014-08-01 02:53 - 01193008 _____ () C:\Users\Ralfi\Documents\Powereditfertig.veg

2014-08-01 02:21 - 2014-08-01 02:24 - 00059936 _____ () C:\Users\Ralfi\Documents\GEIL.mp4.sfk

2014-08-01 02:17 - 2014-08-01 02:19 - 69658742 _____ () C:\Users\Ralfi\Documents\GEIL.mp4

2014-07-31 22:57 - 2014-08-01 02:20 - 00533960 _____ () C:\Users\Ralfi\Documents\GEIL.veg

2014-07-31 22:57 - 2014-08-01 02:16 - 00533960 _____ () C:\Users\Ralfi\Documents\GEIL.veg.bak

2014-07-31 22:55 - 2014-07-31 22:56 - 25520351 _____ () C:\Users\Ralfi\Documents\Ichfick.mp4

2014-07-31 22:28 - 2014-07-31 22:28 - 00441736 _____ () C:\Users\Ralfi\Documents\Jolo.veg

2014-07-31 22:11 - 2014-07-31 22:12 - 00012704 _____ () C:\Users\Ralfi\Documents\Ohne Titel.mp4.sfk

2014-07-31 22:10 - 2014-07-31 22:10 - 01617216 _____ () C:\Users\Ralfi\Documents\Ohne Titel.wmv.sfap0

2014-07-31 20:46 - 2014-07-31 22:18 - 00430560 _____ () C:\Users\Ralfi\Documents\oipjio.veg

2014-07-31 20:46 - 2014-07-31 20:46 - 00432944 _____ () C:\Users\Ralfi\Documents\oipjio.veg.bak

2014-07-31 20:04 - 2014-07-31 20:04 - 02389569 _____ () C:\Users\Ralfi\Desktop\Switchbot..zip

2014-07-31 19:42 - 2014-08-01 02:44 - 63153816 _____ () C:\Users\Ralfi\Documents\Power Edit!.mp4

2014-07-31 19:36 - 2014-07-31 19:37 - 00226688 _____ () C:\Users\Ralfi\Downloads\B.o.B - Strange Clouds Remix ft. T.I & Young Jeezy (The Digital Connection Lazerstep Bootleg).mp3.sfk

2014-07-31 18:14 - 2014-07-31 18:14 - 00000030 _____ () C:\Users\Ralfi\Desktop\Neues Textdokument (2).txt

2014-07-31 00:08 - 2014-07-31 00:13 - 1195402287 _____ () C:\Users\Ralfi\Downloads\Elitarius2.rar

2014-07-30 18:25 - 2014-07-30 18:26 - 00000000 ____D () C:\Users\Ralfi\AppData\Roaming\Advanced System Protector

2014-07-30 18:23 - 2014-07-30 18:23 - 00000000 ____D () C:\Users\Ralfi\Documents\Optimizer Pro

2014-07-30 18:18 - 2014-07-31 00:16 - 00000000 ____D () C:\ProgramData\Systweak

2014-07-30 18:17 - 2014-07-30 18:31 - 00000306 __RSH () C:\ProgramData\ntuser.pol

2014-07-30 18:17 - 2014-07-30 18:30 - 00000000 ____D () C:\ProgramData\cosstminn

2014-07-30 18:17 - 2014-07-30 18:27 - 00000000 ____D () C:\Users\Ralfi\AppData\Roaming\Systweak

2014-07-30 18:17 - 2014-07-30 18:27 - 00000000 ____D () C:\ProgramData\5ecf99686ab558bb

2014-07-30 18:17 - 2014-07-30 18:27 - 00000000 ____D () C:\Program Files (x86)\cosstminn

2014-07-30 18:17 - 2014-07-30 18:17 - 00003178 _____ () C:\Windows\System32\Tasks\YourFile DownloaderInstaller Starter

2014-07-30 18:17 - 2014-07-30 18:17 - 00003132 _____ () C:\Windows\System32\Tasks\YourFile DownloaderUpdate

2014-07-30 18:17 - 2014-07-30 18:17 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_webinstr_01009.Wdf

2014-07-30 18:17 - 2014-07-30 18:17 - 00000000 ____D () C:\Users\Ralfi\AppData\Roaming\YourFileDownloader

2014-07-30 18:17 - 2014-07-30 18:17 - 00000000 ____D () C:\Users\Ralfi\AppData\Local\Torch

2014-07-30 18:17 - 2014-07-30 18:17 - 00000000 ____D () C:\Users\Ralfi\AppData\Local\Packages

2014-07-30 18:17 - 2014-07-30 18:17 - 00000000 ____D () C:\Users\Ralfi\AppData\Local\Comodo

2014-07-30 18:17 - 2014-07-30 18:17 - 00000000 ____D () C:\Users\Ralfi\AppData\Local\Chromatic Browser

2014-07-30 18:17 - 2014-07-30 18:17 - 00000000 ____D () C:\Users\HomeGroupUser$\AppData\Local\Torch

2014-07-30 18:17 - 2014-07-30 18:17 - 00000000 ____D () C:\Users\HomeGroupUser$\AppData\Local\Google

2014-07-30 18:17 - 2014-07-30 18:17 - 00000000 ____D () C:\Users\HomeGroupUser$\AppData\Local\Comodo

2014-07-30 18:17 - 2014-07-30 18:17 - 00000000 ____D () C:\Users\HomeGroupUser$\AppData\Local\Chromatic Browser

2014-07-30 18:17 - 2014-07-30 18:17 - 00000000 ____D () C:\Users\HomeGroupUser$

2014-07-30 18:17 - 2014-07-30 18:17 - 00000000 ____D () C:\Users\Gast\AppData\Local\Torch

2014-07-30 18:17 - 2014-07-30 18:17 - 00000000 ____D () C:\Users\Gast\AppData\Local\Google

2014-07-30 18:17 - 2014-07-30 18:17 - 00000000 ____D () C:\Users\Gast\AppData\Local\Comodo

2014-07-30 18:17 - 2014-07-30 18:17 - 00000000 ____D () C:\Users\Gast\AppData\Local\Chromatic Browser

2014-07-30 18:17 - 2014-07-30 18:17 - 00000000 ____D () C:\Users\Gast

2014-07-30 18:17 - 2014-07-30 18:17 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Torch

2014-07-30 18:17 - 2014-07-30 18:17 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Google

2014-07-30 18:17 - 2014-07-30 18:17 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Comodo

2014-07-30 18:17 - 2014-07-30 18:17 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Chromatic Browser

2014-07-30 18:17 - 2014-07-30 18:17 - 00000000 ____D () C:\Users\Administrator

2014-07-30 18:17 - 2013-07-11 13:49 - 00020312 _____ (Systweak Inc., (www.systweak.com)) C:\Windows\system32\roboot64.exe

2014-07-30 18:16 - 2014-07-30 18:16 - 06985200 _____ (hxxp://yourfiledownloader.net) C:\Users\Ralfi\Downloads\Strange_Clouds_Ft_BOB_downloader.exe

2014-07-30 14:33 - 2014-07-30 14:33 - 70727715 _____ () C:\Users\Ralfi\Downloads\UnderTheInfluence.zip

2014-07-30 14:09 - 2014-07-30 14:09 - 00000000 _____ () C:\Users\Ralfi\Desktop\Neues Textdokument (3).txt

2014-07-30 13:56 - 2014-07-30 18:24 - 00000000 ____D () C:\Users\Ralfi\AppData\Local\wf-launcher

2014-07-30 13:56 - 2014-07-30 13:56 - 00001625 _____ () C:\Users\Ralfi\Desktop\Warface Launcher.lnk

2014-07-30 13:56 - 2014-07-30 13:56 - 00000000 ____D () C:\Users\Ralfi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Warface Launcher

2014-07-30 13:56 - 2014-07-30 13:56 - 00000000 ____D () C:\ProgramData\GFACE

2014-07-30 13:55 - 2014-07-30 13:55 - 29280872 _____ () C:\Users\Ralfi\Downloads\warface-launcher.exe

2014-07-30 12:56 - 2014-07-30 13:44 - 00000059 _____ () C:\Users\Ralfi\Desktop\PSC.txt

2014-07-29 15:58 - 2014-07-02 19:44 - 00609240 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe

2014-07-29 15:57 - 2014-07-02 22:48 - 31512520 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll

2014-07-29 15:57 - 2014-07-02 22:48 - 24196896 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll

2014-07-29 15:57 - 2014-07-02 22:48 - 22994208 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll

2014-07-29 15:57 - 2014-07-02 22:48 - 15294296 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll

2014-07-29 15:57 - 2014-07-02 22:48 - 13922752 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll

2014-07-29 15:57 - 2014-07-02 22:48 - 13835208 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll

2014-07-29 15:57 - 2014-07-02 22:48 - 12866008 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys

2014-07-29 15:57 - 2014-07-02 22:48 - 11283344 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll

2014-07-29 15:57 - 2014-07-02 22:48 - 11222048 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll

2014-07-29 15:57 - 2014-07-02 22:48 - 04247000 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll

2014-07-29 15:57 - 2014-07-02 22:48 - 03989960 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll

2014-07-29 15:57 - 2014-07-02 22:48 - 01890080 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6434052.dll

2014-07-29 15:57 - 2014-07-02 22:48 - 01539928 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6434052.dll

2014-07-29 15:57 - 2014-07-02 22:48 - 00944928 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll

2014-07-29 15:57 - 2014-07-02 22:48 - 00907096 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll

2014-07-29 15:57 - 2014-07-02 22:48 - 00903624 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll

2014-07-29 15:57 - 2014-07-02 22:48 - 00869152 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll

2014-07-29 15:57 - 2014-07-02 22:48 - 00846832 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll

2014-07-29 15:57 - 2014-07-02 22:48 - 00502232 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll

2014-07-29 15:57 - 2014-07-02 22:48 - 00418760 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll

2014-07-29 15:57 - 2014-07-02 22:48 - 00391640 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFROpenGL.dll

2014-07-29 15:57 - 2014-07-02 22:48 - 00354016 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll

2014-07-29 15:57 - 2014-07-02 22:48 - 00348120 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFROpenGL.dll

2014-07-29 15:57 - 2014-07-02 22:48 - 00305600 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll

2014-07-29 15:57 - 2014-07-02 22:48 - 00166568 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll

2014-07-29 15:57 - 2014-07-02 22:48 - 00146480 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll

2014-07-28 22:17 - 2014-07-29 10:15 - 00000000 ____D () C:\ProgramData\avs

2014-07-28 22:06 - 2014-07-28 22:12 - 1083673262 _____ () C:\Users\Ralfi\Downloads\DF_Client_09022014.rar

2014-07-28 20:27 - 2014-07-28 20:28 - 20667876 _____ () C:\Users\Ralfi\Downloads\Offical Synea2 Client_Update01.rar

2014-07-28 20:06 - 2014-07-28 20:07 - 1076334290 _____ () C:\Users\Ralfi\Downloads\Offical Synea2 Client.zip

2014-07-28 18:43 - 2014-07-28 18:50 - 1163055614 _____ () C:\Users\Ralfi\Downloads\Firenze2 Version 1.2.rar

2014-07-28 00:30 - 2014-07-28 00:30 - 31579146 _____ (NewBlue, Inc ) C:\Users\Ralfi\Downloads\NewBlueFX Patch (for 64-bit).exe

2014-07-27 12:10 - 2014-07-27 12:11 - 1240454106 _____ () C:\Users\Ralfi\Desktop\Rebellution2.rar

