| |
| |||||||
Log-Analyse und Auswertung: Program.exe - Ungültiges Bild (mehrere Programme)Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML |
 |
03.03.2014, 10:25
| #1 |
 |  Program.exe - Ungültiges Bild (mehrere Programme) Guten Tag, ich habe zurzeit das problem, dass ich beim Windows Start die Fehlermeldung bekomme, dass itunes.exe - Ungültiges Bild Beispiel.exe - Ungültiges Bild C:Windows/xx/xxdll ist entweder nicht für die Ausführung unter Windows vorgesehen oder enthält einen fehler. Installieren sie das Programmm mit den Originalinstallationsmedien erneut, oder wenden Sei sich and den Systemadministrator oder Softwarelieferanten, um Unterstützung zu erhalten. Habe vorerst iTunes reparieren wollen, ohne erfolg. Gelöscht neu installiert, alles schön und gut. Dann wollte ich nach einigen tagen OpenOffice starten huch  selbe Fehlermeldung.Habe gemerkt das ich es bei paar Programmen habe. Die habe ich alle neu installiertn zurzeit schön und gut.... Aber sicher fühle ich mich dadurch leider nicht  , ich bin eigendlich einer, der weiß wo man draufklickt, was man wie installiert...Antivirensuche mit dem Scanner "Defender" durchgeführt 0 Fehler. Firewall ist auch immer an (Windows). Ich benutze zurzeit Windows 8.1 Pro 64 Bit. Ich habe jetzt mitbekommen, dass nur eine Formiatierung auf C:// nicht den Virus immer mitlöscht, ich benutze eine SSD mit 120 GB, wo Win. drauf ist. Programme sind auf D:// (HDD 2TB). Es würde ja schneller gehn, alles zu formatieren, neu zu installieren, auf D sind aber Daten die schon draufbleiben sollten Kann man diesen Virus 100% loswerden ohne zu formatieren wo ich anschließend mich auch wieder sicher fühlen kann? Habe laut anderem forum mal (google 2 Jahre alter beitrag gewesen), einen sfc scan via CMD (Admin)) durchgeführt, in der Log CBS hatte ich ein paar mal die Meldung mscorlib.dll defekt, soll wohl mit Framwork was zu tun haben. Die habe ich auch neu runtergeladen via. Microsoft (file://ziel) und ersetzt, nochmal den scan durchgeführt, wieder der fehler... Wenn ich die sache innerhalb einen-zwei tage so entfernt bekomme, würde ich mich sehr sehr freuen... Edit: Eigendlich läuft mein System stabil, kann aber auch sein wegen meiner Hardware das sie das mitmacht... SSD, 16GB Ram, Gute Graka HD7970 Matrix Platinum und ne CPU ala iNtel i5 3570K... Vielen Dank, < neuling dvT91  Geändert von dvt91 (03.03.2014 um 10:38 Uhr) |
|
03.03.2014, 10:45
| #2 |
| /// the machine /// TB-Ausbilder    | Program.exe - Ungültiges Bild (mehrere Programme) hi,
__________________Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:  FRST 32-Bit | FRST 64-Bit(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
__________________ |
|
03.03.2014, 21:40
| #3 |
| | Program.exe - Ungültiges Bild (mehrere Programme) [CODE=Addition.txt]FRST Additions Logfile:
__________________Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x64) Version: 03-03-2014
Ran by DAVUT at 2014-03-03 14:38:37
Running from C:\Users\DAVUT\Desktop
Boot Mode: Normal
==========================================================
==================== Security Center ========================
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Spybot - Search and Destroy (Enabled - Out of date) {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
==================== Installed Programs ======================
Adobe Flash Player 11 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 11.9.900.117 - Adobe Systems Incorporated)
Adobe Photoshop CS6 (HKLM-x32\...\{74EB3499-8B95-4B5C-96EB-7B342F3FD0C6}) (Version: 13.0 - Adobe Systems Incorporated)
AMD Accelerated Video Transcoding (Version: 13.15.100.31008 - Advanced Micro Devices, Inc.) Hidden
AMD APP SDK Runtime (Version: 10.0.938.2 - Advanced Micro Devices Inc.) Hidden
AMD Catalyst Control Center (x32 Version: 2013.1008.932.15229 - Ihr Firmenname) Hidden
AMD Catalyst Install Manager (HKLM\...\{5AE0838D-19B1-5D12-5FE8-E6503B2C8716}) (Version: 8.0.915.0 - Advanced Micro Devices, Inc.)
ASUS GPU Tweak (HKLM-x32\...\InstallShield_{532F6E8A-AF97-41C3-915F-39F718EC07D1}) (Version: 2.2.8.1 - ASUSTek COMPUTER INC.)
ASUS GPU Tweak (x32 Version: 2.2.8.1 - ASUSTek COMPUTER INC.) Hidden
ASUS Product Register Program (HKLM-x32\...\{C0B16F2E-3980-44F8-8CF4-F84696541FF7}) (Version: 1.0.017 - ASUSTek Computer Inc.)
ASUS Xonar D2 Audio (HKLM-x32\...\{8FFA0EAF-5AFB-4492-B5F7-C56B03DF08DF}) (Version: - )
Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 2.1.0.7 - Atheros Communications Inc.)
Battlefield 3™ (HKLM-x32\...\{76285C16-411A-488A-BCE3-C83CB933D8CF}) (Version: 1.6.0.0 - Electronic Arts)
Battlefield 4™ (HKLM-x32\...\{ABADE36E-EC37-413B-8179-B432AD3FACE7}) (Version: 1.1.0.1 - Electronic Arts)
Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.3.2 - EA Digital Illusions CE AB)
Canon MP520 series (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP520_series) (Version: - )
Canon My Printer (HKLM-x32\...\CanonMyPrinter) (Version: 3.1.0 - Canon Inc.)
Catalyst Control Center - Branding (x32 Version: 1.00.0000 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Graphics Previews Common (x32 Version: 2013.1008.932.15229 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center InstallProxy (x32 Version: 2013.1008.932.15229 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Localization All (x32 Version: 2013.1008.932.15229 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Standard (x32 Version: 2013.1008.0931.15229 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Traditional (x32 Version: 2013.1008.0931.15229 - Advanced Micro Devices, Inc.) Hidden
CCC Help Czech (x32 Version: 2013.1008.0931.15229 - Advanced Micro Devices, Inc.) Hidden
CCC Help Danish (x32 Version: 2013.1008.0931.15229 - Advanced Micro Devices, Inc.) Hidden
CCC Help Dutch (x32 Version: 2013.1008.0931.15229 - Advanced Micro Devices, Inc.) Hidden
CCC Help English (x32 Version: 2013.1008.0931.15229 - Advanced Micro Devices, Inc.) Hidden
CCC Help Finnish (x32 Version: 2013.1008.0931.15229 - Advanced Micro Devices, Inc.) Hidden
CCC Help French (x32 Version: 2013.1008.0931.15229 - Advanced Micro Devices, Inc.) Hidden
CCC Help German (x32 Version: 2013.1008.0931.15229 - Advanced Micro Devices, Inc.) Hidden
CCC Help Greek (x32 Version: 2013.1008.0931.15229 - Advanced Micro Devices, Inc.) Hidden
CCC Help Hungarian (x32 Version: 2013.1008.0931.15229 - Advanced Micro Devices, Inc.) Hidden
CCC Help Italian (x32 Version: 2013.1008.0931.15229 - Advanced Micro Devices, Inc.) Hidden
CCC Help Japanese (x32 Version: 2013.1008.0931.15229 - Advanced Micro Devices, Inc.) Hidden
CCC Help Korean (x32 Version: 2013.1008.0931.15229 - Advanced Micro Devices, Inc.) Hidden
CCC Help Norwegian (x32 Version: 2013.1008.0931.15229 - Advanced Micro Devices, Inc.) Hidden
CCC Help Polish (x32 Version: 2013.1008.0931.15229 - Advanced Micro Devices, Inc.) Hidden
CCC Help Portuguese (x32 Version: 2013.1008.0931.15229 - Advanced Micro Devices, Inc.) Hidden
CCC Help Russian (x32 Version: 2013.1008.0931.15229 - Advanced Micro Devices, Inc.) Hidden
CCC Help Spanish (x32 Version: 2013.1008.0931.15229 - Advanced Micro Devices, Inc.) Hidden
CCC Help Swedish (x32 Version: 2013.1008.0931.15229 - Advanced Micro Devices, Inc.) Hidden
CCC Help Thai (x32 Version: 2013.1008.0931.15229 - Advanced Micro Devices, Inc.) Hidden
CCC Help Turkish (x32 Version: 2013.1008.0931.15229 - Advanced Micro Devices, Inc.) Hidden
ccc-utility64 (Version: 2013.1008.932.15229 - Advanced Micro Devices, Inc.) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 4.10 - Piriform)
Counter-Strike (HKLM-x32\...\Steam App 10) (Version: - Valve)
Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version: - Valve)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Dogfight 1942 (c) City Interactive version 1 (HKLM-x32\...\Dogfight 1942 (c) City Interactive_is1) (Version: 1 - )
Dxtory version 2.0.126 (HKLM-x32\...\Dxtory2.0_is1) (Version: 2.0.126 - ExKode Co. Ltd.)
Epson Benutzerhandbuch WF-3520 Series (HKLM-x32\...\WF-3520 Series Useg) (Version: - )
Epson Connect Guide (HKLM-x32\...\Epson Connect Guide) (Version: - )
Epson Connect Printer Setup (HKLM-x32\...\{D9B1D51B-EB56-410D-AEB5-1CCFAC4B6C8C}) (Version: 1.1.1 - SEIKO EPSON CORPORATION)
Epson Easy Photo Print 2 (HKLM-x32\...\{02A312B5-1542-47B6-BFE9-F51358C39E86}) (Version: 2.4.0.0 - SEIKO EPSON CORPORATION)
Epson Easy Photo Print Plug-in for PMB(Picture Motion Browser) (HKLM-x32\...\{B2D55EB8-32C5-4B43-9006-9E97DECBA178}) (Version: 1.00.0000 - SEIKO EPSON CORPORATION2)
Epson Event Manager (HKLM-x32\...\{8F01524C-0676-4CC1-B4AE-64753C723391}) (Version: 3.01.0005 - Seiko Epson Corporation)
Epson FAX Utility (HKLM-x32\...\{0CBE6C93-CB2E-4378-91EE-12BE6D4E2E4A}) (Version: 1.31.00 - SEIKO EPSON CORPORATION)
Epson Netzwerkhandbuch WF-3520 Series (HKLM-x32\...\WF-3520 Series Netg) (Version: - )
EPSON Printer Finder (HKLM-x32\...\{B8ECD0D3-AE08-4891-B6C7-32F96B75EB6C}) (Version: 1.0.0 - SEIKO EPSON CORPORATION)
EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version: - Seiko Epson Corporation)
EPSON WF-3520 Series Printer Uninstall (HKLM\...\EPSON WF-3520 Series) (Version: - SEIKO EPSON Corporation)
EpsonNet Print (HKLM-x32\...\{3E31400D-274E-4647-916C-2CACC3741799}) (Version: 2.5.00 - SEIKO EPSON CORPORATION)
FileZilla Client 3.7.3 (HKLM-x32\...\FileZilla Client) (Version: 3.7.3 - Tim Kosse)
Fotogalerie (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Fraps (remove only) (HKLM-x32\...\Fraps) (Version: - )
GPUTweakStreaming (HKLM-x32\...\InstallShield_{D2A41AA7-4313-43D5-AA39-7E3FBBE0556D}) (Version: 1.0.3.5 - ASUS)
GPUTweakStreaming (x32 Version: 1.0.3.5 - ASUS) Hidden
HydraVision (x32 Version: 4.2.236.0 - Advanced Micro Devices, Inc.) Hidden
iCloud (HKLM\...\{81E20D41-C277-4526-934D-F2380AF91B78}) (Version: 3.1.0.40 - Apple Inc.)
Infestation: Survivor Stories (HKLM-x32\...\Steam App 226700) (Version: - Hammerpoint Interactive)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1252 - Intel Corporation)
Intel® Trusted Connect Service Client (Version: 1.24.388.1 - Intel Corporation) Hidden
JDownloader 0.9 (HKLM-x32\...\5513-1208-7298-9440) (Version: 0.9 - AppWork GmbH)
Lagarith Lossless Codec (1.3.27) (HKLM-x32\...\{F59AC46C-10C3-4023-882C-4212A92283B3}_is1) (Version: - )
Left 4 Dead 2 (HKLM-x32\...\Steam App 550) (Version: - Valve)
LINE (HKLM-x32\...\LINE) (Version: 3.4.0.21 - LINE Corporation)
Malwarebytes Anti-Malware Version 1.75.0.1300 (HKLM-x32\...\Malwarebytes' Anti-Malware_is1) (Version: 1.75.0.1300 - Malwarebytes Corporation)
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft IntelliType Pro 7.1 (HKLM\...\{E6B7BD80-A921-4C72-A68B-44A9EB438BE4}) (Version: 7.10.344.0 - Microsoft)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.50727 (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.60610 (Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.50727 (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.60610 (Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.50727 (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.60610 (x32 Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.50727 (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.60610 (x32 Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft_VC80_CRT_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC90_CRT_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
MKVToolNix 6.7.0 [20140102-565] (HKLM-x32\...\MKVToolNix) (Version: 6.7.0 - Moritz Bunkus)
Movie Maker (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Mozilla Firefox 24.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 24.0 (x86 de)) (Version: 24.0 - Mozilla)
Mozilla Firefox 27.0.1 (x86 de) (HKCU\...\Mozilla Firefox 27.0.1 (x86 de)) (Version: 27.0.1 - Mozilla)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT110 (x32 Version: 16.4.1108.0727 - Microsoft) Hidden
MSVCRT110_amd64 (Version: 16.4.1109.0912 - Microsoft) Hidden
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.5.3 - Notepad++ Team)
Octoshape Streaming Services (HKCU\...\Octoshape Streaming Services) (Version: - Octoshape ApS)
Open Broadcaster Software (HKLM-x32\...\Open Broadcaster Software) (Version: - )
OpenAL (HKLM-x32\...\OpenAL) (Version: - )
Origin (HKLM-x32\...\Origin) (Version: 9.3.10.4710 - Electronic Arts, Inc.)
Overwolf (HKLM-x32\...\{030F4BB3-F3C3-4A74-905C-44672D1ECB76}) (Version: 0.47.284 - Overwolf)
PDF Settings CS6 (x32 Version: 11.0 - Adobe Systems Incorporated) Hidden
Photo Common (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Photo Gallery (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Presto! PageManager 9.03 SE (HKLM-x32\...\{04AF7536-446D-4F5A-8920-B4E885E4581B}) (Version: 9.03.06 - Newsoft Technology Corporation)
Pro Evolution Soccer 2014 (HKLM-x32\...\{5EFD3544-2371-4900-8ACA-F157BA80FB0C}) (Version: 1.04.0000 - KONAMI)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.993 - Even Balance, Inc.)
Razer Synapse 2.0 (HKLM-x32\...\{0D78BEE2-F8FF-4498-AF1A-3FF81CED8AC6}) (Version: 1.15.4 - Razer Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6662 - Realtek Semiconductor Corp.)
Skype™ 6.11 (HKLM-x32\...\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}) (Version: 6.11.102 - Skype Technologies S.A.)
Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.2.25 - Safer-Networking Ltd.)
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.13 - TeamSpeak Systems GmbH)
TeamViewer 8 (HKLM-x32\...\TeamViewer 8) (Version: 8.0.26038 - TeamViewer)
VLC media player 2.1.0 (HKLM-x32\...\VLC media player) (Version: 2.1.0 - VideoLAN)
Windows Live Communications Platform (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3508.0205 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
WinRAR 5.00 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.00.0 - win.rar GmbH)
==================== Restore Points =========================
==================== Hosts content: ==========================
2012-07-26 06:26 - 2013-11-03 00:27 - 00000894 ____A C:\WINDOWS\system32\Drivers\etc\hosts
127.0.0.1 lmlicenses.wip4.adobe.com
127.0.0.1 lm.licenses.adobe.com
==================== Scheduled Tasks (whitelisted) =============
Task: {003C309C-F60B-45DB-ABBB-4BE9B297FDD1} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => D:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe
Task: {05293577-D647-4185-B859-C94839A0B2E3} - System32\Tasks\Microsoft\Windows\SettingSync\NetworkStateChangeTask
Task: {0B545118-B563-42FC-8D07-B78F602FCF34} - System32\Tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask => Rundll32.exe WSClient.dll,RefreshBannedAppsList
Task: {2085BF56-520D-4951-B7C0-DF34AF90CC6A} - System32\Tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask => Rundll32.exe sysmain.dll,PfSvWsSwapAssessmentTask
Task: {2C9C0C6C-2A74-46F2-858A-4389D253EAD0} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCachePrepopulate
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\Windows\System32\AutoWorkplace.exe [2013-08-22] (Microsoft Corporation)
Task: {3B6D8A73-F20B-4C93-B8FB-56A154F172D2} - System32\Tasks\Microsoft\Windows\Time Zone\SynchronizeTimeZone => C:\Windows\system32\tzsync.exe [2013-08-22] (Microsoft Corporation)
Task: {49754026-21E1-41FC-94FD-727AFE414FE7} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCacheRebalance
Task: {61FD0431-131C-4D31-AF25-92D6FA47A992} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => D:\Program Files (x86)\Spybot - Search & Destroy 2\SDScan.exe
Task: {6AA91E8C-DDBD-4979-8464-4062F7681A19} - System32\Tasks\Microsoft\Windows\Plug and Play\Plug and Play Cleanup
Task: {6DFCB649-0769-4F83-BB10-F60F235F6D3D} - System32\Tasks\Microsoft\Windows\SkyDrive\Idle Sync Maintenance Task
Task: {73B1B253-CE67-4501-AE1A-377DD1D68B65} - System32\Tasks\Microsoft\Windows\Application Experience\StartupAppTask => Rundll32.exe Startupscan.dll,SusRunTask
Task: {77F1D869-6E65-4079-A2A0-E2023408EF97} - System32\Tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState => Rundll32.exe Windows.Storage.ApplicationData.dll,CleanupTemporaryState
Task: {872D0E53-FD2E-41E3-B431-698AF82882CE} - System32\Tasks\Microsoft\Windows\SkyDrive\Routine Maintenance Task
Task: {8CC813C9-712A-41EF-9512-B233444FC669} - System32\Tasks\Microsoft\Windows\AppxDeploymentClient\Pre-staged app cleanup => Rundll32.exe %windir%\system32\AppxDeploymentClient.dll,AppxPreStageCleanupRunTask
Task: {9A910D6B-757B-45F4-A04F-63FB0C190F71} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => D:\Program Files (x86)\Spybot - Search & Destroy 2\SDImmunize.exe
Task: {9FF4C139-5234-410C-B7FA-23EE2FD2AB53} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Maintenance Work
Task: {ADE4287C-7D72-4F1F-8AA5-484B2028FBB4} - System32\Tasks\Microsoft_Hardware_Launch_IType_exe => C:\Program Files\Microsoft IntelliType Pro\IType.exe [2009-11-05] (Microsoft Corporation)
Task: {C5B58101-F4E5-4A12-9D80-FFB0F13E321A} - System32\Tasks\AdobeAAMUpdater-1.0-MicrosoftAccount-dvt91@outlook.com => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2012-04-04] (Adobe Systems Incorporated)
Task: {CFD7C21A-808B-487B-A6EC-8A10E44E8360} - System32\Tasks\Microsoft\Windows\SettingSync\BackupTask
Task: {D154068F-6A29-4EC8-B1FA-E31B64BF5E99} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2014-02-18] (Microsoft Corporation)
Task: {D88FEC9E-A82A-46F9-87E2-B6B97B301C1A} - System32\Tasks\Microsoft\Windows\WS\License Validation => Rundll32.exe WSClient.dll,WSpTLR licensing
Task: {DA46820F-FF8A-4B5E-A6B2-B12185DCFFFB} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Logon Synchronization
Task: {DCA34986-71FC-4ADF-BA36-C1465DE42637} - System32\Tasks\CCleanerSkipUAC => D:\Program Files\CCleaner\CCleaner.exe [2014-01-21] (Piriform Ltd)
Task: {E6D378FA-E068-4BCB-80DE-56D43A249507} - System32\Tasks\Microsoft\Windows\RecoveryEnvironment\VerifyWinRE
==================== Loaded Modules (whitelisted) =============
2012-01-17 10:24 - 2012-01-17 10:24 - 00055296 _____ () C:\Windows\SysWOW64\ASGT.exe
2012-09-11 16:27 - 2012-09-11 16:27 - 00062128 _____ () C:\Program Files (x86)\ASUS\APRP\AsusProductRegisterService.exe
2013-10-15 21:34 - 2013-11-12 15:19 - 00076888 _____ () C:\WINDOWS\SysWOW64\PnkBstrA.exe
2013-10-15 21:34 - 2014-03-02 20:03 - 00291128 _____ () C:\WINDOWS\SysWOW64\PnkBstrB.exe
2010-01-02 15:42 - 2010-01-02 15:42 - 00098304 _____ () D:\Program Files (x86)\FileZilla FTP Client\fzshellext_64.dll
2011-02-25 19:35 - 2011-02-25 19:35 - 00044032 _____ () C:\Program Files (x86)\ASUS\GPU Tweak\2dpainting.exe
2013-10-15 21:00 - 2008-07-11 14:04 - 00200704 _____ () C:\Windows\SysWOW64\HsMgr.exe
2013-10-15 21:00 - 2008-07-11 14:03 - 00282112 _____ () C:\Windows\System\HsMgr64.exe
2014-03-02 01:33 - 2012-08-23 10:38 - 00574840 _____ () D:\Program Files (x86)\Spybot - Search & Destroy 2\sqlite3.dll
2014-03-02 01:33 - 2013-05-16 10:55 - 00113496 _____ () D:\Program Files (x86)\Spybot - Search & Destroy 2\snlThirdParty150.bpl
2014-03-02 01:33 - 2013-05-16 10:55 - 00416600 _____ () D:\Program Files (x86)\Spybot - Search & Destroy 2\DEC150.bpl
2014-03-02 01:33 - 2013-05-16 10:55 - 00161112 _____ () D:\Program Files (x86)\Spybot - Search & Destroy 2\snlFileFormats150.bpl
2014-03-02 01:33 - 2012-04-03 17:06 - 00565640 _____ () D:\Program Files (x86)\Spybot - Search & Destroy 2\av\BDSmartDB.dll
2010-11-01 19:00 - 2010-11-01 19:00 - 00015964 _____ () C:\Program Files (x86)\ASUS\GPU Tweak\mingwm10.dll
2010-11-01 19:00 - 2010-11-01 19:00 - 02741248 _____ () C:\Program Files (x86)\ASUS\GPU Tweak\QtCore4.dll
2010-11-01 19:01 - 2010-11-01 19:01 - 11448320 _____ () C:\Program Files (x86)\ASUS\GPU Tweak\QtGui4.dll
2010-11-01 19:01 - 2010-11-01 19:01 - 00613376 _____ () C:\Program Files (x86)\ASUS\GPU Tweak\QtOpenGL4.dll
2013-10-15 21:00 - 2012-06-06 08:56 - 00143360 ____N () C:\Program Files\ASUS Xonar D2 Audio\Customapp\VmixP8.dll
2013-08-07 20:25 - 2013-08-07 20:25 - 00093696 _____ () D:\Program Files (x86)\FileZilla FTP Client\fzshellext.dll
2014-01-08 10:25 - 2013-12-12 23:19 - 00142848 _____ () D:\Program Files (x86)\Steam\libavresample-1.dll
2014-01-08 10:25 - 2013-11-05 02:12 - 00890592 _____ () D:\Program Files (x86)\Steam\libavutil-52.dll
2014-02-19 20:05 - 2014-02-11 03:34 - 00751616 _____ () D:\Program Files (x86)\Steam\SDL2.dll
2014-02-26 14:28 - 2014-02-25 22:57 - 01135296 _____ () D:\Program Files (x86)\Steam\bin\chromehtml.DLL
2014-01-28 12:56 - 2014-01-11 00:33 - 20625832 _____ () D:\Program Files (x86)\Steam\bin\libcef.dll
2013-10-15 18:56 - 2013-06-15 00:49 - 01100800 _____ () D:\Program Files (x86)\Steam\bin\avcodec-53.dll
2013-10-15 18:56 - 2013-06-15 00:49 - 00124416 _____ () D:\Program Files (x86)\Steam\bin\avutil-51.dll
2013-10-15 18:56 - 2013-06-15 00:49 - 00192000 _____ () D:\Program Files (x86)\Steam\bin\avformat-53.dll
2014-02-14 22:24 - 2014-02-14 22:24 - 00962560 _____ () D:\Program Files (x86)\Origin\platforms\qwindows.dll
2014-02-14 22:24 - 2014-02-14 22:24 - 00024064 _____ () D:\Program Files (x86)\Origin\imageformats\qgif.dll
2014-02-14 22:24 - 2014-02-14 22:24 - 00025088 _____ () D:\Program Files (x86)\Origin\imageformats\qico.dll
2014-02-14 22:24 - 2014-02-14 22:24 - 00217088 _____ () D:\Program Files (x86)\Origin\imageformats\qjpeg.dll
2014-02-14 22:24 - 2014-02-14 22:24 - 00261632 _____ () D:\Program Files (x86)\Origin\imageformats\qmng.dll
2014-02-14 22:24 - 2014-02-14 22:24 - 00019968 _____ () D:\Program Files (x86)\Origin\imageformats\qtga.dll
2014-02-14 22:24 - 2014-02-14 22:24 - 00302592 _____ () D:\Program Files (x86)\Origin\imageformats\qtiff.dll
2014-02-14 22:24 - 2014-02-14 22:24 - 00018944 _____ () D:\Program Files (x86)\Origin\imageformats\qwbmp.dll
2013-09-14 00:51 - 2013-09-14 00:51 - 00087952 _____ () D:\Program Files (x86)\Common Files\Apple\Internet Services\zlib1.dll
2013-09-14 00:50 - 2013-09-14 00:50 - 01242952 _____ () D:\Program Files (x86)\Common Files\Apple\Internet Services\libxml2.dll
2014-02-15 01:11 - 2014-02-15 01:11 - 03578992 _____ () D:\Program Files (x86)\Mozilla Firefox\mozjs.dll
2013-10-15 21:08 - 2012-06-25 09:41 - 01198912 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll
==================== Alternate Data Streams (whitelisted) =========
AlternateDataStreams: C:\Users\DAVUT\SkyDrive:ms-properties
==================== Safe Mode (whitelisted) ===================
==================== Disabled items from MSCONFIG ==============
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (03/03/2014 02:34:20 PM) (Source: Steam Client Service) (User: )
Description: Error: Failed to poke open firewall
Error: (03/02/2014 08:02:13 PM) (Source: Steam Client Service) (User: )
Description: Error: Failed to poke open firewall
Error: (03/02/2014 03:42:18 AM) (Source: Steam Client Service) (User: )
Description: Error: Failed to poke open firewall
Error: (03/02/2014 03:34:28 AM) (Source: Microsoft-Windows-Immersive-Shell) (User: DAVUT-PC)
Description: Bei der Aktivierung der App „Microsoft.BingWeather_8wekyb3d8bbwe!App“ ist folgender Fehler aufgetreten: -2147023170. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.
