Trojaner-Board - Desktopangriff? Fernaktivierung Bluescreen

Trojaner-Board (https://www.trojaner-board.de/)

- Plagegeister aller Art und deren Bekämpfung (https://www.trojaner-board.de/plagegeister-aller-art-deren-bekaempfung/)

- - Desktopangriff? Fernaktivierung Bluescreen (https://www.trojaner-board.de/168778-desktopangriff-fernaktivierung-bluescreen.html)

Poste die Logs bitte vollständig und in CODE-Tags...

Code:

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:13-07-2015

Ran by gestörthe Dörthe (administrator) on BORISMIRWARM on 17-07-2015 21:09:09

Running from C:\Users\gestoertheDorthe\Downloads

Loaded Profiles: gestörthe Dörthe & gestoertheDorthe (Available Profiles: gestörthe Dörthe & gestoertheDorthe)

Platform: Windows 7 Professional Service Pack 1 (X64) OS Language: Deutsch (Deutschland)

Internet Explorer Version 11 (Default browser: FF)

Boot Mode: Normal

Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
 

==================== Processes (Whitelisted) =================
 

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 

(Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe

(F-Secure Corporation) C:\Program Files (x86)\Kabel Deutschland\apps\CCF_Reputation\fsorsp.exe

(F-Secure Corporation) C:\Program Files (x86)\Kabel Deutschland\fshoster32.exe

(F-Secure Corporation) C:\Program Files (x86)\Kabel Deutschland\fshoster32.exe

(F-Secure Corporation) C:\Program Files (x86)\Kabel Deutschland\fshoster32.exe

(F-Secure Corporation) C:\Program Files (x86)\Kabel Deutschland\fshoster32.exe

(F-Secure Corporation) C:\Program Files (x86)\Kabel Deutschland\fshoster32.exe

(F-Secure Corporation) C:\Program Files (x86)\Kabel Deutschland\apps\ComputerSecurity\Anti-Virus\fsgk32.exe

(F-Secure Corporation) C:\Program Files (x86)\Kabel Deutschland\fshoster32.exe

(F-Secure Corporation) C:\Program Files (x86)\Kabel Deutschland\fshoster32.exe

(F-Secure Corporation) C:\Program Files (x86)\Kabel Deutschland\fshoster32.exe

(F-Secure Corporation) C:\Program Files (x86)\Kabel Deutschland\fshoster32.exe

(F-Secure Corporation) C:\Program Files (x86)\Kabel Deutschland\fshoster32.exe

(F-Secure Corporation) C:\Program Files (x86)\Kabel Deutschland\fshoster32.exe

(F-Secure Corporation) C:\Program Files (x86)\Kabel Deutschland\fshoster32.exe

(F-Secure Corporation) C:\Program Files (x86)\Kabel Deutschland\fshoster32.exe

(F-Secure Corporation) C:\Program Files (x86)\Kabel Deutschland\apps\ComputerSecurity\Common\FSMA32.EXE

(F-Secure Corporation) C:\Program Files (x86)\Kabel Deutschland\apps\ComputerSecurity\Anti-Virus\fssm32.exe

(F-Secure Corporation) C:\Program Files (x86)\Kabel Deutschland\apps\ComputerSecurity\Common\FSHDLL64.EXE

(F-Secure Corporation) C:\Program Files (x86)\Kabel Deutschland\fshoster32.exe

(F-Secure Corporation) C:\Program Files (x86)\Kabel Deutschland\fshoster32.exe

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe

(Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe

(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe

(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe

(Microsoft Corporation) C:\Windows\System32\dllhost.exe

(Microsoft Corporation) C:\Windows\System32\dllhost.exe
 
 

==================== Registry (Whitelisted) ==================
 

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 

HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2754704 2015-06-03] (NVIDIA Corporation)

HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart

HKLM\...\Run: [XboxStat] => C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe [825184 2009-09-30] (Microsoft Corporation)

HKLM\...\Run: [Launch LCore] => C:\Program Files\Logitech Gaming Software\LCore.exe [13318424 2015-03-12] (Logitech Inc.)

HKLM-x32\...\Run: [NUSB3MON] => C:\Program Files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [106496 2010-01-22] (NEC Electronics Corporation)

HKLM-x32\...\Run: [JMB36X IDE Setup] => C:\Windows\RaidTool\xInsIDE.exe [36864 2007-03-20] ()

HKLM-x32\...\Run: [Six Engine] => C:\Program Files (x86)\ASUS\EPU\EPU.exe [5309056 2010-03-16] (

ASUSTeK Computer Inc.)

HKLM-x32\...\Run: [TurboV EVO] => C:\Program Files (x86)\ASUS\TurboV EVO\TurboV_EVO.exe [9993344 2010-03-25] (ASUSTeK Computer Inc.)

HKLM-x32\...\Run: [F-Secure Hoster (44553)] => C:\Program Files (x86)\Kabel Deutschland\fshoster32.exe [187432 2015-04-02] (F-Secure Corporation)

HKLM-x32\...\Run: [F-Secure Manager] => C:\Program Files (x86)\Kabel Deutschland\apps\ComputerSecurity\Common\FSM32.EXE [310312 2014-09-18] (F-Secure Corporation)

HKLM\...\RunOnce: [*WerKernelReporting] => C:\Windows\SYSTEM32\WerFault.exe [415232 2009-07-14] (Microsoft Corporation)

HKU\S-1-5-21-1198890107-3487484037-2208262354-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8358680 2015-06-01] (Piriform Ltd)

HKU\S-1-5-21-1198890107-3487484037-2208262354-1001\...\Run: [Sidebar] => %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun

GroupPolicyScripts: Group Policy detected <======= ATTENTION
 

==================== Internet (Whitelisted) ====================
 

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 

HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com

HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com

HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch

HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome

HKU\S-1-5-21-1198890107-3487484037-2208262354-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/

HKU\S-1-5-21-1198890107-3487484037-2208262354-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch

SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 

SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 

SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 

BHO: Browsing Protection -> {45BBE08D-81C5-4A67-AF20-B2A077C67747} -> C:\Program Files (x86)\Kabel Deutschland\apps\CCF_Scanning\bin\browser\install\fs_ie_https\fs_ie_https64.dll [2015-06-19] (F-Secure Corporation)

BHO: F-Secure Search -> {690EF1CF-5775-4CB3-A5B8-85A63FD0262B} -> C:\Program Files (x86)\Kabel Deutschland\apps\SafeSearch\IE\FSSafeSearch64.dll [2014-06-23] (F-Secure Corporation)

BHO-x32: Browsing Protection -> {45BBE08D-81C5-4A67-AF20-B2A077C67747} -> C:\Program Files (x86)\Kabel Deutschland\apps\CCF_Scanning\bin\browser\install\fs_ie_https\fs_ie_https.dll [2015-06-19] (F-Secure Corporation)

Toolbar: HKLM - F-Secure Search Toolbar - {B242FC32-2B60-48EA-A8E3-2E280EDBC48F} - C:\Program Files (x86)\Kabel Deutschland\apps\SafeSearch\IE\FSSafeSearch64.dll [2014-06-23] (F-Secure Corporation)

Tcpip\Parameters: [DhcpNameServer] 192.168.0.1

Tcpip\..\Interfaces\{F7B82DF4-A48B-4CD3-80F6-C3E40BD162D4}: [DhcpNameServer] 192.168.0.1
 

FireFox:

========

FF ProfilePath: C:\Users\gestörthe Dörthe\AppData\Roaming\Mozilla\Firefox\Profiles\yPmrO1ma.default

FF Homepage: about:home

FF NetworkProxy: "type", 4

FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_18_0_0_203.dll [2015-07-12] ()

FF Plugin: @esn/npbattlelog,version=2.6.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.6.2\npbattlelogx64.dll No File

FF Plugin: @esn/npbattlelog,version=2.7.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.7.1\npbattlelogx64.dll [2015-04-30] (EA Digital Illusions CE AB)

FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-16] ( Microsoft Corporation)

FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_203.dll [2015-07-12] ()

FF Plugin-x32: @esn/npbattlelog,version=2.6.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.6.2\npbattlelog.dll No File

FF Plugin-x32: @esn/npbattlelog,version=2.7.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.7.1\npbattlelog.dll [2015-04-30] (EA Digital Illusions CE AB)

FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-15] ( Microsoft Corporation)

FF Plugin-x32: @nullsoft.com/winampDetector;version=1 -> C:\Program Files (x86)\Winamp Detect\npwachk.dll [2013-12-13] (Nullsoft, Inc.)

FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-06-17] (NVIDIA Corporation)

FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-06-17] (NVIDIA Corporation)

FF Extension: NoScript - C:\Users\gestörthe Dörthe\AppData\Roaming\Mozilla\Firefox\Profiles\yPmrO1ma.default\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2015-07-16]

FF Extension: Adblock Plus - C:\Users\gestörthe Dörthe\AppData\Roaming\Mozilla\Firefox\Profiles\yPmrO1ma.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-06-17]

FF HKLM-x32\...\Firefox\Extensions: [{f6e41205-00c6-4ce7-99f1-bba5c3f51dd7}] - C:\Program Files (x86)\Kabel Deutschland\apps\CCF_Scanning\bin\browser\deploy\fs_firefox_https

FF Extension: Browsing Protection - C:\Program Files (x86)\Kabel Deutschland\apps\CCF_Scanning\bin\browser\deploy\fs_firefox_https [2015-06-29]

FF HKLM-x32\...\Firefox\Extensions: [{F003DA68-8256-4b37-A6C4-350FA04494DF}] - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt

FF HKU\S-1-5-21-1198890107-3487484037-2208262354-1000\...\Firefox\Extensions: [safesearch@f-secure.com] - C:\Users\gestörthe Dörthe\AppData\Roaming\F-Secure\SafeSearch\FFPlugIn

FF Extension: Safe Search - C:\Users\gestörthe Dörthe\AppData\Roaming\F-Secure\SafeSearch\FFPlugIn [2015-06-19]

FF HKU\S-1-5-21-1198890107-3487484037-2208262354-1001\...\Firefox\Extensions: [safesearch@f-secure.com] - C:\Users\gestoertheDorthe\AppData\Roaming\F-Secure\SafeSearch\FFPlugIn

FF Extension: Safe Search - C:\Users\gestoertheDorthe\AppData\Roaming\F-Secure\SafeSearch\FFPlugIn [2015-07-17]
 

Chrome: 

=======

CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - https://clients2.google.com/service/update2/crx

CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - https://clients2.google.com/service/update2/crx

CHR HKLM-x32\...\Chrome\Extension: [jmjjnhpacphpjmnnlnccpfmhkcloaade] - C:/Program Files (x86)/Kabel Deutschland/apps/CCF_Scanning/bin/browser/install/fs_chrome_https/fs_chrome_https.crx [2014-09-08]
 

==================== Services (Whitelisted) =================
 

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 

S4 AODService; C:\Program Files (x86)\AMD\OverDrive\AODAssist.exe [136616 2010-06-12] ()

S2 AsSysCtrlService; C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.02\AsSysCtrlService.exe [96896 2009-12-28] (ASUSTeK Computer Inc.)

R2 fshoster; C:\Program Files (x86)\Kabel Deutschland\fshoster32.exe [187432 2015-04-02] (F-Secure Corporation)

R3 FSMA; C:\Program Files (x86)\Kabel Deutschland\apps\ComputerSecurity\Common\FSMA32.EXE [216104 2014-09-18] (F-Secure Corporation)

R2 FSORSPClient; C:\Program Files (x86)\Kabel Deutschland\apps\CCF_Reputation\fsorsp.exe [60456 2015-06-19] (F-Secure Corporation)

S2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1152656 2015-06-03] (NVIDIA Corporation)

S2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1893008 2015-06-03] (NVIDIA Corporation)

S2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [23007376 2015-06-03] (NVIDIA Corporation)

S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2004488 2015-07-12] (Electronic Arts)

S2 PnkBstrA; C:\Windows\system32\PnkBstrA.exe [76152 2015-07-15] ()

S2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2015-07-14] ()

R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
 

==================== Drivers (Whitelisted) ====================
 

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 

R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [13440 2009-08-04] ()

R1 AsUpIO; C:\Windows\SysWow64\drivers\AsUpIO.sys [13368 2009-07-06] ()

S3 cmnsusbser; C:\Windows\System32\DRIVERS\cmnsusbser.sys [117888 2015-06-16] (Mobile Connector) [File not signed]

S3 CM_VENDER_CMD; C:\Program Files\Common Files\Logitech\G430Install\CMVC64.sys [17104 2014-07-31] (Windows (R) Win 7 DDK provider)

R3 F-Secure Gatekeeper; C:\Program Files (x86)\Kabel Deutschland\apps\ComputerSecurity\Anti-Virus\minifilter\fsgk.sys [208424 2015-07-07] (F-Secure Corporation)

R1 F-Secure HIPS; C:\Program Files (x86)\Kabel Deutschland\apps\ComputerSecurity\HIPS\drivers\fshs.sys [71080 2015-07-07] (F-Secure Corporation)

R0 fsbts; C:\Windows\System32\Drivers\fsbts.sys [55336 2015-06-19] ()

R3 fsni; C:\Program Files (x86)\Kabel Deutschland\apps\CCF_Scanning\bin\fsni64.sys [95784 2015-06-19] (F-Secure Corporation)

R1 fsvista; C:\Program Files (x86)\Kabel Deutschland\apps\ComputerSecurity\Anti-Virus\minifilter\fsvista.sys [13352 2014-09-18] ()

R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [15416 2009-07-16] ()

R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19600 2015-06-03] (NVIDIA Corporation)

R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [46768 2015-05-19] (NVIDIA Corporation)

S3 SaiK0CC3; C:\Windows\System32\DRIVERS\SaiK0CC3.sys [180584 2012-09-20] (Saitek)

R3 SaiMini; C:\Windows\System32\DRIVERS\SaiMini.sys [25120 2013-04-30] (Saitek)

R3 SaiNtBus; C:\Windows\System32\drivers\SaiBus.sys [52640 2013-04-30] (Saitek)

S3 SaiU0CC3; C:\Windows\System32\DRIVERS\SaiU0CC3.sys [47208 2012-09-20] (Saitek)

S2 avgntflt; system32\DRIVERS\avgntflt.sys [X]

S1 avipbb; system32\DRIVERS\avipbb.sys [X]

S1 avkmgr; system32\DRIVERS\avkmgr.sys [X]

S2 avnetflt; system32\DRIVERS\avnetflt.sys [X]

S3 catchme; \??\C:\ComboFix\catchme.sys [X]
 

==================== NetSvcs (Whitelisted) ===================
 

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 

==================== One Month Created files and folders ========
 

(If an entry is included in the fixlist, the file/folder will be moved.)
 

2015-07-17 21:09 - 2015-07-17 21:09 - 00014822 _____ C:\Users\gestoertheDorthe\Downloads\FRST.txt

2015-07-17 21:08 - 2015-07-17 21:08 - 02133504 _____ (Farbar) C:\Users\gestoertheDorthe\Downloads\FRST64.exe

2015-07-17 21:04 - 2015-07-17 21:04 - 00001061 ____X C:\Users\gestörthe Dörthe\Desktop\JRT.txt

2015-07-17 20:52 - 2015-07-17 20:52 - 00304624 _____ C:\Windows\Minidump\071715-28844-01.dmp

2015-07-17 20:45 - 2015-07-17 20:45 - 01798288 _____ (Malwarebytes Corporation) C:\Users\gestörthe Dörthe\Downloads\JRT.exe

2015-07-17 20:06 - 2015-07-17 20:18 - 00000000 ____D C:\AdwCleaner

2015-07-17 20:05 - 2015-07-17 20:05 - 01798288 _____ (Malwarebytes Corporation) C:\Users\gestoertheDorthe\Downloads\JRT.exe

2015-07-17 20:04 - 2015-07-17 20:04 - 02248704 _____ C:\Users\gestoertheDorthe\Downloads\AdwCleaner_4.208.exe

2015-07-17 12:45 - 2015-07-17 14:08 - 00000000 ____D C:\Users\gestoertheDorthe\AppData\Roaming\Winamp

2015-07-17 12:43 - 2015-07-17 12:43 - 00000000 ____D C:\Users\gestoertheDorthe\AppData\Roaming\F-Secure

2015-07-17 12:39 - 2015-07-17 12:39 - 00311216 _____ C:\Windows\Minidump\071715-31122-01.dmp

2015-07-17 12:33 - 2015-06-02 02:07 - 00254976 _____ (Microsoft Corporation) C:\Windows\system32\cewmdm.dll

2015-07-17 12:33 - 2015-06-02 01:47 - 00210432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cewmdm.dll

2015-07-17 12:26 - 2015-07-17 12:26 - 00000000 ____D C:\Users\gestoertheDorthe\AppData\Local\ESN

2015-07-17 12:21 - 2015-07-17 12:32 - 00000000 ____D C:\Users\gestoertheDorthe\AppData\Local\Mozilla

2015-07-17 12:21 - 2015-07-17 12:23 - 00000000 ____D C:\Users\gestoertheDorthe\AppData\Roaming\Mozilla

2015-07-17 05:27 - 2015-07-17 05:27 - 00000000 ____D C:\Users\gestoertheDorthe\AppData\Local\PunkBuster

2015-07-17 05:21 - 2015-07-17 05:32 - 00000000 ____D C:\Users\gestoertheDorthe\Documents\BFH

2015-07-17 04:50 - 2015-07-02 23:21 - 19877376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll

2015-07-17 04:50 - 2015-07-02 23:08 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb

2015-07-17 04:50 - 2015-07-02 22:50 - 02279424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll

2015-07-17 04:50 - 2015-07-02 22:49 - 25193984 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll

2015-07-17 04:50 - 2015-07-02 22:46 - 00479232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll

2015-07-17 04:50 - 2015-07-02 22:40 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb

2015-07-17 04:50 - 2015-07-02 22:23 - 02885632 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll

2015-07-17 04:50 - 2015-07-02 22:19 - 12855296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll

2015-07-17 04:50 - 2015-07-02 22:12 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll

2015-07-17 04:50 - 2015-07-02 21:55 - 01310720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll

2015-07-17 04:50 - 2015-07-02 21:20 - 14453248 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll

2015-07-17 04:50 - 2015-07-02 20:59 - 01545728 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll

2015-07-17 04:11 - 2015-07-17 04:55 - 00000000 ____D C:\Users\gestoertheDorthe\AppData\Roaming\Origin

2015-07-17 04:11 - 2015-07-17 04:55 - 00000000 ____D C:\Users\gestoertheDorthe\AppData\Local\Origin

2015-07-17 04:09 - 2015-07-17 04:09 - 00001425 _____ C:\Users\gestoertheDorthe\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk

2015-07-17 04:09 - 2015-07-17 04:09 - 00000000 ____D C:\Users\gestoertheDorthe\AppData\Roaming\Macromedia

2015-07-17 04:09 - 2015-07-17 04:09 - 00000000 ____D C:\Users\gestoertheDorthe\AppData\Roaming\Adobe

2015-07-17 04:09 - 2015-07-17 04:09 - 00000000 ____D C:\Users\gestoertheDorthe\AppData\Local\NVIDIA Corporation

2015-07-17 04:09 - 2015-07-17 04:09 - 00000000 ____D C:\Users\gestoertheDorthe\AppData\Local\Logitech

2015-07-17 04:08 - 2015-07-17 20:53 - 00000000 ____D C:\Users\gestoertheDorthe

2015-07-17 04:08 - 2015-07-17 04:08 - 00000020 ___SH C:\Users\gestoertheDorthe\ntuser.ini

2015-07-17 04:08 - 2015-07-17 04:08 - 00000000 _SHDL C:\Users\gestoertheDorthe\Vorlagen

2015-07-17 04:08 - 2015-07-17 04:08 - 00000000 _SHDL C:\Users\gestoertheDorthe\Startmenü

2015-07-17 04:08 - 2015-07-17 04:08 - 00000000 _SHDL C:\Users\gestoertheDorthe\Netzwerkumgebung

2015-07-17 04:08 - 2015-07-17 04:08 - 00000000 _SHDL C:\Users\gestoertheDorthe\Lokale Einstellungen

2015-07-17 04:08 - 2015-07-17 04:08 - 00000000 _SHDL C:\Users\gestoertheDorthe\Eigene Dateien

2015-07-17 04:08 - 2015-07-17 04:08 - 00000000 _SHDL C:\Users\gestoertheDorthe\Druckumgebung

2015-07-17 04:08 - 2015-07-17 04:08 - 00000000 _SHDL C:\Users\gestoertheDorthe\Documents\Eigene Musik

2015-07-17 04:08 - 2015-07-17 04:08 - 00000000 _SHDL C:\Users\gestoertheDorthe\Documents\Eigene Bilder

2015-07-17 04:08 - 2015-07-17 04:08 - 00000000 _SHDL C:\Users\gestoertheDorthe\AppData\Roaming\Microsoft\Windows\Start Menu\Programme

2015-07-17 04:08 - 2015-07-17 04:08 - 00000000 _SHDL C:\Users\gestoertheDorthe\AppData\Local\Verlauf

2015-07-17 04:08 - 2015-07-17 04:08 - 00000000 _SHDL C:\Users\gestoertheDorthe\AppData\Local\Anwendungsdaten

2015-07-17 04:08 - 2015-07-17 04:08 - 00000000 _SHDL C:\Users\gestoertheDorthe\Anwendungsdaten

2015-07-17 04:08 - 2015-07-17 04:08 - 00000000 ____D C:\Users\gestoertheDorthe\AppData\Local\VirtualStore

2015-07-17 04:08 - 2015-07-17 04:08 - 00000000 ____D C:\Users\gestoertheDorthe\AppData\Local\NVIDIA

2015-07-17 04:08 - 2009-07-14 06:54 - 00000000 ___RD C:\Users\gestoertheDorthe\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories

2015-07-17 04:08 - 2009-07-14 06:49 - 00000000 ___RD C:\Users\gestoertheDorthe\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance

2015-07-17 03:19 - 2015-07-17 03:19 - 00030467 _____ C:\ComboFix.txt

2015-07-17 01:54 - 2011-06-26 08:45 - 00256000 _____ C:\Windows\PEV.exe

2015-07-17 01:54 - 2010-11-07 19:20 - 00208896 _____ C:\Windows\MBR.exe

2015-07-17 01:54 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe

2015-07-17 01:54 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe

2015-07-17 01:54 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe

2015-07-17 01:54 - 2000-08-31 02:00 - 00098816 _____ C:\Windows\sed.exe

2015-07-17 01:54 - 2000-08-31 02:00 - 00080412 _____ C:\Windows\grep.exe

2015-07-17 01:54 - 2000-08-31 02:00 - 00068096 _____ C:\Windows\zip.exe

2015-07-17 01:49 - 2015-07-17 03:20 - 00000000 ____D C:\Qoobox

2015-07-17 01:48 - 2015-07-17 03:15 - 00000000 ____D C:\Windows\erdnt

2015-07-17 01:48 - 2015-07-17 01:48 - 05634275 ____R (Swearware) C:\Users\gestörthe Dörthe\Downloads\ComboFix.exe

2015-07-17 00:42 - 2015-07-17 00:42 - 00040293 _____ C:\Users\gestörthe Dörthe\Documents\Addition.txt

2015-07-17 00:41 - 2015-07-17 00:42 - 00148895 _____ C:\Users\gestörthe Dörthe\Documents\FRST.txt

2015-07-17 00:40 - 2015-07-17 21:09 - 00000000 ____D C:\FRST

2015-07-16 23:32 - 2015-06-25 20:09 - 00389832 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll

2015-07-16 23:32 - 2015-06-25 19:43 - 00342736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll

2015-07-16 23:32 - 2015-06-20 22:06 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll

2015-07-16 23:32 - 2015-06-20 21:50 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll

2015-07-16 23:32 - 2015-06-20 21:49 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll

2015-07-16 23:32 - 2015-06-20 21:39 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll

2015-07-16 23:32 - 2015-06-20 21:34 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe

2015-07-16 23:32 - 2015-06-20 21:25 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe

2015-07-16 23:32 - 2015-06-20 21:13 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll

2015-07-16 23:32 - 2015-06-20 20:48 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll

2015-07-16 23:32 - 2015-06-20 20:48 - 00720384 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe

2015-07-16 23:32 - 2015-06-20 20:46 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl

2015-07-16 23:32 - 2015-06-20 20:02 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll

2015-07-16 23:32 - 2015-06-19 20:16 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll

2015-07-16 23:32 - 2015-06-19 19:57 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll

2015-07-16 23:32 - 2015-06-19 19:40 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll

2015-07-16 23:31 - 2015-06-20 21:49 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll

2015-07-16 23:31 - 2015-06-20 21:49 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec

2015-07-16 23:31 - 2015-06-20 21:48 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll

2015-07-16 23:31 - 2015-06-20 21:40 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll

2015-07-16 23:31 - 2015-06-20 21:34 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll

2015-07-16 23:31 - 2015-06-20 21:34 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe

2015-07-16 23:31 - 2015-06-20 21:21 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll

2015-07-16 23:31 - 2015-06-20 21:08 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll

2015-07-16 23:31 - 2015-06-20 21:07 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll

2015-07-16 23:31 - 2015-06-20 21:05 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll

2015-07-16 23:31 - 2015-06-20 20:46 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll

2015-07-16 23:31 - 2015-06-20 20:26 - 02427392 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll

2015-07-16 23:31 - 2015-06-19 20:25 - 00504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll

2015-07-16 23:31 - 2015-06-19 20:25 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll

2015-07-16 23:31 - 2015-06-19 20:24 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec

2015-07-16 23:31 - 2015-06-19 20:24 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll

2015-07-16 23:31 - 2015-06-19 20:23 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll

2015-07-16 23:31 - 2015-06-19 20:17 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll

2015-07-16 23:31 - 2015-06-19 20:13 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll

2015-07-16 23:31 - 2015-06-19 20:13 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe

2015-07-16 23:31 - 2015-06-19 20:03 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll

2015-07-16 23:31 - 2015-06-19 19:53 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll

2015-07-16 23:31 - 2015-06-19 19:52 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll

2015-07-16 23:31 - 2015-06-19 19:51 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll

2015-07-16 23:31 - 2015-06-19 19:40 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl

2015-07-16 23:31 - 2015-06-19 19:39 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll

2015-07-16 23:31 - 2015-06-19 19:15 - 01951232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll

2015-07-16 23:31 - 2015-06-19 19:11 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll

2015-07-16 23:29 - 2015-06-27 04:47 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll

2015-07-16 23:29 - 2015-06-27 04:43 - 05923840 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll

2015-07-16 23:29 - 2015-06-27 03:58 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll

2015-07-16 23:29 - 2015-06-27 03:39 - 04520448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll

2015-07-16 23:29 - 2015-06-25 10:57 - 03207168 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys

2015-07-16 23:29 - 2015-06-17 19:47 - 00404992 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll

2015-07-16 23:29 - 2015-06-17 19:37 - 00312320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll

2015-07-16 23:29 - 2015-06-09 20:03 - 03180544 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll

2015-07-16 23:29 - 2015-06-09 20:03 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\RdpGroupPolicyExtension.dll

2015-07-16 23:25 - 2015-06-11 19:57 - 06131200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll

2015-07-16 23:25 - 2015-06-11 19:57 - 00856064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdvidcrl.dll

2015-07-16 23:25 - 2015-06-11 19:57 - 00053248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tsgqec.dll

2015-07-16 23:25 - 2015-06-11 19:56 - 07077376 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll

2015-07-16 23:25 - 2015-06-11 19:56 - 01057792 _____ (Microsoft Corporation) C:\Windows\system32\rdvidcrl.dll

2015-07-16 23:25 - 2015-06-11 19:56 - 00062976 _____ (Microsoft Corporation) C:\Windows\system32\tsgqec.dll

2015-07-16 23:25 - 2015-06-11 15:15 - 00429568 _____ (Microsoft Corporation) C:\Windows\system32\wksprt.exe

2015-07-16 23:24 - 2015-07-04 20:07 - 02087424 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll

2015-07-16 23:24 - 2015-07-04 19:48 - 01414656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll

2015-07-16 23:24 - 2015-07-01 22:56 - 00155584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys

2015-07-16 23:24 - 2015-07-01 22:56 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys

2015-07-16 23:24 - 2015-07-01 22:49 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll

2015-07-16 23:24 - 2015-07-01 22:49 - 01216512 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll

2015-07-16 23:24 - 2015-07-01 22:49 - 00729088 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll

2015-07-16 23:24 - 2015-07-01 22:49 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll

2015-07-16 23:24 - 2015-07-01 22:49 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll

2015-07-16 23:24 - 2015-07-01 22:49 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll

2015-07-16 23:24 - 2015-07-01 22:49 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll

2015-07-16 23:24 - 2015-07-01 22:49 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll

2015-07-16 23:24 - 2015-07-01 22:49 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll

2015-07-16 23:24 - 2015-07-01 22:49 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll

2015-07-16 23:24 - 2015-07-01 22:49 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll

2015-07-16 23:24 - 2015-07-01 22:48 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll

2015-07-16 23:24 - 2015-07-01 22:48 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll

2015-07-16 23:24 - 2015-07-01 22:47 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe

2015-07-16 23:24 - 2015-07-01 22:47 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe

2015-07-16 23:24 - 2015-07-01 22:43 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll

2015-07-16 23:24 - 2015-07-01 22:43 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll

2015-07-16 23:24 - 2015-07-01 22:39 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll

2015-07-16 23:24 - 2015-07-01 22:30 - 00552960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll

2015-07-16 23:24 - 2015-07-01 22:30 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll

2015-07-16 23:24 - 2015-07-01 22:30 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll

2015-07-16 23:24 - 2015-07-01 22:30 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll

2015-07-16 23:24 - 2015-07-01 22:30 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll

2015-07-16 23:24 - 2015-07-01 22:30 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll

2015-07-16 23:24 - 2015-07-01 22:30 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll

2015-07-16 23:24 - 2015-07-01 22:30 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll

2015-07-16 23:24 - 2015-07-01 22:30 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll

2015-07-16 23:24 - 2015-07-01 22:29 - 00665088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll

2015-07-16 23:24 - 2015-07-01 22:29 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll

2015-07-16 23:24 - 2015-07-01 22:29 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe

2015-07-16 23:24 - 2015-07-01 22:27 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll

2015-07-16 23:24 - 2015-07-01 22:26 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll

2015-07-16 23:24 - 2015-07-01 22:24 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll

2015-07-16 23:24 - 2015-07-01 21:27 - 00159232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys

2015-07-16 23:24 - 2015-07-01 21:26 - 00290816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys

2015-07-16 23:24 - 2015-07-01 21:26 - 00129024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys

2015-07-16 23:23 - 2015-06-15 23:50 - 00112064 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe

2015-07-16 23:23 - 2015-06-15 23:45 - 03242496 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll

2015-07-16 23:23 - 2015-06-15 23:45 - 01941504 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll

2015-07-16 23:23 - 2015-06-15 23:45 - 00504320 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll

2015-07-16 23:23 - 2015-06-15 23:45 - 00070656 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll

2015-07-16 23:23 - 2015-06-15 23:44 - 00128000 _____ (Microsoft Corporation) C:\Windows\system32\msiexec.exe

2015-07-16 23:23 - 2015-06-15 23:43 - 02364416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll

2015-07-16 23:23 - 2015-06-15 23:43 - 01805824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll

2015-07-16 23:23 - 2015-06-15 23:43 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll

2015-07-16 23:23 - 2015-06-15 23:42 - 00073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msiexec.exe

2015-07-16 23:23 - 2015-06-15 23:42 - 00025088 _____ (Microsoft Corporation) C:\Windows\system32\msimsg.dll

2015-07-16 23:23 - 2015-06-15 23:37 - 00025088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msimsg.dll

2015-07-16 23:22 - 2015-07-03 20:05 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll

2015-07-16 23:22 - 2015-07-03 20:05 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll

2015-07-16 23:22 - 2015-07-03 20:05 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll

2015-07-16 23:22 - 2015-07-03 20:05 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll

2015-07-16 23:22 - 2015-07-03 19:56 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll

2015-07-16 23:22 - 2015-07-03 19:56 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll

2015-07-16 23:22 - 2015-07-03 19:56 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll

2015-07-16 23:22 - 2015-07-03 19:55 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll

2015-07-16 23:22 - 2015-07-03 18:52 - 00372224 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll

2015-07-16 23:22 - 2015-07-03 18:42 - 00299008 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll

2015-07-14 23:58 - 2015-07-14 23:58 - 00001163 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk

2015-07-14 23:58 - 2015-07-14 23:58 - 00001151 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk

2015-07-14 23:58 - 2015-07-14 23:58 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox

2015-07-14 23:47 - 2015-07-14 23:54 - 00002067 _____ C:\Windows\IE11_main.log

2015-07-14 23:06 - 2015-07-14 23:08 - 00000505 _____ C:\Users\gestörthe Dörthe\AppData\Roaming\Microsoft\Windows\Start Menu\Google.website

2015-07-14 22:21 - 2015-07-14 22:21 - 00001265 _____ C:\Users\Public\Desktop\Medal of Honor™ Warfighter.lnk

2015-07-14 22:21 - 2015-07-14 22:21 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Medal of Honor™ Warfighter

2015-07-14 22:19 - 2015-07-14 22:19 - 00017627 _____ C:\Windows\DirectX.log

2015-07-14 22:17 - 2015-07-14 22:17 - 00007604 ____X C:\Users\gestörthe Dörthe\AppData\Local\Resmon.ResmonCfg

2015-07-14 22:07 - 2015-07-14 22:07 - 00000080 ____X C:\Users\gestörthe Dörthe\AppData\Local剜捯獫慴⁲慇敭屳呇⁁屖湥楴汴浥湥⹴湩潦

2015-07-13 13:02 - 2015-07-13 13:05 - 00000000 ___DX C:\Users\gestörthe Dörthe\SecurityScans

2015-07-13 12:48 - 2015-07-13 12:48 - 00001093 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Baseline Security Analyzer 2.3.lnk

2015-07-13 12:48 - 2015-07-13 12:48 - 00001081 _____ C:\Users\Public\Desktop\Microsoft Baseline Security Analyzer 2.3.lnk

2015-07-13 12:48 - 2015-07-13 12:48 - 00000000 ____D C:\Program Files\Microsoft Baseline Security Analyzer 2

2015-07-13 12:21 - 2015-07-13 12:21 - 00002630 _____ C:\Users\gestörthe Dörthe\Documents\zertifikatssicherung.pfx

2015-07-13 12:10 - 2015-07-09 19:59 - 00017856 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe

2015-07-13 12:10 - 2015-07-09 19:58 - 01085440 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll

2015-07-13 12:10 - 2015-07-09 19:58 - 00765440 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll

2015-07-13 12:10 - 2015-07-09 19:58 - 00726528 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll

2015-07-13 12:10 - 2015-07-09 19:58 - 00433664 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll

2015-07-13 12:10 - 2015-07-09 19:58 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll

2015-07-13 12:10 - 2015-07-09 19:58 - 00067584 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll

2015-07-13 12:10 - 2015-07-09 19:50 - 01145856 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll

2015-07-13 12:10 - 2015-06-27 00:07 - 03154944 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll

2015-07-13 12:10 - 2015-06-27 00:07 - 02603008 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll

2015-07-13 12:10 - 2015-06-27 00:07 - 00696320 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll

2015-07-13 12:10 - 2015-06-27 00:07 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll

2015-07-13 12:10 - 2015-06-27 00:07 - 00098304 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll

2015-07-13 12:10 - 2015-06-27 00:07 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll

2015-07-13 12:10 - 2015-06-27 00:07 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll

2015-07-13 12:10 - 2015-06-27 00:07 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll

2015-07-13 12:10 - 2015-06-27 00:06 - 00139776 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe

2015-07-13 12:10 - 2015-06-27 00:06 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe

2015-07-13 12:10 - 2015-06-27 00:06 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll

2015-07-13 12:10 - 2015-06-26 19:56 - 00566784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll

2015-07-13 12:10 - 2015-06-26 19:56 - 00173056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll

2015-07-13 12:10 - 2015-06-26 19:56 - 00093184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll

2015-07-13 12:10 - 2015-06-26 19:56 - 00030208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll

2015-07-13 12:10 - 2015-06-26 19:55 - 00034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe

2015-07-13 11:44 - 2015-07-13 11:44 - 00058016 _____ C:\Windows\system32\GDIPFONTCACHEV1.DAT

2015-07-12 21:54 - 2015-07-12 21:54 - 00358256 _____ C:\Windows\Minidump\071215-28064-01.dmp

2015-07-12 20:38 - 2015-07-17 20:52 - 587402953 _____ C:\Windows\MEMORY.DMP

2015-07-12 20:38 - 2015-07-12 20:39 - 00382872 _____ C:\Windows\Minidump\071215-27284-01.dmp

2015-07-11 09:45 - 2015-07-11 09:45 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battlefield 4 CTE

2015-07-11 04:26 - 2015-07-11 04:26 - 00002630 _____ C:\Users\gestörthe Dörthe\Documents\Passwörter.pfx

2015-07-08 22:33 - 2015-07-08 22:33 - 00000000 ____D C:\Users\gestörthe Dörthe\AppData\Roaming\streamripper

2015-07-08 03:08 - 2015-07-08 03:11 - 00000000 ____D C:\Users\gestörthe Dörthe\AppData\Roaming\fltk.org

2015-07-08 03:08 - 2015-07-08 03:08 - 00000000 ____D C:\Users\gestörthe Dörthe\AppData\Roaming\NVIDIA

2015-07-08 03:08 - 2015-07-08 03:08 - 00000000 ____D C:\ProgramData\fltk.org

2015-07-08 03:07 - 2015-07-08 03:48 - 00000000 ____D C:\Users\gestörthe Dörthe\AppData\Roaming\flightgear.org

2015-07-08 03:07 - 2015-07-08 03:07 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FlightGear 3.4.0

2015-07-08 03:07 - 2015-07-08 03:07 - 00000000 ____D C:\ProgramData\flightgear.org

2015-07-08 03:03 - 2015-07-08 03:03 - 00000000 ____D C:\Users\gestörthe Dörthe\Documents\FlightGear

2015-07-07 22:15 - 2015-07-07 22:15 - 00000000 ____D C:\Program Files (x86)\Streamripper

2015-07-07 21:36 - 2015-07-07 21:37 - 00000000 ____D C:\Users\gestörthe Dörthe\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Winamp

2015-07-04 18:37 - 2015-07-12 20:39 - 00000946 _____ C:\Windows\Tasks\Adobe Flash Player PPAPI Notifier.job

2015-07-04 18:37 - 2015-07-12 14:42 - 00003970 _____ C:\Windows\System32\Tasks\Adobe Flash Player PPAPI Notifier

2015-07-04 18:19 - 2015-07-15 17:53 - 00000000 ____D C:\Users\gestörthe Dörthe\AppData\Local\Opera Software

2015-07-04 18:18 - 2015-07-15 17:53 - 00000000 ____D C:\Users\gestörthe Dörthe\AppData\Roaming\Opera Software

2015-07-04 18:18 - 2015-07-04 18:18 - 00004176 _____ C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1436026726

2015-07-04 18:18 - 2015-07-04 18:18 - 00001350 _____ C:\Users\gestörthe Dörthe\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Opera.lnk

2015-07-04 18:02 - 2015-07-17 20:28 - 00003990 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{F4AB0725-74C4-43CB-B8D1-94391A05F26C}

2015-07-04 14:30 - 2015-07-17 20:53 - 00007766 _____ C:\Windows\setupact.log

2015-07-04 14:30 - 2015-07-17 04:00 - 00002082 _____ C:\Windows\PFRO.log

2015-07-04 14:30 - 2015-07-04 14:30 - 00000000 _____ C:\Windows\setuperr.log

2015-07-04 07:06 - 2015-07-04 07:06 - 00000000 ____D C:\Users\gestörthe Dörthe\AppData\Local\Electronic_Arts_Inc

2015-07-04 07:03 - 2015-07-04 07:03 - 00001274 _____ C:\Users\Public\Desktop\Need for Speed World.lnk

2015-07-04 07:03 - 2015-07-04 07:03 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Need for Speed World

2015-07-02 05:51 - 2015-07-02 05:51 - 00446129 __RSH C:\HVDMC

2015-07-01 22:48 - 2015-07-01 22:49 - 00000000 ____D C:\Users\gestörthe Dörthe\Documents\Battlefield 4 CTE

2015-07-01 01:43 - 2015-07-15 17:52 - 00000000 ____D C:\ProgramData\Skype

2015-07-01 01:43 - 2015-07-15 17:50 - 00000000 ____D C:\Users\gestörthe Dörthe\AppData\Roaming\Skype

2015-07-01 01:43 - 2015-07-01 01:43 - 00000000 ____D C:\Users\gestörthe Dörthe\AppData\Local\Skype

2015-07-01 01:37 - 2015-07-01 01:39 - 00000000 ____D C:\Users\gestörthe Dörthe\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games

2015-06-30 21:08 - 2015-06-30 21:08 - 00000000 ____D C:\Users\gestörthe Dörthe\AppData\Local\Logitech

2015-06-30 21:07 - 2015-06-30 21:07 - 00000000 ____D C:\ProgramData\Apple

2015-06-30 21:06 - 2015-06-30 21:07 - 00000000 ____D C:\Program Files\Logitech Gaming Software

2015-06-30 20:56 - 2015-07-01 01:35 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Logitech

2015-06-30 20:56 - 2015-07-01 01:35 - 00000000 ____D C:\ProgramData\Logishrd

2015-06-30 20:56 - 2015-06-30 20:56 - 00000000 ____D C:\Users\Public\Documents\Logishrd

2015-06-30 20:56 - 2015-06-30 20:56 - 00000000 ____D C:\Program Files\Logitech

2015-06-30 20:55 - 2015-06-30 21:04 - 00000000 ____D C:\Users\gestörthe Dörthe\AppData\Roaming\Logishrd

2015-06-30 20:55 - 2015-06-30 20:56 - 00000000 ____D C:\Users\gestörthe Dörthe\AppData\Roaming\Logitech

2015-06-30 19:41 - 2015-06-30 19:41 - 00000000 ____D C:\Program Files\Common Files\Logitech

2015-06-26 23:40 - 2015-06-26 23:40 - 00000000 ____D C:\Users\gestörthe Dörthe\AppData\Local\ESN

2015-06-26 22:34 - 2015-07-17 04:57 - 00001207 _____ C:\Users\Public\Desktop\Battlefield 4 CTE.lnk

2015-06-26 22:34 - 2015-07-17 04:57 - 00001192 _____ C:\Users\Public\Desktop\Battlefield 4 CTE(64 bit).lnk

2015-06-26 22:27 - 2015-06-26 22:27 - 00003156 _____ C:\Windows\System32\Tasks\XboxStatTask

2015-06-26 22:24 - 2015-06-26 22:24 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Xbox 360 Accessories

2015-06-26 22:24 - 2015-06-26 22:24 - 00000000 ____D C:\Program Files\Microsoft Xbox 360 Accessories

2015-06-26 19:36 - 2015-06-26 19:37 - 00000000 ____D C:\Users\gestörthe Dörthe\Documents\FIFA 15

2015-06-25 00:59 - 2015-06-25 01:04 - 00003352 _____ C:\Windows\System32\Tasks\winspt

2015-06-25 00:59 - 2015-06-25 00:59 - 00000116 _____ C:\Users\gestörthe Dörthe\AppData\Roaming\startupbt.bat

2015-06-25 00:59 - 2015-06-25 00:59 - 00000000 ____D C:\Users\gestörthe Dörthe\AppData\Roaming\Windows Loader

2015-06-25 00:57 - 2015-07-04 06:59 - 00000000 __RHD C:\Users\gestörthe Dörthe\Downloads\Windows_Loader

2015-06-24 06:18 - 2015-06-24 06:18 - 00000000 ____D C:\Program Files (x86)\Microsoft ASP.NET

2015-06-24 03:27 - 2015-06-24 03:27 - 00000000 ____D C:\Users\gestörthe Dörthe\Documents\Battlefield 4

2015-06-23 20:05 - 2015-06-23 20:05 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_SaiK0CC3_01009.Wdf

2015-06-23 19:58 - 2015-07-11 17:33 - 00000000 ____D C:\Program Files\SmartTechnology

2015-06-23 19:47 - 2015-06-23 20:01 - 00000000 ____D C:\Users\gestörthe Dörthe\AppData\Local\SmartTechnology

2015-06-23 18:08 - 2015-06-17 08:03 - 00571024 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe

2015-06-23 18:05 - 2015-06-17 11:10 - 42729104 _____ C:\Windows\system32\nvcompiler.dll

2015-06-23 18:05 - 2015-06-17 11:10 - 37748880 _____ C:\Windows\SysWOW64\nvcompiler.dll

Code:

2015-06-23 18:05 - 2015-06-17 11:10 - 30481552 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll

2015-06-23 18:05 - 2015-06-17 11:10 - 22947144 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll

2015-06-23 18:05 - 2015-06-17 11:10 - 17724600 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll

2015-06-23 18:05 - 2015-06-17 11:10 - 16145200 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll

2015-06-23 18:05 - 2015-06-17 11:10 - 15866992 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll

2015-06-23 18:05 - 2015-06-17 11:10 - 15224784 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll

2015-06-23 18:05 - 2015-06-17 11:10 - 14497520 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll

2015-06-23 18:05 - 2015-06-17 11:10 - 13263056 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll

2015-06-23 18:05 - 2015-06-17 11:10 - 11831856 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll

2015-06-23 18:05 - 2015-06-17 11:10 - 11011216 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys

2015-06-23 18:05 - 2015-06-17 11:10 - 02997544 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll

2015-06-23 18:05 - 2015-06-17 11:10 - 02932368 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll

2015-06-23 18:05 - 2015-06-17 11:10 - 02599752 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll

2015-06-23 18:05 - 2015-06-17 11:10 - 01099992 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshimx.dll

2015-06-23 18:05 - 2015-06-17 11:10 - 01060168 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll

2015-06-23 18:05 - 2015-06-17 11:10 - 01050768 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll

2015-06-23 18:05 - 2015-06-17 11:10 - 00982672 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll

2015-06-23 18:05 - 2015-06-17 11:10 - 00975176 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll

2015-06-23 18:05 - 2015-06-17 11:10 - 00938752 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll

2015-06-23 18:05 - 2015-06-17 11:10 - 00204648 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvhda64v.sys

2015-06-23 18:05 - 2015-06-17 11:10 - 00176904 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll

2015-06-23 18:05 - 2015-06-17 11:10 - 00155280 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll

2015-06-23 18:05 - 2015-06-17 11:10 - 00150832 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll

2015-06-23 18:05 - 2015-06-17 11:10 - 00128696 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll

2015-06-23 18:05 - 2015-06-17 11:10 - 00040280 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdap64.dll

2015-06-23 12:48 - 2015-06-17 11:10 - 01898128 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6435330.dll

2015-06-23 12:48 - 2015-06-17 11:10 - 01557832 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6435330.dll

2015-06-23 12:41 - 2015-05-19 05:29 - 00046768 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad64v.sys

2015-06-23 12:41 - 2015-05-19 05:14 - 00057520 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvaudcap32v.dll

2015-06-22 23:01 - 2015-06-22 23:01 - 00000000 ____H C:\Windows\system32\Drivers\Msft_User_WpdMtpDr_01_09_00.Wdf