2014-07-27 11:31 - 2014-07-27 11:31 - 00000000 ____D () C:\Users\Ralfi\Desktop\Waffen

2014-07-26 23:23 - 2014-07-26 23:26 - 14036826 _____ () C:\Users\Ralfi\Documents\Opfakind.mp4

2014-07-26 21:36 - 2014-07-26 21:36 - 05041280 _____ (Arktos Entertainment Group LLC ) C:\Users\Ralfi\Downloads\WarInc_WebSetup.exe

2014-07-26 18:38 - 2014-07-26 18:39 - 09974885 _____ () C:\Users\Ralfi\Downloads\Royal - Medieval Servervorstellung by LeKoArts.rar

2014-07-25 09:08 - 2014-07-25 09:08 - 00000000 ____D () C:\Users\Ralfi\AppData\Local\UWebKit151

2014-07-25 09:08 - 2014-07-25 09:08 - 00000000 ____D () C:\ProgramData\boost_interprocess

2014-07-24 22:03 - 2014-08-01 12:48 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Gameforge Live

2014-07-24 22:03 - 2014-07-25 09:06 - 00000000 ____D () C:\Users\Ralfi\Downloads\Gameforge Live

2014-07-24 22:03 - 2014-07-24 22:03 - 00000758 _____ () C:\Users\Public\Desktop\Gameforge Live.lnk

2014-07-24 22:03 - 2014-07-24 22:03 - 00000000 ____D () C:\Users\Ralfi\AppData\Local\Gameforge4d

2014-07-24 22:02 - 2014-07-24 22:03 - 20132328 _____ (Gameforge ) C:\Users\Ralfi\Downloads\OMD_GameforgeLiveSetup.exe

2014-07-24 21:14 - 2014-07-24 21:14 - 995862274 _____ () C:\Users\Ralfi\Downloads\Baumhausen City Client 24.05.2014.rar

2014-07-24 10:57 - 2014-07-25 21:17 - 00000000 ____D () C:\Users\Ralfi\Desktop\EterNexus-1.0.0.0.2a

2014-07-23 18:42 - 2014-07-23 18:47 - 1011205600 _____ () C:\Users\Ralfi\Downloads\Meteria2.rar

2014-07-23 15:28 - 2014-07-23 15:28 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi

2014-07-22 14:27 - 2014-07-22 14:28 - 00000000 ____D () C:\Users\Ralfi\AppData\Local\QQSM

2014-07-22 14:26 - 2014-07-22 14:26 - 00000734 _____ () C:\Users\Public\Desktop\Hazard Ops.lnk

2014-07-22 14:26 - 2014-07-22 14:26 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hazard Ops

2014-07-22 14:00 - 2014-07-22 14:30 - 00000000 ____D () C:\ProgramData\Solid State Networks

2014-07-22 14:00 - 2014-07-22 14:00 - 01779712 _____ (Infernum Productions AG) C:\Users\Ralfi\Downloads\HazardOpsDLM.exe

2014-07-22 08:39 - 2014-07-22 08:43 - 00221752 _____ () C:\Users\Ralfi\Downloads\Pigeons (Original Mix).mp3.sfk

2014-07-21 19:33 - 2014-07-21 19:33 - 1035574396 _____ () C:\Users\Ralfi\Downloads\Zitonia2 Unverschlüsselt - Kopie.rar

2014-07-21 13:04 - 2014-07-27 11:58 - 00000261 _____ () C:\Users\Ralfi\Desktop\Server PW´s.txt

2014-07-20 23:55 - 2014-07-20 23:55 - 00000572 _____ () C:\Users\Public\Desktop\Sirius MT2.lnk

2014-07-20 23:55 - 2014-07-20 23:55 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sirius MT2

2014-07-20 23:41 - 2014-07-20 23:51 - 1572305527 _____ (Sirius MT2 ) C:\Users\Ralfi\Documents\sirius.20.13.rev.client.exe

2014-07-20 23:41 - 2014-07-20 23:41 - 00836112 _____ (SiriusMT2) C:\Users\Ralfi\Downloads\sirius.20.13.rev.installer.exe

2014-07-18 13:47 - 2014-07-18 14:14 - 00000045 _____ () C:\Users\Ralfi\Desktop\E-Mail.txt

2014-07-18 06:54 - 2014-07-18 06:55 - 01269871 _____ () C:\Users\Ralfi\Desktop\2Elemente.rar

2014-07-18 06:47 - 2014-07-18 06:47 - 03148168 _____ () C:\Users\Ralfi\Desktop\Design.rar

2014-07-18 06:43 - 2014-07-18 06:43 - 02680558 _____ () C:\Users\Ralfi\Downloads\Release1.rar

2014-07-18 05:06 - 2014-07-18 05:06 - 00000770 _____ () C:\Users\Ralfi\Desktop\Neues Textdokument.txt

2014-07-17 23:28 - 2014-07-17 23:28 - 12983159 _____ () C:\Users\Ralfi\Desktop\EterNexus-1.0.3.1a.zip

2014-07-17 20:13 - 2014-07-17 20:13 - 00004623 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_65-b20.log

2014-07-17 17:58 - 2014-07-17 17:58 - 00000023 _____ () C:\Users\Ralfi\Desktop\Newssss.txt

2014-07-17 02:02 - 2014-07-19 06:42 - 00002082 _____ () C:\Users\Ralfi\Desktop\Bonis ID.txt

2014-07-16 20:46 - 2014-07-16 20:46 - 00009587 _____ () C:\Users\Ralfi\Desktop\delicia.txt

2014-07-16 18:28 - 2014-07-16 18:30 - 00000000 ____D () C:\Users\Ralfi\Downloads\sachen zum einfügen

2014-07-16 14:33 - 2014-07-16 14:33 - 00000000 ____D () C:\Windows\SysWOW64\Hotspot Shield

2014-07-16 01:48 - 2014-07-16 02:07 - 00000000 ____D () C:\Users\Ralfi\Documents\FIFA World

2014-07-16 01:47 - 2014-07-16 01:47 - 00000864 _____ () C:\Users\Public\Desktop\EA Sports FIFA World.lnk

2014-07-15 18:56 - 2014-07-31 00:17 - 00000000 ____D () C:\Users\Ralfi\Desktop\Extractoren

2014-07-15 13:15 - 2014-07-27 23:35 - 00000000 ____D () C:\Users\Ralfi\Desktop\Rebellution2

2014-07-14 23:30 - 2014-07-14 23:30 - 00000000 ____D () C:\Users\Ralfi\Desktop\Tor Browser

2014-07-14 17:20 - 2014-07-14 17:24 - 20499640 _____ () C:\Users\Ralfi\Desktop\Skype 2014-07-14 17-00-53-82.avi

2014-07-10 18:41 - 2014-07-18 20:29 - 00000000 ____D () C:\Users\Ralfi\Desktop\Backup Rebellution2

2014-07-10 13:20 - 2014-06-30 04:09 - 00519168 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll

2014-07-10 13:20 - 2014-06-30 04:04 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll

2014-07-10 13:19 - 2014-06-20 22:14 - 00266424 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll

2014-07-10 13:19 - 2014-06-20 21:39 - 00240824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll

2014-07-10 13:19 - 2014-06-19 03:39 - 23464448 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll

2014-07-10 13:19 - 2014-06-19 03:06 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb

2014-07-10 13:19 - 2014-06-19 03:06 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll

2014-07-10 13:19 - 2014-06-19 02:48 - 02768384 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll

2014-07-10 13:19 - 2014-06-19 02:42 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll

2014-07-10 13:19 - 2014-06-19 02:42 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll

2014-07-10 13:19 - 2014-06-19 02:41 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll

2014-07-10 13:19 - 2014-06-19 02:41 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll

2014-07-10 13:19 - 2014-06-19 02:32 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll

2014-07-10 13:19 - 2014-06-19 02:31 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll

2014-07-10 13:19 - 2014-06-19 02:26 - 00598016 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll

2014-07-10 13:19 - 2014-06-19 02:24 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe

2014-07-10 13:19 - 2014-06-19 02:24 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe

2014-07-10 13:19 - 2014-06-19 02:23 - 00752640 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll

2014-07-10 13:19 - 2014-06-19 02:16 - 17276416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll

2014-07-10 13:19 - 2014-06-19 02:14 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe

2014-07-10 13:19 - 2014-06-19 02:09 - 00452608 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll

2014-07-10 13:19 - 2014-06-19 01:59 - 00038400 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll

2014-07-10 13:19 - 2014-06-19 01:56 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb

2014-07-10 13:19 - 2014-06-19 01:53 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll

2014-07-10 13:19 - 2014-06-19 01:51 - 05721088 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll

2014-07-10 13:19 - 2014-06-19 01:50 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll

2014-07-10 13:19 - 2014-06-19 01:48 - 00292864 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll

2014-07-10 13:19 - 2014-06-19 01:39 - 00608768 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe

2014-07-10 13:19 - 2014-06-19 01:38 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll

2014-07-10 13:19 - 2014-06-19 01:37 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll

2014-07-10 13:19 - 2014-06-19 01:36 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll

2014-07-10 13:19 - 2014-06-19 01:35 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll

2014-07-10 13:19 - 2014-06-19 01:33 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll

2014-07-10 13:19 - 2014-06-19 01:32 - 02179072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll

2014-07-10 13:19 - 2014-06-19 01:28 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll

2014-07-10 13:19 - 2014-06-19 01:28 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll

2014-07-10 13:19 - 2014-06-19 01:27 - 02040832 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl

2014-07-10 13:19 - 2014-06-19 01:27 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll

2014-07-10 13:19 - 2014-06-19 01:25 - 00442368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll

2014-07-10 13:19 - 2014-06-19 01:23 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe

2014-07-10 13:19 - 2014-06-19 01:22 - 00592896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll

2014-07-10 13:19 - 2014-06-19 01:12 - 00367616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll

2014-07-10 13:19 - 2014-06-19 01:06 - 00032256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll

2014-07-10 13:19 - 2014-06-19 01:01 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll

2014-07-10 13:19 - 2014-06-19 00:59 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll

2014-07-10 13:19 - 2014-06-19 00:58 - 02266112 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll

2014-07-10 13:19 - 2014-06-19 00:58 - 00239616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll

2014-07-10 13:19 - 2014-06-19 00:52 - 04254720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll

2014-07-10 13:19 - 2014-06-19 00:51 - 13527040 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll

2014-07-10 13:19 - 2014-06-19 00:49 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll

2014-07-10 13:19 - 2014-06-19 00:46 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll

2014-07-10 13:19 - 2014-06-19 00:45 - 01964544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl

2014-07-10 13:19 - 2014-06-19 00:35 - 11742208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll

2014-07-10 13:19 - 2014-06-19 00:34 - 01393664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll

2014-07-10 13:19 - 2014-06-19 00:15 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll

2014-07-10 13:19 - 2014-06-19 00:13 - 01791488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll

2014-07-10 13:19 - 2014-06-19 00:09 - 01139200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll

2014-07-10 13:19 - 2014-06-19 00:07 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll

2014-07-10 13:19 - 2014-06-18 04:18 - 00692736 _____ (Microsoft Corporation) C:\Windows\system32\osk.exe

2014-07-10 13:19 - 2014-06-18 03:51 - 00646144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\osk.exe

2014-07-10 13:19 - 2014-06-18 03:10 - 03157504 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys

2014-07-10 13:19 - 2014-06-06 12:10 - 00624128 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll

2014-07-10 13:19 - 2014-06-06 11:44 - 00509440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll

2014-07-10 13:19 - 2014-06-05 16:45 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll

2014-07-10 13:19 - 2014-06-05 16:26 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll

2014-07-10 13:19 - 2014-06-05 16:25 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll

2014-07-10 13:19 - 2014-05-30 10:08 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll

2014-07-10 13:19 - 2014-05-30 10:08 - 00340992 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll

2014-07-10 13:19 - 2014-05-30 10:08 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll

2014-07-10 13:19 - 2014-05-30 10:08 - 00307200 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll

2014-07-10 13:19 - 2014-05-30 10:08 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll

2014-07-10 13:19 - 2014-05-30 10:08 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll

2014-07-10 13:19 - 2014-05-30 10:08 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll

2014-07-10 13:19 - 2014-05-30 09:52 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll

2014-07-10 13:19 - 2014-05-30 09:52 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll

2014-07-10 13:19 - 2014-05-30 09:52 - 00247808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll

2014-07-10 13:19 - 2014-05-30 09:52 - 00220160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll

2014-07-10 13:19 - 2014-05-30 09:52 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll

2014-07-10 13:19 - 2014-05-30 09:52 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll

2014-07-10 13:19 - 2014-05-30 09:52 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll

2014-07-10 13:19 - 2014-05-30 08:45 - 00497152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys

2014-07-08 16:16 - 2014-07-08 16:16 - 00000000 ____D () C:\Users\Ralfi\AppData\Roaming\TeamViewer

2014-07-08 15:36 - 2014-07-08 15:41 - 25815280 _____ () C:\Users\Ralfi\Desktop\Hardcore-reloaded HP.rar

2014-07-08 03:09 - 2014-07-08 03:09 - 00333680 _____ () C:\Windows\Minidump\070814-8361-01.dmp

2014-07-08 02:33 - 2014-07-08 02:33 - 00000000 ____D () C:\Users\Ralfi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Notepad++

2014-07-08 02:33 - 2014-07-08 02:33 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Notepad++

2014-07-08 01:16 - 2014-07-10 17:10 - 00000000 ____D () C:\extract

2014-07-07 16:20 - 2014-07-13 04:39 - 00000654 _____ () C:\Users\Ralfi\Desktop\Forum usw One.txt

2014-07-07 01:52 - 2014-07-27 18:20 - 00000000 ____D () C:\Users\Ralfi\Desktop\test

2014-07-07 00:21 - 2014-07-18 06:49 - 00001544 _____ () C:\Users\Ralfi\Desktop\config.inc.php

2014-07-05 01:31 - 2014-07-05 01:31 - 00293096 _____ () C:\Windows\Minidump\070514-7971-01.dmp
 

==================== One Month Modified Files and Folders =======
 

(If an entry is included in the fixlist, the file\folder will be moved.)
 

2014-08-01 13:24 - 2014-08-01 13:24 - 02094080 _____ (Farbar) C:\Users\Ralfi\Downloads\FRST64.exe

2014-08-01 13:24 - 2014-08-01 13:24 - 00022302 _____ () C:\Users\Ralfi\Downloads\FRST.txt

2014-08-01 13:24 - 2014-08-01 13:24 - 00000000 ____D () C:\FRST

2014-08-01 13:20 - 2014-05-13 01:06 - 00000000 ____D () C:\Users\Ralfi\AppData\Roaming\Skype

2014-08-01 12:56 - 2014-05-09 14:44 - 00001108 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job

2014-08-01 12:54 - 2009-07-14 06:45 - 00021664 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0

2014-08-01 12:54 - 2009-07-14 06:45 - 00021664 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0

2014-08-01 12:53 - 2011-04-12 09:43 - 00699416 _____ () C:\Windows\system32\perfh007.dat

2014-08-01 12:53 - 2011-04-12 09:43 - 00149556 _____ () C:\Windows\system32\perfc007.dat

2014-08-01 12:53 - 2009-07-14 07:13 - 01620612 _____ () C:\Windows\system32\PerfStringBackup.INI

2014-08-01 12:51 - 2014-05-09 17:05 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job

2014-08-01 12:51 - 2014-05-09 13:53 - 01786267 _____ () C:\Windows\WindowsUpdate.log

2014-08-01 12:48 - 2014-07-24 22:03 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Gameforge Live

2014-08-01 12:48 - 2014-05-29 17:42 - 00000000 ____D () C:\Users\Ralfi\AppData\Roaming\Spotify

2014-08-01 12:48 - 2014-05-26 13:18 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nexon

2014-08-01 12:47 - 2014-06-08 04:24 - 00000000 ____D () C:\Users\Ralfi\AppData\Local\LogMeIn Hamachi

2014-08-01 12:47 - 2014-05-09 14:44 - 00001104 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job

2014-08-01 12:47 - 2014-05-07 17:16 - 00000000 ____D () C:\ProgramData\NVIDIA

2014-08-01 12:47 - 2010-11-21 05:47 - 00038152 _____ () C:\Windows\PFRO.log

2014-08-01 12:47 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT

2014-08-01 12:47 - 2009-07-14 06:51 - 00075818 _____ () C:\Windows\setupact.log

2014-08-01 03:19 - 2014-05-10 21:00 - 00000000 ____D () C:\Users\Ralfi\AppData\Roaming\TS3Client

2014-08-01 02:53 - 2014-08-01 02:53 - 01193008 _____ () C:\Users\Ralfi\Documents\Powereditfertig.veg

2014-08-01 02:44 - 2014-07-31 19:42 - 63153816 _____ () C:\Users\Ralfi\Documents\Power Edit!.mp4

2014-08-01 02:24 - 2014-08-01 02:21 - 00059936 _____ () C:\Users\Ralfi\Documents\GEIL.mp4.sfk

2014-08-01 02:20 - 2014-07-31 22:57 - 00533960 _____ () C:\Users\Ralfi\Documents\GEIL.veg

2014-08-01 02:19 - 2014-08-01 02:17 - 69658742 _____ () C:\Users\Ralfi\Documents\GEIL.mp4

2014-08-01 02:16 - 2014-07-31 22:57 - 00533960 _____ () C:\Users\Ralfi\Documents\GEIL.veg.bak

2014-08-01 02:00 - 2014-06-23 00:49 - 00000000 ____D () C:\Users\Ralfi\AppData\Local\Adobe

2014-07-31 22:56 - 2014-07-31 22:55 - 25520351 _____ () C:\Users\Ralfi\Documents\Ichfick.mp4

2014-07-31 22:28 - 2014-07-31 22:28 - 00441736 _____ () C:\Users\Ralfi\Documents\Jolo.veg

2014-07-31 22:18 - 2014-07-31 20:46 - 00430560 _____ () C:\Users\Ralfi\Documents\oipjio.veg

2014-07-31 22:12 - 2014-07-31 22:11 - 00012704 _____ () C:\Users\Ralfi\Documents\Ohne Titel.mp4.sfk

2014-07-31 22:10 - 2014-07-31 22:10 - 01617216 _____ () C:\Users\Ralfi\Documents\Ohne Titel.wmv.sfap0

2014-07-31 21:13 - 2014-06-21 12:57 - 00000600 _____ () C:\Users\Ralfi\AppData\Roaming\winscp.rnd

2014-07-31 20:46 - 2014-07-31 20:46 - 00432944 _____ () C:\Users\Ralfi\Documents\oipjio.veg.bak

2014-07-31 20:04 - 2014-07-31 20:04 - 02389569 _____ () C:\Users\Ralfi\Desktop\Switchbot..zip

2014-07-31 20:04 - 2014-05-25 18:49 - 00000000 ____D () C:\Users\Ralfi\Desktop\Tools by Unpublished

2014-07-31 19:37 - 2014-07-31 19:36 - 00226688 _____ () C:\Users\Ralfi\Downloads\B.o.B - Strange Clouds Remix ft. T.I & Young Jeezy (The Digital Connection Lazerstep Bootleg).mp3.sfk

2014-07-31 19:30 - 2014-06-18 23:48 - 00000600 _____ () C:\Users\Ralfi\AppData\Local\PUTTY.RND

2014-07-31 18:14 - 2014-07-31 18:14 - 00000030 _____ () C:\Users\Ralfi\Desktop\Neues Textdokument (2).txt

2014-07-31 00:17 - 2014-07-15 18:56 - 00000000 ____D () C:\Users\Ralfi\Desktop\Extractoren

2014-07-31 00:16 - 2014-07-30 18:18 - 00000000 ____D () C:\ProgramData\Systweak

2014-07-31 00:13 - 2014-07-31 00:08 - 1195402287 _____ () C:\Users\Ralfi\Downloads\Elitarius2.rar

2014-07-30 18:33 - 2014-05-30 18:39 - 00000000 ____D () C:\ProgramData\374311380

2014-07-30 18:31 - 2014-07-30 18:17 - 00000306 __RSH () C:\ProgramData\ntuser.pol

2014-07-30 18:30 - 2014-07-30 18:17 - 00000000 ____D () C:\ProgramData\cosstminn

2014-07-30 18:30 - 2014-05-29 17:42 - 00000000 ____D () C:\Users\Ralfi\AppData\Local\Spotify

2014-07-30 18:27 - 2014-07-30 18:17 - 00000000 ____D () C:\Users\Ralfi\AppData\Roaming\Systweak

2014-07-30 18:27 - 2014-07-30 18:17 - 00000000 ____D () C:\ProgramData\5ecf99686ab558bb

2014-07-30 18:27 - 2014-07-30 18:17 - 00000000 ____D () C:\Program Files (x86)\cosstminn

2014-07-30 18:26 - 2014-07-30 18:25 - 00000000 ____D () C:\Users\Ralfi\AppData\Roaming\Advanced System Protector

2014-07-30 18:24 - 2014-07-30 13:56 - 00000000 ____D () C:\Users\Ralfi\AppData\Local\wf-launcher

2014-07-30 18:23 - 2014-07-30 18:23 - 00000000 ____D () C:\Users\Ralfi\Documents\Optimizer Pro

2014-07-30 18:20 - 2014-05-14 02:45 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Shutdown4U

2014-07-30 18:17 - 2014-07-30 18:17 - 00003178 _____ () C:\Windows\System32\Tasks\YourFile DownloaderInstaller Starter

2014-07-30 18:17 - 2014-07-30 18:17 - 00003132 _____ () C:\Windows\System32\Tasks\YourFile DownloaderUpdate

2014-07-30 18:17 - 2014-07-30 18:17 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_webinstr_01009.Wdf

2014-07-30 18:17 - 2014-07-30 18:17 - 00000000 ____D () C:\Users\Ralfi\AppData\Roaming\YourFileDownloader

2014-07-30 18:17 - 2014-07-30 18:17 - 00000000 ____D () C:\Users\Ralfi\AppData\Local\Torch

2014-07-30 18:17 - 2014-07-30 18:17 - 00000000 ____D () C:\Users\Ralfi\AppData\Local\Packages

2014-07-30 18:17 - 2014-07-30 18:17 - 00000000 ____D () C:\Users\Ralfi\AppData\Local\Comodo

2014-07-30 18:17 - 2014-07-30 18:17 - 00000000 ____D () C:\Users\Ralfi\AppData\Local\Chromatic Browser

2014-07-30 18:17 - 2014-07-30 18:17 - 00000000 ____D () C:\Users\HomeGroupUser$\AppData\Local\Torch