Error: (03/02/2014 03:20:22 AM) (Source: Steam Client Service) (User: )
Description: Error: Failed to poke open firewall
Error: (03/02/2014 01:41:55 AM) (Source: Microsoft-Windows-Immersive-Shell) (User: DAVUT-PC)
Description: Bei der Aktivierung der App „Microsoft.BingWeather_8wekyb3d8bbwe!App“ ist folgender Fehler aufgetreten: -2147023170. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.
Error: (03/02/2014 01:17:06 AM) (Source: Steam Client Service) (User: )
Description: Error: Failed to poke open firewall
Error: (03/02/2014 00:18:43 AM) (Source: Microsoft-Windows-Immersive-Shell) (User: DAVUT-PC)
Description: Bei der Aktivierung der App „Microsoft.BingFinance_8wekyb3d8bbwe!AppexFinance“ ist folgender Fehler aufgetreten: -2147023170. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.
Error: (03/02/2014 00:01:04 AM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: _is62DD.exe, Version: 12.0.0.58849, Zeitstempel: 0x45b1a378
Name des fehlerhaften Moduls: ISSetup.dll, Version: 12.0.0.58855, Zeitstempel: 0x46eef1f1
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00096f3b
ID des fehlerhaften Prozesses: 0x5c4
Startzeit der fehlerhaften Anwendung: 0x_is62DD.exe0
Pfad der fehlerhaften Anwendung: _is62DD.exe1
Pfad des fehlerhaften Moduls: _is62DD.exe2
Berichtskennung: _is62DD.exe3
Vollständiger Name des fehlerhaften Pakets: _is62DD.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: _is62DD.exe5
Error: (03/01/2014 11:41:55 PM) (Source: Microsoft-Windows-Immersive-Shell) (User: DAVUT-PC)
Description: Bei der Aktivierung der App „Microsoft.BingWeather_8wekyb3d8bbwe!App“ ist folgender Fehler aufgetreten: -2147023170. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.
System errors:
=============
Error: (03/03/2014 02:36:29 PM) (Source: DCOM) (User: NT-AUTORITÄT)
Description: ComputerstandardLokalAktivierung{C2F03A33-21F5-47FA-B4BB-156362A2F239}{316CDED5-E4AE-4B15-9113-7055D84DCC97}NT-AUTORITÄTLokaler DienstS-1-5-19LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar
Error: (03/03/2014 02:33:39 PM) (Source: DCOM) (User: DAVUT-PC)
Description: AnwendungsspezifischLokalStart{7022A3B3-D004-4F52-AF11-E9E987FEE25F}{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}DAVUT-PCDAVUTS-1-5-21-2309657365-2291247431-1116468141-1000LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar
Error: (03/03/2014 02:33:39 PM) (Source: DCOM) (User: DAVUT-PC)
Description: AnwendungsspezifischLokalStart{7022A3B3-D004-4F52-AF11-E9E987FEE25F}{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}DAVUT-PCDAVUTS-1-5-21-2309657365-2291247431-1116468141-1000LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar
Error: (03/03/2014 02:33:39 PM) (Source: DCOM) (User: DAVUT-PC)
Description: AnwendungsspezifischLokalStart{7022A3B3-D004-4F52-AF11-E9E987FEE25F}{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}DAVUT-PCDAVUTS-1-5-21-2309657365-2291247431-1116468141-1000LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar
Error: (03/03/2014 02:33:39 PM) (Source: DCOM) (User: DAVUT-PC)
Description: AnwendungsspezifischLokalStart{7022A3B3-D004-4F52-AF11-E9E987FEE25F}{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}DAVUT-PCDAVUTS-1-5-21-2309657365-2291247431-1116468141-1000LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar
Error: (03/03/2014 02:33:39 PM) (Source: DCOM) (User: DAVUT-PC)
Description: AnwendungsspezifischLokalStart{7022A3B3-D004-4F52-AF11-E9E987FEE25F}{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}DAVUT-PCDAVUTS-1-5-21-2309657365-2291247431-1116468141-1000LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar
Error: (03/03/2014 02:33:39 PM) (Source: DCOM) (User: DAVUT-PC)
Description: AnwendungsspezifischLokalStart{7022A3B3-D004-4F52-AF11-E9E987FEE25F}{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}DAVUT-PCDAVUTS-1-5-21-2309657365-2291247431-1116468141-1000LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar
Error: (03/03/2014 02:33:39 PM) (Source: DCOM) (User: DAVUT-PC)
Description: AnwendungsspezifischLokalStart{7022A3B3-D004-4F52-AF11-E9E987FEE25F}{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}DAVUT-PCDAVUTS-1-5-21-2309657365-2291247431-1116468141-1000LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar
Error: (03/03/2014 02:33:39 PM) (Source: DCOM) (User: DAVUT-PC)
Description: AnwendungsspezifischLokalStart{7022A3B3-D004-4F52-AF11-E9E987FEE25F}{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}DAVUT-PCDAVUTS-1-5-21-2309657365-2291247431-1116468141-1000LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar
Error: (03/03/2014 02:33:39 PM) (Source: DCOM) (User: DAVUT-PC)
Description: AnwendungsspezifischLokalStart{7022A3B3-D004-4F52-AF11-E9E987FEE25F}{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}DAVUT-PCDAVUTS-1-5-21-2309657365-2291247431-1116468141-1000LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar
Microsoft Office Sessions:
=========================
Error: (03/03/2014 02:34:20 PM) (Source: Steam Client Service)(User: )
Description: Failed to poke open firewall
Error: (03/02/2014 08:02:13 PM) (Source: Steam Client Service)(User: )
Description: Failed to poke open firewall
Error: (03/02/2014 03:42:18 AM) (Source: Steam Client Service)(User: )
Description: Failed to poke open firewall
Error: (03/02/2014 03:34:28 AM) (Source: Microsoft-Windows-Immersive-Shell)(User: DAVUT-PC)
Description: Microsoft.BingWeather_8wekyb3d8bbwe!App-2147023170
Error: (03/02/2014 03:20:22 AM) (Source: Steam Client Service)(User: )
Description: Failed to poke open firewall
Error: (03/02/2014 01:41:55 AM) (Source: Microsoft-Windows-Immersive-Shell)(User: DAVUT-PC)
Description: Microsoft.BingWeather_8wekyb3d8bbwe!App-2147023170
Error: (03/02/2014 01:17:06 AM) (Source: Steam Client Service)(User: )
Description: Failed to poke open firewall
Error: (03/02/2014 00:18:43 AM) (Source: Microsoft-Windows-Immersive-Shell)(User: DAVUT-PC)
Description: Microsoft.BingFinance_8wekyb3d8bbwe!AppexFinance-2147023170
Error: (03/02/2014 00:01:04 AM) (Source: Application Error)(User: )
Description: _is62DD.exe12.0.0.5884945b1a378ISSetup.dll12.0.0.5885546eef1f1c000000500096f3b5c401cf35a1bba71f02C:\Users\DAVUT\AppData\Local\Temp\_is62DD.exeC:\Users\DAVUT\AppData\Local\Temp\{A2DDEDCB-CFC9-4B7D-B59C-EFEDB37A9401}\ISSetup.dll5d0de2c2-a195-11e3-be8f-902b34389b5a
Error: (03/01/2014 11:41:55 PM) (Source: Microsoft-Windows-Immersive-Shell)(User: DAVUT-PC)
Description: Microsoft.BingWeather_8wekyb3d8bbwe!App-2147023170
==================== Memory info ===========================
Percentage of memory in use: 15%
Total physical RAM: 16345.06 MB
Available physical RAM: 13872.86 MB
Total Pagefile: 32729.06 MB
Available Pagefile: 29972.75 MB
Total Virtual: 131072 MB
Available Virtual: 131071.78 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:111.45 GB) (Free:53.25 GB) NTFS
Drive d: () (Fixed) (Total:931.51 GB) (Free:303.08 GB) NTFS
Drive f: () (Fixed) (Total:931.29 GB) (Free:884.62 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 932 GB) (Disk ID: 00000000)
Partition: GPT Partition Type.
========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 112 GB) (Disk ID: 4FAF89A0)
Partition 1: (Active) - (Size=350 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=111 GB) - (Type=07 NTFS)
========================================================
Disk: 2 (MBR Code: Windows 7 or 8) (Size: 932 GB) (Disk ID: 3670366F)
Partition 1: (Active) - (Size=932 GB) - (Type=07 NTFS)
==================== End Of Log ============================
[CODE=FRST.txt] FRST Logfile: FRST Logfile: FRST Logfile: FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 03-03-2014
Ran by DAVUT (administrator) on DAVUT-PC on 03-03-2014 14:38:09
Running from C:\Users\DAVUT\Desktop
Windows 8.1 Pro (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(AMD) C:\WINDOWS\system32\atiesrxx.exe
(AMD) C:\WINDOWS\system32\atieclxx.exe
() C:\Windows\SysWOW64\ASGT.exe
() C:\Program Files (x86)\ASUS\APRP\AsusProductRegisterService.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Microsoft Corporation) C:\WINDOWS\system32\dashost.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Malwarebytes Corporation) D:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) D:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
() C:\WINDOWS\SysWOW64\PnkBstrA.exe
() C:\WINDOWS\SysWOW64\PnkBstrB.exe
(Safer-Networking Ltd.) D:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20315_x64__8wekyb3d8bbwe\LiveComm.exe
(TeamViewer GmbH) D:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
(Seiko Epson Corporation) C:\WINDOWS\system32\EscSvc64.exe
(Safer-Networking Ltd.) D:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
(Malwarebytes Corporation) D:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
(TeamViewer GmbH) D:\Program Files (x86)\TeamViewer\Version8\TeamViewer.exe
(Safer-Networking Ltd.) D:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
(Microsoft Corporation) C:\Windows\System32\skydrive.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Microsoft Corporation) C:\WINDOWS\syswow64\wwahost.exe
(TeamViewer GmbH) D:\Program Files (x86)\TeamViewer\Version8\tv_w32.exe
(TeamViewer GmbH) D:\Program Files (x86)\TeamViewer\Version8\tv_x64.exe
() C:\Program Files (x86)\ASUS\GPU Tweak\2dpainting.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Microsoft Corporation) C:\Program Files\Microsoft IntelliType Pro\itype.exe
() C:\Windows\SysWOW64\HsMgr.exe
(CMedia) C:\Program Files\ASUS Xonar D2 Audio\Customapp\ASUSAUDIOCENTER.EXE
() C:\Windows\System\HsMgr64.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe
(NewSoft Technology Corporation) C:\Windows\System32\spool\drivers\x64\3\WrtMon.exe
(NewSoft Technology Corporation) C:\Windows\System32\spool\drivers\x64\3\WrtProc.exe
(Valve Corporation) D:\Program Files (x86)\Steam\Steam.exe
(Octoshape ApS) C:\Users\DAVUT\AppData\Roaming\Octoshape\Octoshape Streaming Services\OctoshapeClient.exe
(Electronic Arts) D:\Program Files (x86)\Origin\Origin.exe
(AMD) C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe
(Apple Inc.) D:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
(SEIKO EPSON CORPORATION) C:\Windows\System32\spool\drivers\x64\3\E_YATIJJE.EXE
(AMD) C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM64.exe
(Razer Inc.) C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(SEIKO EPSON CORPORATION) C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXRCV.exe
(SEIKO EPSON CORPORATION) C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXSTM.exe
(SEIKO EPSON CORPORATION) C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Safer-Networking Ltd.) D:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Mozilla Corporation) D:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.Reader_6.3.9600.16422_x64__8wekyb3d8bbwe\glcnd.exe
(Microsoft Corporation) C:\WINDOWS\splwow64.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Mozilla Corporation) D:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
(Adobe Systems, Inc.) C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_9_900_117.exe
(Adobe Systems, Inc.) C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_9_900_117.exe
(Microsoft Corporation) C:\WINDOWS\winsxs\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.3.9600.16470_none_fa2491fd9b3cfcb2\TiWorker.exe
(Microsoft Corporation) C:\WINDOWS\system32\wbem\WMIADAP.EXE
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12503184 2012-06-11] (Realtek Semiconductor)
HKLM\...\Run: [itype] - C:\Program Files\Microsoft IntelliType Pro\itype.exe [2345848 2009-11-05] (Microsoft Corporation)
HKLM\...\Run: [Cmaudio8788] - C:\WINDOWS\Syswow64\cmicnfgp.dll [12935168 2012-08-27] (C-Media Corporation)
HKLM\...\Run: [Cmaudio8788GX] - C:\WINDOWS\syswow64\HsMgr.exe [200704 2008-07-11] ()
HKLM\...\Run: [Cmaudio8788GX64] - C:\WINDOWS\system\HsMgr64.exe [282112 2008-07-11] ()
HKLM\...\Run: [AdobeAAMUpdater-1.0] - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [446392 2012-04-04] (Adobe Systems Incorporated)
HKLM\...\Run: [WrtMon.exe] - C:\WINDOWS\system32\spool\drivers\x64\3\WrtMon.exe [26448 2008-05-24] (NewSoft Technology Corporation)
HKLM-x32\...\Run: [] - [X]
HKLM-x32\...\Run: [Razer Synapse] - C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe [442200 2013-10-17] (Razer Inc.)
HKLM-x32\...\Run: [SwitchBoard] - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS6ServiceManager] - C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [StartCCC] - C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [766208 2013-10-08] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [FUFAXRCV] - C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXRCV.exe [502952 2012-07-09] (SEIKO EPSON CORPORATION)
HKLM-x32\...\Run: [FUFAXSTM] - C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXSTM.exe [863400 2012-07-09] (SEIKO EPSON CORPORATION)
HKLM-x32\...\Run: [EEventManager] - C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe [1058912 2012-04-02] (SEIKO EPSON CORPORATION)
HKLM-x32\...\Run: [PMSpeed] - D:\Program Files (x86)\NewSoft\Presto! PageManager 9.03\PMSpeed.EXE [116632 2010-07-29] (NewSoft Technology Corporation)
HKLM-x32\...\Run: [SDTray] - D:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [5624784 2013-07-25] (Safer-Networking Ltd.)
Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
HKU\S-1-5-21-2309657365-2291247431-1116468141-1000\...\Run: [Steam] - D:\Program Files (x86)\Steam\steam.exe [1821888 2014-02-25] (Valve Corporation)
HKU\S-1-5-21-2309657365-2291247431-1116468141-1000\...\Run: [Octoshape Streaming Services] - C:\Users\DAVUT\AppData\Roaming\Octoshape\Octoshape Streaming Services\OctoshapeClient.exe [107800 2011-03-24] (Octoshape ApS)
HKU\S-1-5-21-2309657365-2291247431-1116468141-1000\...\Run: [EADM] - D:\Program Files (x86)\Origin\Origin.exe [3598680 2014-02-14] (Electronic Arts)
HKU\S-1-5-21-2309657365-2291247431-1116468141-1000\...\Run: [Dxtory Update Checker 2.0] - C:\Program Files (x86)\ExKode\Dxtory2.0\UpdateChecker.exe [93696 2010-10-17] (Dxtory Software)
HKU\S-1-5-21-2309657365-2291247431-1116468141-1000\...\Run: [HydraVisionDesktopManager] - C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe [393216 2012-07-27] (AMD)
HKU\S-1-5-21-2309657365-2291247431-1116468141-1000\...\Run: [iCloudServices] - D:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [59720 2013-11-20] (Apple Inc.)
HKU\S-1-5-21-2309657365-2291247431-1116468141-1000\...\Run: [EPLTarget\P0000000000000000] - C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YATIJJE.EXE [283232 2012-02-27] (SEIKO EPSON CORPORATION)
HKU\S-1-5-21-2309657365-2291247431-1116468141-1000\...\Run: [Scan Buttons] - D:\Program Files (x86)\NewSoft\Presto! PageManager 9.03\PMSB.EXE [214360 2011-01-21] (NewSoft Technology Corporation)
==================== Internet (Whitelisted) ====================
BHO: Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION)
Toolbar: HKLM - Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
FireFox:
========
FF ProfilePath: C:\Users\DAVUT\AppData\Roaming\Mozilla\Firefox\Profiles\vxjvs7wq.default
FF Plugin: @adobe.com/FlashPlayer - C:\WINDOWS\system32\Macromed\Flash\NPSWF64_11_9_900_117.dll ()
FF Plugin-x32: @adobe.com/FlashPlayer - C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_117.dll ()
FF Plugin-x32: @esn/npbattlelog,version=2.3.2 - C:\Program Files (x86)\Battlelog Web Plugins\2.3.2\npbattlelog.dll (EA Digital Illusions CE AB)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3508.0205 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @videolan.org/vlc,version=2.1.0 - D:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin HKCU: @octoshape.com/Octoshape Streaming Services,version=1.0 - C:\Users\DAVUT\AppData\Roaming\Octoshape\Octoshape Streaming Services\sua-1103234-0-npoctoshape.dll (Octoshape ApS)
FF Plugin ProgramFiles/Appdata: C:\Users\DAVUT\AppData\Roaming\mozilla\plugins\npoctoshape.dll (Octoshape ApS)
FF StartMenuInternet: FIREFOX.EXE - D:\Program Files (x86)\Mozilla Firefox\firefox.exe
==================== Services (Whitelisted) =================
R2 ASGT; C:\Windows\SysWOW64\ASGT.exe [55296 2012-01-17] ()
R2 Asus Product Register Service; C:\Program Files (x86)\ASUS\APRP\AsusProductRegisterService.exe [62128 2012-09-11] ()
R2 EpsonScanSvc; C:\WINDOWS\system32\EscSvc64.exe [135824 2011-12-12] (Seiko Epson Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [166720 2012-06-25] (Intel Corporation)
R2 MBAMScheduler; D:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
R2 MBAMService; D:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
S3 OverwolfUpdaterService; C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [96184 2013-12-09] (Overwolf)
R2 PnkBstrA; C:\WINDOWS\SysWOW64\PnkBstrA.exe [76888 2013-11-12] ()
R2 PnkBstrB; C:\WINDOWS\SysWOW64\PnkBstrB.exe [291128 2014-03-02] ()
R2 SDScannerService; D:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [3921880 2013-10-15] (Safer-Networking Ltd.)
R2 SDUpdateService; D:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [1042272 2013-09-20] (Safer-Networking Ltd.)
R2 SDWSCService; D:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [171416 2013-09-13] (Safer-Networking Ltd.)
R2 TeamViewer8; D:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe [5093216 2014-02-07] (TeamViewer GmbH)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [346872 2013-08-22] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23840 2013-08-22] (Microsoft Corporation)
==================== Drivers (Whitelisted) ====================
S0 ADP80XX; C:\Windows\System32\drivers\ADP80XX.SYS [782176 2013-08-22] (PMC-Sierra)
S0 amdkmafd; C:\Windows\System32\drivers\amdkmafd.sys [21160 2012-09-23] (Advanced Micro Devices, Inc.)
R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdWB6.sys [138240 2013-06-22] (Advanced Micro Devices)
S3 bcmfn2; C:\Windows\System32\drivers\bcmfn2.sys [17624 2013-08-13] (Windows (R) Win 7 DDK provider)
R3 cmudaxp; C:\Windows\system32\drivers\cmudaxp.sys [2733056 2012-09-25] (C-Media Inc)
S3 iaLPSSi_GPIO; C:\Windows\System32\drivers\iaLPSSi_GPIO.sys [24568 2013-07-30] (Intel Corporation)
S3 iaLPSSi_I2C; C:\Windows\System32\drivers\iaLPSSi_I2C.sys [99320 2013-07-25] (Intel Corporation)
S0 iaStorAV; C:\Windows\System32\drivers\iaStorAV.sys [651248 2013-08-10] (Intel Corporation)
R0 intelpep; C:\Windows\System32\drivers\intelpep.sys [39768 2013-11-11] (Microsoft Corporation)
R4 IOMap; C:\WINDOWS\system32\drivers\IOMap64.sys [23680 2010-02-23] (ASUSTeK Computer Inc.)