2015-06-22 16:49 - 2015-06-22 16:49 - 00001151 _____ C:\Users\Public\Desktop\FIFA 15.lnk

2015-06-22 10:25 - 2015-06-22 10:25 - 00000000 ____D C:\Users\gestörthe Dörthe\AppData\Local\Rockstar Games

2015-06-22 10:24 - 2015-06-22 10:26 - 00000000 ____D C:\Users\gestörthe Dörthe\Documents\Rockstar Games

2015-06-22 10:22 - 2015-07-14 22:08 - 00000000 ____D C:\Program Files (x86)\Rockstar Games

2015-06-22 10:19 - 2015-07-14 22:08 - 00000000 ____D C:\Program Files\Rockstar Games

2015-06-22 10:19 - 2015-06-22 10:19 - 00001971 _____ C:\Users\Public\Desktop\Grand Theft Auto V.lnk

2015-06-22 10:19 - 2015-06-22 10:19 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Rockstar Games

2015-06-20 16:56 - 2015-06-20 16:56 - 00001547 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk

2015-06-20 16:56 - 2015-06-20 16:56 - 00001345 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk

2015-06-20 16:53 - 2015-06-20 16:53 - 00000000 ___RD C:\Users\Public\Recorded TV

2015-06-20 16:53 - 2015-06-20 16:53 - 00000000 ____D C:\Program Files\windows sidebar

2015-06-20 16:22 - 2015-06-20 16:22 - 00000000 ____D C:\Users\gestörthe Dörthe\AppData\Local\Macromedia

2015-06-20 14:21 - 2015-06-20 14:21 - 00000084 _____ C:\Windows\SysWOW64\prime.txt

2015-06-20 04:27 - 2015-07-15 00:14 - 00778416 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe

2015-06-20 04:27 - 2015-07-15 00:14 - 00142512 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl

2015-06-20 04:26 - 2015-07-15 00:14 - 00000000 ___DX C:\Users\gestörthe Dörthe\AppData\Local\Adobe

2015-06-20 04:26 - 2015-06-20 04:26 - 00000000 ____D C:\Windows\system32\Macromed

2015-06-20 04:18 - 2015-02-06 14:26 - 04033896 _____ C:\Windows\SysWOW64\pbsvc.exe

2015-06-20 03:00 - 2015-05-01 15:17 - 00124112 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll

2015-06-20 03:00 - 2015-05-01 15:16 - 00102608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll

2015-06-19 19:25 - 2015-06-26 14:23 - 00003362 _____ C:\Windows\System32\Tasks\EVGAPrecisionX

2015-06-19 19:07 - 2015-06-19 19:07 - 00002109 _____ C:\Users\Public\Desktop\EVGA PrecisionX 16.lnk

2015-06-19 19:07 - 2015-06-19 19:07 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EVGA

2015-06-19 19:07 - 2015-05-27 14:51 - 00156160 _____ C:\Windows\system32\FW1FontWrapper_x64.dll

2015-06-19 18:20 - 2015-06-19 18:20 - 00000000 ____D C:\Program Files (x86)\EVGA

2015-06-19 17:05 - 2015-06-19 17:05 - 00000000 ____D C:\Users\gestörthe Dörthe\AppData\Roaming\F-Secure

2015-06-19 17:02 - 2015-06-19 17:08 - 00055336 _____ C:\Windows\system32\Drivers\fsbts.sys

2015-06-19 17:00 - 2015-06-19 17:00 - 00020578 _____ C:\Windows\prodsett_copy.ini

2015-06-19 16:44 - 2015-06-19 16:46 - 00000000 ____D C:\Program Files (x86)\Kabel Deutschland

2015-06-19 16:44 - 2015-06-19 16:44 - 00002090 _____ C:\Users\Public\Desktop\Kabel Deutschland Sicherheitspaket.lnk

2015-06-19 16:44 - 2015-06-19 16:44 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kabel Deutschland

2015-06-19 16:43 - 2015-07-13 00:16 - 00000000 ____D C:\Users\gestörthe Dörthe\AppData\Local\F-Secure

2015-06-19 16:43 - 2015-06-19 17:00 - 00000000 ____D C:\ProgramData\F-Secure

2015-06-19 15:38 - 2015-06-19 15:38 - 00039086 _____ C:\Users\gestörthe Dörthe\Documents\cc_20150619_153757.reg

2015-06-19 15:35 - 2015-07-04 10:46 - 00000000 ____D C:\Program Files\CCleaner

2015-06-19 15:35 - 2015-06-19 15:35 - 00002820 _____ C:\Windows\System32\Tasks\CCleanerSkipUAC

2015-06-19 15:35 - 2015-06-19 15:35 - 00000822 _____ C:\Users\Public\Desktop\CCleaner.lnk

2015-06-19 15:35 - 2015-06-19 15:35 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner

2015-06-19 15:16 - 2015-06-19 19:07 - 00000000 ____D C:\Windows\SysWOW64\directx

2015-06-19 13:57 - 2015-06-19 14:04 - 00001202 _____ C:\Windows\SysWOW64\Avira.ServiceHost.log

2015-06-19 13:20 - 2015-06-19 13:20 - 00000000 ____D C:\Users\gestörthe Dörthe\AppData\Roaming\Macromedia

2015-06-19 13:13 - 2015-06-19 13:13 - 00000000 ____D C:\Windows\SysWOW64\Macromed

2015-06-19 13:10 - 2015-06-19 13:13 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASUS

2015-06-19 13:10 - 2009-09-30 05:33 - 00024576 ____R () C:\Windows\SysWOW64\AsIO.dll

2015-06-19 13:10 - 2009-08-04 04:28 - 00013440 ____R C:\Windows\SysWOW64\Drivers\AsIO.sys

2015-06-19 13:10 - 2008-01-04 13:34 - 00011832 _____ C:\Windows\SysWOW64\Drivers\AsInsHelp64.sys

2015-06-19 13:10 - 2008-01-04 13:34 - 00010216 _____ C:\Windows\SysWOW64\Drivers\AsInsHelp32.sys

2015-06-18 20:10 - 2015-07-15 13:32 - 00076152 _____ C:\Windows\system32\PnkBstrA.exe

2015-06-18 14:09 - 2015-07-13 12:12 - 00000000 ___SD C:\Windows\SysWOW64\GWX

2015-06-18 14:09 - 2015-07-13 12:12 - 00000000 ___SD C:\Windows\system32\GWX

2015-06-18 14:03 - 2015-06-18 14:03 - 00001198 _____ C:\Users\Public\Desktop\Battlefield 4.lnk

2015-06-18 14:03 - 2015-06-18 14:03 - 00001174 _____ C:\Users\Public\Desktop\Battlefield 4(64 bit).lnk

2015-06-18 13:34 - 2014-06-27 04:08 - 02777088 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll

2015-06-18 13:34 - 2014-06-27 03:45 - 02285056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2vdec.dll

2015-06-18 13:31 - 2015-01-31 01:56 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\rdpudd.dll

2015-06-18 13:31 - 2014-06-24 05:29 - 02565120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll

2015-06-18 13:31 - 2014-06-24 04:59 - 01987584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll

2015-06-18 13:31 - 2011-02-25 08:19 - 02871808 _____ (Microsoft Corporation) C:\Windows\explorer.exe

2015-06-18 13:31 - 2011-02-25 07:30 - 02616320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\explorer.exe

2015-06-18 13:30 - 2013-11-26 10:16 - 03419136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll

2015-06-18 13:30 - 2013-11-23 00:48 - 03928064 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll

2015-06-18 13:29 - 2014-12-11 19:47 - 00087040 _____ (Microsoft Corporation) C:\Windows\system32\TSWbPrxy.exe

2015-06-18 13:28 - 2012-02-11 08:36 - 00559104 _____ (Microsoft Corporation) C:\Windows\system32\spoolsv.exe

2015-06-18 13:28 - 2012-02-11 08:36 - 00067072 _____ (Microsoft Corporation) C:\Windows\splwow64.exe

2015-06-18 05:48 - 2015-06-18 05:48 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight

2015-06-18 05:46 - 2015-06-18 05:46 - 00000000 ____D C:\Program Files\Microsoft Silverlight

2015-06-18 05:46 - 2015-06-18 05:46 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight

2015-06-17 23:30 - 2015-06-20 04:32 - 00000000 ____D C:\Users\gestörthe Dörthe\AppData\Local\PunkBuster

2015-06-17 22:26 - 2015-04-20 05:17 - 01647104 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll

2015-06-17 22:26 - 2015-04-20 05:17 - 01179136 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll

2015-06-17 22:26 - 2015-04-20 04:56 - 01250816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll

2015-06-17 22:26 - 2015-02-04 05:16 - 00465920 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll

2015-06-17 22:26 - 2015-02-04 04:54 - 00417792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll

2015-06-17 22:26 - 2015-02-03 05:31 - 01424896 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll

2015-06-17 22:26 - 2015-02-03 05:12 - 01230848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll

2015-06-17 22:18 - 2015-06-17 22:18 - 00000000 ____D C:\Users\gestörthe Dörthe\AppData\Roaming\Adobe

2015-06-17 22:12 - 2015-07-13 12:11 - 00000000 ___SD C:\Windows\system32\CompatTel

2015-06-17 22:12 - 2015-07-13 12:11 - 00000000 ____D C:\Windows\system32\appraiser

2015-06-17 22:10 - 2015-01-09 01:44 - 00419936 _____ C:\Windows\SysWOW64\locale.nls

2015-06-17 22:10 - 2015-01-09 01:43 - 00419936 _____ C:\Windows\system32\locale.nls

2015-06-17 21:53 - 2013-10-02 04:22 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\TsUsbFlt.sys

2015-06-17 21:53 - 2013-10-02 04:11 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbRedirectionGroupPolicyControl.exe

2015-06-17 21:53 - 2013-10-02 04:08 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbRedirectionGroupPolicyExtension.dll

2015-06-17 21:53 - 2013-10-02 03:48 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\MsRdpWebAccess.dll

2015-06-17 21:53 - 2013-10-02 03:48 - 00018944 _____ (Microsoft Corporation) C:\Windows\system32\wksprtPS.dll

2015-06-17 21:53 - 2013-10-02 03:10 - 00044544 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbGDCoInstaller.dll

2015-06-17 21:53 - 2013-10-02 02:14 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MsRdpWebAccess.dll

2015-06-17 21:53 - 2013-10-02 02:14 - 00017920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wksprtPS.dll

2015-06-17 21:53 - 2013-10-02 01:31 - 01147392 _____ (Microsoft Corporation) C:\Windows\system32\mstsc.exe

2015-06-17 21:53 - 2013-10-02 00:34 - 01068544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstsc.exe

2015-06-17 21:52 - 2012-08-23 16:10 - 00019456 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpvideominiport.sys

2015-06-17 21:52 - 2012-08-23 16:08 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\TsUsbGD.sys

2015-06-17 21:52 - 2012-08-23 13:12 - 00192000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdpendp_winip.dll

2015-06-17 21:52 - 2012-08-23 12:51 - 00228864 _____ (Microsoft Corporation) C:\Windows\system32\rdpendp_winip.dll

2015-06-17 21:48 - 2015-04-27 21:23 - 01480192 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll

2015-06-17 21:48 - 2015-04-27 21:23 - 00229376 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll

2015-06-17 21:48 - 2015-04-27 21:23 - 00188416 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll

2015-06-17 21:48 - 2015-04-27 21:23 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll

2015-06-17 21:48 - 2015-04-27 21:05 - 00179200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll

2015-06-17 21:48 - 2015-04-27 21:04 - 01174528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll

2015-06-17 21:48 - 2015-04-27 21:04 - 00143872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll

2015-06-17 21:48 - 2015-04-27 21:04 - 00103936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll

2015-06-17 21:47 - 2015-05-09 20:26 - 00493504 _____ (Microsoft Corporation) C:\Windows\system32\mcupdate_GenuineIntel.dll

2015-06-17 21:47 - 2015-03-14 05:21 - 01632768 _____ (Microsoft Corporation) C:\Windows\system32\dwmcore.dll

2015-06-17 21:47 - 2015-03-14 05:21 - 00082944 _____ (Microsoft Corporation) C:\Windows\system32\dwmapi.dll

2015-06-17 21:47 - 2015-03-14 05:04 - 01372160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dwmcore.dll

2015-06-17 21:47 - 2015-03-14 05:04 - 00067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dwmapi.dll

2015-06-17 21:46 - 2014-07-09 04:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDYAK.DLL

2015-06-17 21:46 - 2014-07-09 04:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDTAT.DLL

2015-06-17 21:46 - 2014-07-09 04:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDRU1.DLL

2015-06-17 21:46 - 2014-07-09 04:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDBASH.DLL

2015-06-17 21:46 - 2014-07-09 04:03 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\KBDRU.DLL

2015-06-17 21:46 - 2014-07-09 03:31 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDYAK.DLL

2015-06-17 21:46 - 2014-07-09 03:31 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDTAT.DLL

2015-06-17 21:46 - 2014-07-09 03:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDRU1.DLL

2015-06-17 21:46 - 2014-07-09 03:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDRU.DLL

2015-06-17 21:46 - 2014-07-09 03:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDBASH.DLL

2015-06-17 21:46 - 2012-07-06 22:07 - 00552960 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bthport.sys

2015-06-17 21:46 - 2011-04-28 05:54 - 00080384 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\BTHUSB.SYS

2015-06-17 21:45 - 2011-03-11 08:41 - 00410496 _____ (Intel Corporation) C:\Windows\system32\Drivers\iaStorV.sys

2015-06-17 21:45 - 2011-03-11 08:41 - 00166272 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvstor.sys

2015-06-17 21:45 - 2011-03-11 08:41 - 00148352 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvraid.sys

2015-06-17 21:45 - 2011-03-11 08:41 - 00107904 _____ (Advanced Micro Devices) C:\Windows\system32\Drivers\amdsata.sys

2015-06-17 21:45 - 2011-03-11 08:41 - 00027008 _____ (Advanced Micro Devices) C:\Windows\system32\Drivers\amdxata.sys

2015-06-17 21:45 - 2011-03-11 08:33 - 02565632 _____ (Microsoft Corporation) C:\Windows\system32\esent.dll

2015-06-17 21:45 - 2011-03-11 08:30 - 00096768 _____ (Microsoft Corporation) C:\Windows\system32\fsutil.exe

2015-06-17 21:45 - 2011-03-11 07:33 - 01699328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\esent.dll

2015-06-17 21:45 - 2011-03-11 07:31 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fsutil.exe

2015-06-17 21:45 - 2011-03-11 06:37 - 00091648 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBSTOR.SYS

2015-06-17 21:27 - 2013-10-14 18:00 - 00028368 _____ (Microsoft Corporation) C:\Windows\system32\IEUDINIT.EXE

2015-06-17 21:23 - 2015-06-17 21:23 - 00942592 _____ (Microsoft Corporation) C:\Windows\system32\jsIntl.dll

2015-06-17 21:23 - 2015-06-17 21:23 - 00645120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsIntl.dll

2015-06-17 21:23 - 2015-06-17 21:23 - 00616104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat

2015-06-17 21:23 - 2015-06-17 21:23 - 00616104 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat

2015-06-17 21:23 - 2015-06-17 21:23 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll

2015-06-17 21:23 - 2015-06-17 21:23 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll

2015-06-17 21:23 - 2015-06-17 21:23 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\url.dll

2015-06-17 21:23 - 2015-06-17 21:23 - 00235008 _____ (Microsoft Corporation) C:\Windows\system32\elshyph.dll

2015-06-17 21:23 - 2015-06-17 21:23 - 00233472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll

2015-06-17 21:23 - 2015-06-17 21:23 - 00208384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll

2015-06-17 21:23 - 2015-06-17 21:23 - 00194048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll

2015-06-17 21:23 - 2015-06-17 21:23 - 00182272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll

2015-06-17 21:23 - 2015-06-17 21:23 - 00167424 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe

2015-06-17 21:23 - 2015-06-17 21:23 - 00151552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe

2015-06-17 21:23 - 2015-06-17 21:23 - 00147968 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll

2015-06-17 21:23 - 2015-06-17 21:23 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe

2015-06-17 21:23 - 2015-06-17 21:23 - 00139264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe

2015-06-17 21:23 - 2015-06-17 21:23 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll

2015-06-17 21:23 - 2015-06-17 21:23 - 00131072 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll

2015-06-17 21:23 - 2015-06-17 21:23 - 00127488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll

2015-06-17 21:23 - 2015-06-17 21:23 - 00116736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll

2015-06-17 21:23 - 2015-06-17 21:23 - 00111616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll

2015-06-17 21:23 - 2015-06-17 21:23 - 00105984 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll

2015-06-17 21:23 - 2015-06-17 21:23 - 00101376 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll

2015-06-17 21:23 - 2015-06-17 21:23 - 00090112 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe

2015-06-17 21:23 - 2015-06-17 21:23 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll

2015-06-17 21:23 - 2015-06-17 21:23 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe

2015-06-17 21:23 - 2015-06-17 21:23 - 00083456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll

2015-06-17 21:23 - 2015-06-17 21:23 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll

2015-06-17 21:23 - 2015-06-17 21:23 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx

2015-06-17 21:23 - 2015-06-17 21:23 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe

2015-06-17 21:23 - 2015-06-17 21:23 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe

2015-06-17 21:23 - 2015-06-17 21:23 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll

2015-06-17 21:23 - 2015-06-17 21:23 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx

2015-06-17 21:23 - 2015-06-17 21:23 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll

2015-06-17 21:23 - 2015-06-17 21:23 - 00056832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll

2015-06-17 21:23 - 2015-06-17 21:23 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll

2015-06-17 21:23 - 2015-06-17 21:23 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll

2015-06-17 21:23 - 2015-06-17 21:23 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll

2015-06-17 21:23 - 2015-06-17 21:23 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll

2015-06-17 21:23 - 2015-06-17 21:23 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll

2015-06-17 21:23 - 2015-06-17 21:23 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll

2015-06-17 21:23 - 2015-06-17 21:23 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll

2015-06-17 21:23 - 2015-06-17 21:23 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll

2015-06-17 21:23 - 2015-06-17 21:23 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe

2015-06-17 21:23 - 2015-06-17 21:23 - 00013312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe

2015-06-17 21:23 - 2015-06-17 21:23 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe

2015-06-17 21:23 - 2015-06-17 21:23 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe

2015-06-17 21:22 - 2015-06-17 21:22 - 01682432 _____ (Microsoft Corporation) C:\Windows\system32\XpsPrint.dll

2015-06-17 21:22 - 2015-06-17 21:22 - 01238528 _____ (Microsoft Corporation) C:\Windows\system32\d3d10.dll

2015-06-17 21:22 - 2015-06-17 21:22 - 01158144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XpsPrint.dll

2015-06-17 21:22 - 2015-06-17 21:22 - 01080832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10.dll

2015-06-17 21:22 - 2015-06-17 21:22 - 00648192 _____ (Microsoft Corporation) C:\Windows\system32\d3d10level9.dll

2015-06-17 21:22 - 2015-06-17 21:22 - 00604160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10level9.dll

2015-06-17 21:22 - 2015-06-17 21:22 - 00522752 _____ (Microsoft Corporation) C:\Windows\system32\XpsGdiConverter.dll

2015-06-17 21:22 - 2015-06-17 21:22 - 00364544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XpsGdiConverter.dll

2015-06-17 21:22 - 2015-06-17 21:22 - 00363008 _____ (Microsoft Corporation) C:\Windows\system32\dxgi.dll

2015-06-17 21:22 - 2015-06-17 21:22 - 00333312 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1core.dll

2015-06-17 21:22 - 2015-06-17 21:22 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\d3d10core.dll

2015-06-17 21:22 - 2015-06-17 21:22 - 00293376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxgi.dll

2015-06-17 21:22 - 2015-06-17 21:22 - 00249856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1core.dll

2015-06-17 21:22 - 2015-06-17 21:22 - 00245248 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecsExt.dll

2015-06-17 21:22 - 2015-06-17 21:22 - 00221184 _____ (Microsoft Corporation) C:\Windows\system32\UIAnimation.dll

2015-06-17 21:22 - 2015-06-17 21:22 - 00220160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10core.dll

2015-06-17 21:22 - 2015-06-17 21:22 - 00207872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecsExt.dll

2015-06-17 21:22 - 2015-06-17 21:22 - 00194560 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1.dll

2015-06-17 21:22 - 2015-06-17 21:22 - 00187392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UIAnimation.dll

2015-06-17 21:22 - 2015-06-17 21:22 - 00161792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1.dll

2015-06-17 21:22 - 2015-06-17 21:22 - 00010752 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l1-1-0.dll

2015-06-17 21:22 - 2015-06-17 21:22 - 00010752 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-advapi32-l1-1-0.dll

2015-06-17 21:22 - 2015-06-17 21:22 - 00009728 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l1-1-0.dll

2015-06-17 21:22 - 2015-06-17 21:22 - 00009728 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll

2015-06-17 21:22 - 2015-06-17 21:22 - 00005632 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l2-1-0.dll

2015-06-17 21:22 - 2015-06-17 21:22 - 00005632 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-ole32-l1-1-0.dll

2015-06-17 21:22 - 2015-06-17 21:22 - 00005632 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shlwapi-l2-1-0.dll

2015-06-17 21:22 - 2015-06-17 21:22 - 00005632 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-ole32-l1-1-0.dll

2015-06-17 21:22 - 2015-06-17 21:22 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-user32-l1-1-0.dll

2015-06-17 21:22 - 2015-06-17 21:22 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-user32-l1-1-0.dll

2015-06-17 21:22 - 2015-06-17 21:22 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l2-1-0.dll

2015-06-17 21:22 - 2015-06-17 21:22 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-advapi32-l2-1-0.dll

2015-06-17 21:22 - 2015-06-17 21:22 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-version-l1-1-0.dll

2015-06-17 21:22 - 2015-06-17 21:22 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shell32-l1-1-0.dll

2015-06-17 21:22 - 2015-06-17 21:22 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-version-l1-1-0.dll

2015-06-17 21:22 - 2015-06-17 21:22 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shell32-l1-1-0.dll

2015-06-17 21:22 - 2015-06-17 21:22 - 00002560 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-normaliz-l1-1-0.dll

2015-06-17 21:22 - 2015-06-17 21:22 - 00002560 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-normaliz-l1-1-0.dll

2015-06-17 16:48 - 2012-07-26 05:08 - 00744448 _____ (Microsoft Corporation) C:\Windows\system32\WUDFx.dll

2015-06-17 16:48 - 2012-07-26 05:08 - 00229888 _____ (Microsoft Corporation) C:\Windows\system32\WUDFHost.exe

2015-06-17 16:48 - 2012-07-26 05:08 - 00194048 _____ (Microsoft Corporation) C:\Windows\system32\WUDFPlatform.dll

2015-06-17 16:48 - 2012-07-26 05:08 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\WUDFSvc.dll

2015-06-17 16:48 - 2012-07-26 05:08 - 00045056 _____ (Microsoft Corporation) C:\Windows\system32\WUDFCoinstaller.dll

2015-06-17 16:48 - 2012-07-26 04:26 - 00198656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WUDFRd.sys

2015-06-17 16:48 - 2012-07-26 04:26 - 00087040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WUDFPf.sys

2015-06-17 16:48 - 2012-06-02 16:57 - 00000003 _____ C:\Windows\system32\Drivers\MsftWdf_User_01_11_00_Inbox_Critical.Wdf

2015-06-17 16:30 - 2012-03-01 08:46 - 00023408 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fs_rec.sys

2015-06-17 16:30 - 2012-03-01 08:28 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\wmi.dll

2015-06-17 16:30 - 2012-03-01 07:29 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmi.dll