2014-07-30 18:17 - 2014-07-30 18:17 - 00000000 ____D () C:\Users\HomeGroupUser$\AppData\Local\Google

2014-07-30 18:17 - 2014-07-30 18:17 - 00000000 ____D () C:\Users\HomeGroupUser$\AppData\Local\Comodo

2014-07-30 18:17 - 2014-07-30 18:17 - 00000000 ____D () C:\Users\HomeGroupUser$\AppData\Local\Chromatic Browser

2014-07-30 18:17 - 2014-07-30 18:17 - 00000000 ____D () C:\Users\HomeGroupUser$

2014-07-30 18:17 - 2014-07-30 18:17 - 00000000 ____D () C:\Users\Gast\AppData\Local\Torch

2014-07-30 18:17 - 2014-07-30 18:17 - 00000000 ____D () C:\Users\Gast\AppData\Local\Google

2014-07-30 18:17 - 2014-07-30 18:17 - 00000000 ____D () C:\Users\Gast\AppData\Local\Comodo

2014-07-30 18:17 - 2014-07-30 18:17 - 00000000 ____D () C:\Users\Gast\AppData\Local\Chromatic Browser

2014-07-30 18:17 - 2014-07-30 18:17 - 00000000 ____D () C:\Users\Gast

2014-07-30 18:17 - 2014-07-30 18:17 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Torch

2014-07-30 18:17 - 2014-07-30 18:17 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Google

2014-07-30 18:17 - 2014-07-30 18:17 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Comodo

2014-07-30 18:17 - 2014-07-30 18:17 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Chromatic Browser

2014-07-30 18:17 - 2014-07-30 18:17 - 00000000 ____D () C:\Users\Administrator

2014-07-30 18:17 - 2014-05-09 14:44 - 00000000 ____D () C:\Users\Ralfi\AppData\Local\Google

2014-07-30 18:17 - 2014-05-09 14:44 - 00000000 ____D () C:\Program Files (x86)\Google

2014-07-30 18:17 - 2009-07-14 05:20 - 00000000 ___HD () C:\Windows\system32\GroupPolicy

2014-07-30 18:17 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\SysWOW64\GroupPolicy

2014-07-30 18:16 - 2014-07-30 18:16 - 06985200 _____ (hxxp://yourfiledownloader.net) C:\Users\Ralfi\Downloads\Strange_Clouds_Ft_BOB_downloader.exe

2014-07-30 14:33 - 2014-07-30 14:33 - 70727715 _____ () C:\Users\Ralfi\Downloads\UnderTheInfluence.zip

2014-07-30 14:09 - 2014-07-30 14:09 - 00000000 _____ () C:\Users\Ralfi\Desktop\Neues Textdokument (3).txt

2014-07-30 13:56 - 2014-07-30 13:56 - 00001625 _____ () C:\Users\Ralfi\Desktop\Warface Launcher.lnk

2014-07-30 13:56 - 2014-07-30 13:56 - 00000000 ____D () C:\Users\Ralfi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Warface Launcher

2014-07-30 13:56 - 2014-07-30 13:56 - 00000000 ____D () C:\ProgramData\GFACE

2014-07-30 13:55 - 2014-07-30 13:55 - 29280872 _____ () C:\Users\Ralfi\Downloads\warface-launcher.exe

2014-07-30 13:44 - 2014-07-30 12:56 - 00000059 _____ () C:\Users\Ralfi\Desktop\PSC.txt

2014-07-29 15:59 - 2014-05-09 17:33 - 00000000 ____D () C:\temp

2014-07-29 15:59 - 2014-05-07 17:16 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation

2014-07-29 15:58 - 2014-05-07 17:15 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation

2014-07-29 15:58 - 2014-05-07 17:13 - 00000000 ____D () C:\Program Files\NVIDIA Corporation

2014-07-29 15:45 - 2014-05-09 14:13 - 00000000 ____D () C:\Users\Ralfi\AppData\Local\NVIDIA Corporation

2014-07-29 10:15 - 2014-07-28 22:17 - 00000000 ____D () C:\ProgramData\avs

2014-07-28 23:52 - 2014-05-09 14:12 - 00000000 ____D () C:\Users\Ralfi\AppData\Local\VirtualStore

2014-07-28 22:12 - 2014-07-28 22:06 - 1083673262 _____ () C:\Users\Ralfi\Downloads\DF_Client_09022014.rar

2014-07-28 20:28 - 2014-07-28 20:27 - 20667876 _____ () C:\Users\Ralfi\Downloads\Offical Synea2 Client_Update01.rar

2014-07-28 20:07 - 2014-07-28 20:06 - 1076334290 _____ () C:\Users\Ralfi\Downloads\Offical Synea2 Client.zip

2014-07-28 18:50 - 2014-07-28 18:43 - 1163055614 _____ () C:\Users\Ralfi\Downloads\Firenze2 Version 1.2.rar

2014-07-28 16:41 - 2014-06-11 16:14 - 00722720 _____ () C:\Users\Ralfi\Documents\Ohne Titel.veg

2014-07-28 00:50 - 2014-06-02 12:26 - 00000000 ____D () C:\Program Files\NewBlue

2014-07-28 00:30 - 2014-07-28 00:30 - 31579146 _____ (NewBlue, Inc ) C:\Users\Ralfi\Downloads\NewBlueFX Patch (for 64-bit).exe

2014-07-27 23:37 - 2014-06-25 16:43 - 00000000 ____D () C:\Users\Ralfi\AppData\Local\fabi.me

2014-07-27 23:35 - 2014-07-15 13:15 - 00000000 ____D () C:\Users\Ralfi\Desktop\Rebellution2

2014-07-27 18:20 - 2014-07-07 01:52 - 00000000 ____D () C:\Users\Ralfi\Desktop\test

2014-07-27 12:11 - 2014-07-27 12:10 - 1240454106 _____ () C:\Users\Ralfi\Desktop\Rebellution2.rar

2014-07-27 11:58 - 2014-07-21 13:04 - 00000261 _____ () C:\Users\Ralfi\Desktop\Server PW´s.txt

2014-07-27 11:31 - 2014-07-27 11:31 - 00000000 ____D () C:\Users\Ralfi\Desktop\Waffen

2014-07-26 23:26 - 2014-07-26 23:23 - 14036826 _____ () C:\Users\Ralfi\Documents\Opfakind.mp4

2014-07-26 21:36 - 2014-07-26 21:36 - 05041280 _____ (Arktos Entertainment Group LLC ) C:\Users\Ralfi\Downloads\WarInc_WebSetup.exe

2014-07-26 18:50 - 2014-05-09 14:12 - 00000000 ____D () C:\Users\Ralfi

2014-07-26 18:39 - 2014-07-26 18:38 - 09974885 _____ () C:\Users\Ralfi\Downloads\Royal - Medieval Servervorstellung by LeKoArts.rar

2014-07-25 21:17 - 2014-07-24 10:57 - 00000000 ____D () C:\Users\Ralfi\Desktop\EterNexus-1.0.0.0.2a

2014-07-25 15:50 - 2014-06-03 13:29 - 01715224 _____ (NVIDIA Corporation) C:\Windows\system32\nvspbridge64.dll

2014-07-25 15:50 - 2014-06-03 13:29 - 01291280 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspbridge.dll

2014-07-25 15:50 - 2014-05-07 17:17 - 01283136 _____ (NVIDIA Corporation) C:\Windows\system32\nvspcap64.dll

2014-07-25 15:50 - 2014-05-07 17:17 - 01126480 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspcap.dll

2014-07-25 09:16 - 2014-05-15 01:28 - 00000000 ____D () C:\Users\Ralfi\Documents\My Games

2014-07-25 09:08 - 2014-07-25 09:08 - 00000000 ____D () C:\Users\Ralfi\AppData\Local\UWebKit151

2014-07-25 09:08 - 2014-07-25 09:08 - 00000000 ____D () C:\ProgramData\boost_interprocess

2014-07-25 09:06 - 2014-07-24 22:03 - 00000000 ____D () C:\Users\Ralfi\Downloads\Gameforge Live

2014-07-24 23:52 - 2009-07-14 06:45 - 00303680 _____ () C:\Windows\system32\FNTCACHE.DAT

2014-07-24 23:22 - 2014-05-09 22:29 - 00000000 ____D () C:\ProgramData\Origin

2014-07-24 22:05 - 2014-05-07 17:04 - 00336343 _____ () C:\Windows\DirectX.log

2014-07-24 22:03 - 2014-07-24 22:03 - 00000758 _____ () C:\Users\Public\Desktop\Gameforge Live.lnk

2014-07-24 22:03 - 2014-07-24 22:03 - 00000000 ____D () C:\Users\Ralfi\AppData\Local\Gameforge4d

2014-07-24 22:03 - 2014-07-24 22:02 - 20132328 _____ (Gameforge ) C:\Users\Ralfi\Downloads\OMD_GameforgeLiveSetup.exe

2014-07-24 21:14 - 2014-07-24 21:14 - 995862274 _____ () C:\Users\Ralfi\Downloads\Baumhausen City Client 24.05.2014.rar

2014-07-24 17:09 - 2014-05-09 14:12 - 00063200 _____ () C:\Users\Ralfi\AppData\Local\GDIPFONTCACHEV1.DAT

2014-07-23 18:47 - 2014-07-23 18:42 - 1011205600 _____ () C:\Users\Ralfi\Downloads\Meteria2.rar

2014-07-23 15:28 - 2014-07-23 15:28 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi

2014-07-22 14:30 - 2014-07-22 14:00 - 00000000 ____D () C:\ProgramData\Solid State Networks

2014-07-22 14:28 - 2014-07-22 14:27 - 00000000 ____D () C:\Users\Ralfi\AppData\Local\QQSM

2014-07-22 14:26 - 2014-07-22 14:26 - 00000734 _____ () C:\Users\Public\Desktop\Hazard Ops.lnk

2014-07-22 14:26 - 2014-07-22 14:26 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hazard Ops

2014-07-22 14:00 - 2014-07-22 14:00 - 01779712 _____ (Infernum Productions AG) C:\Users\Ralfi\Downloads\HazardOpsDLM.exe

2014-07-22 08:43 - 2014-07-22 08:39 - 00221752 _____ () C:\Users\Ralfi\Downloads\Pigeons (Original Mix).mp3.sfk

2014-07-21 19:33 - 2014-07-21 19:33 - 1035574396 _____ () C:\Users\Ralfi\Downloads\Zitonia2 Unverschlüsselt - Kopie.rar

2014-07-21 14:38 - 2014-05-09 17:01 - 00000000 ____D () C:\Users\Ralfi\AppData\Roaming\.minecraft

2014-07-21 02:49 - 2014-05-09 17:23 - 00000000 ____D () C:\Windows\System32\Tasks\Games

2014-07-20 23:55 - 2014-07-20 23:55 - 00000572 _____ () C:\Users\Public\Desktop\Sirius MT2.lnk

2014-07-20 23:55 - 2014-07-20 23:55 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sirius MT2

2014-07-20 23:51 - 2014-07-20 23:41 - 1572305527 _____ (Sirius MT2 ) C:\Users\Ralfi\Documents\sirius.20.13.rev.client.exe

2014-07-20 23:41 - 2014-07-20 23:41 - 00836112 _____ (SiriusMT2) C:\Users\Ralfi\Downloads\sirius.20.13.rev.installer.exe

2014-07-19 06:42 - 2014-07-17 02:02 - 00002082 _____ () C:\Users\Ralfi\Desktop\Bonis ID.txt