S3 kbldfltr; C:\Windows\System32\drivers\kbldfltr.sys [22272 2013-09-30] (Microsoft Corporation)
S0 LSI_SAS3; C:\Windows\System32\drivers\lsi_sas3.sys [81760 2013-08-22] (LSI Corporation)
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
R3 NdisVirtualBus; C:\Windows\System32\drivers\NdisVirtualBus.sys [16384 2013-08-22] (Microsoft Corporation)
S3 netvsc; C:\Windows\system32\DRIVERS\netvsc63.sys [87040 2013-08-22] (Microsoft Corporation)
S3 ReFS; C:\Windows\System32\Drivers\ReFS.sys [924512 2013-08-22] (Microsoft Corporation)
R3 rzendpt; C:\Windows\System32\drivers\rzendpt.sys [39080 2013-10-14] (Razer Inc)
S3 SerCx2; C:\Windows\System32\drivers\SerCx2.sys [146776 2013-10-26] (Microsoft Corporation)
S0 stornvme; C:\Windows\System32\drivers\stornvme.sys [57176 2013-10-05] (Microsoft Corporation)
S3 UEFI; C:\Windows\System32\drivers\UEFI.sys [26976 2013-08-22] (Microsoft Corporation)
R3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [124256 2013-08-22] (Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2014-03-03 14:38 - 2014-03-03 14:38 - 00015168 _____ () C:\Users\DAVUT\Desktop\FRST.txt
2014-03-03 14:37 - 2014-03-03 14:38 - 00000000 ____D () C:\FRST
2014-03-03 14:36 - 2014-03-03 14:36 - 02156544 _____ (Farbar) C:\Users\DAVUT\Desktop\FRST64.exe
2014-03-02 20:04 - 2014-03-03 14:37 - 00138565 _____ () C:\WINDOWS\WindowsUpdate.log
2014-03-02 02:39 - 2014-03-02 02:39 - 01021432 _____ (Microsoft Corporation) C:\Users\DAVUT\Downloads\NDP451-KB2859818-Web.exe
2014-03-02 02:09 - 2014-03-02 03:50 - 00153834 _____ () C:\Users\DAVUT\Desktop\sfcdetails.txt
2014-03-02 02:07 - 2014-03-02 02:07 - 00002772 _____ () C:\WINDOWS\System32\Tasks\CCleanerSkipUAC
2014-03-02 02:06 - 2014-03-02 02:06 - 03645064 _____ (Piriform Ltd) C:\Users\DAVUT\Downloads\ccsetup410_slim.exe
2014-03-02 02:06 - 2014-03-02 02:06 - 00000706 _____ () C:\Users\Public\Desktop\CCleaner.lnk
2014-03-02 01:34 - 2014-03-02 01:34 - 00000000 ____D () C:\Users\DAVUT\AppData\Roaming\Malwarebytes
2014-03-02 01:34 - 2014-03-02 01:34 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-03-02 01:34 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys
2014-03-02 01:33 - 2014-03-02 01:36 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
2014-03-02 01:33 - 2014-03-02 01:33 - 00000000 ____D () C:\WINDOWS\System32\Tasks\Safer-Networking
2014-03-02 01:33 - 2013-09-20 10:49 - 00021040 _____ (Safer Networking Limited) C:\WINDOWS\system32\sdnclean64.exe
2014-03-02 01:32 - 2014-03-02 01:32 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\DAVUT\Downloads\mbam-setup-1.75.0.1300.exe
2014-03-02 01:31 - 2014-03-02 01:31 - 40658208 _____ (Safer-Networking Ltd. ) C:\Users\DAVUT\Downloads\spybot-2.2.25.exe
2014-03-02 00:01 - 2014-03-02 03:42 - 00000000 ____D () C:\Users\DAVUT\AppData\Roaming\.oit
2014-03-02 00:01 - 2014-03-02 00:02 - 00000000 ____D () C:\Users\DAVUT\Documents\My PageManager
2014-03-02 00:01 - 2014-03-02 00:01 - 00000000 ____D () C:\Users\DAVUT\AppData\Roaming\NewSoft
2014-03-02 00:01 - 2014-03-02 00:01 - 00000000 ____D () C:\Users\DAVUT\AppData\Local\NewSoft
2014-03-01 23:59 - 2001-09-10 18:05 - 00087392 _____ (Twain Working Group) C:\WINDOWS\TWAIN.DLL
2014-03-01 23:59 - 2001-09-10 18:05 - 00069632 _____ (Twain Working Group) C:\WINDOWS\Twunk_32.exe
2014-03-01 23:59 - 2001-09-10 18:05 - 00048560 _____ (Twain Working Group) C:\WINDOWS\Twunk_16.exe
2014-03-01 23:59 - 1999-05-06 14:22 - 00027632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CTL3DV2.DLL
2014-03-01 23:58 - 2014-03-01 23:58 - 00000000 ____D () C:\WINDOWS\SysWOW64\color
2014-03-01 22:51 - 2014-03-01 22:51 - 00000000 ____D () C:\ProgramData\UDL
2014-03-01 22:50 - 2014-03-02 00:01 - 00000264 _____ () C:\WINDOWS\setup.iss
2014-03-01 21:52 - 2014-03-01 21:52 - 00000000 ____D () C:\Program Files\Common Files\EPSON
2014-03-01 21:45 - 2014-03-02 03:20 - 00000000 ____D () C:\Users\DAVUT\AppData\Roaming\Epson
2014-03-01 21:45 - 2014-03-01 22:50 - 00000000 ____D () C:\Program Files (x86)\Epson Software
2014-03-01 21:44 - 2014-03-01 22:51 - 00000000 ____D () C:\ProgramData\EPSON
2014-03-01 21:44 - 2014-03-01 21:45 - 00000000 ____D () C:\Program Files (x86)\epson
2014-03-01 21:44 - 2014-03-01 21:44 - 00000000 ____D () C:\Program Files\EpsonNet
2014-03-01 21:44 - 2012-07-24 00:00 - 00466432 _____ (Seiko Epson Corporation) C:\WINDOWS\system32\esxw2ud.dll
2014-03-01 21:44 - 2011-12-12 00:00 - 00135824 _____ (Seiko Epson Corporation) C:\WINDOWS\system32\escsvc64.exe
2014-03-01 21:44 - 2011-08-30 13:40 - 00535040 _____ (SEIKO EPSON CORPORATION) C:\WINDOWS\system32\ensppui.dll
2014-03-01 21:44 - 2011-08-30 13:40 - 00535040 _____ (SEIKO EPSON CORPORATION) C:\WINDOWS\system32\enppui.dll
2014-03-01 21:44 - 2011-08-30 13:38 - 00558080 _____ (SEIKO EPSON CORPORATION) C:\WINDOWS\system32\ensppmon.dll
2014-03-01 21:44 - 2011-08-30 13:38 - 00558080 _____ (SEIKO EPSON CORPORATION) C:\WINDOWS\system32\enppmon.dll
2014-03-01 21:44 - 2011-08-01 18:24 - 00250880 _____ (SEIKO EPSON CORPORATION) C:\WINDOWS\system32\enspres.dll
2014-03-01 21:44 - 2011-08-01 18:24 - 00250880 _____ (SEIKO EPSON CORPORATION) C:\WINDOWS\system32\enpres.dll
2014-03-01 21:44 - 2011-04-18 19:03 - 00120320 _____ (SEIKO EPSON CORPORATION) C:\WINDOWS\system32\E_YLMJJE.DLL
2014-03-01 21:44 - 2011-03-13 19:03 - 00083968 _____ (SEIKO EPSON CORPORATION) C:\WINDOWS\system32\E_YD4BJJE.DLL
2014-03-01 21:44 - 2007-04-09 17:06 - 00010752 _____ (SEIKO EPSON CORP.) C:\WINDOWS\system32\E_GCINST.DLL
2014-02-28 22:34 - 2014-02-28 22:34 - 02404986 _____ () C:\Users\DAVUT\Downloads\08ab5107.zip
2014-02-28 14:30 - 2014-02-28 14:30 - 00273688 _____ () C:\Users\DAVUT\Downloads\Ihre Anfrage an Unitymedia.zip
2014-02-26 01:20 - 2014-02-26 01:20 - 00000000 ____D () C:\Users\DAVUT\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1
2014-02-26 01:00 - 2014-02-26 01:00 - 00034304 _____ () C:\Users\DAVUT\Downloads\de.community4wcf.wcf.page.simplepage.tar
2014-02-24 23:28 - 2014-02-24 23:28 - 00058071 _____ () C:\Users\DAVUT\Downloads\WFB_2.0.0.zip
2014-02-24 23:21 - 2014-02-24 23:21 - 00715264 _____ () C:\Users\DAVUT\Downloads\de.codequake.cms.tar
2014-02-24 22:50 - 2014-02-24 22:50 - 00000000 ____D () C:\WINDOWS\system32\appmgmt
2014-02-24 13:08 - 2014-02-24 13:08 - 00001633 _____ () C:\Users\DAVUT\Downloads\photoshop-action-Smooth skin.zip
2014-02-24 13:07 - 2014-02-24 13:07 - 00001545 _____ () C:\Users\DAVUT\Downloads\action_hue_nic_a_by_cutebb-d5ysyee.zip
2014-02-24 13:04 - 2014-02-24 13:04 - 00001003 _____ () C:\Users\DAVUT\Downloads\action_005___nostalgia_by_eliska_olsanska-d601xtv.rar
2014-02-24 12:30 - 2014-02-24 12:30 - 00003416 _____ () C:\Users\DAVUT\Downloads\4o563y2ekts7n5t.dlc
2014-02-24 12:13 - 2014-02-24 12:13 - 00270336 _____ () C:\Users\DAVUT\Downloads\de.orlando-forum.messagesidebar.contacticon.tar
2014-02-22 20:42 - 2014-02-22 20:42 - 99114034 _____ () C:\Users\DAVUT\Downloads\bossFlam2013.rar
2014-02-22 20:33 - 2014-02-22 20:33 - 00001200 _____ () C:\Users\DAVUT\Downloads\bsss_hsss.dlc
2014-02-22 20:29 - 2014-02-22 20:29 - 00000098 _____ () C:\Users\DAVUT\Downloads\603920b3-f38c-4792-b2d7-58d607cb338f.htm
2014-02-22 20:14 - 2014-02-22 20:14 - 00000000 ____D () C:\Users\DAVUT\AppData\Local\Line
2014-02-22 20:12 - 2014-02-22 20:12 - 17939816 _____ (LINE Corporation) C:\Users\DAVUT\Downloads\LineInst.exe
2014-02-19 22:56 - 2014-02-19 22:56 - 00003056 _____ () C:\Users\DAVUT\Downloads\Walking_Dead_S04_720p_PRETAiL_Aktuell-thkp8vmdymin.dlc
2014-02-18 17:18 - 2014-02-18 17:18 - 00000000 ____D () C:\ProgramData\RELOADED
2014-02-18 17:10 - 2014-02-18 17:10 - 00006936 _____ () C:\Users\DAVUT\Downloads\87c855fbcc0d664ea0d61d471c65d7a5.dlc
2014-02-18 16:12 - 2014-02-18 16:12 - 00000000 ___RD () C:\Users\DAVUT\Downloads\Microsoft.SkypeApp_kzf8qxf38zg5c!App
2014-02-17 14:03 - 2014-02-17 14:04 - 02782415 _____ () C:\Users\DAVUT\Downloads\Fraps 3.5.99 Build 15618.rar
2014-02-16 12:22 - 2014-02-16 12:22 - 20042717 _____ () C:\Users\DAVUT\Downloads\PES2014Patch107.zip
2014-02-16 12:06 - 2014-02-16 12:09 - 893575871 _____ () C:\Users\DAVUT\Downloads\PESEdit.com_2014_Data_Pack.7z
2014-02-16 12:06 - 2014-02-16 12:08 - 723654951 _____ () C:\Users\DAVUT\Downloads\PESEdit.com_2014_Patch_V._3.0.rar
2014-02-16 12:04 - 2014-02-16 12:04 - 00001304 _____ () C:\Users\DAVUT\Downloads\3l2km393x2tms88-ul.to.dlc
2014-02-16 11:32 - 2013-12-09 01:34 - 01227264 _____ (Microsoft Corporation) C:\WINDOWS\system32\mispace.dll
2014-02-16 11:32 - 2013-12-09 01:04 - 00980480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mispace.dll
2014-02-16 11:32 - 2013-11-27 16:34 - 03210528 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
2014-02-16 11:32 - 2013-11-27 16:27 - 00809872 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2014-02-16 11:32 - 2013-11-27 15:00 - 00663680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2014-02-16 11:32 - 2013-11-27 14:47 - 02804528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2vdec.dll
2014-02-16 11:32 - 2013-11-27 13:02 - 00142848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ipnat.sys
2014-02-16 11:32 - 2013-11-27 11:54 - 00461824 _____ (Microsoft Corporation) C:\WINDOWS\system32\XpsGdiConverter.dll
2014-02-16 11:32 - 2013-11-27 11:24 - 00306688 _____ (Microsoft Corporation) C:\WINDOWS\system32\msieftp.dll
2014-02-16 11:32 - 2013-11-27 11:08 - 00336384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XpsGdiConverter.dll
2014-02-16 11:32 - 2013-11-27 10:46 - 00273920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msieftp.dll
2014-02-16 11:32 - 2013-11-27 10:41 - 00136704 _____ (Microsoft Corporation) C:\WINDOWS\system32\psmsrv.dll
2014-02-16 11:32 - 2013-11-27 10:17 - 00263168 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2014-02-16 11:32 - 2013-11-27 10:10 - 00273408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.dll
2014-02-16 11:32 - 2013-11-27 09:58 - 01503232 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll
2014-02-16 11:32 - 2013-11-27 09:56 - 00218112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Graphics.dll
2014-02-16 11:32 - 2013-11-27 05:01 - 00385614 _____ () C:\WINDOWS\system32\ApnDatabase.xml
2014-02-16 11:32 - 2013-11-26 14:22 - 01928144 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2014-02-16 11:32 - 2013-11-26 14:20 - 02131120 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2014-02-16 11:32 - 2013-11-26 14:20 - 01399176 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmde.dll
2014-02-16 11:32 - 2013-11-26 14:20 - 01374384 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpmde.dll
2014-02-16 11:32 - 2013-11-26 12:50 - 01371312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2014-02-16 11:32 - 2013-11-26 12:44 - 02142936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2014-02-16 11:32 - 2013-11-26 12:44 - 01204968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmde.dll
2014-02-16 11:32 - 2013-11-26 11:13 - 04191232 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2014-02-16 11:32 - 2013-11-26 10:21 - 18577920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2014-02-16 11:32 - 2013-11-26 09:28 - 13925888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2014-02-16 11:32 - 2013-11-25 02:45 - 00142680 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBSTOR.SYS
2014-02-16 11:32 - 2013-11-25 02:32 - 01119064 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2014-02-16 11:32 - 2013-11-25 00:30 - 00513536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rastls.dll
2014-02-16 11:32 - 2013-11-25 00:28 - 00589824 _____ (Microsoft Corporation) C:\WINDOWS\system32\rastls.dll
2014-02-16 11:32 - 2013-11-23 13:47 - 00032088 _____ (Microsoft Corporation) C:\WINDOWS\system32\ploptin.dll
2014-02-16 11:32 - 2013-11-23 12:49 - 21196664 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2014-02-16 11:32 - 2013-11-23 09:19 - 18642504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2014-02-16 11:32 - 2013-11-23 08:13 - 00024064 _____ (Microsoft Corporation) C:\WINDOWS\system32\bi.dll
2014-02-16 11:32 - 2013-11-23 08:13 - 00019456 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BtaMPM.sys
2014-02-16 11:32 - 2013-11-23 08:08 - 00403456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
2014-02-16 11:32 - 2013-11-23 05:50 - 00282112 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemEventsBrokerServer.dll
2014-02-16 11:32 - 2013-11-23 04:57 - 00637952 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe
2014-02-16 11:32 - 2013-11-23 04:48 - 00479744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe
2014-02-16 11:32 - 2013-11-23 04:25 - 00744448 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll
2014-02-16 11:32 - 2013-11-23 04:25 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncCore.dll
2014-02-16 11:32 - 2013-11-23 04:19 - 02617344 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2014-02-16 11:32 - 2013-11-23 04:15 - 02295808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll
2014-02-16 11:32 - 2013-11-21 07:58 - 00207872 _____ (Microsoft Corporation) C:\WINDOWS\system32\deviceregistration.dll
2014-02-16 11:32 - 2013-11-21 07:26 - 01415680 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2014-02-16 11:32 - 2013-11-16 06:11 - 00764856 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2014-02-16 11:32 - 2013-11-15 19:19 - 00669344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll
2014-02-16 11:32 - 2013-11-15 15:59 - 00470016 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfds.dll
2014-02-16 11:32 - 2013-11-15 15:25 - 00433664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfds.dll
2014-02-16 11:32 - 2013-11-15 15:08 - 00202240 _____ (Microsoft Corporation) C:\WINDOWS\system32\ubpm.dll
2014-02-16 11:32 - 2013-11-15 14:24 - 00834048 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2014-02-16 11:32 - 2013-11-05 21:12 - 02551128 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2014-02-16 11:32 - 2013-10-31 01:29 - 00745336 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2014-02-16 11:32 - 2013-10-31 00:41 - 00552624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll
2014-02-16 00:23 - 2014-02-16 00:23 - 00000000 ____D () C:\ProgramData\KONAMI
2014-02-16 00:09 - 2014-02-16 00:09 - 00760320 _____ () C:\Users\DAVUT\Downloads\de.voolia.news.tar
2014-02-15 00:03 - 2014-02-15 00:03 - 00026624 _____ () C:\Users\DAVUT\Downloads\1.0.0.tar
2014-02-14 23:12 - 2014-02-14 23:12 - 00000000 ____D () C:\Users\DAVUT\Downloads\wbb4.0.2pl1
2014-02-14 23:06 - 2014-02-14 23:06 - 03531940 _____ () C:\Users\DAVUT\Downloads\wbb4.0.2pl1.zip
2014-02-14 22:32 - 2014-02-14 22:32 - 00155024 _____ () C:\Users\DAVUT\Downloads\com.insidepixel.style.simpleBlue.tar.tgz
2014-02-13 21:07 - 2014-02-13 21:07 - 00008344 _____ () C:\Users\DAVUT\Downloads\relink.us__521iuhdshf743834iusdf8932_9hf9gui3g374__uploaded.net__bbbc5edf59489ee7526d760eaa6e0b.dlc
2014-02-12 16:09 - 2014-02-12 16:10 - 02668307 _____ () C:\Users\DAVUT\Downloads\teknoloji.rar
2014-02-12 16:01 - 2014-03-02 03:49 - 00000000 ____D () C:\Users\DAVUT\AppData\Roaming\Notepad++
2014-02-12 16:01 - 2014-02-12 16:01 - 07598942 _____ () C:\Users\DAVUT\Downloads\npp.6.5.3.Installer.exe
2014-02-12 16:01 - 2014-02-12 16:01 - 00000776 _____ () C:\Users\UpdatusUser\Desktop\Notepad++.lnk
2014-02-12 16:01 - 2014-02-12 16:01 - 00000000 ____D () C:\Users\DAVUT\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Notepad++
2014-02-12 15:57 - 2013-06-08 01:10 - 00000000 ____D () C:\Users\DAVUT\Downloads\parament
2014-02-12 15:20 - 2014-02-12 15:20 - 00285395 _____ () C:\Users\DAVUT\Downloads\parament.1.3.zip
2014-02-12 15:14 - 2014-02-12 15:14 - 01122467 _____ () C:\Users\DAVUT\Downloads\gamepress.1.0.5(1).zip
2014-02-12 15:10 - 2014-02-12 15:10 - 01122467 _____ () C:\Users\DAVUT\Downloads\gamepress.1.0.5.zip
2014-02-12 15:07 - 2014-02-06 12:12 - 02765824 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2014-02-12 15:07 - 2014-02-06 11:00 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieetwproxystub.dll
2014-02-12 15:07 - 2014-02-06 10:57 - 02168320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2014-02-12 15:07 - 2014-01-07 06:00 - 02397184 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d10warp.dll
2014-02-12 15:07 - 2014-01-07 05:30 - 02071552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d10warp.dll
2014-02-12 15:07 - 2013-12-09 01:27 - 02152448 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2014-02-12 15:07 - 2013-12-09 01:19 - 00570880 _____ (Microsoft Corporation) C:\WINDOWS\system32\msdrm.dll
2014-02-12 15:07 - 2013-12-09 00:55 - 00444928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msdrm.dll
2014-02-12 15:07 - 2013-12-09 00:54 - 01317376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll
2014-02-12 15:07 - 2013-11-21 07:42 - 04604416 _____ (Microsoft Corporation) C:\WINDOWS\system32\d2d1.dll
2014-02-12 15:07 - 2013-11-21 06:44 - 03936256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll
2014-02-12 15:06 - 2014-02-06 13:16 - 23170048 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2014-02-12 15:06 - 2014-02-06 12:30 - 02724864 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2014-02-12 15:06 - 2014-02-06 12:30 - 00004096 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwcollectorres.dll
2014-02-12 15:06 - 2014-02-06 12:07 - 00066048 _____ (Microsoft Corporation) C:\WINDOWS\system32\iesetup.dll
2014-02-12 15:06 - 2014-02-06 12:06 - 00048640 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwproxystub.dll
2014-02-12 15:06 - 2014-02-06 11:57 - 00053760 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll
2014-02-12 15:06 - 2014-02-06 11:56 - 00033792 _____ (Microsoft Corporation) C:\WINDOWS\system32\iernonce.dll
2014-02-12 15:06 - 2014-02-06 11:49 - 00139264 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieUnatt.exe
2014-02-12 15:06 - 2014-02-06 11:48 - 00708608 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2014-02-12 15:06 - 2014-02-06 11:48 - 00111616 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwcollector.exe
2014-02-12 15:06 - 2014-02-06 11:38 - 17103872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2014-02-12 15:06 - 2014-02-06 11:32 - 00218624 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2014-02-12 15:06 - 2014-02-06 11:20 - 02724864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2014-02-12 15:06 - 2014-02-06 11:17 - 00195584 _____ (Microsoft Corporation) C:\WINDOWS\system32\msrating.dll
2014-02-12 15:06 - 2014-02-06 11:11 - 05768704 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2014-02-12 15:06 - 2014-02-06 11:01 - 00061952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iesetup.dll
2014-02-12 15:06 - 2014-02-06 10:57 - 00627200 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2014-02-12 15:06 - 2014-02-06 10:52 - 00043008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jsproxy.dll
2014-02-12 15:06 - 2014-02-06 10:52 - 00032768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iernonce.dll
2014-02-12 15:06 - 2014-02-06 10:50 - 02041856 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2014-02-12 15:06 - 2014-02-06 10:47 - 00112128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieUnatt.exe
2014-02-12 15:06 - 2014-02-06 10:46 - 00553472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2014-02-12 15:06 - 2014-02-06 10:25 - 04244480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2014-02-12 15:06 - 2014-02-06 10:25 - 00164864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrating.dll
2014-02-12 15:06 - 2014-02-06 10:24 - 02334208 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2014-02-12 15:06 - 2014-02-06 10:22 - 13051392 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2014-02-12 15:06 - 2014-02-06 10:13 - 00524288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2014-02-12 15:06 - 2014-02-06 10:09 - 01964032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2014-02-12 15:06 - 2014-02-06 10:03 - 11266048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2014-02-12 15:06 - 2014-02-06 09:55 - 01393664 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2014-02-12 15:06 - 2014-02-06 09:41 - 01820160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2014-02-12 15:06 - 2014-02-06 09:40 - 00817664 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2014-02-12 15:06 - 2014-02-06 09:36 - 01156096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2014-02-12 15:06 - 2014-02-06 09:34 - 00703488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2014-02-12 15:06 - 2014-01-09 09:25 - 02804224 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2014-02-12 15:06 - 2014-01-09 08:59 - 01020928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll
2014-02-12 15:06 - 2014-01-09 08:59 - 00115712 _____ (Microsoft Corporation) C:\WINDOWS\system32\winbici.dll
2014-02-12 15:06 - 2014-01-09 08:49 - 00919040 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmCoreR.dll
2014-02-12 15:06 - 2014-01-09 08:44 - 00720384 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDriveTelemetry.dll
2014-02-12 15:06 - 2014-01-09 08:43 - 00121344 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDriveShell.dll
2014-02-12 15:06 - 2014-01-09 08:29 - 00105984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SkyDriveShell.dll
2014-02-12 15:06 - 2014-01-09 08:28 - 04217344 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncEngine.dll
2014-02-12 15:06 - 2014-01-09 08:28 - 00628736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MrmCoreR.dll
2014-02-12 15:06 - 2014-01-09 08:18 - 00870912 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDrive.exe
2014-02-12 15:06 - 2014-01-07 08:03 - 00018944 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcaui.exe
2014-02-12 15:06 - 2014-01-07 06:59 - 00017408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\pcaui.exe
2014-02-12 15:06 - 2014-01-04 21:50 - 01462216 _____ (Microsoft Corporation) C:\WINDOWS\system32\propsys.dll
2014-02-12 15:06 - 2014-01-04 20:22 - 01202888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\propsys.dll
2014-02-12 15:06 - 2014-01-04 15:30 - 13209088 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2014-02-12 15:06 - 2014-01-04 15:23 - 11702272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2014-02-12 15:06 - 2014-01-04 14:42 - 01105408 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFolder.dll
2014-02-12 15:06 - 2014-01-04 14:40 - 07416832 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Search.dll
2014-02-12 15:06 - 2014-01-04 14:36 - 00830976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchFolder.dll
2014-02-12 15:06 - 2014-01-04 14:28 - 04961792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Search.dll
2014-02-12 15:06 - 2013-12-21 03:10 - 00009701 _____ () C:\WINDOWS\SysWOW64\connectedsearch-results.searchconnector-ms