2015-06-17 16:12 - 2015-06-17 16:12 - 00000000 ____D C:\Users\gestörthe Dörthe\AppData\Local\NVIDIA Corporation

2015-06-17 16:11 - 2015-06-23 18:08 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation

2015-06-17 16:11 - 2015-06-03 23:04 - 01756424 _____ (NVIDIA Corporation) C:\Windows\system32\nvspbridge64.dll

2015-06-17 16:11 - 2015-06-03 23:04 - 01571696 _____ (NVIDIA Corporation) C:\Windows\system32\nvspcap64.dll

2015-06-17 16:11 - 2015-06-03 23:04 - 01320304 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspcap.dll

2015-06-17 16:11 - 2015-06-03 23:04 - 01316000 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspbridge.dll

2015-06-17 16:08 - 2015-06-19 13:12 - 00000000 ____D C:\Program Files (x86)\ASUS

2015-06-17 16:08 - 2015-06-17 16:08 - 00003105 _____ C:\Users\gestörthe Dörthe\Desktop\ASUS PC Diagnostics.lnk

2015-06-17 16:08 - 2015-06-17 16:08 - 00000000 ____D C:\Users\gestörthe Dörthe\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ASUS

2015-06-17 16:07 - 2015-06-23 18:05 - 00000000 ____D C:\ProgramData\boost_interprocess

2015-06-17 16:07 - 2015-06-17 11:10 - 00030966 _____ C:\Windows\system32\nvinfo.pb

2015-06-17 16:07 - 2015-05-28 09:04 - 01898312 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6435306.dll

2015-06-17 16:07 - 2015-05-28 09:04 - 01557832 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6435306.dll

2015-06-17 16:07 - 2015-05-19 05:14 - 00061616 _____ (NVIDIA Corporation) C:\Windows\system32\nvaudcap64v.dll

2015-06-17 15:51 - 2015-06-17 15:51 - 00000000 ____D C:\Users\gestörthe Dörthe\Documents\BFH

2015-06-17 14:49 - 2015-06-17 14:49 - 00015872 _____ C:\Windows\AsTaskSched.dll

2015-06-17 14:47 - 2015-06-17 14:47 - 00000000 ____D C:\Users\gestörthe Dörthe\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AMD

2015-06-17 14:44 - 2015-06-17 14:44 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip

2015-06-17 14:44 - 2015-06-17 14:44 - 00000000 ____D C:\Program Files\7-Zip

2015-06-17 14:43 - 2015-06-17 14:43 - 00003264 _____ C:\Windows\System32\Tasks\{A843E8B5-1999-48C7-BF2D-D7670BCA9A79}

2015-06-17 14:32 - 2015-06-20 10:15 - 00001098 _____ C:\Users\Public\Desktop\Battlefield Hardline.lnk

2015-06-17 14:32 - 2015-05-21 15:19 - 00193536 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll

2015-06-17 14:32 - 2015-04-29 20:19 - 12625920 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL

2015-06-17 14:32 - 2015-04-29 20:07 - 11411456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll

2015-06-17 14:32 - 2015-04-29 20:07 - 00008192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\spwmp.dll

2015-06-17 14:32 - 2015-04-29 20:07 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdxm.ocx

2015-06-17 14:32 - 2015-04-29 20:07 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxmasf.dll

2015-06-17 14:32 - 2015-04-29 20:05 - 12625408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL

2015-06-17 14:32 - 2015-01-28 01:36 - 01239720 _____ (Microsoft Corporation) C:\Windows\system32\aitstatic.exe

2015-06-17 14:31 - 2015-07-17 13:05 - 00226680 _____ C:\Windows\SysWOW64\PnkBstrB.exe

2015-06-17 14:31 - 2015-07-17 12:09 - 00226680 _____ C:\Windows\SysWOW64\PnkBstrB.ex0

2015-06-17 14:31 - 2015-07-14 22:20 - 00076888 _____ C:\Windows\SysWOW64\PnkBstrA.exe

2015-06-17 14:31 - 2015-06-27 01:11 - 00000000 ____D C:\Program Files (x86)\Battlelog Web Plugins

2015-06-17 14:31 - 2015-04-29 20:22 - 14635008 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll

2015-06-17 14:31 - 2015-04-29 20:21 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\spwmp.dll

2015-06-17 14:31 - 2015-04-29 20:21 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.ocx

2015-06-17 14:31 - 2015-04-29 20:21 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\dxmasf.dll

2015-06-17 14:30 - 2015-04-13 05:28 - 00328704 _____ (Microsoft Corporation) C:\Windows\system32\services.exe

2015-06-17 14:30 - 2014-01-28 04:32 - 00228864 _____ (Microsoft Corporation) C:\Windows\system32\wwansvc.dll

2015-06-17 14:30 - 2013-10-30 04:32 - 00335360 _____ (Microsoft Corporation) C:\Windows\system32\msieftp.dll

2015-06-17 14:30 - 2013-10-30 04:19 - 00301568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msieftp.dll

2015-06-17 14:30 - 2013-03-19 07:53 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\wwanprotdim.dll

2015-06-17 14:30 - 2010-06-02 04:55 - 00527192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_7.dll

2015-06-17 14:30 - 2010-06-02 04:55 - 00518488 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_7.dll

2015-06-17 14:30 - 2010-06-02 04:55 - 00239960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_7.dll

2015-06-17 14:30 - 2010-06-02 04:55 - 00176984 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_7.dll

2015-06-17 14:30 - 2010-06-02 04:55 - 00077656 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_5.dll

2015-06-17 14:30 - 2010-06-02 04:55 - 00074072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_5.dll

2015-06-17 14:30 - 2010-05-26 11:41 - 02526056 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_43.dll

2015-06-17 14:30 - 2010-05-26 11:41 - 02401112 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_43.dll

2015-06-17 14:30 - 2010-05-26 11:41 - 02106216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_43.dll

2015-06-17 14:30 - 2010-05-26 11:41 - 01998168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_43.dll

2015-06-17 14:30 - 2010-05-26 11:41 - 01907552 _____ (Microsoft Corporation) C:\Windows\system32\d3dcsx_43.dll

2015-06-17 14:30 - 2010-05-26 11:41 - 01868128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dcsx_43.dll

2015-06-17 14:30 - 2010-05-26 11:41 - 00511328 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_43.dll

2015-06-17 14:30 - 2010-05-26 11:41 - 00470880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_43.dll

2015-06-17 14:30 - 2010-05-26 11:41 - 00276832 _____ (Microsoft Corporation) C:\Windows\system32\d3dx11_43.dll

2015-06-17 14:30 - 2010-05-26 11:41 - 00248672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx11_43.dll

2015-06-17 14:30 - 2010-02-04 10:01 - 00530776 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_6.dll

2015-06-17 14:30 - 2010-02-04 10:01 - 00528216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_6.dll

2015-06-17 14:30 - 2010-02-04 10:01 - 00238936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_6.dll

2015-06-17 14:30 - 2010-02-04 10:01 - 00176984 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_6.dll

2015-06-17 14:30 - 2010-02-04 10:01 - 00078680 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_4.dll

2015-06-17 14:30 - 2010-02-04 10:01 - 00074072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_4.dll

2015-06-17 14:30 - 2010-02-04 10:01 - 00024920 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_7.dll

2015-06-17 14:30 - 2010-02-04 10:01 - 00022360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_7.dll

2015-06-17 14:29 - 2015-04-18 04:56 - 00342016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll

2015-06-17 14:29 - 2009-09-04 17:44 - 00517960 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_5.dll

2015-06-17 14:29 - 2009-09-04 17:44 - 00515416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_5.dll

2015-06-17 14:29 - 2009-09-04 17:44 - 00238936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_5.dll

2015-06-17 14:29 - 2009-09-04 17:44 - 00176968 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_5.dll

2015-06-17 14:29 - 2009-09-04 17:44 - 00073544 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_3.dll

2015-06-17 14:29 - 2009-09-04 17:44 - 00069464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_3.dll

2015-06-17 14:29 - 2009-09-04 17:29 - 05554512 _____ (Microsoft Corporation) C:\Windows\system32\d3dcsx_42.dll

2015-06-17 14:29 - 2009-09-04 17:29 - 05501792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dcsx_42.dll

2015-06-17 14:29 - 2009-09-04 17:29 - 02582888 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_42.dll

2015-06-17 14:29 - 2009-09-04 17:29 - 02475352 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_42.dll

2015-06-17 14:29 - 2009-09-04 17:29 - 01974616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_42.dll

2015-06-17 14:29 - 2009-09-04 17:29 - 00523088 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_42.dll

2015-06-17 14:29 - 2009-09-04 17:29 - 00453456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_42.dll

2015-06-17 14:29 - 2009-09-04 17:29 - 00285024 _____ (Microsoft Corporation) C:\Windows\system32\d3dx11_42.dll

2015-06-17 14:29 - 2009-09-04 17:29 - 00235344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx11_42.dll

2015-06-17 14:29 - 2009-03-16 14:18 - 00521560 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_4.dll

2015-06-17 14:29 - 2009-03-16 14:18 - 00517448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_4.dll

2015-06-17 14:29 - 2009-03-16 14:18 - 00235352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_4.dll

2015-06-17 14:29 - 2009-03-16 14:18 - 00174936 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_4.dll

2015-06-17 14:29 - 2009-03-16 14:18 - 00024920 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_6.dll

2015-06-17 14:29 - 2009-03-16 14:18 - 00022360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_6.dll

2015-06-17 14:29 - 2009-03-09 15:27 - 05425496 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_41.dll

2015-06-17 14:29 - 2009-03-09 15:27 - 04178264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_41.dll

2015-06-17 14:29 - 2009-03-09 15:27 - 02430312 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_41.dll

2015-06-17 14:29 - 2009-03-09 15:27 - 01846632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_41.dll

2015-06-17 14:29 - 2009-03-09 15:27 - 00520544 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_41.dll

2015-06-17 14:29 - 2009-03-09 15:27 - 00453456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_41.dll

2015-06-17 14:29 - 2008-10-27 10:04 - 00518480 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_3.dll

2015-06-17 14:29 - 2008-10-27 10:04 - 00514384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_3.dll

2015-06-17 14:29 - 2008-10-27 10:04 - 00235856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_3.dll

2015-06-17 14:29 - 2008-10-27 10:04 - 00175440 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_3.dll

2015-06-17 14:29 - 2008-10-27 10:04 - 00074576 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_2.dll

2015-06-17 14:29 - 2008-10-27 10:04 - 00070992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_2.dll

2015-06-17 14:29 - 2008-10-27 10:04 - 00025936 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_5.dll

2015-06-17 14:29 - 2008-10-27 10:04 - 00023376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_5.dll

2015-06-17 14:29 - 2008-10-15 06:22 - 05631312 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_40.dll

2015-06-17 14:29 - 2008-10-15 06:22 - 04379984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_40.dll

2015-06-17 14:29 - 2008-10-15 06:22 - 02605920 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_40.dll

2015-06-17 14:29 - 2008-10-15 06:22 - 02036576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_40.dll

2015-06-17 14:29 - 2008-10-15 06:22 - 00519000 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_40.dll

2015-06-17 14:29 - 2008-10-15 06:22 - 00452440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_40.dll

2015-06-17 14:29 - 2008-07-31 10:41 - 00238088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_2.dll

2015-06-17 14:29 - 2008-07-31 10:41 - 00177672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_2.dll

2015-06-17 14:29 - 2008-07-31 10:41 - 00072200 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_1.dll

2015-06-17 14:29 - 2008-07-31 10:41 - 00068616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_1.dll

2015-06-17 14:29 - 2008-07-31 10:40 - 00513544 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_2.dll

2015-06-17 14:29 - 2008-07-31 10:40 - 00509448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_2.dll

2015-06-17 14:29 - 2008-07-10 11:01 - 00467984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_39.dll

2015-06-17 14:29 - 2008-07-10 11:00 - 04992520 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_39.dll

2015-06-17 14:29 - 2008-07-10 11:00 - 03851784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_39.dll

2015-06-17 14:29 - 2008-07-10 11:00 - 01942552 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_39.dll

2015-06-17 14:29 - 2008-07-10 11:00 - 01493528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_39.dll

2015-06-17 14:29 - 2008-07-10 11:00 - 00540688 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_39.dll

2015-06-17 14:29 - 2008-05-30 14:19 - 00511496 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_1.dll

2015-06-17 14:29 - 2008-05-30 14:19 - 00507400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_1.dll

2015-06-17 14:29 - 2008-05-30 14:18 - 00238088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_1.dll

2015-06-17 14:29 - 2008-05-30 14:18 - 00177672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_1.dll

2015-06-17 14:29 - 2008-05-30 14:17 - 00068104 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_0.dll

2015-06-17 14:29 - 2008-05-30 14:17 - 00065032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_0.dll

2015-06-17 14:29 - 2008-05-30 14:17 - 00025608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_4.dll

2015-06-17 14:29 - 2008-05-30 14:16 - 00028168 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_4.dll

2015-06-17 14:29 - 2008-05-30 14:11 - 04991496 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_38.dll

2015-06-17 14:29 - 2008-05-30 14:11 - 03850760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_38.dll

2015-06-17 14:29 - 2008-05-30 14:11 - 01941528 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_38.dll

2015-06-17 14:29 - 2008-05-30 14:11 - 01491992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_38.dll

2015-06-17 14:29 - 2008-05-30 14:11 - 00540688 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_38.dll

2015-06-17 14:29 - 2008-05-30 14:11 - 00467984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_38.dll

2015-06-17 14:29 - 2008-03-05 16:04 - 00489480 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_0.dll

2015-06-17 14:29 - 2008-03-05 16:03 - 00479752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_0.dll

2015-06-17 14:29 - 2008-03-05 16:03 - 00238088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_0.dll

2015-06-17 14:29 - 2008-03-05 16:03 - 00177672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_0.dll

2015-06-17 14:29 - 2008-03-05 16:00 - 00028168 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_3.dll

2015-06-17 14:29 - 2008-03-05 16:00 - 00025608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_3.dll

2015-06-17 14:29 - 2008-03-05 15:56 - 04910088 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_37.dll

2015-06-17 14:29 - 2008-03-05 15:56 - 03786760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_37.dll

2015-06-17 14:29 - 2008-03-05 15:56 - 01860120 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_37.dll

2015-06-17 14:29 - 2008-03-05 15:56 - 01420824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_37.dll

2015-06-17 14:29 - 2008-02-05 23:07 - 00529424 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_37.dll

2015-06-17 14:29 - 2008-02-05 23:07 - 00462864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_37.dll

2015-06-17 14:29 - 2007-10-22 03:40 - 00411656 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_10.dll

2015-06-17 14:29 - 2007-10-22 03:39 - 00267272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_10.dll

2015-06-17 14:29 - 2007-10-12 15:14 - 05081608 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_36.dll

2015-06-17 14:29 - 2007-10-12 15:14 - 03734536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_36.dll

2015-06-17 14:29 - 2007-10-12 15:14 - 02006552 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_36.dll

2015-06-17 14:29 - 2007-10-12 15:14 - 01374232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_36.dll

2015-06-17 14:29 - 2007-10-02 09:56 - 00508264 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_36.dll

2015-06-17 14:29 - 2007-10-02 09:56 - 00444776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_36.dll

2015-06-17 14:28 - 2015-04-18 05:10 - 00460800 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll

2015-06-17 14:28 - 2007-10-22 03:37 - 00021000 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_2.dll

2015-06-17 14:28 - 2007-10-22 03:37 - 00017928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_2.dll

2015-06-17 14:28 - 2007-07-20 00:57 - 00411496 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_9.dll

2015-06-17 14:28 - 2007-07-20 00:57 - 00267112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_9.dll

2015-06-17 14:28 - 2007-07-19 18:14 - 05073256 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_35.dll

2015-06-17 14:28 - 2007-07-19 18:14 - 03727720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_35.dll

2015-06-17 14:28 - 2007-07-19 18:14 - 01985904 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_35.dll

2015-06-17 14:28 - 2007-07-19 18:14 - 01358192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_35.dll

2015-06-17 14:28 - 2007-07-19 18:14 - 00508264 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_35.dll

2015-06-17 14:28 - 2007-07-19 18:14 - 00444776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_35.dll

2015-06-17 14:28 - 2007-06-20 20:49 - 00409960 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_8.dll

2015-06-17 14:28 - 2007-06-20 20:46 - 00266088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_8.dll

2015-06-17 14:28 - 2007-05-16 16:45 - 04496232 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_34.dll

2015-06-17 14:28 - 2007-05-16 16:45 - 03497832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_34.dll

2015-06-17 14:28 - 2007-05-16 16:45 - 01401200 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_34.dll

2015-06-17 14:28 - 2007-05-16 16:45 - 01124720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_34.dll

2015-06-17 14:28 - 2007-05-16 16:45 - 00506728 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_34.dll

2015-06-17 14:28 - 2007-05-16 16:45 - 00443752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_34.dll

2015-06-17 14:28 - 2007-04-04 18:55 - 00403304 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_7.dll

2015-06-17 14:28 - 2007-04-04 18:55 - 00261480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_7.dll

2015-06-17 14:28 - 2007-04-04 18:54 - 00107368 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_3.dll

2015-06-17 14:28 - 2007-04-04 18:53 - 00081768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xinput1_3.dll

2015-06-17 14:28 - 2007-03-15 16:57 - 00506728 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_33.dll

2015-06-17 14:28 - 2007-03-15 16:57 - 00443752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_33.dll

2015-06-17 14:28 - 2007-03-12 16:42 - 04494184 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_33.dll

2015-06-17 14:28 - 2007-03-12 16:42 - 03495784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_33.dll

2015-06-17 14:28 - 2007-03-12 16:42 - 01400176 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_33.dll

2015-06-17 14:28 - 2007-03-12 16:42 - 01123696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_33.dll

2015-06-17 14:28 - 2007-03-05 12:42 - 00017688 _____ (Microsoft Corporation) C:\Windows\system32\x3daudio1_1.dll

2015-06-17 14:28 - 2007-03-05 12:42 - 00015128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\x3daudio1_1.dll

2015-06-17 14:28 - 2007-01-24 15:27 - 00393576 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_6.dll

2015-06-17 14:28 - 2007-01-24 15:27 - 00255848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_6.dll

2015-06-17 14:28 - 2006-12-08 12:02 - 00251672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_5.dll

2015-06-17 14:28 - 2006-12-08 12:00 - 00390424 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_5.dll

2015-06-17 14:28 - 2006-11-29 13:06 - 04398360 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_32.dll

2015-06-17 14:28 - 2006-11-29 13:06 - 03426072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_32.dll

2015-06-17 14:28 - 2006-11-29 13:06 - 00469264 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10.dll

2015-06-17 14:28 - 2006-11-29 13:06 - 00440080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10.dll

2015-06-17 14:28 - 2006-09-28 16:05 - 03977496 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_31.dll

2015-06-17 14:28 - 2006-09-28 16:05 - 00237848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_4.dll

2015-06-17 14:28 - 2006-09-28 16:04 - 00364824 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_4.dll

2015-06-17 14:28 - 2006-07-28 09:31 - 00083736 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_2.dll

2015-06-17 14:28 - 2006-07-28 09:30 - 00363288 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_3.dll

2015-06-17 14:28 - 2006-07-28 09:30 - 00236824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_3.dll

2015-06-17 14:28 - 2006-07-28 09:30 - 00062744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xinput1_2.dll

2015-06-17 14:28 - 2006-05-31 07:24 - 00230168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_2.dll

2015-06-17 14:28 - 2006-05-31 07:22 - 00354072 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_2.dll

2015-06-17 14:28 - 2006-03-31 12:41 - 03927248 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_30.dll

2015-06-17 14:28 - 2006-03-31 12:40 - 02388176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_30.dll

2015-06-17 14:28 - 2006-03-31 12:40 - 00352464 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_1.dll

2015-06-17 14:28 - 2006-03-31 12:39 - 00229584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_1.dll

2015-06-17 14:28 - 2006-03-31 12:39 - 00083664 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_1.dll

2015-06-17 14:28 - 2006-03-31 12:39 - 00062672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xinput1_1.dll

2015-06-17 14:28 - 2006-02-03 08:43 - 03830992 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_29.dll

2015-06-17 14:28 - 2006-02-03 08:43 - 02332368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_29.dll

2015-06-17 14:28 - 2006-02-03 08:42 - 00355536 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_0.dll

2015-06-17 14:28 - 2006-02-03 08:42 - 00230096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_0.dll

2015-06-17 14:28 - 2006-02-03 08:41 - 00016592 _____ (Microsoft Corporation) C:\Windows\system32\x3daudio1_0.dll

2015-06-17 14:28 - 2006-02-03 08:41 - 00014032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\x3daudio1_0.dll

2015-06-17 14:28 - 2005-12-05 18:09 - 03815120 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_28.dll

2015-06-17 14:28 - 2005-12-05 18:09 - 02323664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_28.dll

2015-06-17 14:28 - 2005-07-22 19:59 - 03807440 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_27.dll

2015-06-17 14:28 - 2005-07-22 19:59 - 02319568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_27.dll

2015-06-17 14:28 - 2005-05-26 15:34 - 03767504 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_26.dll

2015-06-17 14:28 - 2005-05-26 15:34 - 02297552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_26.dll

2015-06-17 14:28 - 2005-03-18 17:19 - 03823312 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_25.dll

2015-06-17 14:28 - 2005-03-18 17:19 - 02337488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_25.dll

2015-06-17 14:28 - 2005-02-05 19:45 - 03544272 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_24.dll

2015-06-17 14:28 - 2005-02-05 19:45 - 02222800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_24.dll

2015-06-17 14:27 - 2011-06-16 07:49 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\xmllite.dll

2015-06-17 14:27 - 2011-06-16 06:33 - 00180224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xmllite.dll

2015-06-17 14:27 - 2011-06-15 12:02 - 00212992 _____ (Microsoft Corporation) C:\Windows\system32\odbctrac.dll

2015-06-17 14:27 - 2011-06-15 12:02 - 00163840 _____ (Microsoft Corporation) C:\Windows\system32\odbccp32.dll

2015-06-17 14:27 - 2011-06-15 12:02 - 00106496 _____ (Microsoft Corporation) C:\Windows\system32\odbccu32.dll

2015-06-17 14:27 - 2011-06-15 12:02 - 00106496 _____ (Microsoft Corporation) C:\Windows\system32\odbccr32.dll

2015-06-17 14:27 - 2011-06-15 10:55 - 00319488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\odbcjt32.dll

2015-06-17 14:27 - 2011-06-15 10:55 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\odbctrac.dll

2015-06-17 14:27 - 2011-06-15 10:55 - 00122880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\odbccp32.dll

2015-06-17 14:27 - 2011-06-15 10:55 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\odbccu32.dll

2015-06-17 14:27 - 2011-06-15 10:55 - 00081920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\odbccr32.dll

2015-06-17 14:26 - 2012-10-09 20:17 - 00226816 _____ (Microsoft Corporation) C:\Windows\system32\dhcpcore6.dll

2015-06-17 14:26 - 2012-10-09 20:17 - 00055296 _____ (Microsoft Corporation) C:\Windows\system32\dhcpcsvc6.dll

2015-06-17 14:26 - 2012-10-09 19:40 - 00193536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dhcpcore6.dll

2015-06-17 14:26 - 2012-10-09 19:40 - 00044032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dhcpcsvc6.dll

2015-06-17 14:24 - 2015-05-25 20:01 - 00635392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdh.dll

2015-06-17 14:24 - 2010-12-23 12:42 - 01118720 _____ (Microsoft Corporation) C:\Windows\system32\sbe.dll

2015-06-17 14:24 - 2010-12-23 12:42 - 00961024 _____ (Microsoft Corporation) C:\Windows\system32\CPFilters.dll

2015-06-17 14:24 - 2010-12-23 12:36 - 00259072 _____ (Microsoft Corporation) C:\Windows\system32\mpg2splt.ax

2015-06-17 14:24 - 2010-12-23 07:54 - 00850944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sbe.dll