2014-07-18 20:29 - 2014-07-10 18:41 - 00000000 ____D () C:\Users\Ralfi\Desktop\Backup Rebellution2

2014-07-18 14:14 - 2014-07-18 13:47 - 00000045 _____ () C:\Users\Ralfi\Desktop\E-Mail.txt

2014-07-18 14:00 - 2014-05-09 14:44 - 00002175 _____ () C:\Users\Public\Desktop\Google Chrome.lnk

2014-07-18 10:36 - 2014-05-09 17:05 - 00699056 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe

2014-07-18 10:36 - 2014-05-09 17:05 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl

2014-07-18 10:36 - 2014-05-09 17:05 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater

2014-07-18 06:55 - 2014-07-18 06:54 - 01269871 _____ () C:\Users\Ralfi\Desktop\2Elemente.rar

2014-07-18 06:49 - 2014-07-07 00:21 - 00001544 _____ () C:\Users\Ralfi\Desktop\config.inc.php

2014-07-18 06:47 - 2014-07-18 06:47 - 03148168 _____ () C:\Users\Ralfi\Desktop\Design.rar

2014-07-18 06:43 - 2014-07-18 06:43 - 02680558 _____ () C:\Users\Ralfi\Downloads\Release1.rar

2014-07-18 05:06 - 2014-07-18 05:06 - 00000770 _____ () C:\Users\Ralfi\Desktop\Neues Textdokument.txt

2014-07-17 23:28 - 2014-07-17 23:28 - 12983159 _____ () C:\Users\Ralfi\Desktop\EterNexus-1.0.3.1a.zip

2014-07-17 20:34 - 2014-05-09 17:26 - 00000000 ____D () C:\ProgramData\Oracle

2014-07-17 20:13 - 2014-07-17 20:13 - 00004623 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_65-b20.log

2014-07-17 20:13 - 2014-05-26 16:00 - 00000000 ____D () C:\Program Files (x86)\Java

2014-07-17 17:58 - 2014-07-17 17:58 - 00000023 _____ () C:\Users\Ralfi\Desktop\Newssss.txt

2014-07-17 01:26 - 2014-05-22 00:44 - 00000000 ____D () C:\Users\Ralfi\Documents\Txt

2014-07-16 20:46 - 2014-07-16 20:46 - 00009587 _____ () C:\Users\Ralfi\Desktop\delicia.txt

2014-07-16 18:30 - 2014-07-16 18:28 - 00000000 ____D () C:\Users\Ralfi\Downloads\sachen zum einfügen

2014-07-16 14:33 - 2014-07-16 14:33 - 00000000 ____D () C:\Windows\SysWOW64\Hotspot Shield

2014-07-16 02:07 - 2014-07-16 01:48 - 00000000 ____D () C:\Users\Ralfi\Documents\FIFA World

2014-07-16 01:47 - 2014-07-16 01:47 - 00000864 _____ () C:\Users\Public\Desktop\EA Sports FIFA World.lnk

2014-07-16 01:47 - 2009-07-14 07:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games

2014-07-16 01:11 - 2014-05-10 09:03 - 00000000 ____D () C:\ProgramData\PopCap Games

2014-07-15 14:40 - 2014-05-21 23:11 - 00000000 ____D () C:\Users\Ralfi\AppData\Local\Battle.net

2014-07-14 23:30 - 2014-07-14 23:30 - 00000000 ____D () C:\Users\Ralfi\Desktop\Tor Browser

2014-07-14 17:24 - 2014-07-14 17:20 - 20499640 _____ () C:\Users\Ralfi\Desktop\Skype 2014-07-14 17-00-53-82.avi

2014-07-13 04:39 - 2014-07-07 16:20 - 00000654 _____ () C:\Users\Ralfi\Desktop\Forum usw One.txt

2014-07-12 19:36 - 2014-06-18 23:29 - 00000000 ____D () C:\Users\Ralfi\AppData\Roaming\FileZilla

2014-07-11 17:15 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache

2014-07-11 03:34 - 2014-05-12 03:43 - 00000000 ___SD () C:\Windows\system32\CompatTel

2014-07-11 03:34 - 2011-04-12 09:55 - 00000000 ____D () C:\Program Files\Windows Journal

2014-07-11 03:34 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\SysWOW64\Dism

2014-07-11 03:34 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\Dism

2014-07-11 03:02 - 2014-05-26 16:00 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll

2014-07-11 03:01 - 2014-05-20 07:35 - 00000000 ____D () C:\Windows\system32\MRT

2014-07-11 03:00 - 2014-05-20 07:35 - 96441528 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe

2014-07-11 02:56 - 2014-05-26 16:00 - 00272808 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe

2014-07-11 02:56 - 2014-05-26 16:00 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe

2014-07-11 02:55 - 2014-05-26 16:00 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe

2014-07-10 17:10 - 2014-07-08 01:16 - 00000000 ____D () C:\extract

2014-07-08 18:27 - 2014-06-18 21:30 - 00001102 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 9.lnk

2014-07-08 18:27 - 2014-06-18 21:30 - 00001090 _____ () C:\Users\Public\Desktop\TeamViewer 9.lnk

2014-07-08 16:16 - 2014-07-08 16:16 - 00000000 ____D () C:\Users\Ralfi\AppData\Roaming\TeamViewer

2014-07-08 15:41 - 2014-07-08 15:36 - 25815280 _____ () C:\Users\Ralfi\Desktop\Hardcore-reloaded HP.rar

2014-07-08 03:09 - 2014-07-08 03:09 - 00333680 _____ () C:\Windows\Minidump\070814-8361-01.dmp

2014-07-08 03:09 - 2014-05-10 00:53 - 895889797 _____ () C:\Windows\MEMORY.DMP

2014-07-08 03:09 - 2014-05-10 00:53 - 00000000 ____D () C:\Windows\Minidump

2014-07-08 02:34 - 2014-06-17 00:08 - 00000000 ____D () C:\Users\Ralfi\AppData\Roaming\Notepad++

2014-07-08 02:33 - 2014-07-08 02:33 - 00000000 ____D () C:\Users\Ralfi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Notepad++

2014-07-08 02:33 - 2014-07-08 02:33 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Notepad++

2014-07-08 02:33 - 2014-06-17 00:08 - 00000000 ____D () C:\Program Files (x86)\Notepad++

2014-07-07 23:31 - 2014-05-27 23:09 - 00000000 ____D () C:\Users\Ralfi\Desktop\Publ 1.5.4

2014-07-05 01:31 - 2014-07-05 01:31 - 00293096 _____ () C:\Windows\Minidump\070514-7971-01.dmp

2014-07-02 22:48 - 2014-07-29 15:57 - 31512520 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll

2014-07-02 22:48 - 2014-07-29 15:57 - 24196896 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll

2014-07-02 22:48 - 2014-07-29 15:57 - 22994208 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll

2014-07-02 22:48 - 2014-07-29 15:57 - 15294296 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll

2014-07-02 22:48 - 2014-07-29 15:57 - 13922752 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll

2014-07-02 22:48 - 2014-07-29 15:57 - 13835208 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll

2014-07-02 22:48 - 2014-07-29 15:57 - 12866008 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys

2014-07-02 22:48 - 2014-07-29 15:57 - 11283344 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll

2014-07-02 22:48 - 2014-07-29 15:57 - 11222048 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll

2014-07-02 22:48 - 2014-07-29 15:57 - 04247000 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll

2014-07-02 22:48 - 2014-07-29 15:57 - 03989960 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll

2014-07-02 22:48 - 2014-07-29 15:57 - 01890080 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6434052.dll

2014-07-02 22:48 - 2014-07-29 15:57 - 01539928 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6434052.dll

2014-07-02 22:48 - 2014-07-29 15:57 - 00944928 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll

2014-07-02 22:48 - 2014-07-29 15:57 - 00907096 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll

2014-07-02 22:48 - 2014-07-29 15:57 - 00903624 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll

2014-07-02 22:48 - 2014-07-29 15:57 - 00869152 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll

2014-07-02 22:48 - 2014-07-29 15:57 - 00846832 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll

2014-07-02 22:48 - 2014-07-29 15:57 - 00502232 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll

2014-07-02 22:48 - 2014-07-29 15:57 - 00418760 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll

2014-07-02 22:48 - 2014-07-29 15:57 - 00391640 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFROpenGL.dll

2014-07-02 22:48 - 2014-07-29 15:57 - 00354016 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll

2014-07-02 22:48 - 2014-07-29 15:57 - 00348120 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFROpenGL.dll

2014-07-02 22:48 - 2014-07-29 15:57 - 00305600 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll

2014-07-02 22:48 - 2014-07-29 15:57 - 00166568 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll

2014-07-02 22:48 - 2014-07-29 15:57 - 00146480 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll

2014-07-02 22:48 - 2014-05-28 03:57 - 16122344 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll

2014-07-02 22:48 - 2014-05-09 14:54 - 17555104 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll

2014-07-02 22:48 - 2014-05-07 17:15 - 00075040 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll

2014-07-02 22:48 - 2014-05-07 17:15 - 00061912 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll

2014-07-02 22:48 - 2014-05-07 17:14 - 18626304 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll

2014-07-02 22:48 - 2014-05-07 17:14 - 14498552 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll

2014-07-02 22:48 - 2014-05-07 17:14 - 03196816 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll

2014-07-02 22:48 - 2014-05-07 17:14 - 02814656 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll

2014-07-02 22:48 - 2014-05-07 17:14 - 00965312 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshimx.dll

2014-07-02 22:48 - 2014-05-07 17:14 - 00026353 _____ () C:\Windows\system32\nvinfo.pb

2014-07-02 20:55 - 2014-05-07 17:15 - 06783776 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll

2014-07-02 20:55 - 2014-05-07 17:15 - 03522392 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll

2014-07-02 20:55 - 2014-05-07 17:15 - 02559960 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll

2014-07-02 20:55 - 2014-05-07 17:15 - 00935368 _____ (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe

2014-07-02 20:55 - 2014-05-07 17:15 - 00386520 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll

2014-07-02 20:55 - 2014-05-07 17:15 - 00062808 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll

2014-07-02 19:44 - 2014-07-29 15:58 - 00609240 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe

2014-07-02 12:14 - 2014-05-07 17:15 - 03826628 _____ () C:\Windows\system32\nvcoproc.bin

2014-07-02 01:53 - 2014-06-11 16:18 - 00000000 ____D () C:\Users\Ralfi\Downloads\OTTOFOX EDITING PACK
 

Some content of TEMP:

====================

C:\Users\Ralfi\AppData\Local\Temp\ad8e0305e65adb359898b639e006bf2f.dll

C:\Users\Ralfi\AppData\Local\Temp\BackupSetup.exe

C:\Users\Ralfi\AppData\Local\Temp\drm_dyndata_7390006.dll

C:\Users\Ralfi\AppData\Local\Temp\htmlayout.dll

C:\Users\Ralfi\AppData\Local\Temp\ICReinstall_download-city-car-driving.exe

C:\Users\Ralfi\AppData\Local\Temp\install20450981.exe

C:\Users\Ralfi\AppData\Local\Temp\installer_gta-sanandreas_English.exe

C:\Users\Ralfi\AppData\Local\Temp\IrsoDLL.dll

C:\Users\Ralfi\AppData\Local\Temp\jre-7u65-windows-i586-iftw.exe

C:\Users\Ralfi\AppData\Local\Temp\NGMDll.dll

C:\Users\Ralfi\AppData\Local\Temp\NGMResource.dll

C:\Users\Ralfi\AppData\Local\Temp\NGMSetup.exe

C:\Users\Ralfi\AppData\Local\Temp\nvSCPAPI.dll

C:\Users\Ralfi\AppData\Local\Temp\nvSCPAPI64.dll

C:\Users\Ralfi\AppData\Local\Temp\nvStInst.exe

C:\Users\Ralfi\AppData\Local\Temp\optprosetup.exe

C:\Users\Ralfi\AppData\Local\Temp\RegClean2.exe

C:\Users\Ralfi\AppData\Local\Temp\toolbar20403657.exe

C:\Users\Ralfi\AppData\Local\Temp\toolbar20405013.exe

C:\Users\Ralfi\AppData\Local\Temp\toolbar20407069.exe

C:\Users\Ralfi\AppData\Local\Temp\toolbar20407921.exe

C:\Users\Ralfi\AppData\Local\Temp\toolbar20435936.exe

C:\Users\Ralfi\AppData\Local\Temp\toolbar20439570.exe

C:\Users\Ralfi\AppData\Local\Temp\toolbar20449970.exe

C:\Users\Ralfi\AppData\Local\Temp\toolbar20454574.exe

C:\Users\Ralfi\AppData\Local\Temp\toolbar20454702.exe

C:\Users\Ralfi\AppData\Local\Temp\toolbar20454754.exe

C:\Users\Ralfi\AppData\Local\Temp\unicows.dll

C:\Users\Ralfi\AppData\Local\Temp\uninstall-updater179239.exe

C:\Users\Ralfi\AppData\Local\Temp\uninstall189585.exe

C:\Users\Ralfi\AppData\Local\Temp\uninstall20550009.exe

C:\Users\Ralfi\AppData\Local\Temp\uninstall20556818.exe

C:\Users\Ralfi\AppData\Local\Temp\xmlUpdater.exe
 
 

==================== Bamital & volsnap Check =================
 

(There is no automatic fix for files that do not pass verification.)
 

C:\Windows\System32\winlogon.exe => File is digitally signed

C:\Windows\System32\wininit.exe => File is digitally signed

C:\Windows\SysWOW64\wininit.exe => File is digitally signed

C:\Windows\explorer.exe => File is digitally signed

C:\Windows\SysWOW64\explorer.exe => File is digitally signed

C:\Windows\System32\svchost.exe => File is digitally signed

C:\Windows\SysWOW64\svchost.exe => File is digitally signed

C:\Windows\System32\services.exe => File is digitally signed

C:\Windows\System32\User32.dll => File is digitally signed

C:\Windows\SysWOW64\User32.dll => File is digitally signed

C:\Windows\System32\userinit.exe => File is digitally signed

C:\Windows\SysWOW64\userinit.exe => File is digitally signed

C:\Windows\System32\rpcss.dll => File is digitally signed

C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
 
 

LastRegBack: 2014-07-28 01:59
 

==================== End Of Log ============================

--- --- ---

--- --- ---

Code:

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 31-07-2014 02

Ran by Ralfi at 2014-08-01 13:25:04

Running from C:\Users\Ralfi\Downloads

Boot Mode: Normal

==========================================================
 
 

==================== Security Center ========================
 

(If an entry is included in the fixlist, it will be removed.)
 

AV: Microsoft Security Essentials (Enabled - Up to date) {641105E6-77ED-3F35-A304-765193BCB75F}

AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

AS: Microsoft Security Essentials (Enabled - Up to date) {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}
 

==================== Installed Programs ======================
 

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 

Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 2.6.0.393 - Adobe Systems Incorporated)

Adobe Flash Player 14 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 14.0.0.145 - Adobe Systems Incorporated)

Adobe Flash Player 14 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 14.0.0.145 - Adobe Systems Incorporated)

Adobe Photoshop CC 2014 (HKLM-x32\...\{D7A4F897-B20A-42D0-862D-CB5F6DB7391D}) (Version: 15.0 - Adobe Systems Incorporated)

Akamai NetSession Interface (HKCU\...\Akamai) (Version:  - Akamai Technologies, Inc)

Apple Application Support (HKLM-x32\...\{46F044A5-CE8B-4196-984E-5BD6525E361D}) (Version: 2.3.6 - Apple Inc.)

Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)

Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)

Battlefield 3™ (HKLM-x32\...\{76285C16-411A-488A-BCE3-C83CB933D8CF}) (Version: 1.6.0.0 - Electronic Arts)

Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.4.0 - EA Digital Illusions CE AB)

Burnout™ Paradise: The Ultimate Box (HKLM-x32\...\{9A996B6A-846E-4A89-B9C4-17546B7BE49F}) (Version: 1.1.0.0 - Electronic Arts)

Call of Duty(R) 4 - Modern Warfare(TM) Demo (HKLM-x32\...\InstallShield_{6734CA10-8FB8-4C7F-B8C7-75317C617DC5}) (Version: 1.00.0000 - Activision)

Call of Duty(R) 4 - Modern Warfare(TM) Demo (x32 Version: 1.00.0000 - Activision) Hidden

Call of Duty: Black Ops II - Multiplayer (HKLM-x32\...\Steam App 202990) (Version:  - )

Call of Duty: Ghosts - Multiplayer (HKLM-x32\...\Steam App 209170) (Version:  - )

Call of Duty: Modern Warfare 2 - Multiplayer (HKLM-x32\...\Steam App 10190) (Version:  - Infinity Ward)

Call of Duty: Modern Warfare 3 - Multiplayer (HKLM-x32\...\Steam App 42690) (Version:  - Infinity Ward)

Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version:  - Valve)

Counter-Strike: Source (HKLM-x32\...\Steam App 240) (Version:  - Valve)

Crysis® 2 (HKLM-x32\...\{6033673D-2530-4587-8AD0-EB059FC263F9}) (Version: 1.9.0.0 - Electronic Arts)

DayZ (HKLM-x32\...\Steam App 221100) (Version:  - Bohemia Interactive)

EA Sports FIFA World (HKLM-x32\...\{8F9AC744-EEF6-43DB-A4B6-FA1A18F1C640}) (Version: 7.0.0.45489 - Electronic Arts, Inc.)

Fast And Safe (HKLM-x32\...\{5F189DF5-2D05-472B-9091-84D9848AE48B}{64af91bf}) (Version:  - GTgroup) <==== ATTENTION

FileZilla Client 3.8.1 (HKLM-x32\...\FileZilla Client) (Version: 3.8.1 - Tim Kosse)

Fraps (remove only) (HKLM-x32\...\Fraps) (Version:  - )

Gameforge Live 2.0.4 (HKLM-x32\...\{9C98989A-3A15-42DA-A3B9-D20331437D67}}_is1) (Version: 2.0.4 - Gameforge)

Google Chrome (HKLM-x32\...\Google Chrome) (Version: 36.0.1985.125 - Google Inc.)

Google Update Helper (x32 Version: 1.3.24.15 - Google Inc.) Hidden

Hazard Ops (HKLM-x32\...\{F70DE052-CFFD-4DCB-8DA3-3ECAAFBB7D15}}_is1) (Version: 0.2.0.2042 - Infernum Productions AG)

Hearthstone (HKLM-x32\...\Hearthstone) (Version:  - Blizzard Entertainment)

Infestation Survivor Stories version 1.0 (HKLM-x32\...\{BC3051A7-1021-4B57-A3DA-AAC24566FAE7}_is1) (Version: 1.0 - OP Productions LLC)

Java 7 Update 55 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86417055FF}) (Version: 7.0.550 - Oracle)

Java 7 Update 65 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217055FF}) (Version: 7.0.650 - Oracle)

Java Auto Updater (x32 Version: 2.1.65.20 - Oracle, Inc.) Hidden

Java technology allows you to work and play in a secure computing environment. Packages (HKCU\...\Java technology allows you to work and play in a secure computing environment. Packages) (Version:  - ) <==== ATTENTION

LogMeIn Hamachi (HKLM-x32\...\LogMeIn Hamachi) (Version: 2.2.0.227 - LogMeIn, Inc.)

LogMeIn Hamachi (x32 Version: 2.2.0.227 - LogMeIn, Inc.) Hidden

Magic Bullet Suite 64-bit (HKLM-x32\...\InstallShield_{26055432-339E-4776-803B-F22240B91864}) (Version: 11.1.2 - Red Giant Software)

Magic Bullet Suite 64-bit (Version: 11.1.2 - Red Giant Software) Hidden

Medal of Honor (TM) (HKLM-x32\...\{415030B8-3E8B-462A-8C03-41D95AA3AB3B}) (Version: 1.0.0.0 - Electronic Arts)

Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)

Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden

Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}) (Version: 3.5.92.0 - Microsoft Corporation)

Microsoft Games for Windows Marketplace (HKLM-x32\...\{67F42018-F647-4D3C-BE62-F8CB4FE2FCD5}) (Version: 3.5.67.0 - Microsoft Corporation)

Microsoft Security Client (Version: 4.5.0216.0 - Microsoft Corporation) Hidden

Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.5.216.0 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729 (HKLM\...\{2DFD8316-9EF1-3210-908C-4CB61961C1AC}) (Version: 9.0.30729 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{527BBE2F-1FED-3D8B-91CB-4DB0F838E69E}) (Version: 9.0.30729 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)

Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)

Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)

Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)

Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)

Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 (Version: 11.0.61030 - Microsoft Corporation) Hidden

Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 (Version: 11.0.61030 - Microsoft Corporation) Hidden

Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (x32 Version: 11.0.61030 - Microsoft Corporation) Hidden

Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (x32 Version: 11.0.61030 - Microsoft Corporation) Hidden

MoonTools Version 1.7 (HKLM-x32\...\{61946000-8054-4452-B5F9-719D35D899D8}_is1) (Version: 1.7 - DotExE)

MSVCRT Redists (Version: 1.0 - Sony Creative Software Inc.) Hidden

MTA:SA v1.3.5 (HKLM-x32\...\MTA:SA 1.3) (Version: v1.3.5 - Multi Theft Auto)

NewBlue Art Effects for Windows (HKLM-x32\...\NewBlue Art Effects for Windows) (Version: 3.0 - NewBlue)

NewBlue Film Effects for Windows (HKLM-x32\...\NewBlue Film Effects for Windows) (Version: 3.0 - NewBlue)

NewBlue Light Effects for Windows (HKLM-x32\...\NewBlue Light Effects for Windows) (Version: 3.0 - NewBlue)

NewBlue Motion Effects for Windows (HKLM-x32\...\NewBlue Motion Effects for Windows) (Version: 3.0 - NewBlue)

NewBlue Paint Effects for Windows (HKLM-x32\...\NewBlue Paint Effects for Windows) (Version: 3.0 - NewBlue)

NewBlue plug-ins bundle patch build 121206 (HKLM\...\NewBlue plug-ins bundle patch build 121206_is1) (Version: 3.0.0.0 - NewBlue Inc.)