2014-02-12 15:06 - 2013-12-21 03:10 - 00009701 _____ () C:\WINDOWS\system32\connectedsearch-results.searchconnector-ms
2014-02-12 15:06 - 2013-12-20 11:10 - 01113040 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2014-02-12 15:06 - 2013-12-20 07:13 - 00835584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2014-02-12 15:06 - 2013-12-09 03:57 - 00548864 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2014-02-12 15:06 - 2013-12-09 02:51 - 00454656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2014-02-07 18:40 - 2014-02-26 01:28 - 00000000 ____D () C:\Users\DAVUT\AppData\Roaming\FileZilla
2014-02-07 18:38 - 2014-02-07 18:38 - 04812567 _____ (Tim Kosse) C:\Users\DAVUT\Downloads\FileZilla_3.7.3_win32-setup [1].exe
2014-02-07 18:38 - 2014-02-07 18:38 - 00658856 _____ ( ) C:\Users\DAVUT\Downloads\FileZilla_3.7.3_win32-setup.exe
2014-02-07 18:36 - 2014-02-07 18:36 - 06792574 _____ () C:\Users\DAVUT\Downloads\wordpress-3.8.1-tr_TR.zip
2014-02-07 18:33 - 2014-02-07 18:33 - 58556247 _____ () C:\Users\DAVUT\Downloads\flavor16.zip
2014-02-07 18:24 - 2014-02-07 18:24 - 05295874 _____ () C:\Users\DAVUT\Downloads\broadcast13.zip
2014-02-07 18:23 - 2014-02-07 18:23 - 04816248 _____ () C:\Users\DAVUT\Downloads\rule_10.zip
2014-02-05 22:52 - 2014-02-05 22:52 - 00721408 _____ () C:\Users\DAVUT\Downloads\Finanzplanung_Tool_12_2013.xls
2014-02-05 22:47 - 2014-02-05 22:47 - 00000000 ____D () C:\Users\DAVUT\AppData\Roaming\OpenOffice
2014-02-05 22:41 - 2014-03-02 02:25 - 00000000 ____D () C:\WINDOWS\Minidump
2014-02-05 22:40 - 2014-02-05 22:43 - 163606685 _____ () C:\Users\DAVUT\Downloads\Apache_OpenOffice_4.0.1_Win_x86_install_de.exe
2014-02-05 12:15 - 2014-02-05 12:15 - 00000000 ____H () C:\WINDOWS\system32\Drivers\Msft_Kernel_netaapl64_01009.Wdf
2014-02-04 21:16 - 2014-02-04 21:16 - 00012164 _____ () C:\Users\DAVUT\Downloads\TWI_SAGA_GER_720p_BRay_x264-voxx2xmbn9h05.dlc
2014-02-04 15:47 - 2014-02-04 15:47 - 00000000 ____D () C:\Users\DAVUT\.shsh
2014-02-04 15:43 - 2014-02-04 15:43 - 75743528 _____ (Apple Inc.) C:\Users\DAVUT\Downloads\iTunes64Setup(1).exe
2014-02-04 15:42 - 2014-02-04 15:44 - 938891219 _____ () C:\Users\DAVUT\Downloads\iPhone3,1_6.1.3_10B329_Restore.ipsw
2014-02-04 15:42 - 2014-02-04 15:42 - 04984425 _____ () C:\Users\DAVUT\Downloads\ifaith-v1.5.9.zip
2014-02-02 23:25 - 2014-02-02 23:25 - 16620806 _____ () C:\Users\DAVUT\Downloads\evasi0n7-win-1.0.4-6a3dfa1f9478caea5da8b3e4e1e6baeb7768bbe4.zip
2014-02-01 22:30 - 2014-02-01 22:30 - 00009668 _____ () C:\Users\DAVUT\Downloads\13d670f3e80d154f6a236d331e571f5f.dlc
==================== One Month Modified Files and Folders =======
2014-03-03 14:38 - 2014-03-03 14:38 - 00015168 _____ () C:\Users\DAVUT\Desktop\FRST.txt
2014-03-03 14:38 - 2014-03-03 14:37 - 00000000 ____D () C:\FRST
2014-03-03 14:38 - 2013-10-15 18:58 - 00003598 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2309657365-2291247431-1116468141-1000
2014-03-03 14:37 - 2014-03-02 20:04 - 00138565 _____ () C:\WINDOWS\WindowsUpdate.log
2014-03-03 14:36 - 2014-03-03 14:36 - 02156544 _____ (Farbar) C:\Users\DAVUT\Desktop\FRST64.exe
2014-03-03 14:36 - 2013-10-28 17:23 - 00000000 ____D () C:\Users\DAVUT\AppData\Local\Adobe
2014-03-03 14:35 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\FxsTmp
2014-03-03 14:33 - 2013-11-12 01:06 - 00000000 __RDO () C:\Users\DAVUT\SkyDrive
2014-03-03 14:33 - 2013-08-22 15:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2014-03-02 20:14 - 2013-10-15 21:19 - 00000000 ____D () C:\Users\DAVUT\AppData\Roaming\TS3Client
2014-03-02 20:07 - 2013-09-30 05:14 - 01776918 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2014-03-02 20:07 - 2013-09-30 04:56 - 00764340 _____ () C:\WINDOWS\system32\perfh007.dat
2014-03-02 20:07 - 2013-09-30 04:56 - 00159160 _____ () C:\WINDOWS\system32\perfc007.dat
2014-03-02 20:03 - 2013-10-15 21:36 - 00291128 _____ () C:\WINDOWS\SysWOW64\PnkBstrB.xtr
2014-03-02 20:03 - 2013-10-15 21:34 - 00291128 _____ () C:\WINDOWS\SysWOW64\PnkBstrB.exe
2014-03-02 03:50 - 2014-03-02 02:09 - 00153834 _____ () C:\Users\DAVUT\Desktop\sfcdetails.txt
2014-03-02 03:49 - 2014-02-12 16:01 - 00000000 ____D () C:\Users\DAVUT\AppData\Roaming\Notepad++
2014-03-02 03:42 - 2014-03-02 00:01 - 00000000 ____D () C:\Users\DAVUT\AppData\Roaming\.oit
2014-03-02 03:39 - 2013-08-22 14:25 - 00262144 ___SH () C:\WINDOWS\system32\config\BBI
2014-03-02 03:38 - 2013-03-03 14:46 - 00004456 _____ () C:\Users\DAVUT\Desktop\Not Defteri.txt
2014-03-02 03:20 - 2014-03-01 21:45 - 00000000 ____D () C:\Users\DAVUT\AppData\Roaming\Epson
2014-03-02 03:19 - 2013-08-22 15:44 - 04980448 _____ () C:\WINDOWS\system32\FNTCACHE.DAT
2014-03-02 03:17 - 2013-10-21 22:49 - 00000000 ____D () C:\Program Files (x86)\Battlelog Web Plugins
2014-03-02 03:00 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\sru
2014-03-02 02:39 - 2014-03-02 02:39 - 01021432 _____ (Microsoft Corporation) C:\Users\DAVUT\Downloads\NDP451-KB2859818-Web.exe
2014-03-02 02:25 - 2014-02-05 22:41 - 00000000 ____D () C:\WINDOWS\Minidump
2014-03-02 02:07 - 2014-03-02 02:07 - 00002772 _____ () C:\WINDOWS\System32\Tasks\CCleanerSkipUAC
2014-03-02 02:06 - 2014-03-02 02:06 - 03645064 _____ (Piriform Ltd) C:\Users\DAVUT\Downloads\ccsetup410_slim.exe
2014-03-02 02:06 - 2014-03-02 02:06 - 00000706 _____ () C:\Users\Public\Desktop\CCleaner.lnk
2014-03-02 02:01 - 2014-01-10 13:32 - 00000000 ____D () C:\ProgramData\Apple
2014-03-02 02:00 - 2014-01-10 13:33 - 00000000 ____D () C:\Program Files\Common Files\Apple
2014-03-02 01:36 - 2014-03-02 01:33 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
2014-03-02 01:34 - 2014-03-02 01:34 - 00000000 ____D () C:\Users\DAVUT\AppData\Roaming\Malwarebytes
2014-03-02 01:34 - 2014-03-02 01:34 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-03-02 01:33 - 2014-03-02 01:33 - 00000000 ____D () C:\WINDOWS\System32\Tasks\Safer-Networking
2014-03-02 01:32 - 2014-03-02 01:32 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\DAVUT\Downloads\mbam-setup-1.75.0.1300.exe
2014-03-02 01:31 - 2014-03-02 01:31 - 40658208 _____ (Safer-Networking Ltd. ) C:\Users\DAVUT\Downloads\spybot-2.2.25.exe
2014-03-02 00:02 - 2014-03-02 00:01 - 00000000 ____D () C:\Users\DAVUT\Documents\My PageManager
2014-03-02 00:01 - 2014-03-02 00:01 - 00000000 ____D () C:\Users\DAVUT\AppData\Roaming\NewSoft
2014-03-02 00:01 - 2014-03-02 00:01 - 00000000 ____D () C:\Users\DAVUT\AppData\Local\NewSoft
2014-03-02 00:01 - 2014-03-01 22:50 - 00000264 _____ () C:\WINDOWS\setup.iss
2014-03-01 23:58 - 2014-03-01 23:58 - 00000000 ____D () C:\WINDOWS\SysWOW64\color
2014-03-01 23:58 - 2013-10-15 19:02 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-03-01 22:51 - 2014-03-01 22:51 - 00000000 ____D () C:\ProgramData\UDL
2014-03-01 22:51 - 2014-03-01 21:44 - 00000000 ____D () C:\ProgramData\EPSON
2014-03-01 22:50 - 2014-03-01 21:45 - 00000000 ____D () C:\Program Files (x86)\Epson Software
2014-03-01 21:52 - 2014-03-01 21:52 - 00000000 ____D () C:\Program Files\Common Files\EPSON
2014-03-01 21:45 - 2014-03-01 21:44 - 00000000 ____D () C:\Program Files (x86)\epson
2014-03-01 21:44 - 2014-03-01 21:44 - 00000000 ____D () C:\Program Files\EpsonNet
2014-03-01 01:20 - 2013-10-15 21:34 - 00291128 _____ () C:\WINDOWS\SysWOW64\PnkBstrB.ex0
2014-03-01 00:00 - 2014-01-25 17:51 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-02-28 23:58 - 2013-11-12 00:57 - 00000000 ____D () C:\Users\DAVUT
2014-02-28 23:58 - 2013-10-26 02:31 - 00000000 ____D () C:\Users\DAVUT\AppData\Roaming\vlc
2014-02-28 23:58 - 2013-10-15 18:55 - 00000000 ____D () C:\Users\DAVUT\AppData\Roaming\Audacity
2014-02-28 23:58 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\WinMetadata
2014-02-28 23:57 - 2013-11-10 00:41 - 00000000 ____D () C:\Users\DAVUT\AppData\Roaming\Skype
2014-02-28 23:57 - 2013-10-31 14:21 - 00000000 ____D () C:\Program Files (x86)\ExKode
2014-02-28 23:57 - 2013-10-31 14:03 - 00000000 ____D () C:\Users\DAVUT\AppData\Local\Dxtory Software
2014-02-28 23:57 - 2013-10-15 18:52 - 00000000 ____D () C:\Users\DAVUT\AppData\Roaming\Adobe
2014-02-28 23:57 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\registration
2014-02-28 22:34 - 2014-02-28 22:34 - 02404986 _____ () C:\Users\DAVUT\Downloads\08ab5107.zip
2014-02-28 20:14 - 2013-05-05 17:21 - 01722880 ___SH () C:\Users\DAVUT\Desktop\Thumbs.db
2014-02-28 14:30 - 2014-02-28 14:30 - 00273688 _____ () C:\Users\DAVUT\Downloads\Ihre Anfrage an Unitymedia.zip
2014-02-26 01:28 - 2014-02-07 18:40 - 00000000 ____D () C:\Users\DAVUT\AppData\Roaming\FileZilla
2014-02-26 01:23 - 2014-01-28 15:41 - 00000132 _____ () C:\Users\DAVUT\AppData\Roaming\Adobe CS6-PNG-Format - Voreinstellungen
2014-02-26 01:20 - 2014-02-26 01:20 - 00000000 ____D () C:\Users\DAVUT\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1
2014-02-26 01:00 - 2014-02-26 01:00 - 00034304 _____ () C:\Users\DAVUT\Downloads\de.community4wcf.wcf.page.simplepage.tar
2014-02-25 15:56 - 2013-08-22 14:25 - 00262144 ___SH () C:\WINDOWS\system32\config\ELAM
2014-02-24 23:28 - 2014-02-24 23:28 - 00058071 _____ () C:\Users\DAVUT\Downloads\WFB_2.0.0.zip
2014-02-24 23:21 - 2014-02-24 23:21 - 00715264 _____ () C:\Users\DAVUT\Downloads\de.codequake.cms.tar
2014-02-24 22:50 - 2014-02-24 22:50 - 00000000 ____D () C:\WINDOWS\system32\appmgmt
2014-02-24 13:08 - 2014-02-24 13:08 - 00001633 _____ () C:\Users\DAVUT\Downloads\photoshop-action-Smooth skin.zip
2014-02-24 13:07 - 2014-02-24 13:07 - 00001545 _____ () C:\Users\DAVUT\Downloads\action_hue_nic_a_by_cutebb-d5ysyee.zip
2014-02-24 13:04 - 2014-02-24 13:04 - 00001003 _____ () C:\Users\DAVUT\Downloads\action_005___nostalgia_by_eliska_olsanska-d601xtv.rar
2014-02-24 12:30 - 2014-02-24 12:30 - 00003416 _____ () C:\Users\DAVUT\Downloads\4o563y2ekts7n5t.dlc
2014-02-24 12:13 - 2014-02-24 12:13 - 00270336 _____ () C:\Users\DAVUT\Downloads\de.orlando-forum.messagesidebar.contacticon.tar
2014-02-23 21:12 - 2013-10-21 22:16 - 00000000 ____D () C:\ProgramData\Origin
2014-02-22 20:42 - 2014-02-22 20:42 - 99114034 _____ () C:\Users\DAVUT\Downloads\bossFlam2013.rar
2014-02-22 20:33 - 2014-02-22 20:33 - 00001200 _____ () C:\Users\DAVUT\Downloads\bsss_hsss.dlc
2014-02-22 20:29 - 2014-02-22 20:29 - 00000098 _____ () C:\Users\DAVUT\Downloads\603920b3-f38c-4792-b2d7-58d607cb338f.htm
2014-02-22 20:14 - 2014-02-22 20:14 - 00000000 ____D () C:\Users\DAVUT\AppData\Local\Line
2014-02-22 20:13 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\AppReadiness
2014-02-22 20:12 - 2014-02-22 20:12 - 17939816 _____ (LINE Corporation) C:\Users\DAVUT\Downloads\LineInst.exe
2014-02-22 20:08 - 2013-04-17 13:44 - 00000000 ____D () C:\Users\DAVUT\AppData\Local\Packages
2014-02-19 22:56 - 2014-02-19 22:56 - 00003056 _____ () C:\Users\DAVUT\Downloads\Walking_Dead_S04_720p_PRETAiL_Aktuell-thkp8vmdymin.dlc
2014-02-19 21:04 - 2013-11-10 00:41 - 00000000 ____D () C:\ProgramData\Skype
2014-02-19 21:03 - 2013-11-10 00:41 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-02-18 20:06 - 2013-10-17 11:24 - 88567024 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2014-02-18 20:06 - 2013-10-17 11:24 - 00000000 ____D () C:\WINDOWS\system32\MRT
2014-02-18 17:18 - 2014-02-18 17:18 - 00000000 ____D () C:\ProgramData\RELOADED
2014-02-18 17:10 - 2014-02-18 17:10 - 00006936 _____ () C:\Users\DAVUT\Downloads\87c855fbcc0d664ea0d61d471c65d7a5.dlc
2014-02-18 16:12 - 2014-02-18 16:12 - 00000000 ___RD () C:\Users\DAVUT\Downloads\Microsoft.SkypeApp_kzf8qxf38zg5c!App
2014-02-18 14:58 - 2013-05-26 13:47 - 00560640 ___SH () C:\Users\DAVUT\Downloads\Thumbs.db
2014-02-17 22:00 - 2013-08-22 16:38 - 00693240 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2014-02-17 22:00 - 2013-08-22 16:38 - 00105464 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2014-02-17 17:11 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\rescache
2014-02-17 14:04 - 2014-02-17 14:03 - 02782415 _____ () C:\Users\DAVUT\Downloads\Fraps 3.5.99 Build 15618.rar
2014-02-17 13:15 - 2013-10-15 18:53 - 00000000 ___RD () C:\Users\DAVUT\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-02-17 13:15 - 2013-10-15 18:53 - 00000000 ___RD () C:\Users\DAVUT\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-02-17 13:15 - 2013-08-22 16:36 - 00000000 ___RD () C:\WINDOWS\ToastData
2014-02-17 13:15 - 2013-08-22 14:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\Dism
2014-02-17 13:15 - 2013-08-22 14:36 - 00000000 ____D () C:\WINDOWS\system32\Dism
2014-02-16 12:22 - 2014-02-16 12:22 - 20042717 _____ () C:\Users\DAVUT\Downloads\PES2014Patch107.zip
2014-02-16 12:09 - 2014-02-16 12:06 - 893575871 _____ () C:\Users\DAVUT\Downloads\PESEdit.com_2014_Data_Pack.7z
2014-02-16 12:08 - 2014-02-16 12:06 - 723654951 _____ () C:\Users\DAVUT\Downloads\PESEdit.com_2014_Patch_V._3.0.rar
2014-02-16 12:04 - 2014-02-16 12:04 - 00001304 _____ () C:\Users\DAVUT\Downloads\3l2km393x2tms88-ul.to.dlc
2014-02-16 00:28 - 2013-02-19 20:12 - 00000000 ____D () C:\Users\DAVUT\Documents\KONAMI
2014-02-16 00:23 - 2014-02-16 00:23 - 00000000 ____D () C:\ProgramData\KONAMI
2014-02-16 00:09 - 2014-02-16 00:09 - 00760320 _____ () C:\Users\DAVUT\Downloads\de.voolia.news.tar
2014-02-15 00:03 - 2014-02-15 00:03 - 00026624 _____ () C:\Users\DAVUT\Downloads\1.0.0.tar
2014-02-14 23:12 - 2014-02-14 23:12 - 00000000 ____D () C:\Users\DAVUT\Downloads\wbb4.0.2pl1
2014-02-14 23:06 - 2014-02-14 23:06 - 03531940 _____ () C:\Users\DAVUT\Downloads\wbb4.0.2pl1.zip
2014-02-14 22:32 - 2014-02-14 22:32 - 00155024 _____ () C:\Users\DAVUT\Downloads\com.insidepixel.style.simpleBlue.tar.tgz
2014-02-13 21:07 - 2014-02-13 21:07 - 00008344 _____ () C:\Users\DAVUT\Downloads\relink.us__521iuhdshf743834iusdf8932_9hf9gui3g374__uploaded.net__bbbc5edf59489ee7526d760eaa6e0b.dlc
2014-02-12 18:07 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\MediaViewer
2014-02-12 18:07 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\FileManager
2014-02-12 18:07 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\Camera
2014-02-12 16:10 - 2014-02-12 16:09 - 02668307 _____ () C:\Users\DAVUT\Downloads\teknoloji.rar
2014-02-12 16:01 - 2014-02-12 16:01 - 07598942 _____ () C:\Users\DAVUT\Downloads\npp.6.5.3.Installer.exe
2014-02-12 16:01 - 2014-02-12 16:01 - 00000776 _____ () C:\Users\UpdatusUser\Desktop\Notepad++.lnk
2014-02-12 16:01 - 2014-02-12 16:01 - 00000000 ____D () C:\Users\DAVUT\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Notepad++
2014-02-12 15:20 - 2014-02-12 15:20 - 00285395 _____ () C:\Users\DAVUT\Downloads\parament.1.3.zip
2014-02-12 15:14 - 2014-02-12 15:14 - 01122467 _____ () C:\Users\DAVUT\Downloads\gamepress.1.0.5(1).zip
2014-02-12 15:10 - 2014-02-12 15:10 - 01122467 _____ () C:\Users\DAVUT\Downloads\gamepress.1.0.5.zip
2014-02-07 19:30 - 2014-01-19 23:03 - 00001456 _____ () C:\Users\DAVUT\AppData\Local\Adobe Für Web speichern 13.0 Prefs
2014-02-07 18:38 - 2014-02-07 18:38 - 04812567 _____ (Tim Kosse) C:\Users\DAVUT\Downloads\FileZilla_3.7.3_win32-setup [1].exe
2014-02-07 18:38 - 2014-02-07 18:38 - 00658856 _____ ( ) C:\Users\DAVUT\Downloads\FileZilla_3.7.3_win32-setup.exe
2014-02-07 18:36 - 2014-02-07 18:36 - 06792574 _____ () C:\Users\DAVUT\Downloads\wordpress-3.8.1-tr_TR.zip
2014-02-07 18:33 - 2014-02-07 18:33 - 58556247 _____ () C:\Users\DAVUT\Downloads\flavor16.zip
2014-02-07 18:24 - 2014-02-07 18:24 - 05295874 _____ () C:\Users\DAVUT\Downloads\broadcast13.zip
2014-02-07 18:23 - 2014-02-07 18:23 - 04816248 _____ () C:\Users\DAVUT\Downloads\rule_10.zip
2014-02-06 13:16 - 2014-02-12 15:06 - 23170048 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2014-02-06 12:30 - 2014-02-12 15:06 - 02724864 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2014-02-06 12:30 - 2014-02-12 15:06 - 00004096 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwcollectorres.dll
2014-02-06 12:12 - 2014-02-12 15:07 - 02765824 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2014-02-06 12:07 - 2014-02-12 15:06 - 00066048 _____ (Microsoft Corporation) C:\WINDOWS\system32\iesetup.dll
2014-02-06 12:06 - 2014-02-12 15:06 - 00048640 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwproxystub.dll
2014-02-06 11:57 - 2014-02-12 15:06 - 00053760 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll
2014-02-06 11:56 - 2014-02-12 15:06 - 00033792 _____ (Microsoft Corporation) C:\WINDOWS\system32\iernonce.dll
2014-02-06 11:49 - 2014-02-12 15:06 - 00139264 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieUnatt.exe
2014-02-06 11:48 - 2014-02-12 15:06 - 00708608 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2014-02-06 11:48 - 2014-02-12 15:06 - 00111616 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwcollector.exe
2014-02-06 11:38 - 2014-02-12 15:06 - 17103872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2014-02-06 11:32 - 2014-02-12 15:06 - 00218624 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2014-02-06 11:20 - 2014-02-12 15:06 - 02724864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2014-02-06 11:17 - 2014-02-12 15:06 - 00195584 _____ (Microsoft Corporation) C:\WINDOWS\system32\msrating.dll
2014-02-06 11:11 - 2014-02-12 15:06 - 05768704 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2014-02-06 11:01 - 2014-02-12 15:06 - 00061952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iesetup.dll
2014-02-06 11:00 - 2014-02-12 15:07 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieetwproxystub.dll
2014-02-06 10:57 - 2014-02-12 15:07 - 02168320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2014-02-06 10:57 - 2014-02-12 15:06 - 00627200 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2014-02-06 10:52 - 2014-02-12 15:06 - 00043008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jsproxy.dll
2014-02-06 10:52 - 2014-02-12 15:06 - 00032768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iernonce.dll
2014-02-06 10:50 - 2014-02-12 15:06 - 02041856 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2014-02-06 10:47 - 2014-02-12 15:06 - 00112128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieUnatt.exe
2014-02-06 10:46 - 2014-02-12 15:06 - 00553472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2014-02-06 10:25 - 2014-02-12 15:06 - 04244480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2014-02-06 10:25 - 2014-02-12 15:06 - 00164864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrating.dll
2014-02-06 10:24 - 2014-02-12 15:06 - 02334208 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2014-02-06 10:22 - 2014-02-12 15:06 - 13051392 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2014-02-06 10:13 - 2014-02-12 15:06 - 00524288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2014-02-06 10:09 - 2014-02-12 15:06 - 01964032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2014-02-06 10:03 - 2014-02-12 15:06 - 11266048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2014-02-06 09:55 - 2014-02-12 15:06 - 01393664 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2014-02-06 09:41 - 2014-02-12 15:06 - 01820160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2014-02-06 09:40 - 2014-02-12 15:06 - 00817664 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2014-02-06 09:36 - 2014-02-12 15:06 - 01156096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2014-02-06 09:34 - 2014-02-12 15:06 - 00703488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2014-02-05 22:52 - 2014-02-05 22:52 - 00721408 _____ () C:\Users\DAVUT\Downloads\Finanzplanung_Tool_12_2013.xls
2014-02-05 22:47 - 2014-02-05 22:47 - 00000000 ____D () C:\Users\DAVUT\AppData\Roaming\OpenOffice
2014-02-05 22:43 - 2014-02-05 22:40 - 163606685 _____ () C:\Users\DAVUT\Downloads\Apache_OpenOffice_4.0.1_Win_x86_install_de.exe
2014-02-05 12:15 - 2014-02-05 12:15 - 00000000 ____H () C:\WINDOWS\system32\Drivers\Msft_Kernel_netaapl64_01009.Wdf
2014-02-04 21:16 - 2014-02-04 21:16 - 00012164 _____ () C:\Users\DAVUT\Downloads\TWI_SAGA_GER_720p_BRay_x264-voxx2xmbn9h05.dlc
2014-02-04 15:47 - 2014-02-04 15:47 - 00000000 ____D () C:\Users\DAVUT\.shsh
2014-02-04 15:44 - 2014-02-04 15:42 - 938891219 _____ () C:\Users\DAVUT\Downloads\iPhone3,1_6.1.3_10B329_Restore.ipsw
2014-02-04 15:43 - 2014-02-04 15:43 - 75743528 _____ (Apple Inc.) C:\Users\DAVUT\Downloads\iTunes64Setup(1).exe
2014-02-04 15:42 - 2014-02-04 15:42 - 04984425 _____ () C:\Users\DAVUT\Downloads\ifaith-v1.5.9.zip
2014-02-02 23:25 - 2014-02-02 23:25 - 16620806 _____ () C:\Users\DAVUT\Downloads\evasi0n7-win-1.0.4-6a3dfa1f9478caea5da8b3e4e1e6baeb7768bbe4.zip
2014-02-01 22:30 - 2014-02-01 22:30 - 00009668 _____ () C:\Users\DAVUT\Downloads\13d670f3e80d154f6a236d331e571f5f.dlc
Some content of TEMP:
====================
C:\Users\DAVUT\AppData\Local\Temp\_is15E7.exe
C:\Users\DAVUT\AppData\Local\Temp\_is62DD.exe
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2014-03-01 21:22
==================== End Of Log ============================
--- --- --- --- --- --- --- --- --- Tut mir Leid für den Doppelpost, aber ich kann meinen Beitrag nicht bearbeiten? Ich habe hier im Forum nach "ungültiges Bild" gesucht und wollte noch wie überall auch den Logfile mit ComboFix erstellen, aber noch habe ich nichts gemacht, weil es auf Win 8.1 Anscheinend nicht läuft , mit dem Kompatibilät hab ich es noch nicht probiert... aber einen Vollständigen mit Malwarebytes Anti - Malware (Test) mache ich jetzt... dort steht schon 2 Infizierte objekte Es ist doch kein Doppelpost hihi Code:
ATTFilter Malwarebytes Anti-Malware (Test) 1.75.0.1300 Malwarebytes : Free Anti-Malware Datenbank Version: v2014.03.03.06 Windows 8 x64 NTFS Internet Explorer 11.0.9600.16518 DAVUT :: DAVUT-PC [Administrator] Schutz: Deaktiviert 03.03.2014 18:21:28 mbam-log-2014-03-03 (18-21-28).txt Art des Suchlaufs: Quick-Scan Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM Deaktivierte Suchlaufeinstellungen: P2P Durchsuchte Objekte: 278235 Laufzeit: 1 Minute(n), 50 Sekunde(n) Infizierte Speicherprozesse: 0 (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: 2 HKCU\Software\InstallCore\1I1T1Q1S (PUP.Optional.InstallCore.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. HKCU\SOFTWARE\INSTALLCORE (PUP.Optional.InstallCore.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. Infizierte Registrierungswerte: 1 HKCU\Software\InstallCore|tb (PUP.Optional.InstallCore.A) -> Daten: 0X2O1C0R2R1R -> Erfolgreich gelöscht und in Quarantäne gestellt. Infizierte Dateiobjekte der Registrierung: 0 (Keine bösartigen Objekte gefunden) Infizierte Verzeichnisse: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateien: 0 (Keine bösartigen Objekte gefunden) (Ende) hätte ich lieber mein system neu aufgespielt |
|
04.03.2014, 18:03
| #4 |
| /// the machine /// TB-Ausbilder | Program.exe - Ungültiges Bild (mehrere Programme) Downloade Dir bitte  AdwCleaner auf deinen Desktop.
Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
und ein frisches FRST log bitte.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
04.03.2014, 18:48
| #5 |
| | Program.exe - Ungültiges Bild (mehrere Programme) Okay, 2.minuten... Code:
ATTFilter # AdwCleaner v3.020 - Bericht erstellt am 04/03/2014 um 18:41:45
# Aktualisiert 27/02/2014 von Xplode
# Betriebssystem : Windows 8.1 Pro (64 bits)
# Benutzername : DAVUT - DAVUT-PC
# Gestartet von : C:\Users\DAVUT\Desktop\adwcleaner.exe
# Option : Löschen
***** [ Dienste ] *****
***** [ Dateien / Ordner ] *****
Ordner Gelöscht : C:\Program Files (x86)\MyPC Backup
Ordner Gelöscht : C:\Users\DAVUT\AppData\Local\PackageAware
Ordner Gelöscht : C:\Users\DAVUT\AppData\Roaming\Systweak
Datei Gelöscht : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Search.lnk
Datei Gelöscht : C:\WINDOWS\System32\roboot64.exe
***** [ Verknüpfungen ] *****
***** [ Registrierungsdatenbank ] *****
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{0A18A436-2A7A-49F3-A488-30538A2F6323}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{007EFBDF-8A5D-4930-97CC-A4B437CBA777}
Schlüssel Gelöscht : HKLM\Software\systweak
***** [ Browser ] *****
-\\ Internet Explorer v11.0.9600.16518
-\\ Mozilla Firefox v24.0 (de)
[ Datei : C:\Users\DAVUT\AppData\Roaming\Mozilla\Firefox\Profiles\vxjvs7wq.default\prefs.js ]
*************************
AdwCleaner[R0].txt - [1308 octets] - [04/03/2014 18:40:59]
AdwCleaner[S0].txt - [1235 octets] - [04/03/2014 18:41:45]
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [1295 octets] ##########
Code:
ATTFilter ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.2 (02.20.2014:1)
OS: Windows 8.1 Pro x64
Ran by DAVUT on 04.03.2014 at 18:44:01,04
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Registry Values
~~~ Registry Keys
~~~ Files
~~~ Folders
~~~ Event Viewer Logs were cleared
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 04.03.2014 at 18:46:39,70
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
FRST Logfile: FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 03-03-2014
Ran by DAVUT (administrator) on DAVUT-PC on 04-03-2014 18:47:22
Running from C:\Users\DAVUT\Desktop
Windows 8.1 Pro (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(AMD) C:\WINDOWS\system32\atiesrxx.exe
(AMD) C:\WINDOWS\system32\atieclxx.exe
() C:\Windows\SysWOW64\ASGT.exe
() C:\Program Files (x86)\ASUS\APRP\AsusProductRegisterService.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Microsoft Corporation) C:\WINDOWS\system32\dashost.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Malwarebytes Corporation) D:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) D:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
() C:\WINDOWS\SysWOW64\PnkBstrA.exe
() C:\WINDOWS\SysWOW64\PnkBstrB.exe
(Safer-Networking Ltd.) D:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
(Malwarebytes Corporation) D:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
(TeamViewer GmbH) D:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
(Seiko Epson Corporation) C:\WINDOWS\system32\EscSvc64.exe
(Safer-Networking Ltd.) D:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
(TeamViewer GmbH) D:\Program Files (x86)\TeamViewer\Version8\TeamViewer.exe
(Safer-Networking Ltd.) D:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
(Microsoft Corporation) C:\Windows\System32\skydrive.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(TeamViewer GmbH) D:\Program Files (x86)\TeamViewer\Version8\tv_w32.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(TeamViewer GmbH) D:\Program Files (x86)\TeamViewer\Version8\tv_x64.exe
(Microsoft Corporation) C:\Program Files\Microsoft IntelliType Pro\itype.exe
(CMedia) C:\Program Files\ASUS Xonar D2 Audio\Customapp\ASUSAUDIOCENTER.EXE
() C:\Windows\SysWOW64\HsMgr.exe
() C:\Windows\System\HsMgr64.exe
(NewSoft Technology Corporation) C:\Windows\System32\spool\drivers\x64\3\WrtMon.exe
(NewSoft Technology Corporation) C:\Windows\System32\spool\drivers\x64\3\WrtProc.exe
(Valve Corporation) D:\Program Files (x86)\Steam\Steam.exe
(Octoshape ApS) C:\Users\DAVUT\AppData\Roaming\Octoshape\Octoshape Streaming Services\OctoshapeClient.exe
(AMD) C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe
(Apple Inc.) D:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
(AMD) C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM64.exe
(SEIKO EPSON CORPORATION) C:\Windows\System32\spool\drivers\x64\3\E_YATIJJE.EXE
(SEIKO EPSON CORPORATION) C:\Windows\System32\spool\drivers\x64\3\E_YATIJJE.EXE
(Razer Inc.) C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe
(SEIKO EPSON CORPORATION) C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Safer-Networking Ltd.) D:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.Reader_6.3.9600.16422_x64__8wekyb3d8bbwe\glcnd.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Mozilla Corporation) D:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\WINDOWS\system32\wbem\WMIADAP.EXE
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12503184 2012-06-11] (Realtek Semiconductor)
HKLM\...\Run: [itype] - C:\Program Files\Microsoft IntelliType Pro\itype.exe [2345848 2009-11-05] (Microsoft Corporation)
HKLM\...\Run: [Cmaudio8788] - C:\WINDOWS\Syswow64\cmicnfgp.dll [12935168 2012-08-27] (C-Media Corporation)
HKLM\...\Run: [Cmaudio8788GX] - C:\WINDOWS\syswow64\HsMgr.exe [200704 2008-07-11] ()
HKLM\...\Run: [Cmaudio8788GX64] - C:\WINDOWS\system\HsMgr64.exe [282112 2008-07-11] ()
HKLM\...\Run: [AdobeAAMUpdater-1.0] - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [446392 2012-04-04] (Adobe Systems Incorporated)
HKLM\...\Run: [WrtMon.exe] - C:\WINDOWS\system32\spool\drivers\x64\3\WrtMon.exe [26448 2008-05-24] (NewSoft Technology Corporation)
HKLM-x32\...\Run: [] - [X]
HKLM-x32\...\Run: [Razer Synapse] - C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe [442200 2013-10-17] (Razer Inc.)
HKLM-x32\...\Run: [SwitchBoard] - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS6ServiceManager] - C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [StartCCC] - C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [766208 2013-10-08] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [EEventManager] - C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe [1058912 2012-04-02] (SEIKO EPSON CORPORATION)
HKLM-x32\...\Run: [PMSpeed] - D:\Program Files (x86)\NewSoft\Presto! PageManager 9.03\PMSpeed.EXE [116632 2010-07-29] (NewSoft Technology Corporation)
HKLM-x32\...\Run: [SDTray] - D:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [5624784 2013-07-25] (Safer-Networking Ltd.)
Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
HKU\S-1-5-21-2309657365-2291247431-1116468141-1000\...\Run: [Steam] - D:\Program Files (x86)\Steam\steam.exe [1821888 2014-02-25] (Valve Corporation)
HKU\S-1-5-21-2309657365-2291247431-1116468141-1000\...\Run: [Octoshape Streaming Services] - C:\Users\DAVUT\AppData\Roaming\Octoshape\Octoshape Streaming Services\OctoshapeClient.exe [107800 2011-03-24] (Octoshape ApS)
HKU\S-1-5-21-2309657365-2291247431-1116468141-1000\...\Run: [EADM] - D:\Program Files (x86)\Origin\Origin.exe [3598680 2014-02-14] (Electronic Arts)
HKU\S-1-5-21-2309657365-2291247431-1116468141-1000\...\Run: [Dxtory Update Checker 2.0] - C:\Program Files (x86)\ExKode\Dxtory2.0\UpdateChecker.exe [93696 2010-10-17] (Dxtory Software)
HKU\S-1-5-21-2309657365-2291247431-1116468141-1000\...\Run: [HydraVisionDesktopManager] - C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe [393216 2012-07-27] (AMD)
HKU\S-1-5-21-2309657365-2291247431-1116468141-1000\...\Run: [iCloudServices] - D:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [59720 2013-11-20] (Apple Inc.)
HKU\S-1-5-21-2309657365-2291247431-1116468141-1000\...\Run: [EPLTarget\P0000000000000000] - C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YATIJJE.EXE [283232 2012-02-27] (SEIKO EPSON CORPORATION)
HKU\S-1-5-21-2309657365-2291247431-1116468141-1000\...\Run: [Scan Buttons] - D:\Program Files (x86)\NewSoft\Presto! PageManager 9.03\PMSB.EXE [214360 2011-01-21] (NewSoft Technology Corporation)
HKU\S-1-5-21-2309657365-2291247431-1116468141-1000\...\Run: [EPLTarget\P0000000000000001] - C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YATIJJE.EXE [283232 2012-02-27] (SEIKO EPSON CORPORATION)
==================== Internet (Whitelisted) ====================
BHO: Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION)
Toolbar: HKLM - Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
FireFox:
========
FF ProfilePath: C:\Users\DAVUT\AppData\Roaming\Mozilla\Firefox\Profiles\vxjvs7wq.default
FF Plugin: @adobe.com/FlashPlayer - C:\WINDOWS\system32\Macromed\Flash\NPSWF64_11_9_900_117.dll ()
FF Plugin-x32: @adobe.com/FlashPlayer - C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_117.dll ()
FF Plugin-x32: @esn/npbattlelog,version=2.3.2 - C:\Program Files (x86)\Battlelog Web Plugins\2.3.2\npbattlelog.dll (EA Digital Illusions CE AB)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3508.0205 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @videolan.org/vlc,version=2.1.0 - D:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin HKCU: @octoshape.com/Octoshape Streaming Services,version=1.0 - C:\Users\DAVUT\AppData\Roaming\Octoshape\Octoshape Streaming Services\sua-1103234-0-npoctoshape.dll (Octoshape ApS)
FF Plugin ProgramFiles/Appdata: C:\Users\DAVUT\AppData\Roaming\mozilla\plugins\npoctoshape.dll (Octoshape ApS)
FF StartMenuInternet: FIREFOX.EXE - D:\Program Files (x86)\Mozilla Firefox\firefox.exe
==================== Services (Whitelisted) =================
R2 ASGT; C:\Windows\SysWOW64\ASGT.exe [55296 2012-01-17] ()
R2 Asus Product Register Service; C:\Program Files (x86)\ASUS\APRP\AsusProductRegisterService.exe [62128 2012-09-11] ()
R2 EpsonScanSvc; C:\WINDOWS\system32\EscSvc64.exe [135824 2011-12-12] (Seiko Epson Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [166720 2012-06-25] (Intel Corporation)
R2 MBAMScheduler; D:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
R2 MBAMService; D:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
R2 PnkBstrA; C:\WINDOWS\SysWOW64\PnkBstrA.exe [76888 2013-11-12] ()
R2 PnkBstrB; C:\WINDOWS\SysWOW64\PnkBstrB.exe [291128 2014-03-04] ()
R2 SDScannerService; D:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [3921880 2013-10-15] (Safer-Networking Ltd.)
R2 SDUpdateService; D:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [1042272 2013-09-20] (Safer-Networking Ltd.)
R2 SDWSCService; D:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [171416 2013-09-13] (Safer-Networking Ltd.)
R2 TeamViewer8; D:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe [5093216 2014-02-07] (TeamViewer GmbH)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [346872 2013-08-22] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23840 2013-08-22] (Microsoft Corporation)
==================== Drivers (Whitelisted) ====================
S0 ADP80XX; C:\Windows\System32\drivers\ADP80XX.SYS [782176 2013-08-22] (PMC-Sierra)
S0 amdkmafd; C:\Windows\System32\drivers\amdkmafd.sys [21160 2012-09-23] (Advanced Micro Devices, Inc.)
R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdWB6.sys [138240 2013-06-22] (Advanced Micro Devices)
S3 bcmfn2; C:\Windows\System32\drivers\bcmfn2.sys [17624 2013-08-13] (Windows (R) Win 7 DDK provider)
R3 cmudaxp; C:\Windows\system32\drivers\cmudaxp.sys [2733056 2012-09-25] (C-Media Inc)
S3 iaLPSSi_GPIO; C:\Windows\System32\drivers\iaLPSSi_GPIO.sys [24568 2013-07-30] (Intel Corporation)
S3 iaLPSSi_I2C; C:\Windows\System32\drivers\iaLPSSi_I2C.sys [99320 2013-07-25] (Intel Corporation)
S0 iaStorAV; C:\Windows\System32\drivers\iaStorAV.sys [651248 2013-08-10] (Intel Corporation)
R0 intelpep; C:\Windows\System32\drivers\intelpep.sys [39768 2013-11-11] (Microsoft Corporation)
R4 IOMap; C:\WINDOWS\system32\drivers\IOMap64.sys [23680 2010-02-23] (ASUSTeK Computer Inc.)
S3 kbldfltr; C:\Windows\System32\drivers\kbldfltr.sys [22272 2013-09-30] (Microsoft Corporation)
S0 LSI_SAS3; C:\Windows\System32\drivers\lsi_sas3.sys [81760 2013-08-22] (LSI Corporation)
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
R3 NdisVirtualBus; C:\Windows\System32\drivers\NdisVirtualBus.sys [16384 2013-08-22] (Microsoft Corporation)
S3 netvsc; C:\Windows\system32\DRIVERS\netvsc63.sys [87040 2013-08-22] (Microsoft Corporation)
S3 ReFS; C:\Windows\System32\Drivers\ReFS.sys [924512 2013-08-22] (Microsoft Corporation)
R3 rzendpt; C:\Windows\System32\drivers\rzendpt.sys [39080 2013-10-14] (Razer Inc)
S3 SerCx2; C:\Windows\System32\drivers\SerCx2.sys [146776 2013-10-26] (Microsoft Corporation)
S0 stornvme; C:\Windows\System32\drivers\stornvme.sys [57176 2013-10-05] (Microsoft Corporation)
S3 UEFI; C:\Windows\System32\drivers\UEFI.sys [26976 2013-08-22] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [124256 2013-08-22] (Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2014-03-04 18:46 - 2014-03-04 18:46 - 00000618 _____ () C:\Users\DAVUT\Desktop\JRT.txt
2014-03-04 18:44 - 2014-03-04 18:44 - 00000000 ____D () C:\WINDOWS\ERUNT
2014-03-04 18:43 - 2014-03-04 18:43 - 00001375 _____ () C:\Users\DAVUT\Desktop\AdwCleaner[S0].txt
2014-03-04 18:39 - 2014-03-04 18:41 - 00000000 ____D () C:\AdwCleaner
2014-03-04 18:39 - 2014-03-04 18:39 - 01244192 _____ () C:\Users\DAVUT\Desktop\adwcleaner.exe
2014-03-04 18:39 - 2014-03-04 18:39 - 01037734 _____ (Thisisu) C:\Users\DAVUT\Desktop\JRT.exe
2014-03-03 21:47 - 2014-03-03 21:47 - 00000000 _____ () C:\Users\DAVUT\Sti_Trace.log
2014-03-03 21:46 - 2014-03-03 21:46 - 00000682 _____ () C:\WINDOWS\PFRO.log
2014-03-03 18:46 - 2014-03-03 18:46 - 00000000 ____D () C:\WINDOWS\pss
2014-03-03 18:25 - 2014-03-03 18:25 - 00002724 _____ () C:\Users\DAVUT\Desktop\malware.txt
2014-03-03 14:41 - 2014-03-03 14:42 - 05185084 _____ (Swearware) C:\Users\DAVUT\Desktop\ComboFix.exe
2014-03-03 14:38 - 2014-03-04 18:47 - 00013979 _____ () C:\Users\DAVUT\Desktop\FRST.txt
2014-03-03 14:38 - 2014-03-03 14:39 - 00033080 _____ () C:\Users\DAVUT\Desktop\Addition.txt
2014-03-03 14:37 - 2014-03-04 18:47 - 00000000 ____D () C:\FRST
2014-03-03 14:36 - 2014-03-03 14:36 - 02156544 _____ (Farbar) C:\Users\DAVUT\Desktop\FRST64.exe
2014-03-02 20:04 - 2014-03-04 16:32 - 00233489 _____ () C:\WINDOWS\WindowsUpdate.log
2014-03-02 02:39 - 2014-03-02 02:39 - 01021432 _____ (Microsoft Corporation) C:\Users\DAVUT\Downloads\NDP451-KB2859818-Web.exe
2014-03-02 02:09 - 2014-03-02 03:50 - 00153834 _____ () C:\Users\DAVUT\Desktop\sfcdetails.txt
2014-03-02 02:07 - 2014-03-02 02:07 - 00002772 _____ () C:\WINDOWS\System32\Tasks\CCleanerSkipUAC
2014-03-02 02:06 - 2014-03-02 02:06 - 03645064 _____ (Piriform Ltd) C:\Users\DAVUT\Downloads\ccsetup410_slim.exe
2014-03-02 02:06 - 2014-03-02 02:06 - 00000706 _____ () C:\Users\Public\Desktop\CCleaner.lnk
2014-03-02 01:34 - 2014-03-02 01:34 - 00000000 ____D () C:\Users\DAVUT\AppData\Roaming\Malwarebytes
2014-03-02 01:34 - 2014-03-02 01:34 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-03-02 01:34 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys
2014-03-02 01:33 - 2014-03-02 01:36 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
2014-03-02 01:33 - 2014-03-02 01:33 - 00000000 ____D () C:\WINDOWS\System32\Tasks\Safer-Networking
2014-03-02 01:33 - 2013-09-20 10:49 - 00021040 _____ (Safer Networking Limited) C:\WINDOWS\system32\sdnclean64.exe
2014-03-02 01:32 - 2014-03-02 01:32 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\DAVUT\Downloads\mbam-setup-1.75.0.1300.exe
2014-03-02 01:31 - 2014-03-02 01:31 - 40658208 _____ (Safer-Networking Ltd. ) C:\Users\DAVUT\Downloads\spybot-2.2.25.exe
2014-03-02 00:01 - 2014-03-02 03:42 - 00000000 ____D () C:\Users\DAVUT\AppData\Roaming\.oit
2014-03-02 00:01 - 2014-03-02 00:02 - 00000000 ____D () C:\Users\DAVUT\Documents\My PageManager
2014-03-02 00:01 - 2014-03-02 00:01 - 00000000 ____D () C:\Users\DAVUT\AppData\Roaming\NewSoft
2014-03-02 00:01 - 2014-03-02 00:01 - 00000000 ____D () C:\Users\DAVUT\AppData\Local\NewSoft
2014-03-01 23:59 - 2001-09-10 18:05 - 00087392 _____ (Twain Working Group) C:\WINDOWS\TWAIN.DLL
2014-03-01 23:59 - 2001-09-10 18:05 - 00069632 _____ (Twain Working Group) C:\WINDOWS\Twunk_32.exe
2014-03-01 23:59 - 2001-09-10 18:05 - 00048560 _____ (Twain Working Group) C:\WINDOWS\Twunk_16.exe
2014-03-01 23:59 - 1999-05-06 14:22 - 00027632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CTL3DV2.DLL
2014-03-01 23:58 - 2014-03-01 23:58 - 00000000 ____D () C:\WINDOWS\SysWOW64\color
2014-03-01 22:51 - 2014-03-01 22:51 - 00000000 ____D () C:\ProgramData\UDL
2014-03-01 22:50 - 2014-03-02 00:01 - 00000264 _____ () C:\WINDOWS\setup.iss
2014-03-01 21:52 - 2014-03-01 21:52 - 00000000 ____D () C:\Program Files\Common Files\EPSON
2014-03-01 21:45 - 2014-03-02 03:20 - 00000000 ____D () C:\Users\DAVUT\AppData\Roaming\Epson
2014-03-01 21:45 - 2014-03-01 22:50 - 00000000 ____D () C:\Program Files (x86)\Epson Software
2014-03-01 21:44 - 2014-03-04 18:39 - 00000000 ____D () C:\ProgramData\EPSON
2014-03-01 21:44 - 2014-03-01 21:45 - 00000000 ____D () C:\Program Files (x86)\epson
2014-03-01 21:44 - 2014-03-01 21:44 - 00000000 ____D () C:\Program Files\EpsonNet
2014-03-01 21:44 - 2012-07-24 00:00 - 00466432 _____ (Seiko Epson Corporation) C:\WINDOWS\system32\esxw2ud.dll
2014-03-01 21:44 - 2011-12-12 00:00 - 00135824 _____ (Seiko Epson Corporation) C:\WINDOWS\system32\escsvc64.exe
2014-03-01 21:44 - 2011-08-30 13:40 - 00535040 _____ (SEIKO EPSON CORPORATION) C:\WINDOWS\system32\ensppui.dll
2014-03-01 21:44 - 2011-08-30 13:40 - 00535040 _____ (SEIKO EPSON CORPORATION) C:\WINDOWS\system32\enppui.dll
2014-03-01 21:44 - 2011-08-30 13:38 - 00558080 _____ (SEIKO EPSON CORPORATION) C:\WINDOWS\system32\ensppmon.dll
2014-03-01 21:44 - 2011-08-30 13:38 - 00558080 _____ (SEIKO EPSON CORPORATION) C:\WINDOWS\system32\enppmon.dll
2014-03-01 21:44 - 2011-08-01 18:24 - 00250880 _____ (SEIKO EPSON CORPORATION) C:\WINDOWS\system32\enspres.dll
2014-03-01 21:44 - 2011-08-01 18:24 - 00250880 _____ (SEIKO EPSON CORPORATION) C:\WINDOWS\system32\enpres.dll
2014-03-01 21:44 - 2011-04-18 19:03 - 00120320 _____ (SEIKO EPSON CORPORATION) C:\WINDOWS\system32\E_YLMJJE.DLL
2014-03-01 21:44 - 2011-03-13 19:03 - 00083968 _____ (SEIKO EPSON CORPORATION) C:\WINDOWS\system32\E_YD4BJJE.DLL
2014-03-01 21:44 - 2007-04-09 17:06 - 00010752 _____ (SEIKO EPSON CORP.) C:\WINDOWS\system32\E_GCINST.DLL
2014-02-28 22:34 - 2014-02-28 22:34 - 02404986 _____ () C:\Users\DAVUT\Downloads\08ab5107.zip
2014-02-28 14:30 - 2014-02-28 14:30 - 00273688 _____ () C:\Users\DAVUT\Downloads\Ihre Anfrage an Unitymedia.zip
2014-02-26 01:20 - 2014-02-26 01:20 - 00000000 ____D () C:\Users\DAVUT\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1
2014-02-26 01:00 - 2014-02-26 01:00 - 00034304 _____ () C:\Users\DAVUT\Downloads\de.community4wcf.wcf.page.simplepage.tar
2014-02-24 23:28 - 2014-02-24 23:28 - 00058071 _____ () C:\Users\DAVUT\Downloads\WFB_2.0.0.zip
2014-02-24 23:21 - 2014-02-24 23:21 - 00715264 _____ () C:\Users\DAVUT\Downloads\de.codequake.cms.tar
2014-02-24 22:50 - 2014-02-24 22:50 - 00000000 ____D () C:\WINDOWS\system32\appmgmt
2014-02-24 13:08 - 2014-02-24 13:08 - 00001633 _____ () C:\Users\DAVUT\Downloads\photoshop-action-Smooth skin.zip
2014-02-24 13:07 - 2014-02-24 13:07 - 00001545 _____ () C:\Users\DAVUT\Downloads\action_hue_nic_a_by_cutebb-d5ysyee.zip
2014-02-24 13:04 - 2014-02-24 13:04 - 00001003 _____ () C:\Users\DAVUT\Downloads\action_005___nostalgia_by_eliska_olsanska-d601xtv.rar
2014-02-24 12:30 - 2014-02-24 12:30 - 00003416 _____ () C:\Users\DAVUT\Downloads\4o563y2ekts7n5t.dlc
2014-02-24 12:13 - 2014-02-24 12:13 - 00270336 _____ () C:\Users\DAVUT\Downloads\de.orlando-forum.messagesidebar.contacticon.tar
2014-02-22 20:42 - 2014-02-22 20:42 - 99114034 _____ () C:\Users\DAVUT\Downloads\bossFlam2013.rar
2014-02-22 20:33 - 2014-02-22 20:33 - 00001200 _____ () C:\Users\DAVUT\Downloads\bsss_hsss.dlc
2014-02-22 20:29 - 2014-02-22 20:29 - 00000098 _____ () C:\Users\DAVUT\Downloads\603920b3-f38c-4792-b2d7-58d607cb338f.htm
2014-02-22 20:14 - 2014-02-22 20:14 - 00000000 ____D () C:\Users\DAVUT\AppData\Local\Line
2014-02-22 20:12 - 2014-02-22 20:12 - 17939816 _____ (LINE Corporation) C:\Users\DAVUT\Downloads\LineInst.exe
2014-02-19 22:56 - 2014-02-19 22:56 - 00003056 _____ () C:\Users\DAVUT\Downloads\Walking_Dead_S04_720p_PRETAiL_Aktuell-thkp8vmdymin.dlc
2014-02-18 17:18 - 2014-02-18 17:18 - 00000000 ____D () C:\ProgramData\RELOADED
2014-02-18 17:10 - 2014-02-18 17:10 - 00006936 _____ () C:\Users\DAVUT\Downloads\87c855fbcc0d664ea0d61d471c65d7a5.dlc
2014-02-18 16:12 - 2014-02-18 16:12 - 00000000 ___RD () C:\Users\DAVUT\Downloads\Microsoft.SkypeApp_kzf8qxf38zg5c!App
2014-02-17 14:03 - 2014-02-17 14:04 - 02782415 _____ () C:\Users\DAVUT\Downloads\Fraps 3.5.99 Build 15618.rar
2014-02-16 12:22 - 2014-02-16 12:22 - 20042717 _____ () C:\Users\DAVUT\Downloads\PES2014Patch107.zip
2014-02-16 12:06 - 2014-02-16 12:09 - 893575871 _____ () C:\Users\DAVUT\Downloads\PESEdit.com_2014_Data_Pack.7z
2014-02-16 12:06 - 2014-02-16 12:08 - 723654951 _____ () C:\Users\DAVUT\Downloads\PESEdit.com_2014_Patch_V._3.0.rar
2014-02-16 12:04 - 2014-02-16 12:04 - 00001304 _____ () C:\Users\DAVUT\Downloads\3l2km393x2tms88-ul.to.dlc
2014-02-16 11:32 - 2013-12-09 01:34 - 01227264 _____ (Microsoft Corporation) C:\WINDOWS\system32\mispace.dll
2014-02-16 11:32 - 2013-12-09 01:04 - 00980480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mispace.dll
2014-02-16 11:32 - 2013-11-27 16:34 - 03210528 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
2014-02-16 11:32 - 2013-11-27 16:27 - 00809872 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2014-02-16 11:32 - 2013-11-27 15:00 - 00663680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2014-02-16 11:32 - 2013-11-27 14:47 - 02804528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2vdec.dll
2014-02-16 11:32 - 2013-11-27 13:02 - 00142848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ipnat.sys
2014-02-16 11:32 - 2013-11-27 11:54 - 00461824 _____ (Microsoft Corporation) C:\WINDOWS\system32\XpsGdiConverter.dll
2014-02-16 11:32 - 2013-11-27 11:24 - 00306688 _____ (Microsoft Corporation) C:\WINDOWS\system32\msieftp.dll
2014-02-16 11:32 - 2013-11-27 11:08 - 00336384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XpsGdiConverter.dll
2014-02-16 11:32 - 2013-11-27 10:46 - 00273920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msieftp.dll
2014-02-16 11:32 - 2013-11-27 10:41 - 00136704 _____ (Microsoft Corporation) C:\WINDOWS\system32\psmsrv.dll
2014-02-16 11:32 - 2013-11-27 10:17 - 00263168 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2014-02-16 11:32 - 2013-11-27 10:10 - 00273408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.dll
2014-02-16 11:32 - 2013-11-27 09:58 - 01503232 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll
2014-02-16 11:32 - 2013-11-27 09:56 - 00218112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Graphics.dll
2014-02-16 11:32 - 2013-11-27 05:01 - 00385614 _____ () C:\WINDOWS\system32\ApnDatabase.xml