2015-06-17 14:24 - 2010-12-23 07:54 - 00642048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CPFilters.dll

2015-06-17 14:24 - 2010-12-23 07:50 - 00199680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mpg2splt.ax

2015-06-17 14:23 - 2015-05-25 20:24 - 05569984 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe

2015-06-17 14:23 - 2015-05-25 20:21 - 01728960 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll

2015-06-17 14:23 - 2015-05-25 20:19 - 01255424 _____ (Microsoft Corporation) C:\Windows\system32\diagtrack.dll

2015-06-17 14:23 - 2015-05-25 20:19 - 01162752 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll

2015-06-17 14:23 - 2015-05-25 20:19 - 00879104 _____ (Microsoft Corporation) C:\Windows\system32\tdh.dll

2015-06-17 14:23 - 2015-05-25 20:19 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll

2015-06-17 14:23 - 2015-05-25 20:19 - 00424960 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll

2015-06-17 14:23 - 2015-05-25 20:19 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll

2015-06-17 14:23 - 2015-05-25 20:19 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll

2015-06-17 14:23 - 2015-05-25 20:19 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll

2015-06-17 14:23 - 2015-05-25 20:19 - 00113664 _____ (Microsoft Corporation) C:\Windows\system32\sechost.dll

2015-06-17 14:23 - 2015-05-25 20:19 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll

2015-06-17 14:23 - 2015-05-25 20:19 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll

2015-06-17 14:23 - 2015-05-25 20:19 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll

2015-06-17 14:23 - 2015-05-25 20:18 - 00879104 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll

2015-06-17 14:23 - 2015-05-25 20:18 - 00404992 _____ (Microsoft Corporation) C:\Windows\system32\tracerpt.exe

2015-06-17 14:23 - 2015-05-25 20:18 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe

2015-06-17 14:23 - 2015-05-25 20:18 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe

2015-06-17 14:23 - 2015-05-25 20:18 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe

2015-06-17 14:23 - 2015-05-25 20:18 - 00104448 _____ (Microsoft Corporation) C:\Windows\system32\logman.exe

2015-06-17 14:23 - 2015-05-25 20:18 - 00047104 _____ (Microsoft Corporation) C:\Windows\system32\typeperf.exe

2015-06-17 14:23 - 2015-05-25 20:18 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll

2015-06-17 14:23 - 2015-05-25 20:18 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\relog.exe

2015-06-17 14:23 - 2015-05-25 20:18 - 00019456 _____ (Microsoft Corporation) C:\Windows\system32\diskperf.exe

2015-06-17 14:23 - 2015-05-25 20:11 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll

2015-06-17 14:23 - 2015-05-25 20:11 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll

2015-06-17 14:23 - 2015-05-25 20:11 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll

2015-06-17 14:23 - 2015-05-25 20:11 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll

2015-06-17 14:23 - 2015-05-25 20:11 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll

2015-06-17 14:23 - 2015-05-25 20:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll

2015-06-17 14:23 - 2015-05-25 20:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll

2015-06-17 14:23 - 2015-05-25 20:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll

2015-06-17 14:23 - 2015-05-25 20:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll

2015-06-17 14:23 - 2015-05-25 20:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll

2015-06-17 14:23 - 2015-05-25 20:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll

2015-06-17 14:23 - 2015-05-25 20:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll

2015-06-17 14:23 - 2015-05-25 20:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll

2015-06-17 14:23 - 2015-05-25 20:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll

2015-06-17 14:23 - 2015-05-25 20:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll

2015-06-17 14:23 - 2015-05-25 20:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll

2015-06-17 14:23 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll

2015-06-17 14:23 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll

2015-06-17 14:23 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll

2015-06-17 14:23 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll

2015-06-17 14:23 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll

2015-06-17 14:23 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll

2015-06-17 14:23 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll

2015-06-17 14:23 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll

2015-06-17 14:23 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll

2015-06-17 14:23 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll

2015-06-17 14:23 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll

2015-06-17 14:23 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll

2015-06-17 14:23 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll

2015-06-17 14:23 - 2015-05-25 20:07 - 03989440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe

2015-06-17 14:23 - 2015-05-25 20:07 - 03934144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe

2015-06-17 14:23 - 2015-05-25 20:04 - 01310744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll

2015-06-17 14:23 - 2015-05-25 20:01 - 00641536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll

2015-06-17 14:23 - 2015-05-25 20:01 - 00092160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sechost.dll

2015-06-17 14:23 - 2015-05-25 20:01 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll

2015-06-17 14:23 - 2015-05-25 20:01 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll

2015-06-17 14:23 - 2015-05-25 20:00 - 00364544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tracerpt.exe

2015-06-17 14:23 - 2015-05-25 20:00 - 00082944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\logman.exe

2015-06-17 14:23 - 2015-05-25 20:00 - 00040448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\typeperf.exe

2015-06-17 14:23 - 2015-05-25 20:00 - 00037888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\relog.exe

2015-06-17 14:23 - 2015-05-25 20:00 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe

2015-06-17 14:23 - 2015-05-25 20:00 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\diskperf.exe

2015-06-17 14:23 - 2015-05-25 19:59 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll

2015-06-17 14:23 - 2015-05-25 19:59 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll

2015-06-17 14:23 - 2015-05-25 19:59 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll

2015-06-17 14:23 - 2015-05-25 19:55 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll

2015-06-17 14:23 - 2015-05-25 19:55 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll

2015-06-17 14:23 - 2015-05-25 19:55 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll

2015-06-17 14:23 - 2015-05-25 19:55 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll

2015-06-17 14:23 - 2015-05-25 19:55 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll

2015-06-17 14:23 - 2015-05-25 19:55 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll

2015-06-17 14:23 - 2015-05-25 19:55 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll

2015-06-17 14:23 - 2015-05-25 19:55 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll

2015-06-17 14:23 - 2015-05-25 19:55 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll

2015-06-17 14:23 - 2015-05-25 19:55 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll

2015-06-17 14:23 - 2015-05-25 19:55 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll

2015-06-17 14:23 - 2015-05-25 19:55 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll

2015-06-17 14:23 - 2015-05-25 19:55 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll

2015-06-17 14:23 - 2015-05-25 19:55 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll

2015-06-17 14:23 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll

2015-06-17 14:23 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll

2015-06-17 14:23 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll

2015-06-17 14:23 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll

2015-06-17 14:23 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll

2015-06-17 14:23 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll

2015-06-17 14:23 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll

2015-06-17 14:23 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll

2015-06-17 14:23 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll

2015-06-17 14:23 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll

2015-06-17 14:23 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll

2015-06-17 14:23 - 2015-05-25 19:00 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\UtcResources.dll

2015-06-17 14:23 - 2015-05-25 18:50 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe

2015-06-17 14:23 - 2015-05-25 18:50 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe

2015-06-17 14:23 - 2015-05-25 18:48 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll

2015-06-17 14:23 - 2015-05-25 18:48 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll

2015-06-17 14:23 - 2015-05-25 18:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll

2015-06-17 14:23 - 2015-05-25 18:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll

2015-06-17 14:22 - 2012-01-04 12:44 - 00509952 _____ (Microsoft Corporation) C:\Windows\system32\ntshrui.dll

2015-06-17 14:22 - 2012-01-04 10:58 - 00442880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntshrui.dll

2015-06-17 14:22 - 2011-05-04 06:34 - 01549312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tquery.dll

2015-06-17 14:22 - 2011-05-04 06:32 - 01401344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssrch.dll

2015-06-17 14:22 - 2011-05-04 06:32 - 00666624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssvp.dll

2015-06-17 14:22 - 2011-05-04 06:32 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssph.dll

2015-06-17 14:22 - 2011-05-04 06:32 - 00197120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssphtb.dll

2015-06-17 14:22 - 2011-05-04 06:32 - 00059392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msscntrs.dll

2015-06-17 14:22 - 2011-05-04 06:28 - 00427520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchIndexer.exe

2015-06-17 14:22 - 2011-05-04 06:28 - 00164352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchProtocolHost.exe

2015-06-17 14:22 - 2011-05-04 06:28 - 00086528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchFilterHost.exe

2015-06-17 14:21 - 2011-05-04 07:25 - 02315776 _____ (Microsoft Corporation) C:\Windows\system32\tquery.dll

2015-06-17 14:21 - 2011-05-04 07:22 - 02223616 _____ (Microsoft Corporation) C:\Windows\system32\mssrch.dll

2015-06-17 14:21 - 2011-05-04 07:22 - 00778752 _____ (Microsoft Corporation) C:\Windows\system32\mssvp.dll

2015-06-17 14:21 - 2011-05-04 07:22 - 00491520 _____ (Microsoft Corporation) C:\Windows\system32\mssph.dll

2015-06-17 14:21 - 2011-05-04 07:22 - 00288256 _____ (Microsoft Corporation) C:\Windows\system32\mssphtb.dll

2015-06-17 14:21 - 2011-05-04 07:22 - 00075264 _____ (Microsoft Corporation) C:\Windows\system32\msscntrs.dll

2015-06-17 14:21 - 2011-05-04 07:19 - 00591872 _____ (Microsoft Corporation) C:\Windows\system32\SearchIndexer.exe

2015-06-17 14:21 - 2011-05-04 07:19 - 00249856 _____ (Microsoft Corporation) C:\Windows\system32\SearchProtocolHost.exe

2015-06-17 14:21 - 2011-05-04 07:19 - 00113664 _____ (Microsoft Corporation) C:\Windows\system32\SearchFilterHost.exe

2015-06-17 14:20 - 2014-08-01 13:53 - 01031168 _____ (Microsoft Corporation) C:\Windows\system32\TSWorkspace.dll

2015-06-17 14:20 - 2014-08-01 13:35 - 00793600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSWorkspace.dll

2015-06-17 14:20 - 2014-04-25 04:34 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\usp10.dll

2015-06-17 14:20 - 2014-04-25 04:06 - 00626688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usp10.dll

2015-06-17 14:20 - 2011-11-17 08:35 - 00395776 _____ (Microsoft Corporation) C:\Windows\system32\webio.dll

2015-06-17 14:20 - 2011-11-17 07:35 - 00314880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webio.dll

2015-06-17 14:19 - 2015-02-03 05:34 - 00094656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mountmgr.sys

2015-06-17 14:19 - 2015-02-03 05:31 - 00782848 _____ (Microsoft Corporation) C:\Windows\system32\wmdrmsdk.dll

2015-06-17 14:19 - 2015-02-03 05:31 - 00641024 _____ (Microsoft Corporation) C:\Windows\system32\msscp.dll

2015-06-17 14:19 - 2015-02-03 05:31 - 00432128 _____ (Microsoft Corporation) C:\Windows\system32\mfplat.dll

2015-06-17 14:19 - 2015-02-03 05:31 - 00325632 _____ (Microsoft Corporation) C:\Windows\system32\msnetobj.dll

2015-06-17 14:19 - 2015-02-03 05:31 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\msmmsp.dll

2015-06-17 14:19 - 2015-02-03 05:30 - 01202176 _____ (Microsoft Corporation) C:\Windows\system32\drmv2clt.dll

2015-06-17 14:19 - 2015-02-03 05:30 - 00842240 _____ (Microsoft Corporation) C:\Windows\system32\blackbox.dll

2015-06-17 14:19 - 2015-02-03 05:30 - 00497664 _____ (Microsoft Corporation) C:\Windows\system32\drmmgrtn.dll

2015-06-17 14:19 - 2015-02-03 05:19 - 00663552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\PEAuth.sys

2015-06-17 14:19 - 2015-02-03 05:12 - 03209728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll

2015-06-17 14:19 - 2015-02-03 05:12 - 01329664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\quartz.dll

2015-06-17 14:19 - 2015-02-03 05:12 - 01005056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptui.dll

2015-06-17 14:19 - 2015-02-03 05:12 - 00988160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drmv2clt.dll

2015-06-17 14:19 - 2015-02-03 05:12 - 00744960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\blackbox.dll

2015-06-17 14:19 - 2015-02-03 05:12 - 00617984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmdrmsdk.dll

2015-06-17 14:19 - 2015-02-03 05:12 - 00519680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qdvd.dll

2015-06-17 14:19 - 2015-02-03 05:12 - 00504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msscp.dll

2015-06-17 14:19 - 2015-02-03 05:12 - 00489984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\evr.dll

2015-06-17 14:19 - 2015-02-03 05:12 - 00442880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AUDIOKSE.dll

2015-06-17 14:19 - 2015-02-03 05:12 - 00406016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drmmgrtn.dll

2015-06-17 14:19 - 2015-02-03 05:12 - 00374784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioEng.dll

2015-06-17 14:19 - 2015-02-03 05:12 - 00354816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfplat.dll

2015-06-17 14:19 - 2015-02-03 05:12 - 00265216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msnetobj.dll

2015-06-17 14:19 - 2015-02-03 05:12 - 00195584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll

2015-06-17 14:19 - 2015-02-03 05:12 - 00103424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfps.dll

2015-06-17 14:19 - 2015-02-03 05:12 - 00081408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsp.dll

2015-06-17 14:19 - 2015-02-03 05:12 - 00050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll

2015-06-17 14:19 - 2015-02-03 05:11 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rrinstaller.exe

2015-06-17 14:19 - 2015-02-03 05:11 - 00023040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfpmp.exe

2015-06-17 14:19 - 2015-02-03 05:09 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mferror.dll

2015-06-17 14:18 - 2015-02-03 05:34 - 00693176 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi

2015-06-17 14:18 - 2015-02-03 05:33 - 00616360 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi

2015-06-17 14:18 - 2015-02-03 05:31 - 04121600 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll

2015-06-17 14:18 - 2015-02-03 05:31 - 01574400 _____ (Microsoft Corporation) C:\Windows\system32\quartz.dll

2015-06-17 14:18 - 2015-02-03 05:31 - 00500224 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll

2015-06-17 14:18 - 2015-02-03 05:31 - 00371712 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll

2015-06-17 14:18 - 2015-02-03 05:31 - 00206848 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll

2015-06-17 14:18 - 2015-02-03 05:31 - 00188416 _____ (Microsoft Corporation) C:\Windows\system32\pcasvc.dll

2015-06-17 14:18 - 2015-02-03 05:31 - 00063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll

2015-06-17 14:18 - 2015-02-03 05:31 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\pcadm.dll

2015-06-17 14:18 - 2015-02-03 05:30 - 01069056 _____ (Microsoft Corporation) C:\Windows\system32\cryptui.dll

2015-06-17 14:18 - 2015-02-03 05:30 - 00680960 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll

2015-06-17 14:18 - 2015-02-03 05:30 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\evr.dll

2015-06-17 14:18 - 2015-02-03 05:30 - 00440832 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll

2015-06-17 14:18 - 2015-02-03 05:30 - 00296448 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll

2015-06-17 14:18 - 2015-02-03 05:30 - 00284672 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll

2015-06-17 14:18 - 2015-02-03 05:30 - 00146944 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe

2015-06-17 14:18 - 2015-02-03 05:30 - 00126464 _____ (Microsoft Corporation) C:\Windows\system32\audiodg.exe

2015-06-17 14:18 - 2015-02-03 05:30 - 00082432 _____ (Microsoft Corporation) C:\Windows\system32\cryptsp.dll

2015-06-17 14:18 - 2015-02-03 05:30 - 00058880 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll

2015-06-17 14:18 - 2015-02-03 05:30 - 00055808 _____ (Microsoft Corporation) C:\Windows\system32\rrinstaller.exe

2015-06-17 14:18 - 2015-02-03 05:30 - 00032256 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll

2015-06-17 14:18 - 2015-02-03 05:30 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\mfpmp.exe

2015-06-17 14:18 - 2015-02-03 05:30 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe

2015-06-17 14:18 - 2015-02-03 05:30 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\pcawrk.exe

2015-06-17 14:18 - 2015-02-03 05:30 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\pcalua.exe

2015-06-17 14:18 - 2015-02-03 05:29 - 00008704 _____ (Microsoft Corporation) C:\Windows\system32\pcaevts.dll

2015-06-17 14:18 - 2015-02-03 05:28 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\mferror.dll

2015-06-17 14:18 - 2015-02-03 04:32 - 00061440 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys

2015-06-17 14:18 - 2014-11-01 00:24 - 00619056 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe

2015-06-17 14:18 - 2014-06-28 02:21 - 00532176 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe

2015-06-17 14:18 - 2014-06-28 02:21 - 00457400 _____ (Microsoft Corporation) C:\Windows\system32\ci.dll

2015-06-17 14:17 - 2014-12-19 05:06 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll

2015-06-17 14:17 - 2014-06-19 00:23 - 01943696 _____ (Microsoft Corporation) C:\Windows\system32\dfshim.dll

2015-06-17 14:17 - 2014-06-19 00:23 - 01131664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dfshim.dll

2015-06-17 14:17 - 2014-06-19 00:23 - 00156824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscorier.dll

2015-06-17 14:17 - 2014-06-19 00:23 - 00156312 _____ (Microsoft Corporation) C:\Windows\system32\mscorier.dll

2015-06-17 14:17 - 2014-06-19 00:23 - 00081560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscories.dll

2015-06-17 14:17 - 2014-06-19 00:23 - 00073880 _____ (Microsoft Corporation) C:\Windows\system32\mscories.dll

2015-06-17 14:16 - 2015-04-08 05:29 - 00275456 _____ (Microsoft Corporation) C:\Windows\system32\InkEd.dll

2015-06-17 14:16 - 2015-04-08 05:14 - 00216064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\InkEd.dll

2015-06-17 14:16 - 2014-04-05 04:47 - 01903552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys

2015-06-17 14:16 - 2014-04-05 04:47 - 00288192 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS

2015-06-17 14:16 - 2014-01-29 04:32 - 00484864 _____ (Microsoft Corporation) C:\Windows\system32\wer.dll

2015-06-17 14:16 - 2014-01-29 04:06 - 00381440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wer.dll

2015-06-17 14:16 - 2013-11-26 13:40 - 00376768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys

2015-06-17 14:16 - 2013-10-19 04:18 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\imagehlp.dll

2015-06-17 14:16 - 2013-10-19 03:36 - 00159232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imagehlp.dll

2015-06-17 14:15 - 2014-12-06 06:17 - 00303616 _____ (Microsoft Corporation) C:\Windows\system32\nlasvc.dll

2015-06-17 14:15 - 2014-12-06 05:50 - 00156672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncsi.dll

2015-06-17 14:15 - 2014-12-06 05:50 - 00052224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nlaapi.dll

2015-06-17 14:15 - 2014-10-14 04:13 - 00683520 _____ (Microsoft Corporation) C:\Windows\system32\termsrv.dll

2015-06-17 14:15 - 2014-03-26 16:44 - 02002432 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll

2015-06-17 14:15 - 2014-03-26 16:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml6r.dll

2015-06-17 14:15 - 2014-03-26 16:27 - 01389056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll

2015-06-17 14:15 - 2014-03-26 16:25 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6r.dll

2015-06-17 14:15 - 2011-12-30 08:26 - 00515584 _____ (Microsoft Corporation) C:\Windows\system32\timedate.cpl

2015-06-17 14:15 - 2011-12-30 07:27 - 00478720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\timedate.cpl

2015-06-17 14:14 - 2013-10-04 04:16 - 00116736 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\drmk.sys

2015-06-17 14:14 - 2013-10-04 03:36 - 00230400 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\portcls.sys

2015-06-17 14:13 - 2015-02-03 05:31 - 00215552 _____ (Microsoft Corporation) C:\Windows\system32\ubpm.dll

2015-06-17 14:13 - 2015-02-03 05:12 - 00171520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ubpm.dll

2015-06-17 14:13 - 2015-01-29 05:19 - 02543104 _____ (Microsoft Corporation) C:\Windows\system32\wpdshext.dll

2015-06-17 14:13 - 2015-01-29 05:02 - 02311168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wpdshext.dll

2015-06-17 14:13 - 2015-01-09 05:14 - 00950272 _____ (Microsoft Corporation) C:\Windows\system32\perftrack.dll

2015-06-17 14:13 - 2015-01-09 05:14 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\wdi.dll

2015-06-17 14:13 - 2015-01-09 05:14 - 00029696 _____ (Microsoft Corporation) C:\Windows\system32\powertracker.dll

2015-06-17 14:13 - 2015-01-09 04:48 - 00076800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdi.dll

2015-06-17 14:13 - 2014-12-19 03:46 - 00141312 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys

2015-06-17 14:13 - 2014-06-18 04:18 - 00692736 _____ (Microsoft Corporation) C:\Windows\system32\osk.exe

2015-06-17 14:13 - 2014-06-18 03:51 - 00646144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\osk.exe

2015-06-17 14:13 - 2013-08-05 04:25 - 00155584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ataport.sys

2015-06-17 14:12 - 2013-12-04 04:03 - 00428032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc.dll

2015-06-17 14:12 - 2013-12-04 04:03 - 00423936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_isv.dll

2015-06-17 14:12 - 2013-12-04 04:03 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_ssp_isv.dll

2015-06-17 14:12 - 2013-12-04 04:03 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_ssp.dll

2015-06-17 14:12 - 2013-12-04 04:02 - 00390144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdrm.dll

2015-06-17 14:12 - 2013-12-04 03:54 - 00594944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_isv.exe

2015-06-17 14:12 - 2013-12-04 03:54 - 00572416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate.exe

2015-06-17 14:12 - 2013-12-04 03:54 - 00510976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_ssp.exe

2015-06-17 14:12 - 2013-12-04 03:54 - 00508928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_ssp_isv.exe

2015-06-17 14:12 - 2013-10-04 04:28 - 00190464 _____ (Microsoft Corporation) C:\Windows\system32\SmartcardCredentialProvider.dll

2015-06-17 14:12 - 2013-10-04 04:25 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\credui.dll

2015-06-17 14:12 - 2013-10-04 03:58 - 00152576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SmartcardCredentialProvider.dll

2015-06-17 14:12 - 2013-10-04 03:56 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credui.dll

2015-06-17 14:12 - 2011-03-11 08:34 - 01395712 _____ (Microsoft Corporation) C:\Windows\system32\mfc42.dll

2015-06-17 14:12 - 2011-03-11 08:34 - 01359872 _____ (Microsoft Corporation) C:\Windows\system32\mfc42u.dll

2015-06-17 14:12 - 2011-03-11 07:33 - 01164288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc42u.dll

2015-06-17 14:12 - 2011-03-11 07:33 - 01137664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc42.dll

2015-06-17 14:11 - 2014-06-06 12:10 - 00624128 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll

2015-06-17 14:11 - 2014-06-06 11:44 - 00509440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll

2015-06-17 14:11 - 2013-12-04 04:27 - 00488448 _____ (Microsoft Corporation) C:\Windows\system32\secproc.dll

2015-06-17 14:11 - 2013-12-04 04:27 - 00485888 _____ (Microsoft Corporation) C:\Windows\system32\secproc_isv.dll

2015-06-17 14:11 - 2013-12-04 04:27 - 00123392 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp_isv.dll

2015-06-17 14:11 - 2013-12-04 04:27 - 00123392 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp.dll

2015-06-17 14:11 - 2013-12-04 04:26 - 00528384 _____ (Microsoft Corporation) C:\Windows\system32\msdrm.dll

2015-06-17 14:11 - 2013-12-04 04:16 - 00658432 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_isv.exe

2015-06-17 14:11 - 2013-12-04 04:16 - 00626176 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate.exe

2015-06-17 14:11 - 2013-12-04 04:16 - 00553984 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp.exe

2015-06-17 14:11 - 2013-12-04 04:16 - 00552960 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp_isv.exe

2015-06-17 14:11 - 2013-11-27 03:41 - 00343040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys

2015-06-17 14:11 - 2013-11-27 03:41 - 00325120 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys

2015-06-17 14:11 - 2013-11-27 03:41 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys

2015-06-17 14:11 - 2013-11-27 03:41 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys

2015-06-17 14:11 - 2013-11-27 03:41 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys

2015-06-17 14:11 - 2013-11-27 03:41 - 00025600 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbohci.sys

2015-06-17 14:11 - 2013-11-27 03:41 - 00007808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys

2015-06-17 14:11 - 2013-07-25 10:57 - 01620992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVDECOD.DLL

2015-06-17 14:11 - 2013-04-26 01:30 - 01505280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d11.dll

2015-06-17 14:11 - 2013-04-01 00:52 - 01887232 _____ (Microsoft Corporation) C:\Windows\system32\d3d11.dll

2015-06-17 14:11 - 2012-08-22 20:12 - 00950128 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndis.sys

2015-06-17 14:11 - 2012-07-04 22:26 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\RNDISMP.sys

2015-06-17 14:10 - 2015-04-24 20:17 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\comctl32.dll

2015-06-17 14:10 - 2015-04-24 19:56 - 00530432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comctl32.dll

2015-06-17 14:10 - 2015-02-13 07:26 - 12875264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll

2015-06-17 14:10 - 2015-02-13 07:22 - 14177280 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll

2015-06-17 14:10 - 2014-05-30 08:45 - 00497152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys

2015-06-17 14:10 - 2013-07-25 11:25 - 01888768 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL

2015-06-17 14:10 - 2013-07-12 12:41 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbcir.sys

2015-06-17 14:10 - 2013-07-12 12:40 - 00109824 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBAUDIO.sys

2015-06-17 14:10 - 2013-06-26 00:55 - 00785624 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Wdf01000.sys

2015-06-17 14:10 - 2013-02-12 06:12 - 00019968 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usb8023.sys

2015-06-17 14:10 - 2012-11-29 00:56 - 00054376 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdfLdr.sys

2015-06-17 14:10 - 2012-11-29 00:56 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\Wdfres.dll

2015-06-17 14:10 - 2012-11-29 00:56 - 00000003 _____ C:\Windows\system32\Drivers\MsftWdf_Kernel_01011_Inbox_Critical.Wdf

2015-06-17 14:09 - 2014-11-11 03:46 - 00119296 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdx.sys

2015-06-17 14:09 - 2013-07-03 06:05 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidclass.sys

2015-06-17 14:09 - 2013-07-03 06:05 - 00032896 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidparse.sys

2015-06-17 14:09 - 2012-10-03 19:44 - 00246272 _____ (Microsoft Corporation) C:\Windows\system32\netcorehc.dll

2015-06-17 14:09 - 2012-10-03 19:44 - 00216576 _____ (Microsoft Corporation) C:\Windows\system32\ncsi.dll

2015-06-17 14:09 - 2012-10-03 19:44 - 00070656 _____ (Microsoft Corporation) C:\Windows\system32\nlaapi.dll

2015-06-17 14:09 - 2012-10-03 19:44 - 00018944 _____ (Microsoft Corporation) C:\Windows\system32\netevent.dll

2015-06-17 14:09 - 2012-10-03 19:42 - 00569344 _____ (Microsoft Corporation) C:\Windows\system32\iphlpsvc.dll

2015-06-17 14:09 - 2012-10-03 18:42 - 00175104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netcorehc.dll

2015-06-17 14:09 - 2012-10-03 18:42 - 00018944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netevent.dll

2015-06-17 14:09 - 2012-10-03 18:07 - 00045568 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpipreg.sys

2015-06-17 14:09 - 2011-03-03 08:24 - 00357888 _____ (Microsoft Corporation) C:\Windows\system32\dnsapi.dll

2015-06-17 14:09 - 2011-03-03 08:24 - 00183296 _____ (Microsoft Corporation) C:\Windows\system32\dnsrslvr.dll

2015-06-17 14:09 - 2011-03-03 08:21 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\dnscacheugc.exe

2015-06-17 14:09 - 2011-03-03 07:38 - 00270336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dnsapi.dll

2015-06-17 14:09 - 2011-03-03 07:36 - 00028672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dnscacheugc.exe

2015-06-17 14:08 - 2013-07-04 14:57 - 00259584 _____ (Microsoft Corporation) C:\Windows\system32\WebClnt.dll

2015-06-17 14:08 - 2013-07-04 14:50 - 00102400 _____ (Microsoft Corporation) C:\Windows\system32\davclnt.dll

2015-06-17 14:08 - 2013-07-04 13:57 - 00205824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WebClnt.dll

2015-06-17 14:08 - 2013-07-04 13:51 - 00081920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\davclnt.dll

2015-06-17 14:07 - 2012-11-02 07:59 - 00478208 _____ (Microsoft Corporation) C:\Windows\system32\dpnet.dll

2015-06-17 14:07 - 2012-11-02 07:11 - 00376832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpnet.dll

2015-06-17 14:06 - 2014-03-04 11:44 - 00722944 _____ (Microsoft Corporation) C:\Windows\system32\objsel.dll

2015-06-17 14:06 - 2014-03-04 11:17 - 00538112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\objsel.dll

2015-06-17 14:06 - 2014-03-04 11:17 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cngprovider.dll

2015-06-17 14:06 - 2014-03-04 11:17 - 00049664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adprovider.dll

2015-06-17 14:06 - 2014-03-04 11:17 - 00048128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\capiprovider.dll

2015-06-17 14:06 - 2014-03-04 11:17 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpapiprovider.dll

2015-06-17 14:06 - 2014-03-04 11:17 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dimsroam.dll

2015-06-17 14:06 - 2014-03-04 11:17 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wincredprovider.dll

2015-06-17 14:05 - 2014-03-04 11:44 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\wincredprovider.dll

2015-06-17 14:05 - 2014-03-04 11:43 - 00057344 _____ (Microsoft Corporation) C:\Windows\system32\cngprovider.dll

2015-06-17 14:05 - 2014-03-04 11:43 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\adprovider.dll

2015-06-17 14:05 - 2014-03-04 11:43 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\capiprovider.dll

2015-06-17 14:05 - 2014-03-04 11:43 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\dpapiprovider.dll

2015-06-17 14:05 - 2014-03-04 11:43 - 00044544 _____ (Microsoft Corporation) C:\Windows\system32\dimsroam.dll

2015-06-17 14:05 - 2012-08-21 23:01 - 00245760 _____ (Microsoft Corporation) C:\Windows\system32\OxpsConverter.exe

2015-06-17 14:04 - 2015-03-10 05:25 - 01882624 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll

2015-06-17 14:04 - 2015-03-10 05:21 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll

2015-06-17 14:04 - 2015-03-10 05:08 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll

2015-06-17 14:04 - 2015-03-10 05:05 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll

2015-06-17 14:04 - 2014-08-12 04:02 - 00878080 _____ (Microsoft Corporation) C:\Windows\system32\IMJP10K.DLL

2015-06-17 14:04 - 2014-08-12 03:36 - 00701440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IMJP10K.DLL

2015-06-17 14:04 - 2014-06-16 04:10 - 00985536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys

2015-06-17 14:04 - 2013-04-10 08:01 - 00265064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms1.sys

2015-06-17 14:04 - 2011-04-29 05:06 - 00467456 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv.sys

2015-06-17 14:04 - 2011-04-29 05:05 - 00410112 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys

2015-06-17 14:04 - 2011-04-29 05:05 - 00168448 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys

2015-06-17 14:04 - 2011-02-03 13:25 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\cdd.dll

2015-06-17 13:36 - 2015-07-07 21:37 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Winamp

2015-06-17 13:36 - 2015-06-24 23:26 - 00000983 _____ C:\Users\Public\Desktop\Winamp.lnk

2015-06-17 13:36 - 2009-09-04 17:29 - 01892184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_42.dll

2015-06-17 13:36 - 2006-09-28 16:05 - 02414360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_31.dll

2015-06-17 13:35 - 2015-06-24 23:26 - 00000000 ____D C:\Program Files (x86)\Winamp Detect

2015-06-17 13:35 - 2015-06-17 13:35 - 00000000 ____D C:\Users\gestörthe Dörthe\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Winamp Erkennungs-Plug-in

2015-06-17 13:34 - 2015-07-15 22:53 - 00000000 ____D C:\Users\gestörthe Dörthe\AppData\Roaming\Winamp

2015-06-17 13:34 - 2015-07-07 21:41 - 00000000 ____D C:\Program Files (x86)\Winamp

2015-06-17 12:58 - 2015-07-14 18:32 - 00000000 ____D C:\Program Files (x86)\Origin Games
 

==================== One Month Modified files and folders ========
 

(If an entry is included in the fixlist, the file/folder will be moved.)
 

2015-07-17 21:08 - 2015-06-16 14:44 - 02094162 _____ C:\Windows\WindowsUpdate.log

2015-07-17 20:57 - 2009-07-14 06:45 - 00031088 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0

2015-07-17 20:57 - 2009-07-14 06:45 - 00031088 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0

2015-07-17 20:52 - 2015-06-16 19:25 - 00000000 ____D C:\Windows\Minidump

2015-07-17 20:52 - 2015-06-16 18:24 - 00000000 ____D C:\ProgramData\NVIDIA

2015-07-17 20:52 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT

2015-07-17 20:18 - 2015-06-16 14:51 - 00001196 _____ C:\Users\gestörthe Dörthe\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk

2015-07-17 20:18 - 2009-07-14 05:20 - 00000000 ____D C:\Program Files\Common Files\System

2015-07-17 20:01 - 2015-06-16 19:39 - 00000000 ____D C:\ProgramData\Origin

2015-07-17 15:17 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\rescache

2015-07-17 04:42 - 2009-07-14 06:45 - 00267816 _____ C:\Windows\system32\FNTCACHE.DAT

2015-07-17 03:03 - 2015-06-16 16:44 - 00000000 ____D C:\Windows\system32\MRT

2015-07-17 02:59 - 2009-07-14 04:34 - 00000215 _____ C:\Windows\system.ini

2015-07-17 00:37 - 2015-06-16 15:21 - 00000000 ____X C:\Users\gestörthe Dörthe\AppData\Local\GDIPFONTCACHEV1.DAT

2015-07-16 23:25 - 2009-07-14 07:08 - 00022806 _____ C:\Windows\Tasks\SCHEDLGU.TXT

2015-07-14 22:21 - 2009-07-14 07:32 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games

2015-07-13 13:11 - 2009-07-14 05:20 - 00000000 ___HD C:\Windows\system32\GroupPolicy

2015-07-13 13:02 - 2015-06-16 14:51 - 00000000 ___DX C:\Users\gestörthe Dörthe

2015-07-13 01:09 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\NDF

2015-07-12 22:11 - 2015-06-16 19:42 - 00000000 ____D C:\Users\gestörthe Dörthe\AppData\Roaming\Origin

2015-07-12 21:58 - 2015-06-16 19:38 - 00000000 ____D C:\Program Files (x86)\Origin

2015-07-11 17:55 - 2015-06-16 20:02 - 00000211 ____X C:\Users\gestörthe Dörthe\Desktop\Neues Textdokument.txt

2015-07-04 07:06 - 2015-06-16 19:39 - 00000000 ____D C:\ProgramData\Electronic Arts

2015-07-03 08:43 - 2015-06-16 16:44 - 130333168 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe

2015-06-30 21:06 - 2015-06-16 15:21 - 00000000 ____D C:\ProgramData\Package Cache

2015-06-26 14:19 - 2011-04-12 09:43 - 00699416 _____ C:\Windows\system32\perfh007.dat

2015-06-26 14:19 - 2011-04-12 09:43 - 00149556 _____ C:\Windows\system32\perfc007.dat

2015-06-26 14:19 - 2009-07-14 07:13 - 01620612 _____ C:\Windows\system32\PerfStringBackup.INI

2015-06-25 01:13 - 2015-06-16 16:28 - 01593956 _____ C:\Windows\SysWOW64\PerfStringBackup.INI

2015-06-25 00:36 - 2009-07-14 07:09 - 00000000 ____D C:\Windows\System32\Tasks\WPD

2015-06-23 18:08 - 2015-06-16 16:30 - 00000000 ____D C:\ProgramData\NVIDIA Corporation

2015-06-23 18:06 - 2015-06-16 15:53 - 00000000 ____D C:\Program Files\NVIDIA Corporation

2015-06-23 13:30 - 2010-11-21 05:27 - 00300704 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe

2015-06-22 10:19 - 2015-06-16 15:04 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information

2015-06-20 16:53 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\PolicyDefinitions

2015-06-20 14:42 - 2015-06-16 14:53 - 00000000 ____D C:\Windows\System32\Tasks\ASUS

2015-06-19 18:37 - 2015-06-16 19:51 - 00000000 ____D C:\Users\gestörthe Dörthe\AppData\Roaming\1E00D8C0-1434477085-DE00-1236-20CF305438A8

2015-06-19 16:56 - 2015-06-16 15:21 - 00000000 ____D C:\Program Files (x86)\Avira

2015-06-19 16:54 - 2015-06-16 15:21 - 00000000 ____D C:\ProgramData\Avira

2015-06-19 15:36 - 2015-06-16 15:40 - 00000000 ____D C:\Windows\Panther

2015-06-19 13:10 - 2015-06-16 14:53 - 00001769 _____ C:\Windows\Language_trs.ini

2015-06-19 13:09 - 2015-06-16 14:53 - 00033923 _____ C:\Windows\Ascd_tmp.ini

2015-06-18 05:37 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\LiveKernelReports

2015-06-18 03:18 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\AppCompat

2015-06-17 23:14 - 2009-07-14 05:20 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories

2015-06-17 22:12 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\SysWOW64\zh-HK

2015-06-17 22:12 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\SysWOW64\tr-TR

2015-06-17 22:12 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\zh-HK

2015-06-17 22:12 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\tr-TR

2015-06-17 19:33 - 2009-07-14 07:32 - 00000000 ____D C:\Program Files\Windows Defender

2015-06-17 19:33 - 2009-07-14 07:32 - 00000000 ____D C:\Program Files (x86)\Windows Defender

2015-06-17 19:33 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\tracing

2015-06-17 19:33 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\SysWOW64\Dism

2015-06-17 19:33 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\Dism

2015-06-17 19:33 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\AdvancedInstallers

2015-06-17 16:12 - 2015-06-16 19:27 - 00000000 ____D C:\Users\gestörthe Dörthe\AppData\Local\NVIDIA

2015-06-17 16:11 - 2015-06-16 16:30 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation

2015-06-17 14:47 - 2015-06-16 15:02 - 00000000 ____D C:\Users\gestörthe Dörthe\AppData\Local\Downloaded Installations

2015-06-17 14:47 - 2015-06-16 15:01 - 00000000 ____D C:\Program Files (x86)\AMD

2015-06-17 14:34 - 2015-06-16 19:42 - 00000000 ____D C:\Users\gestörthe Dörthe\AppData\Local\Origin

2015-06-17 11:10 - 2015-06-16 16:30 - 00112784 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll

2015-06-17 11:10 - 2015-06-16 16:30 - 00105288 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll

2015-06-17 11:10 - 2015-02-20 01:18 - 12855416 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll

2015-06-17 11:10 - 2015-02-20 01:18 - 03395648 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll

2015-06-17 11:10 - 2015-02-20 01:18 - 01567576 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdagenco6420103.dll

2015-06-17 08:48 - 2015-06-16 18:24 - 06873232 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll

2015-06-17 08:48 - 2015-06-16 18:24 - 03492168 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll

2015-06-17 08:48 - 2015-06-16 18:24 - 02558792 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll

2015-06-17 08:48 - 2015-06-16 18:24 - 00937616 _____ (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe

2015-06-17 08:48 - 2015-06-16 18:24 - 00385168 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll

2015-06-17 08:48 - 2015-06-16 18:24 - 00062792 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll
 

==================== Files in the root of some directories =======
 

2015-06-25 00:59 - 2015-06-25 00:59 - 0000116 _____ () C:\Users\gestörthe Dörthe\AppData\Roaming\startupbt.bat

2015-07-14 22:17 - 2015-07-14 22:17 - 0007604 ____X () C:\Users\gestörthe Dörthe\AppData\Local\Resmon.ResmonCfg
 

Some files in TEMP:

====================

C:\Users\gestörthe Dörthe\AppData\Local\Temp\Quarantine.exe

C:\Users\gestörthe Dörthe\AppData\Local\Temp\sqlite3.dll
 
 

==================== Bamital & volsnap Check =================
 

(There is no automatic fix for files that do not pass verification.)
 

C:\Windows\System32\winlogon.exe => File is digitally signed

C:\Windows\System32\wininit.exe => File is digitally signed

C:\Windows\SysWOW64\wininit.exe => File is digitally signed

C:\Windows\explorer.exe => File is digitally signed

C:\Windows\SysWOW64\explorer.exe => File is digitally signed

C:\Windows\System32\svchost.exe => File is digitally signed

C:\Windows\SysWOW64\svchost.exe => File is digitally signed

C:\Windows\System32\services.exe => File is digitally signed

C:\Windows\System32\User32.dll => File is digitally signed

C:\Windows\SysWOW64\User32.dll => File is digitally signed

C:\Windows\System32\userinit.exe => File is digitally signed

C:\Windows\SysWOW64\userinit.exe => File is digitally signed

C:\Windows\System32\rpcss.dll => File is digitally signed

C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
 
 

LastRegBack: 2015-07-13 18:33
 

==================== End of log ============================

[CODE]Additional
FRST Logfile:

Code:

scan result of Farbar Recovery Scan Tool (x64) Version:13-07-2015

Ran by gestörthe Dörthe at 2015-07-17 21:10:07

Running from C:\Users\gestoertheDorthe\Downloads

Boot Mode: Normal

==========================================================
 
 

==================== Accounts: =============================
 

Administrator (S-1-5-21-1198890107-3487484037-2208262354-500 - Administrator - Disabled)

Gast (S-1-5-21-1198890107-3487484037-2208262354-501 - Limited - Disabled)

gestoertheDorthe (S-1-5-21-1198890107-3487484037-2208262354-1001 - Limited - Enabled) => C:\Users\gestoertheDorthe

gestörthe Dörthe (S-1-5-21-1198890107-3487484037-2208262354-1000 - Administrator - Enabled) => C:\Users\gestörthe Dörthe
 

==================== Security Center ========================
 

(If an entry is included in the fixlist, it will be removed.)
 

AV: Computer Sicherheit (Enabled - Up to date) {0F70A6C4-76E4-6A3B-2695-519F428B1C20}

AS: Computer Sicherheit (Enabled - Up to date) {B4114720-50DE-65B5-1C25-6AED390C569D}

AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 

==================== Installed Programs ======================
 

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 

7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)

Adobe Flash Player 18 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 18.0.0.209 - Adobe Systems Incorporated)

Adobe Flash Player 18 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 18.0.0.203 - Adobe Systems Incorporated)

Adobe Flash Player 18 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 18.0.0.203 - Adobe Systems Incorporated)

AMD OverDrive (HKLM-x32\...\{14ED8430-7565-48BC-9615-6A5EA44C3ADA}) (Version: 3.2.2.0454 - Advanced Micro Devices, Inc.)

ASUS PC Diagnostics (HKLM-x32\...\{D709005F-D8DC-42A8-8435-5AE880ECAF82}) (Version: 1.1.2 - ASUSTeK Computer Inc.)

ASUSUpdate (HKLM-x32\...\{587178E7-B1DF-494E-9838-FA4DD36E873C}) (Version: 7.18.02 - ASUSTeK Computer Inc.)

ATI Catalyst Install Manager (HKLM\...\{8019A54F-530F-84C2-24DD-1C9F53257F7C}) (Version: 3.0.762.0 - ATI Technologies, Inc.)

Battlefield 4™ (HKLM-x32\...\{ABADE36E-EC37-413B-8179-B432AD3FACE7}) (Version: 1.4.2.30944 - Electronic Arts)

Battlefield 4™ CTE (HKLM-x32\...\{551A08D1-B60E-4DED-9B67-C3B38258CCA3}) (Version: 1.0.2.32882 - Electronic Arts)

Battlefield™ Hardline (HKLM-x32\...\{CB4AC3DA-8CC1-4516-86DA-4078B57DB229}) (Version: 1.1.0.4 - Electronic Arts)

Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.7.1 - EA Digital Illusions CE AB)

CCleaner (HKLM\...\CCleaner) (Version: 5.07 - Piriform)

Computer Security 14.121.102.0 (release) (x32 Version: 14.121.102.0 - F-Secure Corporation) Hidden

EA SPORTS™ FIFA 15 (HKLM-x32\...\{3D4ADA2B-F028-4307-ADF4-6F9AA44725DA}) (Version: 1.8.0.0 - Electronic Arts)

EPU (HKLM-x32\...\{9C2AC00C-0C06-4B7E-97A4-A833808D54D6}) (Version: 1.02.20 - )

EVGA PrecisionX 16 (HKLM-x32\...\{54C2F767-A27B-44E7-8103-E37FC30FB06C}) (Version: 5.3.5 - EVGA Corporation)

FlightGear v3.4.0 (HKLM\...\FlightGear_is1) (Version:  - The FlightGear Team)

F-Secure CCF Reputation (x32 Version: 2.0.1337.0 - F-Secure) Hidden

F-Secure CCF Scanning 1.51.112.309 (release) (x32 Version: 1.51.112.309 - F-Secure Corporation) Hidden

F-Secure Network CCF 1.03.102 (x32 Version: 1.03.102 - F-Secure Corporation) Hidden

F-Secure SafeSearch 1.03.159.0 (release) (x32 Version: 1.03.159.0 - F-Secure Corporation) Hidden

Geiss for Winamp 2x (remove only) (HKLM-x32\...\vis_geis.dllWinamp) (Version:  - )

Grand Theft Auto V (HKLM-x32\...\{E01FA564-2094-4833-8F2F-1FFEC6AFCC46}) (Version: "1.00.0000" - Rockstar Games)

JMicron JMB36X Driver (HKLM-x32\...\{3A1B5D40-41E9-43FA-8C7B-A8667F5586EF}) (Version: 1.00.0000 - JMicron Technology Corp.)

Kabel Deutschland Sicherheitspaket (HKLM-x32\...\F-Secure ServiceEnabler 44553) (Version: 2.21.285.0 - F-Secure Corporation)

Kabel Deutschland Sicherheitspaket (x32 Version: 2.21.285.0 - F-Secure Corporation) Hidden

Logitech G430 Driver (HKLM-x32\...\G430_Driver) (Version: 8.53.0.2 - Logitech)

Logitech Gaming Software 8.58 (HKLM\...\Logitech Gaming Software) (Version: 8.58.183 - Logitech Inc.)

Marvell Miniport Driver (HKLM-x32\...\Marvell Miniport Driver) (Version: 11.24.10.3 - Marvell)

Medal of Honor™ Warfighter (HKLM-x32\...\{1040143F-FEFB-4B90-8E51-E47D40E14C4E}) (Version: 1.0.0.3 - Electronic Arts)

Microsoft .NET Framework 4.5.2 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.51209 - Microsoft Corporation)

Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)

Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)

Microsoft Baseline Security Analyzer 2.3 (HKLM\...\{C058FC5D-565F-4360-A562-0527A3D993DC}) (Version: 2.3.2211 - Microsoft Corporation)

Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40416.0 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A}) (Version: 8.0.50727.42 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)

Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)

Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)

Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)

Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)

Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)

Microsoft Xbox 360 Accessories 1.2 (HKLM\...\{B3B750C0-8C22-439D-B7CE-67F3ED99CC2B}) (Version: 1.20.146.0 - Microsoft)

MilkDrop for Winamp 2x (remove only) (HKLM-x32\...\vis_milk.dllWinamp) (Version:  - )

Mozilla Firefox 39.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 39.0 (x86 de)) (Version: 39.0 - Mozilla)

NEC Electronics USB 3.0 Host Controller Driver (HKLM-x32\...\InstallShield_{D7BF9739-8A68-4335-BBEE-37752AD9E86B}) (Version: 1.0.19.0 - NEC Electronics Corporation)

NEC Electronics USB 3.0 Host Controller Driver (x32 Version: 1.0.19.0 - NEC Electronics Corporation) Hidden

Need For Speed™ World (HKLM-x32\...\{3AF1B16A-7DC9-4C80-BAEC-70B088A7C5B8}) (Version: 1.0.0.0 - Electronic Arts)

NVIDIA 3D Vision Controller-Treiber 352.65 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 352.65 - NVIDIA Corporation)

NVIDIA 3D Vision Treiber 353.30 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 353.30 - NVIDIA Corporation)

NVIDIA GeForce Experience 2.4.5.44 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.4.5.44 - NVIDIA Corporation)

NVIDIA Grafiktreiber 353.30 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 353.30 - NVIDIA Corporation)

NVIDIA HD-Audiotreiber 1.3.34.3 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.3 - NVIDIA Corporation)

NVIDIA PhysX-Systemsoftware 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation)

Online Safety 2.115.2786.1676 (x32 Version: 2.115.2786.1676 - F-Secure Corporation) Hidden

Origin (HKLM-x32\...\Origin) (Version: 9.5.20.5318 - Electronic Arts, Inc.)

PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.993 - Even Balance, Inc.)

Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.1.6.1 - Rockstar Games)

SHIELD Streaming (Version: 4.1.2000 - NVIDIA Corporation) Hidden

SHIELD Wireless Controller Driver (Version: 2.4.5.44 - NVIDIA Corporation) Hidden

Streamripper (Remove only) (HKLM-x32\...\Streamripper) (Version:  - )

TurboV EVO (HKLM-x32\...\{491D92A9-69CA-4EB4-81D3-0106F9337957}) (Version: 1.02.18 - )

Winamp (HKLM-x32\...\Winamp) (Version: 5.666  - Nullsoft, Inc)

Winamp Erkennungs-Plug-in (HKU\S-1-5-21-1198890107-3487484037-2208262354-1000\...\Winamp Detect) (Version: 1.0.0.1 - Nullsoft, Inc)
 

==================== Custom CLSID (Whitelisted): ==========================
 

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 

==================== Restore Points =========================
 

13-06-2015 12:58:46 DirectX wurde installiert

15-06-2015 12:11:43 Datei in Quarantäne Ordner verschieben: TurboVHelp

17-07-2015 20:45:45 JRT Pre-Junkware Removal

17-07-2015 20:55:47 JRT Pre-Junkware Removal
 

==================== Hosts content: ===============================
 

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 

2009-07-14 04:34 - 2015-07-17 02:58 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts

127.0.0.1       localhost
 

==================== Scheduled Tasks (Whitelisted) =============
 

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 

Task: {04B19AE2-5D5C-41CA-A294-D3DECEF0D2AB} - System32\Tasks\ASUS\RunDAOD => C:\Windows\DAODx.exe [2009-03-30] ()

Task: {06E0063E-823D-40E0-B1E6-30C44A612C37} - System32\Tasks\EVGAPrecisionX => C:\Program Files (x86)\EVGA\PrecisionX 16\PrecisionX_x64.exe [2015-06-01] (EVGA Corp.)

Task: {11AD38CA-01D7-45DF-8A6E-EE5DA52D5858} - System32\Tasks\XboxStatTask => C:\Program Files\Microsoft Xbox 360 Accessories\XBoxStat.exe [2009-09-30] (Microsoft Corporation)

Task: {64442B1C-7D91-416C-92E0-6B8B1E600650} - \SMW_UpdateTask_Time_3838373635303633392d3237575a236c6c3255342a41 No Task File <==== ATTENTION

Task: {797A411B-877F-4FEB-AB6D-18ED7830C39A} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_18_0_0_203_pepper.exe [2015-07-12] (Adobe Systems Incorporated)

Task: {8F4AF954-2894-4497-9F77-966BDBD4ACB3} - System32\Tasks\Opera scheduled Autoupdate 1436026726 => C:\Users\gestörthe Dörthe\AppData\Local\Programs\Opera\launcher.exe

Task: {9CEF2852-4D64-4C1D-A93E-222DB30AB3E1} - System32\Tasks\{73BB261C-D4E2-47C2-AD7D-E0DF1E6330AA} => pcalua.exe -a "C:\Users\gestörthe Dörthe\AppData\Roaming\oursurfing\UninstallManager.exe" -c -ptid=2sq

Task: {C0F687FD-03A2-446D-9CDB-56D242D0AADD} - System32\Tasks\ASUS\ASUS Update Checker => C:\Program Files (x86)\ASUS\ASUSUpdate\UpdateChecker\UpdateChecker.exe [2009-12-28] (ASUSTeK Computer Inc.)

Task: {C4A524D8-D426-4479-BE0A-E6A2BBD0DA1D} - System32\Tasks\winspt => C:\Users\gest├Ârthe

Task: {CADA5245-4D7E-4EA3-8796-A2A0D55EBA6E} - System32\Tasks\ASUS\TurboVHelp => C:\Program Files (x86)\ASUS\TurboV EVO\TurboVHELP.exe [2010-03-25] (ASUSTeK Computer Inc.)

Task: {D8FDE5C2-E143-444F-B826-59AE153519BC} - System32\Tasks\{A843E8B5-1999-48C7-BF2D-D7670BCA9A79} => pcalua.exe -a "C:\Users\gestörthe Dörthe\AppData\Local\Temp\Temp1_AOD_V3220454_XpVistaWin7.zip\AOD_V3220454_XpVistaWin7\AsusSetup.exe"

Task: {E49F48B5-AB6E-4EF2-9F59-3F6AFC04B4A9} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-06-01] (Piriform Ltd)
 

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
 

Task: C:\Windows\Tasks\Adobe Flash Player PPAPI Notifier.job => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_18_0_0_203_pepper.exe
 

==================== Loaded Modules (Whitelisted) ==============
 

2015-06-16 18:24 - 2015-06-17 08:48 - 00116368 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll

2015-04-02 10:25 - 2015-04-02 10:25 - 00220200 _____ () C:\Program Files (x86)\Kabel Deutschland\daas2.dll

2015-06-19 17:05 - 2015-06-19 17:05 - 00029224 _____ () C:\Program Files (x86)\Kabel Deutschland\apps\ComputerSecurity\Anti-Virus\minifilter\hashlib_x86.dll

2015-06-19 17:00 - 2015-06-19 17:04 - 00175144 _____ () C:\Program Files (x86)\Kabel Deutschland\apps\ComputerSecurity\Gemini\fsgem.dll

2015-06-19 17:00 - 2015-06-19 17:05 - 00212008 _____ () C:\Program Files (x86)\Kabel Deutschland\apps\ComputerSecurity\Spam Control\fsas.dll

2015-06-19 17:00 - 2015-06-19 17:05 - 00949288 _____ () C:\Program Files (x86)\Kabel Deutschland\apps\ComputerSecurity\Anti-Virus\fm4av.dll

2015-06-19 17:00 - 2014-09-18 12:29 - 00045608 _____ () C:\Program Files (x86)\Kabel Deutschland\apps\ComputerSecurity\Anti-Virus\FSAVHRES.eng

2015-06-17 16:11 - 2015-06-03 23:06 - 00011920 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
 

==================== Alternate Data Streams (Whitelisted) =========
 

(If an entry is included in the fixlist, only the ADS will be removed.)
 
 

==================== Safe Mode (Whitelisted) ===================
 

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
 

==================== EXE Association (Whitelisted) ===============
 

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
 
 

==================== Internet Explorer trusted/restricted ===============
 

(If an entry is included in the fixlist, it will be removed from the registry.)
 
 

==================== Other Areas ============================
 

(Currently there is no automatic fix for this section.)
 

HKU\S-1-5-21-1198890107-3487484037-2208262354-1000\Control Panel\Desktop\\Wallpaper -> 

HKU\S-1-5-21-1198890107-3487484037-2208262354-1001\Control Panel\Desktop\\Wallpaper -> 

DNS Servers: 192.168.0.1
 

==================== MSCONFIG/TASK MANAGER disabled items ==
 

(Currently there is no automatic fix for this section.)
 

MSCONFIG\startupreg: mbot_de_014010004 => 
 

==================== FirewallRules (Whitelisted) ===============
 

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 

FirewallRules: [MsiScsi-In-TCP] => (Block) %SystemRoot%\system32\svchost.exe

FirewallRules: [MsiScsi-In-TCP-NoScope] => (Block) %SystemRoot%\system32\svchost.exe

FirewallRules: [PNRPMNRS-SSDPSrv-In-UDP] => (Block) %SystemRoot%\system32\svchost.exe

FirewallRules: [PNRPMNRS-PNRP-In-UDP] => (Block) %SystemRoot%\system32\svchost.exe

FirewallRules: [Microsoft-Windows-HomeGroup-ProvSvc-UDP3540-In] => (Block) %systemroot%\system32\svchost.exe

FirewallRules: [Microsoft-Windows-HomeGroup-ProvSvc-TCP3587-In] => (Block) %systemroot%\system32\svchost.exe

FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe

FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe

FirewallRules: [Microsoft-Windows-PeerDist-WSD-In] => (Block) %systemroot%\system32\svchost.exe

FirewallRules: [{CD8C9AED-48FB-4B64-907E-1DC235EB5D46}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe

FirewallRules: [{1F3EE0AD-2652-4A5C-B598-B4FB21C28863}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe

FirewallRules: [{F1C299CC-0441-49D8-8F80-736ECDD6E41D}] => (Block) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe

FirewallRules: [{02EA613B-AFE9-4BD9-836D-2C5D5412E2FD}] => (Block) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe

FirewallRules: [{BB7AEA33-39F5-41FF-9057-8904C225D381}] => (Block) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe

FirewallRules: [{25D9D181-3255-4180-9506-D3463457264B}] => (Block) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe

FirewallRules: [{F2F02764-A19A-4D45-8B0C-E75FE47D18CC}] => (Block) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe

FirewallRules: [{352C07A6-0620-498E-9E94-2E3E470CD857}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 4\bf4_x86.exe

FirewallRules: [{AB61C6FD-C22C-4232-B905-921F2A55D352}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 4\bf4_x86.exe

FirewallRules: [{A591AE5B-9280-4212-BC6C-C4892854686D}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 4\bf4.exe

FirewallRules: [{AD8D3B3E-569A-489B-81AB-288F9CDDD0CD}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 4\bf4.exe

FirewallRules: [{48B62D3B-7E75-4FDA-B320-39665AA54796}] => (Allow) C:\Program Files (x86)\Origin Games\BFH\bfh.exe

FirewallRules: [{8EE02137-C447-49A2-80B9-33960828450F}] => (Allow) C:\Program Files (x86)\Origin Games\BFH\bfh.exe

FirewallRules: [TCP Query User{4EA594DA-E88C-4B0E-B8BE-A1341503AB5C}C:\program files\rockstar games\grand theft auto v\gta5.exe] => (Allow) C:\program files\rockstar games\grand theft auto v\gta5.exe

FirewallRules: [UDP Query User{94F16CC4-2649-4ABA-9757-47D8CEE559B8}C:\program files\rockstar games\grand theft auto v\gta5.exe] => (Allow) C:\program files\rockstar games\grand theft auto v\gta5.exe

FirewallRules: [{367E2D04-6037-4320-94FA-C5517F56D04E}] => (Allow) C:\Program Files (x86)\Origin Games\FIFA 15\fifasetup\fifaconfig.exe

FirewallRules: [{2CDA6347-E609-4BE6-AFE1-C3642D198832}] => (Allow) C:\Program Files (x86)\Origin Games\FIFA 15\fifasetup\fifaconfig.exe

FirewallRules: [TCP Query User{DB22CA08-E399-427E-B605-E397443A635A}C:\program files (x86)\origin games\fifa 15\fifa15.exe] => (Allow) C:\program files (x86)\origin games\fifa 15\fifa15.exe

FirewallRules: [UDP Query User{8C3EF0E6-3CB0-4221-9702-FE821D121252}C:\program files (x86)\origin games\fifa 15\fifa15.exe] => (Allow) C:\program files (x86)\origin games\fifa 15\fifa15.exe

FirewallRules: [{94BD966F-3422-4910-97A3-3A141355BF60}] => (Allow) C:\Program Files\Logitech Gaming Software\LCore.exe

FirewallRules: [{D5114F44-ECD2-4B14-B177-03F9FF1A012A}] => (Allow) C:\Program Files\Logitech Gaming Software\LCore.exe

FirewallRules: [TCP Query User{30156CA0-68C8-4EE5-90D9-49FF8EDE2F3C}C:\program files (x86)\origin games\battlefield 4 cte\bf4cte.exe] => (Allow) C:\program files (x86)\origin games\battlefield 4 cte\bf4cte.exe

FirewallRules: [UDP Query User{9F390095-E8F2-447A-81D4-ECAA85BE2D7D}C:\program files (x86)\origin games\battlefield 4 cte\bf4cte.exe] => (Allow) C:\program files (x86)\origin games\battlefield 4 cte\bf4cte.exe

FirewallRules: [{77772CA3-66A6-4C9E-AA3B-168C2A4FEA3A}] => (Allow) C:\Program Files (x86)\Origin Games\Need for Speed World\GameLauncher.exe

FirewallRules: [{CE323AE0-606C-427A-9B19-72BE2E666DE1}] => (Allow) C:\Program Files (x86)\Origin Games\Need for Speed World\GameLauncher.exe

FirewallRules: [{9C17C9B7-1650-471B-9A70-994A37E26F3E}] => (Allow) C:\Program Files (x86)\Origin Games\FlightGear 3.4.0\bin\fgfs.exe

FirewallRules: [{CF1D7D43-097C-4170-B07F-4532F69262B5}] => (Allow) C:\Program Files (x86)\Origin Games\FlightGear 3.4.0\bin\fgfs.exe

FirewallRules: [{665CFC45-FDE5-4814-B7D5-E61277A7CA6A}] => (Block) C:\Program Files (x86)\Origin Games\FlightGear 3.4.0\bin\metar.exe

FirewallRules: [{95BE3F89-25CB-444D-88E1-616FB71DB5A3}] => (Allow) C:\Program Files (x86)\Origin Games\FlightGear 3.4.0\bin\terrasync.exe

FirewallRules: [{9C8AAF20-68DD-4179-8542-BDC1191B92F0}] => (Allow) C:\Program Files (x86)\Origin Games\FlightGear 3.4.0\bin\terrasync.exe

FirewallRules: [{E0C2CAC0-011D-41CB-97A8-F19ECA951D12}] => (Allow) C:\Program Files (x86)\Origin Games\FlightGear 3.4.0\bin\fgcom.exe

FirewallRules: [{6FE59EE8-7347-4243-8A22-FE9F1EF46042}] => (Allow) C:\Program Files (x86)\Origin Games\FlightGear 3.4.0\bin\fgcom.exe

FirewallRules: [{0DA87578-6FFC-47FC-83A8-0AEFE1B52306}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 4\bf4_x86.exe

FirewallRules: [TCP Query User{E4E4A44A-93FA-4067-AC6D-F6EEED277535}C:\program files (x86)\origin games\fifa 15\fifa15.exe] => (Block) C:\program files (x86)\origin games\fifa 15\fifa15.exe

FirewallRules: [UDP Query User{36559C21-C398-4801-93B5-528D23A92AA5}C:\program files (x86)\origin games\fifa 15\fifa15.exe] => (Block) C:\program files (x86)\origin games\fifa 15\fifa15.exe

FirewallRules: [{01E02379-5796-4D78-98BF-46032A6A0C2C}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe

FirewallRules: [{796680AD-6494-46FB-9E9C-5598E2F15D15}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe

FirewallRules: [{50A606D8-333F-4390-AB93-512DCF0419BA}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe

FirewallRules: [{947E54D7-766B-4286-9AAC-2A37D75172EA}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe

FirewallRules: [{CEA1D568-1A73-4376-B420-4F73ACFC4A29}] => (Allow) C:\Program Files (x86)\Origin Games\Medal of Honor Warfighter\MOHW.exe

FirewallRules: [{61A235E3-D88E-4323-BE51-59277307028F}] => (Allow) C:\Program Files (x86)\Origin Games\Medal of Honor Warfighter\MOHW.exe

FirewallRules: [{47D11E7C-FE0E-473D-86E0-268418C0B51B}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe

FirewallRules: [{11CDB43A-4DE3-4C0F-B2BD-AC7D7DE3E7B6}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe

FirewallRules: [{5A154254-1A6C-43CB-BDAF-AFB0670B0CF5}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 4 CTE\BF4CTEX86WebHelper.exe

FirewallRules: [{40BB3F13-EED6-45E9-BA43-363BE1331C1C}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 4 CTE\BF4CTEX86WebHelper.exe

FirewallRules: [{AF3F1DD8-6572-424B-BF1F-CC400F3561EF}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 4 CTE\BF4CTEWebHelper.exe

FirewallRules: [{364A7B53-8671-4205-A01A-EBDE56C9F3EF}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 4 CTE\BF4CTEWebHelper.exe

FirewallRules: [{57BFCDE1-DCC6-42B5-B206-B17E3042D2B1}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 4 CTE\BF4CTEX86WebHelper.exe

FirewallRules: [{B6ED3978-A4AE-4171-980A-AC09AE868E04}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 4 CTE\BF4CTEX86WebHelper.exe

FirewallRules: [{81B919AF-DB41-42FF-941C-4AC27216AD89}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 4 CTE\BF4CTEWebHelper.exe

FirewallRules: [{EFB8CA13-A9FF-49AA-AAB4-86DBA437C080}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 4 CTE\BF4CTEWebHelper.exe

FirewallRules: [TCP Query User{5C916B5D-53CE-4FEB-A288-0CB28E857FC9}C:\program files (x86)\origin games\bfh\bfh.exe] => (Allow) C:\program files (x86)\origin games\bfh\bfh.exe

FirewallRules: [UDP Query User{C4FF60F3-25A0-4BF1-83C7-8236A5EE5513}C:\program files (x86)\origin games\bfh\bfh.exe] => (Allow) C:\program files (x86)\origin games\bfh\bfh.exe
 

==================== Faulty Device Manager Devices =============
 

Name: avipbb

Description: avipbb

Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}

Manufacturer: 

Service: avipbb

Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)

Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.

Devices stay in this state if they have been prepared for removal.

After you remove the device, this error disappears.Remove the device, and this error should be resolved.
 

Name: avkmgr

Description: avkmgr

Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}

Manufacturer: 

Service: avkmgr

Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)

Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.

Devices stay in this state if they have been prepared for removal.

After you remove the device, this error disappears.Remove the device, and this error should be resolved.
 
 

==================== Event log errors: =========================
 

Application errors:

==================

Error: (07/17/2015 08:54:25 PM) (Source: WinMgmt) (EventID: 10) (User: )

Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 

Error: (07/17/2015 08:47:38 PM) (Source: Application Error) (EventID: 1000) (User: )

Description: Name der fehlerhaften Anwendung: reg.exe, Version: 6.1.7600.16385, Zeitstempel: 0x4a5bc02c

Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.18869, Zeitstempel: 0x55636317

Ausnahmecode: 0xc0000420

Fehleroffset: 0x000cea5f

ID des fehlerhaften Prozesses: 0x13d8

Startzeit der fehlerhaften Anwendung: 0xreg.exe0

Pfad der fehlerhaften Anwendung: reg.exe1

Pfad des fehlerhaften Moduls: reg.exe2

Berichtskennung: reg.exe3
 

Error: (07/17/2015 08:21:55 PM) (Source: WinMgmt) (EventID: 10) (User: )

Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 

Error: (07/17/2015 08:21:19 PM) (Source: FSecure-FSecure-F-Secure DeepGuard) (EventID: 103) (User: )

Description: 1  2015-07-17  20:21:19+02:00  BORISMIRWARM  SYSTEM  F-Secure DeepGuard

 Application was blocked. This was determined to be a high-risk application by system control heuristics.

 Application path: \\?\c:\program files (x86)\evga\precisionx 16\precisionx_x64.exe

 File hash: f5e735284985dee41ac66c7bc9b28b5fdf99d40d
 

Error: (07/17/2015 12:45:37 PM) (Source: Application Error) (EventID: 1000) (User: )

Description: Name der fehlerhaften Anwendung: svchost.exe_SysMain, Version: 6.1.7600.16385, Zeitstempel: 0x4a5bc3c1

Name des fehlerhaften Moduls: sysmain.dll, Version: 6.1.7601.17514, Zeitstempel: 0x4ce7c9db

Ausnahmecode: 0xc0000005

Fehleroffset: 0x0000000000003700

ID des fehlerhaften Prozesses: 0x788

Startzeit der fehlerhaften Anwendung: 0xsvchost.exe_SysMain0

Pfad der fehlerhaften Anwendung: svchost.exe_SysMain1

Pfad des fehlerhaften Moduls: svchost.exe_SysMain2

Berichtskennung: svchost.exe_SysMain3
 

Error: (07/17/2015 12:40:57 PM) (Source: WinMgmt) (EventID: 10) (User: )

Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 

Error: (07/17/2015 12:39:51 PM) (Source: NvStreamSvc) (EventID: 2001) (User: )

Description: An error has occurred (NvVAD initialization failed [6]).
 

Error: (07/17/2015 12:39:51 PM) (Source: NvStreamSvc) (EventID: 2001) (User: )

Description: An error has occurred (Failed to set NvVAD endpoint as default Audio endpoint [0]).
 

Error: (07/17/2015 12:39:51 PM) (Source: NvStreamSvc) (EventID: 2001) (User: )

Description: An error has occurred (NvVAD endpoint registration failed [0]).
 

Error: (07/17/2015 12:18:26 PM) (Source: Application Error) (EventID: 1000) (User: )

Description: Name der fehlerhaften Anwendung: bfh.exe, Version: 1.1.0.3, Zeitstempel: 0x55804371

Name des fehlerhaften Moduls: nvwgf2umx.dll, Version: 10.18.13.5330, Zeitstempel: 0x558105d7

Ausnahmecode: 0xc0000005

Fehleroffset: 0x000000000022d71f

ID des fehlerhaften Prozesses: 0x16b0

Startzeit der fehlerhaften Anwendung: 0xbfh.exe0

Pfad der fehlerhaften Anwendung: bfh.exe1

Pfad des fehlerhaften Moduls: bfh.exe2

Berichtskennung: bfh.exe3
 
 

System errors:

=============

Error: (07/17/2015 08:57:39 PM) (Source: Service Control Manager) (EventID: 7031) (User: )

Description: Der Dienst "F-Secure Dll Hoster" wurde unerwartet beendet. Dies ist bereits 2 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.
 

Error: (07/17/2015 08:57:39 PM) (Source: Service Control Manager) (EventID: 7031) (User: )

Description: Der Dienst "Software Protection" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 120000 Millisekunden durchgeführt: Neustart des Diensts.
 

Error: (07/17/2015 08:57:38 PM) (Source: Service Control Manager) (EventID: 7034) (User: )

Description: Dienst "F-Secure Management Agent" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
 

Error: (07/17/2015 08:57:38 PM) (Source: Service Control Manager) (EventID: 7034) (User: )

Description: Dienst "PnkBstrA" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
 

Error: (07/17/2015 08:57:38 PM) (Source: Service Control Manager) (EventID: 7034) (User: )

Description: Dienst "NVIDIA Streamer Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
 

Error: (07/17/2015 08:57:38 PM) (Source: Service Control Manager) (EventID: 7034) (User: )

Description: Dienst "NVIDIA Network Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
 

Error: (07/17/2015 08:57:17 PM) (Source: Service Control Manager) (EventID: 7034) (User: )

Description: Dienst "NVIDIA GeForce Experience Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
 

Error: (07/17/2015 08:57:16 PM) (Source: Service Control Manager) (EventID: 7031) (User: )

Description: Der Dienst "F-Secure ORSP Client" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 5000 Millisekunden durchgeführt: Neustart des Diensts.
 