Notepad++ (HKLM-x32\...\Notepad++) (Version: 5.6.1 - )

NVIDIA 3D Vision Controller-Treiber 340.50 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 340.50 - NVIDIA Corporation)

NVIDIA 3D Vision Treiber 340.52 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 340.52 - NVIDIA Corporation)

NVIDIA GeForce Experience 2.1.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.1.1 - NVIDIA Corporation)

NVIDIA Grafiktreiber 340.52 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 340.52 - NVIDIA Corporation)

NVIDIA HD-Audiotreiber 1.3.30.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.30.1 - NVIDIA Corporation)

NVIDIA Install Application (Version: 2.1002.157.1165 - NVIDIA Corporation) Hidden

NVIDIA LED Visualizer 1.0 (Version: 1.0 - NVIDIA Corporation) Hidden

NVIDIA Network Service (Version: 1.0 - NVIDIA Corporation) Hidden

NVIDIA PhysX (x32 Version: 9.13.1220 - NVIDIA Corporation) Hidden

NVIDIA PhysX-Systemsoftware 9.13.1220 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.1220 - NVIDIA Corporation)

NVIDIA ShadowPlay 15.3.33 (Version: 15.3.33 - NVIDIA Corporation) Hidden

NVIDIA Stereoscopic 3D Driver (x32 Version: 7.17.12.6514 - NVIDIA Corporation) Hidden

NVIDIA Systemsteuerung 340.52 (Version: 340.52 - NVIDIA Corporation) Hidden

NVIDIA Update 15.3.33 (Version: 15.3.33 - NVIDIA Corporation) Hidden

NVIDIA Update Core (Version: 15.3.33 - NVIDIA Corporation) Hidden

NVIDIA Virtual Audio 1.2.23 (Version: 1.2.23 - NVIDIA Corporation) Hidden

Operation Flashpoint: Red River (HKLM-x32\...\Steam App 44340) (Version:  - Codemasters Action Studio)

Oracle VM VirtualBox 4.3.12 (HKLM\...\{B5121457-0126-4E62-BCBF-6DC7C73D9E4A}) (Version: 4.3.12 - Oracle Corporation)

Origin (HKLM-x32\...\Origin) (Version: 9.4.7.2799 - Electronic Arts, Inc.)

paint.net (HKLM\...\{3F5F509B-E226-417C-8CD1-CAAE756C328A}) (Version: 4.0.0 - dotPDN LLC)

Peggle (HKLM-x32\...\{715AD72D-887A-459E-988B-D4F3E87FA24B}) (Version: 1.04.0.0 - PopCap Games)

Pflanzen gegen Zombies™ (HKLM-x32\...\{5E6536C2-E79A-49CF-83EA-817AD81F9FC8}) (Version: 1.2.0.1093 - Electronic Arts, Inc.)

PremiumSoft Navicat Lite 10.0 (HKLM-x32\...\PremiumSoft Navicat Lite_is1) (Version:  - PremiumSoft CyberTech Ltd.)

Qualcomm Atheros Bandwidth Control Filter Driver (Version: 1.0.30.1003 - Qualcomm Atheros) Hidden

Qualcomm Atheros Killer E220x Drivers (Version: 1.0.30.1003 - Qualcomm Atheros) Hidden

Qualcomm Atheros Killer Network Manager Suite (HKLM-x32\...\{DD21E907-9A2A-44B8-A12E-13691E166664}) (Version: 1.0.30.1003 - Qualcomm Atheros)

Qualcomm Atheros Network Manager (Version: 1.0.30.1003 - Qualcomm Atheros) Hidden

Razer Synapse 2.0 (HKLM-x32\...\{0D78BEE2-F8FF-4498-AF1A-3FF81CED8AC6}) (Version: 1.18.13 - Razer Inc.)

Rust (HKLM-x32\...\Steam App 252490) (Version:  - Facepunch Studios)

SHIELD Streaming (Version: 3.1.100 - NVIDIA Corporation) Hidden

Sirius MT2 Version 20.13 (HKLM-x32\...\{831D4B74-7A92-4363-869D-524876C480B1}_is1) (Version: 20.13 - Sirius MT2)

Skype™ 6.16 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.16.105 - Skype Technologies S.A.)

South Park - The Stick of Truth (HKLM-x32\...\South Park - The Stick of Truth_R.G. Mechanics_is1) (Version:  - R.G. Mechanics, spider91)

Spotify (HKCU\...\Spotify) (Version: 0.9.11.27.g2b1a638c - Spotify AB)

Steam (HKLM-x32\...\Steam) (Version:  - Valve Corporation)

TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.14 - TeamSpeak Systems GmbH)

TeamViewer 9 (HKLM-x32\...\TeamViewer 9) (Version: 9.0.29947 - TeamViewer)

Titanfall™ (HKLM-x32\...\{347EE0C3-0690-48F6-A231-53853C2A80D6}) (Version: 1.0.4.15 - Electronic Arts)

Überwachungstool für die Intel® Turbo-Boost-Technik 2.6 (HKLM\...\{6C9365EB-1F9E-4893-9196-3EC77C88D0C5}) (Version: 2.6.2.0 - Intel)

Unity Web Player (HKCU\...\UnityWebPlayer) (Version: 4.5.0f6 - Unity Technologies ApS)

Uplay (HKLM-x32\...\Uplay) (Version: 4.5 - Ubisoft)

Vegas Pro 12.0 (64-bit) (HKLM\...\{BE94768F-5232-11E3-BD78-F04DA23A5C58}) (Version: 12.0.770 - Sony)

Warface Launcher (Beta) (HKLM-x32\...\{28D1723C-31C4-4A83-9799-DFFB3739026D}) (Version: 1.0.0 - Crytek GmbH)

Watch_Dogs (HKLM-x32\...\Uplay Install 274) (Version:  - Ubisoft)

Windows Live ID Sign-in Assistant (HKLM\...\{9B48B0AC-C813-4174-9042-476A887592C7}) (Version: 6.500.3165.0 - Microsoft Corporation)

WinRAR 5.01 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.01.0 - win.rar GmbH)

WinSCP 5.5.4 (HKLM-x32\...\winscp3_is1) (Version: 5.5.4 - Martin Prikryl)
 

==================== Custom CLSID (selected items): ==========================
 

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
 
 

==================== Restore Points  =========================
 

30-07-2014 11:56:44 Installed Warface Launcher (Beta)

31-07-2014 13:38:57 Windows Update

01-08-2014 10:50:46 Windows Update
 

==================== Hosts content: ==========================
 

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 

2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
 

==================== Scheduled Tasks (whitelisted) =============
 

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
 

Task: {2132EEA0-55D9-40C8-B014-B2F2393DDF5C} - System32\Tasks\AdobeAAMUpdater-1.0-Ralfi-PC-Ralfi => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2014-02-27] (Adobe Systems Incorporated)

Task: {325212BB-0C09-42F6-BB27-0B3712DE814A} - System32\Tasks\Red Giant Link => C:\Program Files (x86)\Red Giant Link\Common\Red Giant Link.exe [2011-11-23] ()

Task: {367A4F3D-5F96-4C21-AB16-8B181BC582DC} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

Task: {39DEDED4-3FB7-4B8D-9A44-9BE03C0F9907} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-07-18] (Adobe Systems Incorporated)

Task: {45ACB7EF-11B8-4FA2-AF77-B30E890B295A} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

Task: {4D8BC769-341B-4C86-8D7A-29114D11CBB7} - System32\Tasks\YourFile DownloaderInstaller Starter => C:\Users\Ralfi\AppData\Local\Temp\install20450981.exe [2014-07-30] (hxxp://yourfiledownloader.net) <==== ATTENTION

Task: {7A834270-F4A4-4922-BBF2-013022CE6D0D} - System32\Tasks\APSnotifierPP3 => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe <==== ATTENTION

Task: {8C3C8FA8-3E14-4A65-8167-74D6ED47B5A5} - System32\Tasks\APSnotifierPP2 => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe <==== ATTENTION

Task: {95C3D335-8B1B-4EB9-A9A3-6573B0A7C1B7} - System32\Tasks\{41A47AF3-6E4C-46BD-85D0-4E0BFCF145EB} => C:\Users\Ralfi\Desktop\Minecraft.exe [2014-05-09] ()

Task: {A2A42D7B-092B-4209-B33A-4B10417085C0} - System32\Tasks\YourFile DownloaderUpdate => C:\Program Files (x86)\YourFileDownloader Updater\YourFileUpdater.exe <==== ATTENTION

Task: {B9CE560E-0066-460E-B483-F1398CC19150} - System32\Tasks\AppCloudUpdater => C:\Users\Ralfi\AppData\Roaming\APPCLO~1\UPDATE~1\UPDATE~1.EXE <==== ATTENTION

Task: {CF3B707A-6679-468A-B7F4-6C5B871451AF} - System32\Tasks\APSnotifierPP1 => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe <==== ATTENTION

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

Task: C:\Windows\Tasks\AppCloudUpdater.job => C:\Users\Ralfi\AppData\Roaming\APPCLO~1\UPDATE~1\UPDATE~1.EXE <==== ATTENTION

Task: C:\Windows\Tasks\APSnotifierPP1.job => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe <==== ATTENTION

Task: C:\Windows\Tasks\APSnotifierPP2.job => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe <==== ATTENTION

Task: C:\Windows\Tasks\APSnotifierPP3.job => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe <==== ATTENTION

Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
 

==================== Loaded Modules (whitelisted) =============
 

2014-05-07 17:15 - 2014-07-02 20:55 - 00116568 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll

2014-05-01 21:29 - 2014-05-01 21:29 - 00098304 _____ () C:\Program Files (x86)\FileZilla FTP Client\fzshellext_64.dll

2014-05-23 02:10 - 2014-05-23 02:10 - 00671904 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll

2013-08-08 14:35 - 2013-08-08 14:35 - 00283648 _____ () C:\Program Files\Qualcomm Atheros\Network Manager\NetworkManager.exe

2014-05-29 17:42 - 2014-07-17 20:06 - 00601144 _____ () C:\Users\Ralfi\AppData\Roaming\Spotify\Data\SpotifyHelper.exe

2014-05-23 02:10 - 2014-05-23 02:10 - 05341856 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe

2014-05-29 17:42 - 2014-07-17 20:06 - 36966968 _____ () C:\Users\Ralfi\AppData\Roaming\Spotify\Data\libcef.dll

2014-05-26 05:52 - 2014-05-26 05:52 - 32733088 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\HEX\libcef.dll

2014-07-17 20:06 - 2014-07-17 20:06 - 00867896 _____ () C:\Users\Ralfi\AppData\Roaming\Spotify\Data\ffmpegsumo.dll

2014-05-29 17:42 - 2014-07-17 20:06 - 00886840 _____ () C:\Users\Ralfi\AppData\Roaming\Spotify\Data\libglesv2.dll

2014-05-29 17:42 - 2014-07-17 20:06 - 00108600 _____ () C:\Users\Ralfi\AppData\Roaming\Spotify\Data\libegl.dll

2014-05-12 22:22 - 2014-05-12 22:22 - 02217128 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\plugins\ExchangePlugin\ExManCoreLib\ExManZxpSign.dll

2014-07-18 10:36 - 2014-07-18 10:36 - 17029808 _____ () C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_145.dll

2014-06-01 11:08 - 2014-06-01 11:08 - 00035328 _____ () C:\Program Files (x86)\FileZilla FTP Client\fzshellext.dll

2014-05-24 18:41 - 2014-05-24 18:41 - 00091648 _____ () C:\Program Files (x86)\FileZilla FTP Client\libgcc_s_sjlj-1.dll

2014-05-24 18:41 - 2014-05-24 18:41 - 00892416 _____ () C:\Program Files (x86)\FileZilla FTP Client\libstdc++-6.dll

2014-07-18 14:00 - 2014-07-15 11:24 - 00718664 _____ () C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.125\libglesv2.dll

2014-07-18 14:00 - 2014-07-15 11:24 - 00126280 _____ () C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.125\libegl.dll

2014-07-18 14:00 - 2014-07-15 11:24 - 08537928 _____ () C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.125\pdf.dll