2014-02-16 11:32 - 2013-11-26 14:22 - 01928144 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2014-02-16 11:32 - 2013-11-26 14:20 - 02131120 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2014-02-16 11:32 - 2013-11-26 14:20 - 01399176 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmde.dll
2014-02-16 11:32 - 2013-11-26 14:20 - 01374384 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpmde.dll
2014-02-16 11:32 - 2013-11-26 12:50 - 01371312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2014-02-16 11:32 - 2013-11-26 12:44 - 02142936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2014-02-16 11:32 - 2013-11-26 12:44 - 01204968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmde.dll
2014-02-16 11:32 - 2013-11-26 11:13 - 04191232 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2014-02-16 11:32 - 2013-11-26 10:21 - 18577920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2014-02-16 11:32 - 2013-11-26 09:28 - 13925888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2014-02-16 11:32 - 2013-11-25 02:45 - 00142680 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBSTOR.SYS
2014-02-16 11:32 - 2013-11-25 02:32 - 01119064 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2014-02-16 11:32 - 2013-11-25 00:30 - 00513536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rastls.dll
2014-02-16 11:32 - 2013-11-25 00:28 - 00589824 _____ (Microsoft Corporation) C:\WINDOWS\system32\rastls.dll
2014-02-16 11:32 - 2013-11-23 13:47 - 00032088 _____ (Microsoft Corporation) C:\WINDOWS\system32\ploptin.dll
2014-02-16 11:32 - 2013-11-23 12:49 - 21196664 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2014-02-16 11:32 - 2013-11-23 09:19 - 18642504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2014-02-16 11:32 - 2013-11-23 08:13 - 00024064 _____ (Microsoft Corporation) C:\WINDOWS\system32\bi.dll
2014-02-16 11:32 - 2013-11-23 08:13 - 00019456 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BtaMPM.sys
2014-02-16 11:32 - 2013-11-23 08:08 - 00403456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
2014-02-16 11:32 - 2013-11-23 05:50 - 00282112 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemEventsBrokerServer.dll
2014-02-16 11:32 - 2013-11-23 04:57 - 00637952 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe
2014-02-16 11:32 - 2013-11-23 04:48 - 00479744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe
2014-02-16 11:32 - 2013-11-23 04:25 - 00744448 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll
2014-02-16 11:32 - 2013-11-23 04:25 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncCore.dll
2014-02-16 11:32 - 2013-11-23 04:19 - 02617344 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2014-02-16 11:32 - 2013-11-23 04:15 - 02295808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll
2014-02-16 11:32 - 2013-11-21 07:58 - 00207872 _____ (Microsoft Corporation) C:\WINDOWS\system32\deviceregistration.dll
2014-02-16 11:32 - 2013-11-21 07:26 - 01415680 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2014-02-16 11:32 - 2013-11-16 06:11 - 00764856 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2014-02-16 11:32 - 2013-11-15 19:19 - 00669344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll
2014-02-16 11:32 - 2013-11-15 15:59 - 00470016 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfds.dll
2014-02-16 11:32 - 2013-11-15 15:25 - 00433664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfds.dll
2014-02-16 11:32 - 2013-11-15 15:08 - 00202240 _____ (Microsoft Corporation) C:\WINDOWS\system32\ubpm.dll
2014-02-16 11:32 - 2013-11-15 14:24 - 00834048 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2014-02-16 11:32 - 2013-11-05 21:12 - 02551128 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2014-02-16 11:32 - 2013-10-31 01:29 - 00745336 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2014-02-16 11:32 - 2013-10-31 00:41 - 00552624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll
2014-02-16 00:23 - 2014-02-16 00:23 - 00000000 ____D () C:\ProgramData\KONAMI
2014-02-16 00:09 - 2014-02-16 00:09 - 00760320 _____ () C:\Users\DAVUT\Downloads\de.voolia.news.tar
2014-02-15 00:03 - 2014-02-15 00:03 - 00026624 _____ () C:\Users\DAVUT\Downloads\1.0.0.tar
2014-02-14 23:12 - 2014-02-14 23:12 - 00000000 ____D () C:\Users\DAVUT\Downloads\wbb4.0.2pl1
2014-02-14 23:06 - 2014-02-14 23:06 - 03531940 _____ () C:\Users\DAVUT\Downloads\wbb4.0.2pl1.zip
2014-02-14 22:32 - 2014-02-14 22:32 - 00155024 _____ () C:\Users\DAVUT\Downloads\com.insidepixel.style.simpleBlue.tar.tgz
2014-02-13 21:07 - 2014-02-13 21:07 - 00008344 _____ () C:\Users\DAVUT\Downloads\relink.us__521iuhdshf743834iusdf8932_9hf9gui3g374__uploaded.net__bbbc5edf59489ee7526d760eaa6e0b.dlc
2014-02-12 16:09 - 2014-02-12 16:10 - 02668307 _____ () C:\Users\DAVUT\Downloads\teknoloji.rar
2014-02-12 16:01 - 2014-03-02 03:49 - 00000000 ____D () C:\Users\DAVUT\AppData\Roaming\Notepad++
2014-02-12 16:01 - 2014-02-12 16:01 - 07598942 _____ () C:\Users\DAVUT\Downloads\npp.6.5.3.Installer.exe
2014-02-12 16:01 - 2014-02-12 16:01 - 00000776 _____ () C:\Users\UpdatusUser\Desktop\Notepad++.lnk
2014-02-12 16:01 - 2014-02-12 16:01 - 00000000 ____D () C:\Users\DAVUT\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Notepad++
2014-02-12 15:57 - 2013-06-08 01:10 - 00000000 ____D () C:\Users\DAVUT\Downloads\parament
2014-02-12 15:20 - 2014-02-12 15:20 - 00285395 _____ () C:\Users\DAVUT\Downloads\parament.1.3.zip
2014-02-12 15:14 - 2014-02-12 15:14 - 01122467 _____ () C:\Users\DAVUT\Downloads\gamepress.1.0.5(1).zip
2014-02-12 15:10 - 2014-02-12 15:10 - 01122467 _____ () C:\Users\DAVUT\Downloads\gamepress.1.0.5.zip
2014-02-12 15:07 - 2014-02-06 12:12 - 02765824 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2014-02-12 15:07 - 2014-02-06 11:00 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieetwproxystub.dll
2014-02-12 15:07 - 2014-02-06 10:57 - 02168320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2014-02-12 15:07 - 2014-01-07 06:00 - 02397184 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d10warp.dll
2014-02-12 15:07 - 2014-01-07 05:30 - 02071552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d10warp.dll
2014-02-12 15:07 - 2013-12-09 01:27 - 02152448 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2014-02-12 15:07 - 2013-12-09 01:19 - 00570880 _____ (Microsoft Corporation) C:\WINDOWS\system32\msdrm.dll
2014-02-12 15:07 - 2013-12-09 00:55 - 00444928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msdrm.dll
2014-02-12 15:07 - 2013-12-09 00:54 - 01317376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll
2014-02-12 15:07 - 2013-11-21 07:42 - 04604416 _____ (Microsoft Corporation) C:\WINDOWS\system32\d2d1.dll
2014-02-12 15:07 - 2013-11-21 06:44 - 03936256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll
2014-02-12 15:06 - 2014-02-06 13:16 - 23170048 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2014-02-12 15:06 - 2014-02-06 12:30 - 02724864 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2014-02-12 15:06 - 2014-02-06 12:30 - 00004096 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwcollectorres.dll
2014-02-12 15:06 - 2014-02-06 12:07 - 00066048 _____ (Microsoft Corporation) C:\WINDOWS\system32\iesetup.dll
2014-02-12 15:06 - 2014-02-06 12:06 - 00048640 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwproxystub.dll
2014-02-12 15:06 - 2014-02-06 11:57 - 00053760 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll
2014-02-12 15:06 - 2014-02-06 11:56 - 00033792 _____ (Microsoft Corporation) C:\WINDOWS\system32\iernonce.dll
2014-02-12 15:06 - 2014-02-06 11:49 - 00139264 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieUnatt.exe
2014-02-12 15:06 - 2014-02-06 11:48 - 00708608 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2014-02-12 15:06 - 2014-02-06 11:48 - 00111616 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwcollector.exe
2014-02-12 15:06 - 2014-02-06 11:38 - 17103872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2014-02-12 15:06 - 2014-02-06 11:32 - 00218624 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2014-02-12 15:06 - 2014-02-06 11:20 - 02724864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2014-02-12 15:06 - 2014-02-06 11:17 - 00195584 _____ (Microsoft Corporation) C:\WINDOWS\system32\msrating.dll
2014-02-12 15:06 - 2014-02-06 11:11 - 05768704 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2014-02-12 15:06 - 2014-02-06 11:01 - 00061952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iesetup.dll
2014-02-12 15:06 - 2014-02-06 10:57 - 00627200 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2014-02-12 15:06 - 2014-02-06 10:52 - 00043008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jsproxy.dll
2014-02-12 15:06 - 2014-02-06 10:52 - 00032768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iernonce.dll
2014-02-12 15:06 - 2014-02-06 10:50 - 02041856 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2014-02-12 15:06 - 2014-02-06 10:47 - 00112128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieUnatt.exe
2014-02-12 15:06 - 2014-02-06 10:46 - 00553472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2014-02-12 15:06 - 2014-02-06 10:25 - 04244480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2014-02-12 15:06 - 2014-02-06 10:25 - 00164864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrating.dll
2014-02-12 15:06 - 2014-02-06 10:24 - 02334208 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2014-02-12 15:06 - 2014-02-06 10:22 - 13051392 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2014-02-12 15:06 - 2014-02-06 10:13 - 00524288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2014-02-12 15:06 - 2014-02-06 10:09 - 01964032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2014-02-12 15:06 - 2014-02-06 10:03 - 11266048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2014-02-12 15:06 - 2014-02-06 09:55 - 01393664 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2014-02-12 15:06 - 2014-02-06 09:41 - 01820160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2014-02-12 15:06 - 2014-02-06 09:40 - 00817664 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2014-02-12 15:06 - 2014-02-06 09:36 - 01156096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2014-02-12 15:06 - 2014-02-06 09:34 - 00703488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2014-02-12 15:06 - 2014-01-09 09:25 - 02804224 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2014-02-12 15:06 - 2014-01-09 08:59 - 01020928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll
2014-02-12 15:06 - 2014-01-09 08:59 - 00115712 _____ (Microsoft Corporation) C:\WINDOWS\system32\winbici.dll
2014-02-12 15:06 - 2014-01-09 08:49 - 00919040 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmCoreR.dll
2014-02-12 15:06 - 2014-01-09 08:44 - 00720384 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDriveTelemetry.dll
2014-02-12 15:06 - 2014-01-09 08:43 - 00121344 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDriveShell.dll
2014-02-12 15:06 - 2014-01-09 08:29 - 00105984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SkyDriveShell.dll
2014-02-12 15:06 - 2014-01-09 08:28 - 04217344 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncEngine.dll
2014-02-12 15:06 - 2014-01-09 08:28 - 00628736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MrmCoreR.dll
2014-02-12 15:06 - 2014-01-09 08:18 - 00870912 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDrive.exe
2014-02-12 15:06 - 2014-01-07 08:03 - 00018944 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcaui.exe
2014-02-12 15:06 - 2014-01-07 06:59 - 00017408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\pcaui.exe
2014-02-12 15:06 - 2014-01-04 21:50 - 01462216 _____ (Microsoft Corporation) C:\WINDOWS\system32\propsys.dll
2014-02-12 15:06 - 2014-01-04 20:22 - 01202888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\propsys.dll
2014-02-12 15:06 - 2014-01-04 15:30 - 13209088 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2014-02-12 15:06 - 2014-01-04 15:23 - 11702272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2014-02-12 15:06 - 2014-01-04 14:42 - 01105408 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFolder.dll
2014-02-12 15:06 - 2014-01-04 14:40 - 07416832 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Search.dll
2014-02-12 15:06 - 2014-01-04 14:36 - 00830976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchFolder.dll
2014-02-12 15:06 - 2014-01-04 14:28 - 04961792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Search.dll
2014-02-12 15:06 - 2013-12-21 03:10 - 00009701 _____ () C:\WINDOWS\SysWOW64\connectedsearch-results.searchconnector-ms
2014-02-12 15:06 - 2013-12-21 03:10 - 00009701 _____ () C:\WINDOWS\system32\connectedsearch-results.searchconnector-ms
2014-02-12 15:06 - 2013-12-20 11:10 - 01113040 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2014-02-12 15:06 - 2013-12-20 07:13 - 00835584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2014-02-12 15:06 - 2013-12-09 03:57 - 00548864 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2014-02-12 15:06 - 2013-12-09 02:51 - 00454656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2014-02-07 18:40 - 2014-02-26 01:28 - 00000000 ____D () C:\Users\DAVUT\AppData\Roaming\FileZilla
2014-02-07 18:38 - 2014-02-07 18:38 - 04812567 _____ (Tim Kosse) C:\Users\DAVUT\Downloads\FileZilla_3.7.3_win32-setup [1].exe
2014-02-07 18:38 - 2014-02-07 18:38 - 00658856 _____ ( ) C:\Users\DAVUT\Downloads\FileZilla_3.7.3_win32-setup.exe
2014-02-07 18:36 - 2014-02-07 18:36 - 06792574 _____ () C:\Users\DAVUT\Downloads\wordpress-3.8.1-tr_TR.zip
2014-02-07 18:33 - 2014-02-07 18:33 - 58556247 _____ () C:\Users\DAVUT\Downloads\flavor16.zip
2014-02-07 18:24 - 2014-02-07 18:24 - 05295874 _____ () C:\Users\DAVUT\Downloads\broadcast13.zip
2014-02-07 18:23 - 2014-02-07 18:23 - 04816248 _____ () C:\Users\DAVUT\Downloads\rule_10.zip
2014-02-05 22:52 - 2014-02-05 22:52 - 00721408 _____ () C:\Users\DAVUT\Downloads\Finanzplanung_Tool_12_2013.xls
2014-02-05 22:47 - 2014-02-05 22:47 - 00000000 ____D () C:\Users\DAVUT\AppData\Roaming\OpenOffice
2014-02-05 22:41 - 2014-03-02 02:25 - 00000000 ____D () C:\WINDOWS\Minidump
2014-02-05 22:40 - 2014-02-05 22:43 - 163606685 _____ () C:\Users\DAVUT\Downloads\Apache_OpenOffice_4.0.1_Win_x86_install_de.exe
2014-02-05 12:15 - 2014-02-05 12:15 - 00000000 ____H () C:\WINDOWS\system32\Drivers\Msft_Kernel_netaapl64_01009.Wdf
2014-02-04 21:16 - 2014-02-04 21:16 - 00012164 _____ () C:\Users\DAVUT\Downloads\TWI_SAGA_GER_720p_BRay_x264-voxx2xmbn9h05.dlc
2014-02-04 15:47 - 2014-02-04 15:47 - 00000000 ____D () C:\Users\DAVUT\.shsh
2014-02-04 15:43 - 2014-02-04 15:43 - 75743528 _____ (Apple Inc.) C:\Users\DAVUT\Downloads\iTunes64Setup(1).exe
2014-02-04 15:42 - 2014-02-04 15:44 - 938891219 _____ () C:\Users\DAVUT\Downloads\iPhone3,1_6.1.3_10B329_Restore.ipsw
2014-02-04 15:42 - 2014-02-04 15:42 - 04984425 _____ () C:\Users\DAVUT\Downloads\ifaith-v1.5.9.zip
2014-02-02 23:25 - 2014-02-02 23:25 - 16620806 _____ () C:\Users\DAVUT\Downloads\evasi0n7-win-1.0.4-6a3dfa1f9478caea5da8b3e4e1e6baeb7768bbe4.zip
==================== One Month Modified Files and Folders =======
2014-03-04 18:47 - 2014-03-03 14:38 - 00013979 _____ () C:\Users\DAVUT\Desktop\FRST.txt
2014-03-04 18:47 - 2014-03-03 14:37 - 00000000 ____D () C:\FRST
2014-03-04 18:46 - 2014-03-04 18:46 - 00000618 _____ () C:\Users\DAVUT\Desktop\JRT.txt
2014-03-04 18:44 - 2014-03-04 18:44 - 00000000 ____D () C:\WINDOWS\ERUNT
2014-03-04 18:43 - 2014-03-04 18:43 - 00001375 _____ () C:\Users\DAVUT\Desktop\AdwCleaner[S0].txt
2014-03-04 18:43 - 2013-11-12 01:06 - 00000000 __RDO () C:\Users\DAVUT\SkyDrive
2014-03-04 18:43 - 2013-10-21 22:16 - 00000000 ____D () C:\ProgramData\Origin
2014-03-04 18:42 - 2013-08-22 15:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2014-03-04 18:42 - 2013-08-22 14:25 - 00262144 ___SH () C:\WINDOWS\system32\config\BBI
2014-03-04 18:41 - 2014-03-04 18:39 - 00000000 ____D () C:\AdwCleaner
2014-03-04 18:39 - 2014-03-04 18:39 - 01244192 _____ () C:\Users\DAVUT\Desktop\adwcleaner.exe
2014-03-04 18:39 - 2014-03-04 18:39 - 01037734 _____ (Thisisu) C:\Users\DAVUT\Desktop\JRT.exe
2014-03-04 18:39 - 2014-03-01 21:44 - 00000000 ____D () C:\ProgramData\EPSON
2014-03-04 16:32 - 2014-03-02 20:04 - 00233489 _____ () C:\WINDOWS\WindowsUpdate.log
2014-03-04 16:32 - 2013-10-15 21:19 - 00000000 ____D () C:\Users\DAVUT\AppData\Roaming\TS3Client
2014-03-04 16:31 - 2013-10-28 17:23 - 00000000 ____D () C:\Users\DAVUT\AppData\Local\Adobe
2014-03-04 16:31 - 2013-09-30 05:14 - 01776918 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2014-03-04 16:31 - 2013-09-30 04:56 - 00764340 _____ () C:\WINDOWS\system32\perfh007.dat
2014-03-04 16:31 - 2013-09-30 04:56 - 00159160 _____ () C:\WINDOWS\system32\perfc007.dat
2014-03-04 16:29 - 2013-10-15 18:58 - 00003598 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2309657365-2291247431-1116468141-1000
2014-03-04 16:26 - 2013-10-15 21:36 - 00291128 _____ () C:\WINDOWS\SysWOW64\PnkBstrB.xtr
2014-03-04 16:26 - 2013-10-15 21:34 - 00291128 _____ () C:\WINDOWS\SysWOW64\PnkBstrB.exe
2014-03-04 16:26 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\FxsTmp
2014-03-03 22:12 - 2013-10-15 21:34 - 00291128 _____ () C:\WINDOWS\SysWOW64\PnkBstrB.ex0
2014-03-03 22:00 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\sru
2014-03-03 21:51 - 2013-10-26 02:31 - 00000000 ____D () C:\Users\DAVUT\AppData\Roaming\vlc
2014-03-03 21:47 - 2014-03-03 21:47 - 00000000 _____ () C:\Users\DAVUT\Sti_Trace.log
2014-03-03 21:47 - 2013-11-12 00:57 - 00000000 ____D () C:\Users\DAVUT
2014-03-03 21:46 - 2014-03-03 21:46 - 00000682 _____ () C:\WINDOWS\PFRO.log
2014-03-03 18:46 - 2014-03-03 18:46 - 00000000 ____D () C:\WINDOWS\pss
2014-03-03 18:38 - 2013-10-15 19:02 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-03-03 18:33 - 2013-10-15 22:05 - 00000000 ____D () C:\Program Files (x86)\Overwolf
2014-03-03 18:25 - 2014-03-03 18:25 - 00002724 _____ () C:\Users\DAVUT\Desktop\malware.txt
2014-03-03 14:42 - 2014-03-03 14:41 - 05185084 _____ (Swearware) C:\Users\DAVUT\Desktop\ComboFix.exe
2014-03-03 14:39 - 2014-03-03 14:38 - 00033080 _____ () C:\Users\DAVUT\Desktop\Addition.txt
2014-03-03 14:36 - 2014-03-03 14:36 - 02156544 _____ (Farbar) C:\Users\DAVUT\Desktop\FRST64.exe
2014-03-02 03:50 - 2014-03-02 02:09 - 00153834 _____ () C:\Users\DAVUT\Desktop\sfcdetails.txt
2014-03-02 03:49 - 2014-02-12 16:01 - 00000000 ____D () C:\Users\DAVUT\AppData\Roaming\Notepad++
2014-03-02 03:42 - 2014-03-02 00:01 - 00000000 ____D () C:\Users\DAVUT\AppData\Roaming\.oit
2014-03-02 03:38 - 2013-03-03 14:46 - 00004456 _____ () C:\Users\DAVUT\Desktop\Not Defteri.txt
2014-03-02 03:20 - 2014-03-01 21:45 - 00000000 ____D () C:\Users\DAVUT\AppData\Roaming\Epson
2014-03-02 03:19 - 2013-08-22 15:44 - 04980448 _____ () C:\WINDOWS\system32\FNTCACHE.DAT
2014-03-02 03:17 - 2013-10-21 22:49 - 00000000 ____D () C:\Program Files (x86)\Battlelog Web Plugins
2014-03-02 02:39 - 2014-03-02 02:39 - 01021432 _____ (Microsoft Corporation) C:\Users\DAVUT\Downloads\NDP451-KB2859818-Web.exe
2014-03-02 02:25 - 2014-02-05 22:41 - 00000000 ____D () C:\WINDOWS\Minidump
2014-03-02 02:07 - 2014-03-02 02:07 - 00002772 _____ () C:\WINDOWS\System32\Tasks\CCleanerSkipUAC
2014-03-02 02:06 - 2014-03-02 02:06 - 03645064 _____ (Piriform Ltd) C:\Users\DAVUT\Downloads\ccsetup410_slim.exe
2014-03-02 02:06 - 2014-03-02 02:06 - 00000706 _____ () C:\Users\Public\Desktop\CCleaner.lnk
2014-03-02 02:01 - 2014-01-10 13:32 - 00000000 ____D () C:\ProgramData\Apple
2014-03-02 02:00 - 2014-01-10 13:33 - 00000000 ____D () C:\Program Files\Common Files\Apple
2014-03-02 01:36 - 2014-03-02 01:33 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
2014-03-02 01:34 - 2014-03-02 01:34 - 00000000 ____D () C:\Users\DAVUT\AppData\Roaming\Malwarebytes
2014-03-02 01:34 - 2014-03-02 01:34 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-03-02 01:33 - 2014-03-02 01:33 - 00000000 ____D () C:\WINDOWS\System32\Tasks\Safer-Networking
2014-03-02 01:32 - 2014-03-02 01:32 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\DAVUT\Downloads\mbam-setup-1.75.0.1300.exe
2014-03-02 01:31 - 2014-03-02 01:31 - 40658208 _____ (Safer-Networking Ltd. ) C:\Users\DAVUT\Downloads\spybot-2.2.25.exe
2014-03-02 00:02 - 2014-03-02 00:01 - 00000000 ____D () C:\Users\DAVUT\Documents\My PageManager
2014-03-02 00:01 - 2014-03-02 00:01 - 00000000 ____D () C:\Users\DAVUT\AppData\Roaming\NewSoft
2014-03-02 00:01 - 2014-03-02 00:01 - 00000000 ____D () C:\Users\DAVUT\AppData\Local\NewSoft
2014-03-02 00:01 - 2014-03-01 22:50 - 00000264 _____ () C:\WINDOWS\setup.iss
2014-03-01 23:58 - 2014-03-01 23:58 - 00000000 ____D () C:\WINDOWS\SysWOW64\color
2014-03-01 22:51 - 2014-03-01 22:51 - 00000000 ____D () C:\ProgramData\UDL
2014-03-01 22:50 - 2014-03-01 21:45 - 00000000 ____D () C:\Program Files (x86)\Epson Software
2014-03-01 21:52 - 2014-03-01 21:52 - 00000000 ____D () C:\Program Files\Common Files\EPSON
2014-03-01 21:45 - 2014-03-01 21:44 - 00000000 ____D () C:\Program Files (x86)\epson
2014-03-01 21:44 - 2014-03-01 21:44 - 00000000 ____D () C:\Program Files\EpsonNet
2014-03-01 00:00 - 2014-01-25 17:51 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-02-28 23:58 - 2013-10-15 18:55 - 00000000 ____D () C:\Users\DAVUT\AppData\Roaming\Audacity
2014-02-28 23:58 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\WinMetadata
2014-02-28 23:57 - 2013-11-10 00:41 - 00000000 ____D () C:\Users\DAVUT\AppData\Roaming\Skype
2014-02-28 23:57 - 2013-10-31 14:21 - 00000000 ____D () C:\Program Files (x86)\ExKode
2014-02-28 23:57 - 2013-10-31 14:03 - 00000000 ____D () C:\Users\DAVUT\AppData\Local\Dxtory Software
2014-02-28 23:57 - 2013-10-15 18:52 - 00000000 ____D () C:\Users\DAVUT\AppData\Roaming\Adobe
2014-02-28 23:57 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\registration
2014-02-28 22:34 - 2014-02-28 22:34 - 02404986 _____ () C:\Users\DAVUT\Downloads\08ab5107.zip
2014-02-28 20:14 - 2013-05-05 17:21 - 01722880 ___SH () C:\Users\DAVUT\Desktop\Thumbs.db
2014-02-28 14:30 - 2014-02-28 14:30 - 00273688 _____ () C:\Users\DAVUT\Downloads\Ihre Anfrage an Unitymedia.zip
2014-02-26 01:28 - 2014-02-07 18:40 - 00000000 ____D () C:\Users\DAVUT\AppData\Roaming\FileZilla
2014-02-26 01:23 - 2014-01-28 15:41 - 00000132 _____ () C:\Users\DAVUT\AppData\Roaming\Adobe CS6-PNG-Format - Voreinstellungen
2014-02-26 01:20 - 2014-02-26 01:20 - 00000000 ____D () C:\Users\DAVUT\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1
2014-02-26 01:00 - 2014-02-26 01:00 - 00034304 _____ () C:\Users\DAVUT\Downloads\de.community4wcf.wcf.page.simplepage.tar
2014-02-25 15:56 - 2013-08-22 14:25 - 00262144 ___SH () C:\WINDOWS\system32\config\ELAM
2014-02-24 23:28 - 2014-02-24 23:28 - 00058071 _____ () C:\Users\DAVUT\Downloads\WFB_2.0.0.zip
2014-02-24 23:21 - 2014-02-24 23:21 - 00715264 _____ () C:\Users\DAVUT\Downloads\de.codequake.cms.tar
2014-02-24 22:50 - 2014-02-24 22:50 - 00000000 ____D () C:\WINDOWS\system32\appmgmt
2014-02-24 13:08 - 2014-02-24 13:08 - 00001633 _____ () C:\Users\DAVUT\Downloads\photoshop-action-Smooth skin.zip