Error: (07/17/2015 08:57:16 PM) (Source: Service Control Manager) (EventID: 7031) (User: )

Description: Der Dienst "F-Secure Dll Hoster" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.
 

Error: (07/17/2015 08:57:16 PM) (Source: Service Control Manager) (EventID: 7034) (User: )

Description: Dienst "ASUS System Control Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
 
 

Microsoft Office:

=========================

Error: (07/17/2015 08:54:25 PM) (Source: WinMgmt) (EventID: 10) (User: )

Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 

Error: (07/17/2015 08:47:38 PM) (Source: Application Error) (EventID: 1000) (User: )

Description: reg.exe6.1.7600.163854a5bc02cntdll.dll6.1.7601.1886955636317c0000420000cea5f13d801d0c0c10c86bc9dC:\Windows\SysWOW64\reg.exeC:\Windows\SysWOW64\ntdll.dll4b2ad69a-2cb4-11e5-95bb-20cf305438a8
 

Error: (07/17/2015 08:21:55 PM) (Source: WinMgmt) (EventID: 10) (User: )

Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 

Error: (07/17/2015 08:21:19 PM) (Source: FSecure-FSecure-F-Secure DeepGuard) (EventID: 103) (User: )

Description: 1  2015-07-17  20:21:19+02:00  BORISMIRWARM  SYSTEM  F-Secure DeepGuard

 Application was blocked. This was determined to be a high-risk application by system control heuristics.

 Application path: \\?\c:\program files (x86)\evga\precisionx 16\precisionx_x64.exe

 File hash: f5e735284985dee41ac66c7bc9b28b5fdf99d40d
 

Error: (07/17/2015 12:45:37 PM) (Source: Application Error) (EventID: 1000) (User: )

Description: svchost.exe_SysMain6.1.7600.163854a5bc3c1sysmain.dll6.1.7601.175144ce7c9dbc0000005000000000000370078801d0c07ce71d7292C:\Windows\system32\svchost.exec:\windows\system32\sysmain.dllf4fdd274-2c70-11e5-9e9b-20cf305438a8
 

Error: (07/17/2015 12:40:57 PM) (Source: WinMgmt) (EventID: 10) (User: )

Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 

Error: (07/17/2015 12:39:51 PM) (Source: NvStreamSvc) (EventID: 2001) (User: )

Description: NvStreamSvcNvVAD initialization failed [6]
 

Error: (07/17/2015 12:39:51 PM) (Source: NvStreamSvc) (EventID: 2001) (User: )

Description: NvStreamSvcFailed to set NvVAD endpoint as default Audio endpoint [0]
 

Error: (07/17/2015 12:39:51 PM) (Source: NvStreamSvc) (EventID: 2001) (User: )

Description: NvStreamSvcNvVAD endpoint registration failed [0]
 

Error: (07/17/2015 12:18:26 PM) (Source: Application Error) (EventID: 1000) (User: )

Description: bfh.exe1.1.0.355804371nvwgf2umx.dll10.18.13.5330558105d7c0000005000000000022d71f16b001d0c078169b1073C:\Program Files (x86)\Origin Games\BFH\bfh.exeC:\Windows\system32\nvwgf2umx.dll28cd8698-2c6d-11e5-acbe-20cf305438a8
 
 

CodeIntegrity Errors:

===================================

  Date: 2015-07-17 02:51:21.654

  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
 

  Date: 2015-07-17 02:51:21.634

  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
 

  Date: 2015-07-17 01:49:58.555

  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\winsxs\amd64_microsoft-windows-appid_31bf3856ad364e35_6.1.7601.23040_none_b5d708a5e200a8e0\appid.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
 

  Date: 2015-07-17 01:49:58.475

  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\winsxs\amd64_microsoft-windows-appid_31bf3856ad364e35_6.1.7601.23040_none_b5d708a5e200a8e0\appid.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
 
 

==================== Memory info =========================== 
 

Processor: AMD Athlon(tm) II X4 635 Processor

Percentage of memory in use: 32%

Total physical RAM: 8190.18 MB

Available physical RAM: 5545.55 MB

Total Virtual: 16378.56 MB

Available Virtual: 13782.56 MB
 

==================== Drives ================================
 

Drive c: () (Fixed) (Total:931.51 GB) (Free:509.43 GB) NTFS ==>[drive with boot components (obtained from BCD)]

Drive d: () (Fixed) (Total:232.88 GB) (Free:18.2 GB) NTFS ==>[system with boot components (obtained from reading drive)]
 

==================== MBR & Partition Table ==================
 

========================================================

Disk: 0 (MBR Code: Windows 7 or 8) (Size: 232.9 GB) (Disk ID: 0F04111C)

Partition 1: (Active) - (Size=232.9 GB) - (Type=07 NTFS)
 

========================================================

Disk: 1 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 6200C9A7)

Partition 1: (Active) - (Size=931.5 GB) - (Type=07 NTFS)
 

==================== End of log ============================

--- --- ---

fehlt was ??

????????????

Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument

Code:

cmd: type C:\Users\gestörthe Dörthe\AppData\Roaming\startupbt.bat

GroupPolicyScripts: Group Policy detected <======= ATTENTION

Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).

Starte nun FRST erneut und klicke den Entfernen Button.
Das Tool erstellt eine Fixlog.txt.
Poste mir deren Inhalt.

Code:

Fix result of Farbar Recovery Scan Tool (x64) Version:13-07-2015

Ran by gestoertheDorthe at 2015-07-17 22:11:40 Run:1

Running from C:\Users\gestoertheDorthe\Downloads

Loaded Profiles: gestörthe Dörthe & gestoertheDorthe (Available Profiles: gestörthe Dörthe & gestoertheDorthe)

Boot Mode: Normal

==============================================
 

fixlist content:

*****************

cmd: type C:\Users\gestörthe Dörthe\AppData\Roaming\startupbt.bat

GroupPolicyScripts: Group Policy detected <======= ATTENTION

*****************
 
 

=========  type C:\Users\gestörthe Dörthe\AppData\Roaming\startupbt.bat =========
 

Das System kann die angegebene Datei nicht finden.

Folgender Fehler trat auf: C:\Users\gest�rthe.

Das System kann den angegebenen Pfad nicht finden.
 

========= End of CMD: =========
 
 

"C:\Windows\system32\GroupPolicy\Machine" folder move:
 

Could not move "C:\Windows\system32\GroupPolicy\Machine" folder => Scheduled to move on reboot.
 

Could not move "C:\Windows\system32\GroupPolicy\GPT.ini" => Scheduled to move on reboot.

ist egal mit welchem benutzerkonto ich mich anmelde ???

bütter zeer

Das ist eigentlich egal, wenn es um Adware im Browser ist es aber meist sinniger das alles mit dem User zu machen, der betroffen ist. Und für die Bereinigungen werden Adminrechte benötigt.

Da hat was nicht geklappt, aber das scheint eher am Umlaut (ö) im Benutzernamen zu liegen :confused:

Bitte mal Folgendes machen:

1. auf der Tastatur die Tasten WIN+R (gleichzeitig) drücken

2. "ausführen" erscheint, dort bitte eintippen

Code:

notepad "C:\Users\gestörthe Dörthe\AppData\Roaming\startupbt.bat"

Falls die Datei noch existiert, siehst du ein Texteditor Fenster. Falls da Text angezeigt wird, den Inhalt komplett kopieren und hier in CODE-Tags posten

Falls Fehlermeldung oder was anderes, bitte beschreiben.

Da Ist´s wieder, sry , für verspäteten Post.....

Code:

schtasks /create /sc onlogon /f /tn winspt /rl highest /tr "C:\Users\gestörthe Dörthe\AppData\Roaming\winsemr.exe"

werd mich für heute verabschieden, viel spaß euch noch

FRST-Fix

Virenscanner jetzt bitte komplett deaktivieren, damit sichergestellt ist, dass der Fix sauber durchläuft!

Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument

Code:

C:\Users\gestörthe Dörthe\AppData\Roaming\startupbt.bat

C:\Users\gestörthe Dörthe\AppData\Roaming\winsemr.exe

EmptyTemp:

Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).

Starte nun FRST erneut und klicke den Entfernen Button.
Das Tool erstellt eine Fixlog.txt.
Poste mir deren Inhalt.

Code:

Fix result of Farbar Recovery Scan Tool (x64) Version:20-07-2015

Ran by gestörthe Dörthe at 2015-07-21 23:37:40 Run:2

Running from C:\Users\gestörthe Dörthe\Downloads

Loaded Profiles: gestörthe Dörthe (Available Profiles: gestörthe Dörthe & gestoertheDorthe)

Boot Mode: Normal

==============================================
 

fixlist content:

*****************

C:\Users\gestörthe Dörthe\AppData\Roaming\startupbt.bat

C:\Users\gestörthe Dörthe\AppData\Roaming\winsemr.exe

EmptyTemp:

         

*****************
 

C:\Users\gestörthe Dörthe\AppData\Roaming\startupbt.bat => moved successfully.

"C:\Users\gestörthe Dörthe\AppData\Roaming\winsemr.exe" => File/Folder not found.

EmptyTemp: => 475.9 MB temporary data Removed.
 
 

The system needed a reboot.. 
 

==== End of Fixlog 23:37:54 ====

Okay, dann Kontrollscans mit MBAM und ESET bitte:

Downloade Dir bitte

Malwarebytes Anti-Malware

Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
Starte Malwarebytes' Anti-Malware (MBAM).
Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.

ESET Online Scanner

Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
Lade und starte Eset Online Scanner
Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
Klicke auf Starten.
Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
Klicke am Ende des Suchlaufs auf Fertig stellen.
Schließe das Fenster von ESET.
Explorer öffnen.
C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
Logfile hier posten.
Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset

Code:

Malwarebytes Anti-Malware

www.malwarebytes.org
 
 

Protection, 24.07.2015 00:54, SYSTEM, BORISMIRWARM, Protection, Malware Protection, Starting, 

Protection, 24.07.2015 00:54, SYSTEM, BORISMIRWARM, Protection, Malware Protection, Started, 

Protection, 24.07.2015 00:54, SYSTEM, BORISMIRWARM, Protection, Malicious Website Protection, Starting, 

Protection, 24.07.2015 00:54, SYSTEM, BORISMIRWARM, Protection, Malicious Website Protection, Started, 

Update, 24.07.2015 00:54, SYSTEM, BORISMIRWARM, Manual, Rootkit Database, 2015.2.25.1, 2015.7.22.1, 

Update, 24.07.2015 00:54, SYSTEM, BORISMIRWARM, Manual, Remediation Database, 2015.3.9.1, 2015.7.20.1, 

Update, 24.07.2015 00:54, SYSTEM, BORISMIRWARM, Manual, Domain Database, 0.0.0.0, 2015.6.12.1, 

Update, 24.07.2015 00:54, SYSTEM, BORISMIRWARM, Manual, IP Database, 0.0.0.0, 2015.6.12.1, 

Update, 24.07.2015 00:54, SYSTEM, BORISMIRWARM, Manual, Malware Database, 2015.3.9.5, 2015.7.23.5, 

Update, 24.07.2015 00:54, SYSTEM, BORISMIRWARM, Manual, program, 2.1.6.1022, 2.1.8.0, 

Protection, 24.07.2015 00:55, SYSTEM, BORISMIRWARM, Protection, Malicious Website Protection, Stopping, 

Protection, 24.07.2015 00:55, SYSTEM, BORISMIRWARM, Protection, Malicious Website Protection, Stopped, 

Protection, 24.07.2015 00:55, SYSTEM, BORISMIRWARM, Protection, Malware Protection, Stopping, 

Protection, 24.07.2015 00:55, SYSTEM, BORISMIRWARM, Protection, Malware Protection, Stopped, 

Protection, 24.07.2015 00:56, SYSTEM, BORISMIRWARM, Protection, Malware Protection, Starting, 

Protection, 24.07.2015 00:56, SYSTEM, BORISMIRWARM, Protection, Malware Protection, Started, 

Protection, 24.07.2015 00:56, SYSTEM, BORISMIRWARM, Protection, Malicious Website Protection, Starting, 

Protection, 24.07.2015 00:56, SYSTEM, BORISMIRWARM, Protection, Malicious Website Protection, Started, 

Error, 24.07.2015 00:56, SYSTEM, BORISMIRWARM, Update, Bad md5 or size: akadomains, 11, 

Error, 24.07.2015 00:56, SYSTEM, BORISMIRWARM, Update, Bad md5 or size: akaips, 11, 

Update, 24.07.2015 00:56, SYSTEM, BORISMIRWARM, Manual, Domain Database, 0.0.0.0, 2015.6.12.1, 

Update, 24.07.2015 00:56, SYSTEM, BORISMIRWARM, Manual, Remediation Database, 2015.5.13.1, 2015.7.20.1, 

Update, 24.07.2015 00:56, SYSTEM, BORISMIRWARM, Manual, IP Database, 0.0.0.0, 2015.6.12.1, 

Update, 24.07.2015 00:56, SYSTEM, BORISMIRWARM, Manual, Rootkit Database, 2015.6.2.1, 2015.7.22.1, 

Update, 24.07.2015 00:56, SYSTEM, BORISMIRWARM, Manual, AKA IP Database, 0.0.0.0, 2015.7.15.1, 

Update, 24.07.2015 00:56, SYSTEM, BORISMIRWARM, Manual, AKA Domain Database, 0.0.0.0, 2015.7.23.4, 

Update, 24.07.2015 00:56, SYSTEM, BORISMIRWARM, Manual, Malware Database, 2015.6.3.3, 2015.7.23.5, 

Protection, 24.07.2015 00:56, SYSTEM, BORISMIRWARM, Protection, Refresh, Starting, 

Protection, 24.07.2015 00:56, SYSTEM, BORISMIRWARM, Protection, Malicious Website Protection, Stopping, 

Protection, 24.07.2015 00:56, SYSTEM, BORISMIRWARM, Protection, Malicious Website Protection, Stopped, 

Protection, 24.07.2015 00:56, SYSTEM, BORISMIRWARM, Protection, Refresh, Success, 

Protection, 24.07.2015 00:56, SYSTEM, BORISMIRWARM, Protection, Malicious Website Protection, Starting, 

Protection, 24.07.2015 00:56, SYSTEM, BORISMIRWARM, Protection, Malicious Website Protection, Started, 

Protection, 24.07.2015 01:28, SYSTEM, BORISMIRWARM, Protection, Malicious Website Protection, Stopping, 

Protection, 24.07.2015 01:28, SYSTEM, BORISMIRWARM, Protection, Malicious Website Protection, Stopped, 

Protection, 24.07.2015 01:28, SYSTEM, BORISMIRWARM, Protection, Malware Protection, Stopping, 

Protection, 24.07.2015 01:28, SYSTEM, BORISMIRWARM, Protection, Malware Protection, Stopped, 

Scan, 24.07.2015 01:39, SYSTEM, BORISMIRWARM, Manual, Start: 24.07.2015 01:29, Dauer: 10 Min. 11 Sek., Bedrohungssuchlauf, Abgeschlossen, 2 Malware-Erkennung, 1 Nicht-Malware-Erkennung, 

Error, 24.07.2015 01:41, SYSTEM, BORISMIRWARM, Protection, IsLicensed, 13, 

Protection, 24.07.2015 01:41, SYSTEM, BORISMIRWARM, Protection, Malware Protection, Stopping, 

Protection, 24.07.2015 01:41, SYSTEM, BORISMIRWARM, Protection, Malware Protection, Stopped, 
 

(end)

Code:

Malwarebytes Anti-Malware

www.malwarebytes.org
 

Suchlaufdatum: 24.07.2015

Suchlaufzeit: 01:29

Protokolldatei: Suchlaufverlaufslog.txt

Administrator: Ja
 

Version: 2.1.8.1057

Malware-Datenbank: v2015.07.23.05

Rootkit-Datenbank: v2015.07.22.01

Lizenz: Kostenlose Version

Malware-Schutz: Deaktiviert

Schutz vor bösartigen Websites: Deaktiviert

Selbstschutz: Deaktiviert
 

Betriebssystem: Windows 7 Service Pack 1

CPU: x64

Dateisystem: NTFS

Benutzer: gestörthe Dörthe
 

Suchlauftyp: Bedrohungssuchlauf

Ergebnis: Abgeschlossen

Durchsuchte Objekte: 399272

Abgelaufene Zeit: 10 Min., 11 Sek.
 

Speicher: Aktiviert

Start: Aktiviert

Dateisystem: Aktiviert

Archive: Aktiviert

Rootkits: Aktiviert

Heuristik: Aktiviert

PUP: Aktiviert

PUM: Aktiviert
 

Prozesse: 0

(keine bösartigen Elemente erkannt)
 

Module: 0

(keine bösartigen Elemente erkannt)
 

Registrierungsschlüssel: 1

PUP.Optional.SuperClick.A, HKLM\SOFTWARE\WOW6432NODE\SuperClick_1.10.0.16, In Quarantäne, [a48dfce9d9b1c37303679ff6010347b9], 
 

Registrierungswerte: 0

(keine bösartigen Elemente erkannt)
 

Registrierungsdaten: 0

(keine bösartigen Elemente erkannt)
 

Ordner: 0

(keine bösartigen Elemente erkannt)
 

Dateien: 2

Hacktool.Agent, C:\Users\gestörthe Dörthe\AppData\Roaming\Windows Loader\Windows Loader.exe, In Quarantäne, [e051c2238bff8aac0c54e32ed72a4cb4], 

Malware.Trace.E, C:\Windows\System32\Tasks\winspt, In Quarantäne, [9c9519cc8efcad894f6b4155f90b7c84], 
 

Physische Sektoren: 0

(keine bösartigen Elemente erkannt)
 
 

(end)

Code:

ESETSmartInstaller@High as downloader log:

all ok

# product=EOS

# version=8

# OnlineScannerApp.exe=1.0.0.1

# EOSSerial=17c77bbfc60c534090fe31d1248cb0f5

# end=init

# utc_time=2015-07-24 12:06:42

# local_time=2015-07-24 02:06:42 (+0100, Mitteleuropäische Sommerzeit)

# country="Germany"

# osver=6.1.7601 NT Service Pack 1

Update Init

Update Download

Update Finalize

Updated modules version: 24950

# product=EOS

# version=8

# OnlineScannerApp.exe=1.0.0.1

# EOSSerial=17c77bbfc60c534090fe31d1248cb0f5

# end=updated

# utc_time=2015-07-24 12:08:31

# local_time=2015-07-24 02:08:31 (+0100, Mitteleuropäische Sommerzeit)

# country="Germany"

# osver=6.1.7601 NT Service Pack 1

# product=EOS

# version=8

# OnlineScannerApp.exe=1.0.0.1

# OnlineScanner.ocx=1.0.0.7777

# api_version=3.1.1

# EOSSerial=17c77bbfc60c534090fe31d1248cb0f5

# engine=24950

# end=finished

# remove_checked=true

# archives_checked=true

# unwanted_checked=true

# unsafe_checked=true

# antistealth_checked=true

# utc_time=2015-07-24 02:13:52

# local_time=2015-07-24 04:13:52 (+0100, Mitteleuropäische Sommerzeit)

# country="Germany"

# lang=1031

# osver=6.1.7601 NT Service Pack 1

# compatibility_mode_1=''

# compatibility_mode=5893 16776573 100 94 8535 189333882 0 0

# scanned=407484

# found=4

# cleaned=4

# scan_time=7520

sh=9CF51FEF19AE97D029F2B42F9B70124E1865046D ft=1 fh=ec2b9b2a517d89a2 vn="Variante von Win32/SpeedBit.F evtl. unerwÃ¼nschte Anwendung (GesÃ¤ubert durch LÃ¶schen - in QuarantÃ¤ne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\Program Files\Common Files\System\SysMenu.dll.vir"

sh=DDD7E789E67132CF6C5D8169B2F46E3498FCA60F ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.C evtl. unerwÃ¼nschte Anwendung (gelÃ¶scht - in QuarantÃ¤ne kopiert)" ac=C fn="D:\Users\Boris Mirwarm\AppData\Roaming\PRHSC"

sh=0A9295D02C8ADC7308D436A6F704B3F2994580A7 ft=0 fh=0000000000000000 vn="VBS/Kryptik.DY Trojaner (GesÃ¤ubert durch LÃ¶schen - in QuarantÃ¤ne kopiert)" ac=C fn="D:\Users\Boris Mirwarm\AppData\Roaming\VooUpdate\UpdateProc\bkup.dat"

sh=4CF9EF4D739C2F8A1F3909A2720274527EC29E1F ft=1 fh=c71c001143f2d9bd vn="Variante von Win32/ELEX.CP evtl. unerwÃ¼nschte Anwendung (GesÃ¤ubert durch LÃ¶schen - in QuarantÃ¤ne kopiert)" ac=C fn="D:\Users\Boris Mirwarm\AppData\Roaming\webssearches\UninstallManager.exe"

Code:

D:\Users\Boris Mirwarm\AppData\Roaming\PRHSC

D:\Users\Boris Mirwarm\AppData\Roaming\VooUpdate\UpdateProc\bkup.dat

D:\Users\Boris Mirwarm\AppData\Roaming\webssearches\UninstallManager.exe

C:\Users\gestörthe Dörthe\AppData\Roaming\Windows Loader

EmptyTemp:

Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).

Starte nun FRST erneut und klicke den Entfernen Button.
Das Tool erstellt eine Fixlog.txt.
Poste mir deren Inhalt.

Code:

Entferungsergebnis von Farbar Recovery Scan Tool (x64) Version:26-07-2015

durchgeführt von gestörthe Dörthe an 2015-07-26 15:32:52 Run:3

Gestartet von C:\Users\gestörthe Dörthe\Downloads

Geladene Profile: gestörthe Dörthe (Verfügbare Profile: gestörthe Dörthe & gestoertheDorthe)

Start-Modus: Normal

==============================================
 

fixlist Inhalt:

*****************

D:\Users\Boris Mirwarm\AppData\Roaming\PRHSC

D:\Users\Boris Mirwarm\AppData\Roaming\VooUpdate\UpdateProc\bkup.dat

D:\Users\Boris Mirwarm\AppData\Roaming\webssearches\UninstallManager.exe

C:\Users\gestörthe Dörthe\AppData\Roaming\Windows Loader

EmptyTemp:

         

*****************
 

"D:\Users\Boris Mirwarm\AppData\Roaming\PRHSC" => Datei/Ordner nicht gefunden.

"D:\Users\Boris Mirwarm\AppData\Roaming\VooUpdate\UpdateProc\bkup.dat" => Datei/Ordner nicht gefunden.

"D:\Users\Boris Mirwarm\AppData\Roaming\webssearches\UninstallManager.exe" => Datei/Ordner nicht gefunden.

C:\Users\gestörthe Dörthe\AppData\Roaming\Windows Loader => erfolgreich verschoben.

EmptyTemp: => 119.5 MB temporäre Dateien entfernt.
 
 

Das System musste neu gestartet werden.. 
 

==== Ende von Fixlog 15:32:53 ====

Sieht soweit ok aus :daumenhoc

Wegen Cookies und anderer Dinge im Web: Um die Pest von vornherein zu blocken (also TrackingCookies, Werbebanner etc.) empfehle ich die Erweiterung Ghostery, diese verhindert weitgehend Usertracking bzw. das Anzeigen von Werbebannern.

Info: Cookies sind keine Schädlinge direkt, aber es besteht die Gefahr der missbräuchlichen Verwendung (eindeutige Wiedererkennung zB für gezielte Werbung o.ä. => HTTP-Cookie )

Ansonsten gibt es noch gute Cookiemanager, Erweiterungen für den Firefox zB wäre da CookieCuller
Wenn du aber damit leben kannst, dich bei jeder Browsersession überall neu einzuloggen (zB Facebook, Ebay, GMX, oder auch Trojaner-Board) dann stell den Browser einfach so ein, dass einfach alles beim Beenden des Browser inkl. Cookies gelöscht wird.

Ist dein System nun wieder in Ordnung oder gibt's noch andere Funde oder Probleme?