2014-07-18 14:00 - 2014-07-15 11:24 - 00353096 _____ () C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.125\ppGoogleNaClPluginChrome.dll

2014-07-18 14:00 - 2014-07-15 11:24 - 01732936 _____ () C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.125\ffmpegsumo.dll

2014-07-18 14:00 - 2014-07-15 11:24 - 14664008 _____ () C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.125\PepperFlash\pepflashplayer.dll
 

==================== Alternate Data Streams (whitelisted) =========
 

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
 

AlternateDataStreams: C:\ProgramData:NT

AlternateDataStreams: C:\ProgramData:NT2

AlternateDataStreams: C:\Users\All Users:NT

AlternateDataStreams: C:\Users\All Users:NT2

AlternateDataStreams: C:\ProgramData\Anwendungsdaten:NT

AlternateDataStreams: C:\ProgramData\Anwendungsdaten:NT2

AlternateDataStreams: C:\ProgramData\Application Data:NT

AlternateDataStreams: C:\ProgramData\Application Data:NT2

AlternateDataStreams: C:\ProgramData\MTA San Andreas All:NT

AlternateDataStreams: C:\ProgramData\MTA San Andreas All:NT2

AlternateDataStreams: C:\Users\Ralfi\Anwendungsdaten:NT

AlternateDataStreams: C:\Users\Ralfi\Anwendungsdaten:NT2

AlternateDataStreams: C:\Users\Ralfi\AppData\Roaming:NT

AlternateDataStreams: C:\Users\Ralfi\AppData\Roaming:NT2
 

==================== Safe Mode (whitelisted) ===================
 

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Hamachi2Svc => ""="Service"
 

==================== EXE Association (whitelisted) =============
 

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
 
 

==================== MSCONFIG/TASK MANAGER disabled items =========
 

(Currently there is no automatic fix for this section.)
 
 

==================== Faulty Device Manager Devices =============
 
 

==================== Event log errors: =========================
 

Application errors:

==================

Error: (08/01/2014 00:47:42 PM) (Source: WinMgmt) (EventID: 10) (User: )

Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 

Error: (07/31/2014 10:23:23 PM) (Source: Application Error) (EventID: 1000) (User: )

Description: Name der fehlerhaften Anwendung: vegas120.exe, Version: 12.0.0.770, Zeitstempel: 0x528d33e2

Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.18247, Zeitstempel: 0x521eaf24

Ausnahmecode: 0xc0000374

Fehleroffset: 0x00000000000c4102

ID des fehlerhaften Prozesses: 0x19a8

Startzeit der fehlerhaften Anwendung: 0xvegas120.exe0

Pfad der fehlerhaften Anwendung: vegas120.exe1

Pfad des fehlerhaften Moduls: vegas120.exe2

Berichtskennung: vegas120.exe3
 

Error: (07/31/2014 03:28:40 PM) (Source: WinMgmt) (EventID: 10) (User: )

Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 

Error: (07/30/2014 10:14:18 PM) (Source: Application Error) (EventID: 1000) (User: )

Description: Name der fehlerhaften Anwendung: fraps.exe, Version: 3.5.99.15618, Zeitstempel: 0x512c56a2

Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.18247, Zeitstempel: 0x521ea8e7

Ausnahmecode: 0xc0000374

Fehleroffset: 0x000ce753

ID des fehlerhaften Prozesses: 0x1264

Startzeit der fehlerhaften Anwendung: 0xfraps.exe0

Pfad der fehlerhaften Anwendung: fraps.exe1

Pfad des fehlerhaften Moduls: fraps.exe2

Berichtskennung: fraps.exe3
 

Error: (07/30/2014 06:31:55 PM) (Source: Application Error) (EventID: 1000) (User: )

Description: Name der fehlerhaften Anwendung: hsswd.exe, Version: 0.0.0.0, Zeitstempel: 0x51087583

Name des fehlerhaften Moduls: af_proxy.dll, Version: 0.0.0.0, Zeitstempel: 0x5376a94a

Ausnahmecode: 0xc0000005

Fehleroffset: 0x00029c7c

ID des fehlerhaften Prozesses: 0x17a0

Startzeit der fehlerhaften Anwendung: 0xhsswd.exe0

Pfad der fehlerhaften Anwendung: hsswd.exe1

Pfad des fehlerhaften Moduls: hsswd.exe2

Berichtskennung: hsswd.exe3
 

Error: (07/30/2014 06:31:04 PM) (Source: WinMgmt) (EventID: 10) (User: )

Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 

Error: (07/30/2014 06:25:29 PM) (Source: WinMgmt) (EventID: 10) (User: )

Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 

Error: (07/30/2014 00:37:30 PM) (Source: WinMgmt) (EventID: 10) (User: )

Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 

Error: (07/29/2014 03:59:15 PM) (Source: Application Hang) (EventID: 1002) (User: )

Description: Programm Rebellution.exe, Version 0.0.0.0 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
 

Prozess-ID: 1658
 

Startzeit: 01cfab115a63490f
 

Endzeit: 4
 

Anwendungspfad: C:\Users\Ralfi\Desktop\Rebellution2\Rebellution.exe
 

Berichts-ID:
 

Error: (07/29/2014 03:59:13 PM) (Source: Application Hang) (EventID: 1002) (User: )

Description: Programm Rebellution.exe, Version 0.0.0.0 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
 

Prozess-ID: e10
 

Startzeit: 01cfab092862eb01
 

Endzeit: 4
 

Anwendungspfad: C:\Users\Ralfi\Desktop\Rebellution2\Rebellution.exe
 

Berichts-ID:
 
 

System errors:

=============

Error: (08/01/2014 00:49:21 PM) (Source: Service Control Manager) (EventID: 7000) (User: )

Description: Der Dienst "Google Update-Dienst (gupdate)" wurde aufgrund folgenden Fehlers nicht gestartet: 

%%2
 

Error: (07/31/2014 03:30:32 PM) (Source: Service Control Manager) (EventID: 7000) (User: )

Description: Der Dienst "Google Update-Dienst (gupdate)" wurde aufgrund folgenden Fehlers nicht gestartet: 

%%2
 

Error: (07/30/2014 06:33:09 PM) (Source: Service Control Manager) (EventID: 7000) (User: )

Description: Der Dienst "Google Update-Dienst (gupdate)" wurde aufgrund folgenden Fehlers nicht gestartet: 

%%2
 

Error: (07/30/2014 06:31:55 PM) (Source: Service Control Manager) (EventID: 7034) (User: )

Description: Dienst "Hotspot Shield Monitoring Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
 

Error: (07/30/2014 06:31:02 PM) (Source: Service Control Manager) (EventID: 7000) (User: )

Description: Der Dienst "Computer Backup (MyPC Backup)" wurde aufgrund folgenden Fehlers nicht gestartet: 

%%1053
 

Error: (07/30/2014 06:31:02 PM) (Source: Service Control Manager) (EventID: 7009) (User: )

Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Computer Backup (MyPC Backup) erreicht.
 

Error: (07/30/2014 06:27:19 PM) (Source: Service Control Manager) (EventID: 7000) (User: )

Description: Der Dienst "Google Update-Dienst (gupdate)" wurde aufgrund folgenden Fehlers nicht gestartet: 

%%2
 

Error: (07/30/2014 06:18:52 PM) (Source: Service Control Manager) (EventID: 7031) (User: )

Description: Der Dienst "Update Adanak" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 5000 Millisekunden durchgeführt: Neustart des Diensts.
 

Error: (07/23/2014 03:28:19 PM) (Source: Service Control Manager) (EventID: 7030) (User: )

Description: Der Dienst "LogMeIn Hamachi Tunneling Engine" ist als interaktiver Dienst gekennzeichnet. Das System wurde jedoch so konfiguriert, dass interaktive Dienste nicht möglich sind. Der Dienst wird möglicherweise nicht richtig funktionieren.
 

Error: (07/18/2014 05:09:33 PM) (Source: Schannel) (EventID: 4119) (User: NT-AUTORITÄT)

Description: Es wurde eine schwerwiegende Warnung empfangen: 80.
 
 

Microsoft Office Sessions:

=========================

Error: (08/01/2014 00:47:42 PM) (Source: WinMgmt) (EventID: 10) (User: )

Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 

Error: (07/31/2014 10:23:23 PM) (Source: Application Error) (EventID: 1000) (User: )

Description: vegas120.exe12.0.0.770528d33e2ntdll.dll6.1.7601.18247521eaf24c000037400000000000c410219a801cfacfb9f9ec67eC:\Program Files\Sony\Vegas Pro 12.0\vegas120.exeC:\Windows\SYSTEM32\ntdll.dll847b596b-18f0-11e4-b4fb-448a5b676762
 

Error: (07/31/2014 03:28:40 PM) (Source: WinMgmt) (EventID: 10) (User: )

Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 

Error: (07/30/2014 10:14:18 PM) (Source: Application Error) (EventID: 1000) (User: )

Description: fraps.exe3.5.99.15618512c56a2ntdll.dll6.1.7601.18247521ea8e7c0000374000ce753126401cfac2efed893c3D:\Fraps\fraps.exeC:\Windows\SysWOW64\ntdll.dll15440110-1826-11e4-86a5-448a5b676762
 

Error: (07/30/2014 06:31:55 PM) (Source: Application Error) (EventID: 1000) (User: )

Description: hsswd.exe0.0.0.051087583af_proxy.dll0.0.0.05376a94ac000000500029c7c17a001cfac13a77efb06C:\Program Files (x86)\Hotspot Shield\bin\hsswd.exeC:\Program Files (x86)\Hotspot Shield\bin\af_proxy.dll043ff8cf-1807-11e4-86a5-448a5b676762
 

Error: (07/30/2014 06:31:04 PM) (Source: WinMgmt) (EventID: 10) (User: )

Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 

Error: (07/30/2014 06:25:29 PM) (Source: WinMgmt) (EventID: 10) (User: )

Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 

Error: (07/30/2014 00:37:30 PM) (Source: WinMgmt) (EventID: 10) (User: )

Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 

Error: (07/29/2014 03:59:15 PM) (Source: Application Hang) (EventID: 1002) (User: )

Description: Rebellution.exe0.0.0.0165801cfab115a63490f4C:\Users\Ralfi\Desktop\Rebellution2\Rebellution.exe
 

Error: (07/29/2014 03:59:13 PM) (Source: Application Hang) (EventID: 1002) (User: )

Description: Rebellution.exe0.0.0.0e1001cfab092862eb014C:\Users\Ralfi\Desktop\Rebellution2\Rebellution.exe
 
 

==================== Memory info =========================== 
 

Percentage of memory in use: 36%

Total physical RAM: 16327.91 MB

Available physical RAM: 10318.59 MB

Total Pagefile: 32654.01 MB

Available Pagefile: 25944.56 MB

Total Virtual: 8192 MB

Available Virtual: 8191.84 MB
 

==================== Drives ================================
 

Drive c: () (Fixed) (Total:111.69 GB) (Free:19.15 GB) NTFS

Drive d: (Volume) (Fixed) (Total:1863.01 GB) (Free:1529.93 GB) NTFS
 

==================== MBR & Partition Table ==================
 

========================================================

Disk: 0 (MBR Code: Windows 7 or 8) (Size: 112 GB) (Disk ID: BC66EA14)

Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)

Partition 2: (Not Active) - (Size=112 GB) - (Type=07 NTFS)
 

========================================================

Disk: 1 (MBR Code: Windows 7 or 8) (Size: 1863 GB) (Disk ID: B3513036)

Partition 1: (Not Active) - (Size=1863 GB) - (Type=07 NTFS)
 

==================== End Of Log ============================