2014-02-24 13:07 - 2014-02-24 13:07 - 00001545 _____ () C:\Users\DAVUT\Downloads\action_hue_nic_a_by_cutebb-d5ysyee.zip
2014-02-24 13:04 - 2014-02-24 13:04 - 00001003 _____ () C:\Users\DAVUT\Downloads\action_005___nostalgia_by_eliska_olsanska-d601xtv.rar
2014-02-24 12:30 - 2014-02-24 12:30 - 00003416 _____ () C:\Users\DAVUT\Downloads\4o563y2ekts7n5t.dlc
2014-02-24 12:13 - 2014-02-24 12:13 - 00270336 _____ () C:\Users\DAVUT\Downloads\de.orlando-forum.messagesidebar.contacticon.tar
2014-02-22 20:42 - 2014-02-22 20:42 - 99114034 _____ () C:\Users\DAVUT\Downloads\bossFlam2013.rar
2014-02-22 20:33 - 2014-02-22 20:33 - 00001200 _____ () C:\Users\DAVUT\Downloads\bsss_hsss.dlc
2014-02-22 20:29 - 2014-02-22 20:29 - 00000098 _____ () C:\Users\DAVUT\Downloads\603920b3-f38c-4792-b2d7-58d607cb338f.htm
2014-02-22 20:14 - 2014-02-22 20:14 - 00000000 ____D () C:\Users\DAVUT\AppData\Local\Line
2014-02-22 20:13 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\AppReadiness
2014-02-22 20:12 - 2014-02-22 20:12 - 17939816 _____ (LINE Corporation) C:\Users\DAVUT\Downloads\LineInst.exe
2014-02-22 20:08 - 2013-04-17 13:44 - 00000000 ____D () C:\Users\DAVUT\AppData\Local\Packages
2014-02-19 22:56 - 2014-02-19 22:56 - 00003056 _____ () C:\Users\DAVUT\Downloads\Walking_Dead_S04_720p_PRETAiL_Aktuell-thkp8vmdymin.dlc
2014-02-19 21:04 - 2013-11-10 00:41 - 00000000 ____D () C:\ProgramData\Skype
2014-02-19 21:03 - 2013-11-10 00:41 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-02-18 20:06 - 2013-10-17 11:24 - 88567024 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2014-02-18 20:06 - 2013-10-17 11:24 - 00000000 ____D () C:\WINDOWS\system32\MRT
2014-02-18 17:18 - 2014-02-18 17:18 - 00000000 ____D () C:\ProgramData\RELOADED
2014-02-18 17:10 - 2014-02-18 17:10 - 00006936 _____ () C:\Users\DAVUT\Downloads\87c855fbcc0d664ea0d61d471c65d7a5.dlc
2014-02-18 16:12 - 2014-02-18 16:12 - 00000000 ___RD () C:\Users\DAVUT\Downloads\Microsoft.SkypeApp_kzf8qxf38zg5c!App
2014-02-18 14:58 - 2013-05-26 13:47 - 00560640 ___SH () C:\Users\DAVUT\Downloads\Thumbs.db
2014-02-17 22:00 - 2013-08-22 16:38 - 00693240 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2014-02-17 22:00 - 2013-08-22 16:38 - 00105464 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2014-02-17 17:11 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\rescache
2014-02-17 14:04 - 2014-02-17 14:03 - 02782415 _____ () C:\Users\DAVUT\Downloads\Fraps 3.5.99 Build 15618.rar
2014-02-17 13:15 - 2013-10-15 18:53 - 00000000 ___RD () C:\Users\DAVUT\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-02-17 13:15 - 2013-10-15 18:53 - 00000000 ___RD () C:\Users\DAVUT\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-02-17 13:15 - 2013-08-22 16:36 - 00000000 ___RD () C:\WINDOWS\ToastData
2014-02-17 13:15 - 2013-08-22 14:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\Dism
2014-02-17 13:15 - 2013-08-22 14:36 - 00000000 ____D () C:\WINDOWS\system32\Dism
2014-02-16 12:22 - 2014-02-16 12:22 - 20042717 _____ () C:\Users\DAVUT\Downloads\PES2014Patch107.zip
2014-02-16 12:09 - 2014-02-16 12:06 - 893575871 _____ () C:\Users\DAVUT\Downloads\PESEdit.com_2014_Data_Pack.7z
2014-02-16 12:08 - 2014-02-16 12:06 - 723654951 _____ () C:\Users\DAVUT\Downloads\PESEdit.com_2014_Patch_V._3.0.rar
2014-02-16 12:04 - 2014-02-16 12:04 - 00001304 _____ () C:\Users\DAVUT\Downloads\3l2km393x2tms88-ul.to.dlc
2014-02-16 00:28 - 2013-02-19 20:12 - 00000000 ____D () C:\Users\DAVUT\Documents\KONAMI
2014-02-16 00:23 - 2014-02-16 00:23 - 00000000 ____D () C:\ProgramData\KONAMI
2014-02-16 00:09 - 2014-02-16 00:09 - 00760320 _____ () C:\Users\DAVUT\Downloads\de.voolia.news.tar
2014-02-15 00:03 - 2014-02-15 00:03 - 00026624 _____ () C:\Users\DAVUT\Downloads\1.0.0.tar
2014-02-14 23:12 - 2014-02-14 23:12 - 00000000 ____D () C:\Users\DAVUT\Downloads\wbb4.0.2pl1
2014-02-14 23:06 - 2014-02-14 23:06 - 03531940 _____ () C:\Users\DAVUT\Downloads\wbb4.0.2pl1.zip
2014-02-14 22:32 - 2014-02-14 22:32 - 00155024 _____ () C:\Users\DAVUT\Downloads\com.insidepixel.style.simpleBlue.tar.tgz
2014-02-13 21:07 - 2014-02-13 21:07 - 00008344 _____ () C:\Users\DAVUT\Downloads\relink.us__521iuhdshf743834iusdf8932_9hf9gui3g374__uploaded.net__bbbc5edf59489ee7526d760eaa6e0b.dlc
2014-02-12 18:07 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\MediaViewer
2014-02-12 18:07 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\FileManager
2014-02-12 18:07 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\Camera
2014-02-12 16:10 - 2014-02-12 16:09 - 02668307 _____ () C:\Users\DAVUT\Downloads\teknoloji.rar
2014-02-12 16:01 - 2014-02-12 16:01 - 07598942 _____ () C:\Users\DAVUT\Downloads\npp.6.5.3.Installer.exe
2014-02-12 16:01 - 2014-02-12 16:01 - 00000776 _____ () C:\Users\UpdatusUser\Desktop\Notepad++.lnk
2014-02-12 16:01 - 2014-02-12 16:01 - 00000000 ____D () C:\Users\DAVUT\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Notepad++
2014-02-12 15:20 - 2014-02-12 15:20 - 00285395 _____ () C:\Users\DAVUT\Downloads\parament.1.3.zip
2014-02-12 15:14 - 2014-02-12 15:14 - 01122467 _____ () C:\Users\DAVUT\Downloads\gamepress.1.0.5(1).zip
2014-02-12 15:10 - 2014-02-12 15:10 - 01122467 _____ () C:\Users\DAVUT\Downloads\gamepress.1.0.5.zip
2014-02-07 19:30 - 2014-01-19 23:03 - 00001456 _____ () C:\Users\DAVUT\AppData\Local\Adobe Für Web speichern 13.0 Prefs
2014-02-07 18:38 - 2014-02-07 18:38 - 04812567 _____ (Tim Kosse) C:\Users\DAVUT\Downloads\FileZilla_3.7.3_win32-setup [1].exe
2014-02-07 18:38 - 2014-02-07 18:38 - 00658856 _____ ( ) C:\Users\DAVUT\Downloads\FileZilla_3.7.3_win32-setup.exe
2014-02-07 18:36 - 2014-02-07 18:36 - 06792574 _____ () C:\Users\DAVUT\Downloads\wordpress-3.8.1-tr_TR.zip
2014-02-07 18:33 - 2014-02-07 18:33 - 58556247 _____ () C:\Users\DAVUT\Downloads\flavor16.zip
2014-02-07 18:24 - 2014-02-07 18:24 - 05295874 _____ () C:\Users\DAVUT\Downloads\broadcast13.zip
2014-02-07 18:23 - 2014-02-07 18:23 - 04816248 _____ () C:\Users\DAVUT\Downloads\rule_10.zip
2014-02-06 13:16 - 2014-02-12 15:06 - 23170048 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2014-02-06 12:30 - 2014-02-12 15:06 - 02724864 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2014-02-06 12:30 - 2014-02-12 15:06 - 00004096 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwcollectorres.dll
2014-02-06 12:12 - 2014-02-12 15:07 - 02765824 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2014-02-06 12:07 - 2014-02-12 15:06 - 00066048 _____ (Microsoft Corporation) C:\WINDOWS\system32\iesetup.dll
2014-02-06 12:06 - 2014-02-12 15:06 - 00048640 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwproxystub.dll
2014-02-06 11:57 - 2014-02-12 15:06 - 00053760 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll
2014-02-06 11:56 - 2014-02-12 15:06 - 00033792 _____ (Microsoft Corporation) C:\WINDOWS\system32\iernonce.dll
2014-02-06 11:49 - 2014-02-12 15:06 - 00139264 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieUnatt.exe
2014-02-06 11:48 - 2014-02-12 15:06 - 00708608 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2014-02-06 11:48 - 2014-02-12 15:06 - 00111616 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwcollector.exe
2014-02-06 11:38 - 2014-02-12 15:06 - 17103872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2014-02-06 11:32 - 2014-02-12 15:06 - 00218624 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2014-02-06 11:20 - 2014-02-12 15:06 - 02724864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2014-02-06 11:17 - 2014-02-12 15:06 - 00195584 _____ (Microsoft Corporation) C:\WINDOWS\system32\msrating.dll
2014-02-06 11:11 - 2014-02-12 15:06 - 05768704 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2014-02-06 11:01 - 2014-02-12 15:06 - 00061952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iesetup.dll
2014-02-06 11:00 - 2014-02-12 15:07 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieetwproxystub.dll
2014-02-06 10:57 - 2014-02-12 15:07 - 02168320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2014-02-06 10:57 - 2014-02-12 15:06 - 00627200 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2014-02-06 10:52 - 2014-02-12 15:06 - 00043008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jsproxy.dll
2014-02-06 10:52 - 2014-02-12 15:06 - 00032768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iernonce.dll
2014-02-06 10:50 - 2014-02-12 15:06 - 02041856 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2014-02-06 10:47 - 2014-02-12 15:06 - 00112128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieUnatt.exe
2014-02-06 10:46 - 2014-02-12 15:06 - 00553472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2014-02-06 10:25 - 2014-02-12 15:06 - 04244480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2014-02-06 10:25 - 2014-02-12 15:06 - 00164864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrating.dll
2014-02-06 10:24 - 2014-02-12 15:06 - 02334208 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2014-02-06 10:22 - 2014-02-12 15:06 - 13051392 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2014-02-06 10:13 - 2014-02-12 15:06 - 00524288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2014-02-06 10:09 - 2014-02-12 15:06 - 01964032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2014-02-06 10:03 - 2014-02-12 15:06 - 11266048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2014-02-06 09:55 - 2014-02-12 15:06 - 01393664 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2014-02-06 09:41 - 2014-02-12 15:06 - 01820160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2014-02-06 09:40 - 2014-02-12 15:06 - 00817664 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2014-02-06 09:36 - 2014-02-12 15:06 - 01156096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2014-02-06 09:34 - 2014-02-12 15:06 - 00703488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2014-02-05 22:52 - 2014-02-05 22:52 - 00721408 _____ () C:\Users\DAVUT\Downloads\Finanzplanung_Tool_12_2013.xls
2014-02-05 22:47 - 2014-02-05 22:47 - 00000000 ____D () C:\Users\DAVUT\AppData\Roaming\OpenOffice
2014-02-05 22:43 - 2014-02-05 22:40 - 163606685 _____ () C:\Users\DAVUT\Downloads\Apache_OpenOffice_4.0.1_Win_x86_install_de.exe
2014-02-05 12:15 - 2014-02-05 12:15 - 00000000 ____H () C:\WINDOWS\system32\Drivers\Msft_Kernel_netaapl64_01009.Wdf
2014-02-04 21:16 - 2014-02-04 21:16 - 00012164 _____ () C:\Users\DAVUT\Downloads\TWI_SAGA_GER_720p_BRay_x264-voxx2xmbn9h05.dlc
2014-02-04 15:47 - 2014-02-04 15:47 - 00000000 ____D () C:\Users\DAVUT\.shsh
2014-02-04 15:44 - 2014-02-04 15:42 - 938891219 _____ () C:\Users\DAVUT\Downloads\iPhone3,1_6.1.3_10B329_Restore.ipsw
2014-02-04 15:43 - 2014-02-04 15:43 - 75743528 _____ (Apple Inc.) C:\Users\DAVUT\Downloads\iTunes64Setup(1).exe
2014-02-04 15:42 - 2014-02-04 15:42 - 04984425 _____ () C:\Users\DAVUT\Downloads\ifaith-v1.5.9.zip
2014-02-02 23:25 - 2014-02-02 23:25 - 16620806 _____ () C:\Users\DAVUT\Downloads\evasi0n7-win-1.0.4-6a3dfa1f9478caea5da8b3e4e1e6baeb7768bbe4.zip
Some content of TEMP:
====================
C:\Users\DAVUT\AppData\Local\Temp\Quarantine.exe
C:\Users\DAVUT\AppData\Local\Temp\_is15E7.exe
C:\Users\DAVUT\AppData\Local\Temp\_is62DD.exe
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2014-03-03 14:49
==================== End Of Log ============================
--- --- --- Bitteschön |
|
05.03.2014, 16:42
| #6 |
| /// the machine /// TB-Ausbilder | Program.exe - Ungültiges Bild (mehrere Programme)ESET Online Scanner
Downloade Dir bitte  SecurityCheck und:
und ein frisches FRST log bitte. Noch Probleme?
__________________ --> Program.exe - Ungültiges Bild (mehrere Programme) |
|
05.03.2014, 23:20
| #7 |
| | Program.exe - Ungültiges Bild (mehrere Programme)Code:
ATTFilter ESETSmartInstaller@High as downloader log:
all ok
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6920
# api_version=3.0.2
# EOSSerial=634ca82820a0624b90b69354fb118e62
# engine=17328
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=false
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2014-03-05 06:54:46
# local_time=2014-03-05 07:54:46 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# lang=1033
# osver=6.2.9200 NT
# compatibility_mode=5893 16776573 100 94 25980 16879388 0 0
# scanned=449360
# found=4
# cleaned=0
# scan_time=5717
sh=D92052B34A51A1216410FD9201E7D91531D687C6 ft=1 fh=c71c0011ffd8baa4 vn="a variant of Win32/Kryptik.BWAM trojan" ac=I fn="C:\Users\DAVUT\Downloads\FileZilla_3.7.3_win32-setup.exe"
sh=D2485DEDF3528ECF5CD149DF2C52D8E5B43C67DD ft=0 fh=0000000000000000 vn="a variant of Win32/Packed.VMProtect.AAH trojan" ac=I fn="C:\Users\DAVUT\Downloads\PESEdit.com_2014_Patch_V._3.0.rar"
sh=15F355CFEC9FE9E471F85E0DD01BD910BF22485C ft=1 fh=94a901b600c5b5a4 vn="a variant of Win32/Packed.VMProtect.AAH trojan" ac=I fn="D:\Downloads\PESEdit.com 2014 Patch 3.0\Install PESEdit.com 2014 Patch 3.0.exe"
sh=A4B7F00FA9DF0C085DDAE941B7F34D43EF89E848 ft=0 fh=0000000000000000 vn="a variant of Win32/Packed.VMProtect.AAH trojan" ac=I fn="D:\Program Files (x86)\KONAMI\Pro Evolution Soccer 2014\PESEdit\temp\rld.rar"
Code:
ATTFilter ESETSmartInstaller@High as downloader log:
all ok
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6920
# api_version=3.0.2
# EOSSerial=634ca82820a0624b90b69354fb118e62
# engine=17328
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=false
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2014-03-05 06:54:46
# local_time=2014-03-05 07:54:46 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# lang=1033
# osver=6.2.9200 NT
# compatibility_mode=5893 16776573 100 94 25980 16879388 0 0
# scanned=449360
# found=4
# cleaned=0
# scan_time=5717
sh=D92052B34A51A1216410FD9201E7D91531D687C6 ft=1 fh=c71c0011ffd8baa4 vn="a variant of Win32/Kryptik.BWAM trojan" ac=I fn="C:\Users\DAVUT\Downloads\FileZilla_3.7.3_win32-setup.exe"
sh=D2485DEDF3528ECF5CD149DF2C52D8E5B43C67DD ft=0 fh=0000000000000000 vn="a variant of Win32/Packed.VMProtect.AAH trojan" ac=I fn="C:\Users\DAVUT\Downloads\PESEdit.com_2014_Patch_V._3.0.rar"
sh=15F355CFEC9FE9E471F85E0DD01BD910BF22485C ft=1 fh=94a901b600c5b5a4 vn="a variant of Win32/Packed.VMProtect.AAH trojan" ac=I fn="D:\Downloads\PESEdit.com 2014 Patch 3.0\Install PESEdit.com 2014 Patch 3.0.exe"
sh=A4B7F00FA9DF0C085DDAE941B7F34D43EF89E848 ft=0 fh=0000000000000000 vn="a variant of Win32/Packed.VMProtect.AAH trojan" ac=I fn="D:\Program Files (x86)\KONAMI\Pro Evolution Soccer 2014\PESEdit\temp\rld.rar"
FRST Logfile: FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 05-03-2014
Ran by DAVUT (administrator) on DAVUT-PC on 05-03-2014 21:06:03
Running from C:\Users\DAVUT\Desktop
Windows 8.1 Pro (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(AMD) C:\WINDOWS\system32\atiesrxx.exe
() C:\Windows\SysWOW64\ASGT.exe
() C:\Program Files (x86)\ASUS\APRP\AsusProductRegisterService.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Microsoft Corporation) C:\WINDOWS\system32\dashost.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
() C:\WINDOWS\SysWOW64\PnkBstrA.exe
(Safer-Networking Ltd.) D:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
(TeamViewer GmbH) D:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
(Seiko Epson Corporation) C:\WINDOWS\system32\EscSvc64.exe
(Safer-Networking Ltd.) D:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
(Safer-Networking Ltd.) D:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(AMD) C:\WINDOWS\system32\atieclxx.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Microsoft Corporation) C:\Windows\System32\skydrive.exe
(TeamViewer GmbH) D:\Program Files (x86)\TeamViewer\Version8\TeamViewer.exe
(TeamViewer GmbH) D:\Program Files (x86)\TeamViewer\Version8\tv_w32.exe
(TeamViewer GmbH) D:\Program Files (x86)\TeamViewer\Version8\tv_x64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Microsoft Corporation) C:\Program Files\Microsoft IntelliType Pro\itype.exe
(CMedia) C:\Program Files\ASUS Xonar D2 Audio\Customapp\ASUSAUDIOCENTER.EXE
() C:\Windows\SysWOW64\HsMgr.exe
() C:\Windows\System\HsMgr64.exe
(NewSoft Technology Corporation) C:\Windows\System32\spool\drivers\x64\3\WrtMon.exe
(NewSoft Technology Corporation) C:\Windows\System32\spool\drivers\x64\3\WrtProc.exe
(Octoshape ApS) C:\Users\DAVUT\AppData\Roaming\Octoshape\Octoshape Streaming Services\OctoshapeClient.exe
(AMD) C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe
(Apple Inc.) D:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
(AMD) C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM64.exe
(SEIKO EPSON CORPORATION) C:\Windows\System32\spool\drivers\x64\3\E_YATIJJE.EXE
(SEIKO EPSON CORPORATION) C:\Windows\System32\spool\drivers\x64\3\E_YATIJJE.EXE
(Razer Inc.) C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(SEIKO EPSON CORPORATION) C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe
(Safer-Networking Ltd.) D:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.Reader_6.3.9600.16422_x64__8wekyb3d8bbwe\glcnd.exe
(Mozilla Corporation) D:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCui.exe
(TeamViewer GmbH) d:\program files (x86)\teamviewer\version8\TeamViewer_Desktop.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12503184 2012-06-11] (Realtek Semiconductor)
HKLM\...\Run: [itype] - C:\Program Files\Microsoft IntelliType Pro\itype.exe [2345848 2009-11-05] (Microsoft Corporation)
HKLM\...\Run: [Cmaudio8788] - C:\WINDOWS\Syswow64\cmicnfgp.dll [12935168 2012-08-27] (C-Media Corporation)
HKLM\...\Run: [Cmaudio8788GX] - C:\WINDOWS\syswow64\HsMgr.exe [200704 2008-07-11] ()
HKLM\...\Run: [Cmaudio8788GX64] - C:\WINDOWS\system\HsMgr64.exe [282112 2008-07-11] ()
HKLM\...\Run: [AdobeAAMUpdater-1.0] - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [446392 2012-04-04] (Adobe Systems Incorporated)
HKLM\...\Run: [WrtMon.exe] - C:\WINDOWS\system32\spool\drivers\x64\3\WrtMon.exe [26448 2008-05-24] (NewSoft Technology Corporation)
HKLM-x32\...\Run: [] - [X]
HKLM-x32\...\Run: [Razer Synapse] - C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe [442200 2013-10-17] (Razer Inc.)
HKLM-x32\...\Run: [SwitchBoard] - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS6ServiceManager] - C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [StartCCC] - C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [766208 2013-10-08] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [EEventManager] - C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe [1058912 2012-04-02] (SEIKO EPSON CORPORATION)
HKLM-x32\...\Run: [PMSpeed] - D:\Program Files (x86)\NewSoft\Presto! PageManager 9.03\PMSpeed.EXE [116632 2010-07-29] (NewSoft Technology Corporation)
HKLM-x32\...\Run: [SDTray] - D:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [5624784 2013-07-25] (Safer-Networking Ltd.)
Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
HKU\S-1-5-21-2309657365-2291247431-1116468141-1000\...\Run: [Steam] - D:\Program Files (x86)\Steam\steam.exe [1821888 2014-02-25] (Valve Corporation)
HKU\S-1-5-21-2309657365-2291247431-1116468141-1000\...\Run: [Octoshape Streaming Services] - C:\Users\DAVUT\AppData\Roaming\Octoshape\Octoshape Streaming Services\OctoshapeClient.exe [107800 2011-03-24] (Octoshape ApS)
HKU\S-1-5-21-2309657365-2291247431-1116468141-1000\...\Run: [EADM] - D:\Program Files (x86)\Origin\Origin.exe [3598680 2014-02-14] (Electronic Arts)
HKU\S-1-5-21-2309657365-2291247431-1116468141-1000\...\Run: [Dxtory Update Checker 2.0] - C:\Program Files (x86)\ExKode\Dxtory2.0\UpdateChecker.exe [93696 2010-10-17] (Dxtory Software)
HKU\S-1-5-21-2309657365-2291247431-1116468141-1000\...\Run: [HydraVisionDesktopManager] - C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe [393216 2012-07-27] (AMD)
HKU\S-1-5-21-2309657365-2291247431-1116468141-1000\...\Run: [iCloudServices] - D:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [59720 2013-11-20] (Apple Inc.)
HKU\S-1-5-21-2309657365-2291247431-1116468141-1000\...\Run: [EPLTarget\P0000000000000000] - C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YATIJJE.EXE [283232 2012-02-27] (SEIKO EPSON CORPORATION)
HKU\S-1-5-21-2309657365-2291247431-1116468141-1000\...\Run: [Scan Buttons] - D:\Program Files (x86)\NewSoft\Presto! PageManager 9.03\PMSB.EXE [214360 2011-01-21] (NewSoft Technology Corporation)
HKU\S-1-5-21-2309657365-2291247431-1116468141-1000\...\Run: [EPLTarget\P0000000000000001] - C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YATIJJE.EXE [283232 2012-02-27] (SEIKO EPSON CORPORATION)
==================== Internet (Whitelisted) ====================
BHO: Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION)
Toolbar: HKLM - Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
FireFox:
========
FF ProfilePath: C:\Users\DAVUT\AppData\Roaming\Mozilla\Firefox\Profiles\vxjvs7wq.default
FF Plugin: @adobe.com/FlashPlayer - C:\WINDOWS\system32\Macromed\Flash\NPSWF64_11_9_900_117.dll ()
FF Plugin-x32: @adobe.com/FlashPlayer - C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_117.dll ()
FF Plugin-x32: @esn/npbattlelog,version=2.3.2 - C:\Program Files (x86)\Battlelog Web Plugins\2.3.2\npbattlelog.dll (EA Digital Illusions CE AB)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3508.0205 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @videolan.org/vlc,version=2.1.0 - D:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin HKCU: @octoshape.com/Octoshape Streaming Services,version=1.0 - C:\Users\DAVUT\AppData\Roaming\Octoshape\Octoshape Streaming Services\sua-1103234-0-npoctoshape.dll (Octoshape ApS)
FF Plugin ProgramFiles/Appdata: C:\Users\DAVUT\AppData\Roaming\mozilla\plugins\npoctoshape.dll (Octoshape ApS)
FF StartMenuInternet: FIREFOX.EXE - D:\Program Files (x86)\Mozilla Firefox\firefox.exe
==================== Services (Whitelisted) =================
R2 ASGT; C:\Windows\SysWOW64\ASGT.exe [55296 2012-01-17] ()
R2 Asus Product Register Service; C:\Program Files (x86)\ASUS\APRP\AsusProductRegisterService.exe [62128 2012-09-11] ()
R2 EpsonScanSvc; C:\WINDOWS\system32\EscSvc64.exe [135824 2011-12-12] (Seiko Epson Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [166720 2012-06-25] (Intel Corporation)
S2 MBAMScheduler; D:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
S2 MBAMService; D:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
R2 PnkBstrA; C:\WINDOWS\SysWOW64\PnkBstrA.exe [76888 2013-11-12] ()
R2 SDScannerService; D:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [3921880 2013-10-15] (Safer-Networking Ltd.)
R2 SDUpdateService; D:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [1042272 2013-09-20] (Safer-Networking Ltd.)
R2 SDWSCService; D:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [171416 2013-09-13] (Safer-Networking Ltd.)
R2 TeamViewer8; D:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe [5093216 2014-02-07] (TeamViewer GmbH)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [346872 2013-08-22] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23840 2013-08-22] (Microsoft Corporation)
==================== Drivers (Whitelisted) ====================
S0 ADP80XX; C:\Windows\System32\drivers\ADP80XX.SYS [782176 2013-08-22] (PMC-Sierra)
S0 amdkmafd; C:\Windows\System32\drivers\amdkmafd.sys [21160 2012-09-23] (Advanced Micro Devices, Inc.)
R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdWB6.sys [138240 2013-06-22] (Advanced Micro Devices)
S3 bcmfn2; C:\Windows\System32\drivers\bcmfn2.sys [17624 2013-08-13] (Windows (R) Win 7 DDK provider)
R3 cmudaxp; C:\Windows\system32\drivers\cmudaxp.sys [2733056 2012-09-25] (C-Media Inc)
S3 iaLPSSi_GPIO; C:\Windows\System32\drivers\iaLPSSi_GPIO.sys [24568 2013-07-30] (Intel Corporation)
S3 iaLPSSi_I2C; C:\Windows\System32\drivers\iaLPSSi_I2C.sys [99320 2013-07-25] (Intel Corporation)
S0 iaStorAV; C:\Windows\System32\drivers\iaStorAV.sys [651248 2013-08-10] (Intel Corporation)
R0 intelpep; C:\Windows\System32\drivers\intelpep.sys [39768 2013-11-11] (Microsoft Corporation)
R4 IOMap; C:\WINDOWS\system32\drivers\IOMap64.sys [23680 2010-02-23] (ASUSTeK Computer Inc.)
S3 kbldfltr; C:\Windows\System32\drivers\kbldfltr.sys [22272 2013-09-30] (Microsoft Corporation)
S0 LSI_SAS3; C:\Windows\System32\drivers\lsi_sas3.sys [81760 2013-08-22] (LSI Corporation)
S3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
R3 NdisVirtualBus; C:\Windows\System32\drivers\NdisVirtualBus.sys [16384 2013-08-22] (Microsoft Corporation)
S3 netvsc; C:\Windows\system32\DRIVERS\netvsc63.sys [87040 2013-08-22] (Microsoft Corporation)
S3 ReFS; C:\Windows\System32\Drivers\ReFS.sys [924512 2013-08-22] (Microsoft Corporation)
R3 rzendpt; C:\Windows\System32\drivers\rzendpt.sys [39080 2013-10-14] (Razer Inc)
S3 SerCx2; C:\Windows\System32\drivers\SerCx2.sys [146776 2013-10-26] (Microsoft Corporation)
S0 stornvme; C:\Windows\System32\drivers\stornvme.sys [57176 2013-10-05] (Microsoft Corporation)
S3 UEFI; C:\Windows\System32\drivers\UEFI.sys [26976 2013-08-22] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [124256 2013-08-22] (Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2014-03-05 21:05 - 2014-03-05 21:05 - 00000000 ____D () C:\Users\DAVUT\Desktop\FRST-OlderVersion
2014-03-05 21:04 - 2014-03-05 21:04 - 00987425 _____ () C:\Users\DAVUT\Desktop\SecurityCheck.exe
2014-03-05 18:13 - 2014-03-05 18:13 - 00000000 ____D () C:\Program Files (x86)\ESET
2014-03-05 18:10 - 2014-03-05 18:11 - 02347384 _____ (ESET) C:\Users\DAVUT\Desktop\esetsmartinstaller_enu(1).exe
2014-03-04 22:16 - 2014-03-04 22:16 - 00000882 _____ () C:\WINDOWS\setupact.log
2014-03-04 22:16 - 2014-03-04 22:16 - 00000000 _____ () C:\WINDOWS\setuperr.log
2014-03-04 19:02 - 2014-03-04 19:02 - 02347384 _____ (ESET) C:\Users\DAVUT\Downloads\esetsmartinstaller_deu.exe
2014-03-04 19:01 - 2014-03-04 19:01 - 02347384 _____ (ESET) C:\Users\DAVUT\Downloads\esetsmartinstaller_enu.exe
2014-03-04 18:47 - 2014-03-04 18:47 - 00060813 _____ () C:\Users\DAVUT\Desktop\FRST2.txt
2014-03-04 18:46 - 2014-03-04 18:46 - 00000618 _____ () C:\Users\DAVUT\Desktop\JRT.txt
2014-03-04 18:44 - 2014-03-04 18:44 - 00000000 ____D () C:\WINDOWS\ERUNT
2014-03-04 18:43 - 2014-03-04 18:43 - 00001375 _____ () C:\Users\DAVUT\Desktop\AdwCleaner[S0].txt
2014-03-04 18:39 - 2014-03-04 18:41 - 00000000 ____D () C:\AdwCleaner
2014-03-04 18:39 - 2014-03-04 18:39 - 01244192 _____ () C:\Users\DAVUT\Desktop\adwcleaner.exe
2014-03-04 18:39 - 2014-03-04 18:39 - 01037734 _____ (Thisisu) C:\Users\DAVUT\Desktop\JRT.exe
2014-03-03 21:47 - 2014-03-03 21:47 - 00000000 _____ () C:\Users\DAVUT\Sti_Trace.log
2014-03-03 21:46 - 2014-03-03 21:46 - 00000682 _____ () C:\WINDOWS\PFRO.log
2014-03-03 18:46 - 2014-03-03 18:46 - 00000000 ____D () C:\WINDOWS\pss
2014-03-03 18:25 - 2014-03-03 18:25 - 00002724 _____ () C:\Users\DAVUT\Desktop\malware.txt
2014-03-03 14:41 - 2014-03-03 14:42 - 05185084 _____ (Swearware) C:\Users\DAVUT\Desktop\ComboFix.exe
2014-03-03 14:38 - 2014-03-05 21:06 - 00013546 _____ () C:\Users\DAVUT\Desktop\FRST.txt
2014-03-03 14:38 - 2014-03-03 14:39 - 00033080 _____ () C:\Users\DAVUT\Desktop\Addition.txt
2014-03-03 14:37 - 2014-03-05 21:05 - 00000000 ____D () C:\FRST
2014-03-03 14:36 - 2014-03-05 21:05 - 02157056 _____ (Farbar) C:\Users\DAVUT\Desktop\FRST64.exe
2014-03-02 20:04 - 2014-03-05 18:27 - 00305892 _____ () C:\WINDOWS\WindowsUpdate.log
2014-03-02 02:39 - 2014-03-02 02:39 - 01021432 _____ (Microsoft Corporation) C:\Users\DAVUT\Downloads\NDP451-KB2859818-Web.exe
2014-03-02 02:09 - 2014-03-02 03:50 - 00153834 _____ () C:\Users\DAVUT\Desktop\sfcdetails.txt
2014-03-02 02:07 - 2014-03-02 02:07 - 00002772 _____ () C:\WINDOWS\System32\Tasks\CCleanerSkipUAC
2014-03-02 02:06 - 2014-03-02 02:06 - 03645064 _____ (Piriform Ltd) C:\Users\DAVUT\Downloads\ccsetup410_slim.exe
2014-03-02 02:06 - 2014-03-02 02:06 - 00000706 _____ () C:\Users\Public\Desktop\CCleaner.lnk
2014-03-02 01:34 - 2014-03-02 01:34 - 00000000 ____D () C:\Users\DAVUT\AppData\Roaming\Malwarebytes
2014-03-02 01:34 - 2014-03-02 01:34 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-03-02 01:34 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys
2014-03-02 01:33 - 2014-03-02 01:36 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
2014-03-02 01:33 - 2014-03-02 01:33 - 00000000 ____D () C:\WINDOWS\System32\Tasks\Safer-Networking
2014-03-02 01:33 - 2013-09-20 10:49 - 00021040 _____ (Safer Networking Limited) C:\WINDOWS\system32\sdnclean64.exe
2014-03-02 01:32 - 2014-03-02 01:32 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\DAVUT\Downloads\mbam-setup-1.75.0.1300.exe
2014-03-02 01:31 - 2014-03-02 01:31 - 40658208 _____ (Safer-Networking Ltd. ) C:\Users\DAVUT\Downloads\spybot-2.2.25.exe
2014-03-02 00:01 - 2014-03-02 03:42 - 00000000 ____D () C:\Users\DAVUT\AppData\Roaming\.oit
2014-03-02 00:01 - 2014-03-02 00:02 - 00000000 ____D () C:\Users\DAVUT\Documents\My PageManager
2014-03-02 00:01 - 2014-03-02 00:01 - 00000000 ____D () C:\Users\DAVUT\AppData\Roaming\NewSoft
2014-03-02 00:01 - 2014-03-02 00:01 - 00000000 ____D () C:\Users\DAVUT\AppData\Local\NewSoft
2014-03-01 23:59 - 2001-09-10 18:05 - 00087392 _____ (Twain Working Group) C:\WINDOWS\TWAIN.DLL
2014-03-01 23:59 - 2001-09-10 18:05 - 00069632 _____ (Twain Working Group) C:\WINDOWS\Twunk_32.exe
2014-03-01 23:59 - 2001-09-10 18:05 - 00048560 _____ (Twain Working Group) C:\WINDOWS\Twunk_16.exe
2014-03-01 23:59 - 1999-05-06 14:22 - 00027632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CTL3DV2.DLL
2014-03-01 23:58 - 2014-03-01 23:58 - 00000000 ____D () C:\WINDOWS\SysWOW64\color
2014-03-01 22:51 - 2014-03-01 22:51 - 00000000 ____D () C:\ProgramData\UDL
2014-03-01 22:50 - 2014-03-02 00:01 - 00000264 _____ () C:\WINDOWS\setup.iss
2014-03-01 21:52 - 2014-03-01 21:52 - 00000000 ____D () C:\Program Files\Common Files\EPSON
2014-03-01 21:45 - 2014-03-02 03:20 - 00000000 ____D () C:\Users\DAVUT\AppData\Roaming\Epson
2014-03-01 21:45 - 2014-03-01 22:50 - 00000000 ____D () C:\Program Files (x86)\Epson Software
2014-03-01 21:44 - 2014-03-04 18:39 - 00000000 ____D () C:\ProgramData\EPSON
2014-03-01 21:44 - 2014-03-01 21:45 - 00000000 ____D () C:\Program Files (x86)\epson
2014-03-01 21:44 - 2014-03-01 21:44 - 00000000 ____D () C:\Program Files\EpsonNet
2014-03-01 21:44 - 2012-07-24 00:00 - 00466432 _____ (Seiko Epson Corporation) C:\WINDOWS\system32\esxw2ud.dll
2014-03-01 21:44 - 2011-12-12 00:00 - 00135824 _____ (Seiko Epson Corporation) C:\WINDOWS\system32\escsvc64.exe
2014-03-01 21:44 - 2011-08-30 13:40 - 00535040 _____ (SEIKO EPSON CORPORATION) C:\WINDOWS\system32\ensppui.dll
2014-03-01 21:44 - 2011-08-30 13:40 - 00535040 _____ (SEIKO EPSON CORPORATION) C:\WINDOWS\system32\enppui.dll
2014-03-01 21:44 - 2011-08-30 13:38 - 00558080 _____ (SEIKO EPSON CORPORATION) C:\WINDOWS\system32\ensppmon.dll
2014-03-01 21:44 - 2011-08-30 13:38 - 00558080 _____ (SEIKO EPSON CORPORATION) C:\WINDOWS\system32\enppmon.dll
2014-03-01 21:44 - 2011-08-01 18:24 - 00250880 _____ (SEIKO EPSON CORPORATION) C:\WINDOWS\system32\enspres.dll
2014-03-01 21:44 - 2011-08-01 18:24 - 00250880 _____ (SEIKO EPSON CORPORATION) C:\WINDOWS\system32\enpres.dll
2014-03-01 21:44 - 2011-04-18 19:03 - 00120320 _____ (SEIKO EPSON CORPORATION) C:\WINDOWS\system32\E_YLMJJE.DLL
2014-03-01 21:44 - 2011-03-13 19:03 - 00083968 _____ (SEIKO EPSON CORPORATION) C:\WINDOWS\system32\E_YD4BJJE.DLL
2014-03-01 21:44 - 2007-04-09 17:06 - 00010752 _____ (SEIKO EPSON CORP.) C:\WINDOWS\system32\E_GCINST.DLL
2014-02-28 22:34 - 2014-02-28 22:34 - 02404986 _____ () C:\Users\DAVUT\Downloads\08ab5107.zip
2014-02-28 14:30 - 2014-02-28 14:30 - 00273688 _____ () C:\Users\DAVUT\Downloads\Ihre Anfrage an Unitymedia.zip
2014-02-26 01:20 - 2014-02-26 01:20 - 00000000 ____D () C:\Users\DAVUT\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1
2014-02-26 01:00 - 2014-02-26 01:00 - 00034304 _____ () C:\Users\DAVUT\Downloads\de.community4wcf.wcf.page.simplepage.tar
2014-02-24 23:28 - 2014-02-24 23:28 - 00058071 _____ () C:\Users\DAVUT\Downloads\WFB_2.0.0.zip
2014-02-24 23:21 - 2014-02-24 23:21 - 00715264 _____ () C:\Users\DAVUT\Downloads\de.codequake.cms.tar
2014-02-24 22:50 - 2014-02-24 22:50 - 00000000 ____D () C:\WINDOWS\system32\appmgmt
2014-02-24 13:08 - 2014-02-24 13:08 - 00001633 _____ () C:\Users\DAVUT\Downloads\photoshop-action-Smooth skin.zip
2014-02-24 13:07 - 2014-02-24 13:07 - 00001545 _____ () C:\Users\DAVUT\Downloads\action_hue_nic_a_by_cutebb-d5ysyee.zip
2014-02-24 13:04 - 2014-02-24 13:04 - 00001003 _____ () C:\Users\DAVUT\Downloads\action_005___nostalgia_by_eliska_olsanska-d601xtv.rar
2014-02-24 12:30 - 2014-02-24 12:30 - 00003416 _____ () C:\Users\DAVUT\Downloads\4o563y2ekts7n5t.dlc
2014-02-24 12:13 - 2014-02-24 12:13 - 00270336 _____ () C:\Users\DAVUT\Downloads\de.orlando-forum.messagesidebar.contacticon.tar
2014-02-22 20:42 - 2014-02-22 20:42 - 99114034 _____ () C:\Users\DAVUT\Downloads\bossFlam2013.rar
2014-02-22 20:33 - 2014-02-22 20:33 - 00001200 _____ () C:\Users\DAVUT\Downloads\bsss_hsss.dlc
2014-02-22 20:29 - 2014-02-22 20:29 - 00000098 _____ () C:\Users\DAVUT\Downloads\603920b3-f38c-4792-b2d7-58d607cb338f.htm
2014-02-22 20:14 - 2014-02-22 20:14 - 00000000 ____D () C:\Users\DAVUT\AppData\Local\Line
2014-02-22 20:12 - 2014-02-22 20:12 - 17939816 _____ (LINE Corporation) C:\Users\DAVUT\Downloads\LineInst.exe
2014-02-19 22:56 - 2014-02-19 22:56 - 00003056 _____ () C:\Users\DAVUT\Downloads\Walking_Dead_S04_720p_PRETAiL_Aktuell-thkp8vmdymin.dlc
2014-02-18 17:18 - 2014-02-18 17:18 - 00000000 ____D () C:\ProgramData\RELOADED
2014-02-18 17:10 - 2014-02-18 17:10 - 00006936 _____ () C:\Users\DAVUT\Downloads\87c855fbcc0d664ea0d61d471c65d7a5.dlc
2014-02-18 16:12 - 2014-02-18 16:12 - 00000000 ___RD () C:\Users\DAVUT\Downloads\Microsoft.SkypeApp_kzf8qxf38zg5c!App
2014-02-17 14:03 - 2014-02-17 14:04 - 02782415 _____ () C:\Users\DAVUT\Downloads\Fraps 3.5.99 Build 15618.rar
2014-02-16 12:22 - 2014-02-16 12:22 - 20042717 _____ () C:\Users\DAVUT\Downloads\PES2014Patch107.zip
2014-02-16 12:06 - 2014-02-16 12:09 - 893575871 _____ () C:\Users\DAVUT\Downloads\PESEdit.com_2014_Data_Pack.7z
2014-02-16 12:06 - 2014-02-16 12:08 - 723654951 _____ () C:\Users\DAVUT\Downloads\PESEdit.com_2014_Patch_V._3.0.rar
2014-02-16 12:04 - 2014-02-16 12:04 - 00001304 _____ () C:\Users\DAVUT\Downloads\3l2km393x2tms88-ul.to.dlc
2014-02-16 11:32 - 2013-12-09 01:34 - 01227264 _____ (Microsoft Corporation) C:\WINDOWS\system32\mispace.dll
2014-02-16 11:32 - 2013-12-09 01:04 - 00980480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mispace.dll
2014-02-16 11:32 - 2013-11-27 16:34 - 03210528 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
2014-02-16 11:32 - 2013-11-27 16:27 - 00809872 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2014-02-16 11:32 - 2013-11-27 15:00 - 00663680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2014-02-16 11:32 - 2013-11-27 14:47 - 02804528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2vdec.dll
2014-02-16 11:32 - 2013-11-27 13:02 - 00142848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ipnat.sys
2014-02-16 11:32 - 2013-11-27 11:54 - 00461824 _____ (Microsoft Corporation) C:\WINDOWS\system32\XpsGdiConverter.dll
2014-02-16 11:32 - 2013-11-27 11:24 - 00306688 _____ (Microsoft Corporation) C:\WINDOWS\system32\msieftp.dll
2014-02-16 11:32 - 2013-11-27 11:08 - 00336384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XpsGdiConverter.dll
2014-02-16 11:32 - 2013-11-27 10:46 - 00273920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msieftp.dll
2014-02-16 11:32 - 2013-11-27 10:41 - 00136704 _____ (Microsoft Corporation) C:\WINDOWS\system32\psmsrv.dll
2014-02-16 11:32 - 2013-11-27 10:17 - 00263168 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2014-02-16 11:32 - 2013-11-27 10:10 - 00273408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.dll
2014-02-16 11:32 - 2013-11-27 09:58 - 01503232 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll
2014-02-16 11:32 - 2013-11-27 09:56 - 00218112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Graphics.dll
2014-02-16 11:32 - 2013-11-27 05:01 - 00385614 _____ () C:\WINDOWS\system32\ApnDatabase.xml
2014-02-16 11:32 - 2013-11-26 14:22 - 01928144 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2014-02-16 11:32 - 2013-11-26 14:20 - 02131120 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2014-02-16 11:32 - 2013-11-26 14:20 - 01399176 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmde.dll
2014-02-16 11:32 - 2013-11-26 14:20 - 01374384 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpmde.dll
2014-02-16 11:32 - 2013-11-26 12:50 - 01371312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2014-02-16 11:32 - 2013-11-26 12:44 - 02142936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2014-02-16 11:32 - 2013-11-26 12:44 - 01204968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmde.dll
2014-02-16 11:32 - 2013-11-26 11:13 - 04191232 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2014-02-16 11:32 - 2013-11-26 10:21 - 18577920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2014-02-16 11:32 - 2013-11-26 09:28 - 13925888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2014-02-16 11:32 - 2013-11-25 02:45 - 00142680 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBSTOR.SYS
2014-02-16 11:32 - 2013-11-25 02:32 - 01119064 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2014-02-16 11:32 - 2013-11-25 00:30 - 00513536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rastls.dll
2014-02-16 11:32 - 2013-11-25 00:28 - 00589824 _____ (Microsoft Corporation) C:\WINDOWS\system32\rastls.dll
2014-02-16 11:32 - 2013-11-23 13:47 - 00032088 _____ (Microsoft Corporation) C:\WINDOWS\system32\ploptin.dll
2014-02-16 11:32 - 2013-11-23 12:49 - 21196664 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2014-02-16 11:32 - 2013-11-23 09:19 - 18642504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2014-02-16 11:32 - 2013-11-23 08:13 - 00024064 _____ (Microsoft Corporation) C:\WINDOWS\system32\bi.dll
2014-02-16 11:32 - 2013-11-23 08:13 - 00019456 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BtaMPM.sys
2014-02-16 11:32 - 2013-11-23 08:08 - 00403456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
2014-02-16 11:32 - 2013-11-23 05:50 - 00282112 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemEventsBrokerServer.dll
2014-02-16 11:32 - 2013-11-23 04:57 - 00637952 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe
2014-02-16 11:32 - 2013-11-23 04:48 - 00479744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe
2014-02-16 11:32 - 2013-11-23 04:25 - 00744448 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll
2014-02-16 11:32 - 2013-11-23 04:25 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncCore.dll
2014-02-16 11:32 - 2013-11-23 04:19 - 02617344 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2014-02-16 11:32 - 2013-11-23 04:15 - 02295808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll
2014-02-16 11:32 - 2013-11-21 07:58 - 00207872 _____ (Microsoft Corporation) C:\WINDOWS\system32\deviceregistration.dll
2014-02-16 11:32 - 2013-11-21 07:26 - 01415680 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2014-02-16 11:32 - 2013-11-16 06:11 - 00764856 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2014-02-16 11:32 - 2013-11-15 19:19 - 00669344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll
2014-02-16 11:32 - 2013-11-15 15:59 - 00470016 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfds.dll
2014-02-16 11:32 - 2013-11-15 15:25 - 00433664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfds.dll
2014-02-16 11:32 - 2013-11-15 15:08 - 00202240 _____ (Microsoft Corporation) C:\WINDOWS\system32\ubpm.dll
2014-02-16 11:32 - 2013-11-15 14:24 - 00834048 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2014-02-16 11:32 - 2013-11-05 21:12 - 02551128 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2014-02-16 11:32 - 2013-10-31 01:29 - 00745336 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2014-02-16 11:32 - 2013-10-31 00:41 - 00552624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll
2014-02-16 00:23 - 2014-02-16 00:23 - 00000000 ____D () C:\ProgramData\KONAMI
2014-02-16 00:09 - 2014-02-16 00:09 - 00760320 _____ () C:\Users\DAVUT\Downloads\de.voolia.news.tar
2014-02-15 00:03 - 2014-02-15 00:03 - 00026624 _____ () C:\Users\DAVUT\Downloads\1.0.0.tar
2014-02-14 23:12 - 2014-02-14 23:12 - 00000000 ____D () C:\Users\DAVUT\Downloads\wbb4.0.2pl1
2014-02-14 23:06 - 2014-02-14 23:06 - 03531940 _____ () C:\Users\DAVUT\Downloads\wbb4.0.2pl1.zip
2014-02-14 22:32 - 2014-02-14 22:32 - 00155024 _____ () C:\Users\DAVUT\Downloads\com.insidepixel.style.simpleBlue.tar.tgz
2014-02-13 21:07 - 2014-02-13 21:07 - 00008344 _____ () C:\Users\DAVUT\Downloads\relink.us__521iuhdshf743834iusdf8932_9hf9gui3g374__uploaded.net__bbbc5edf59489ee7526d760eaa6e0b.dlc
2014-02-12 16:09 - 2014-02-12 16:10 - 02668307 _____ () C:\Users\DAVUT\Downloads\teknoloji.rar
2014-02-12 16:01 - 2014-03-02 03:49 - 00000000 ____D () C:\Users\DAVUT\AppData\Roaming\Notepad++
2014-02-12 16:01 - 2014-02-12 16:01 - 07598942 _____ () C:\Users\DAVUT\Downloads\npp.6.5.3.Installer.exe
2014-02-12 16:01 - 2014-02-12 16:01 - 00000776 _____ () C:\Users\UpdatusUser\Desktop\Notepad++.lnk
2014-02-12 16:01 - 2014-02-12 16:01 - 00000000 ____D () C:\Users\DAVUT\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Notepad++
2014-02-12 15:57 - 2013-06-08 01:10 - 00000000 ____D () C:\Users\DAVUT\Downloads\parament
2014-02-12 15:20 - 2014-02-12 15:20 - 00285395 _____ () C:\Users\DAVUT\Downloads\parament.1.3.zip
2014-02-12 15:14 - 2014-02-12 15:14 - 01122467 _____ () C:\Users\DAVUT\Downloads\gamepress.1.0.5(1).zip
2014-02-12 15:10 - 2014-02-12 15:10 - 01122467 _____ () C:\Users\DAVUT\Downloads\gamepress.1.0.5.zip
2014-02-12 15:07 - 2014-02-06 12:12 - 02765824 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2014-02-12 15:07 - 2014-02-06 11:00 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieetwproxystub.dll
2014-02-12 15:07 - 2014-02-06 10:57 - 02168320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2014-02-12 15:07 - 2014-01-07 06:00 - 02397184 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d10warp.dll
2014-02-12 15:07 - 2014-01-07 05:30 - 02071552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d10warp.dll
2014-02-12 15:07 - 2013-12-09 01:27 - 02152448 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2014-02-12 15:07 - 2013-12-09 01:19 - 00570880 _____ (Microsoft Corporation) C:\WINDOWS\system32\msdrm.dll
2014-02-12 15:07 - 2013-12-09 00:55 - 00444928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msdrm.dll
2014-02-12 15:07 - 2013-12-09 00:54 - 01317376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll
2014-02-12 15:07 - 2013-11-21 07:42 - 04604416 _____ (Microsoft Corporation) C:\WINDOWS\system32\d2d1.dll
2014-02-12 15:07 - 2013-11-21 06:44 - 03936256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll
2014-02-12 15:06 - 2014-02-06 13:16 - 23170048 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2014-02-12 15:06 - 2014-02-06 12:30 - 02724864 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2014-02-12 15:06 - 2014-02-06 12:30 - 00004096 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwcollectorres.dll
2014-02-12 15:06 - 2014-02-06 12:07 - 00066048 _____ (Microsoft Corporation) C:\WINDOWS\system32\iesetup.dll
2014-02-12 15:06 - 2014-02-06 12:06 - 00048640 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwproxystub.dll
2014-02-12 15:06 - 2014-02-06 11:57 - 00053760 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll
2014-02-12 15:06 - 2014-02-06 11:56 - 00033792 _____ (Microsoft Corporation) C:\WINDOWS\system32\iernonce.dll
2014-02-12 15:06 - 2014-02-06 11:49 - 00139264 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieUnatt.exe
2014-02-12 15:06 - 2014-02-06 11:48 - 00708608 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2014-02-12 15:06 - 2014-02-06 11:48 - 00111616 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwcollector.exe
2014-02-12 15:06 - 2014-02-06 11:38 - 17103872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2014-02-12 15:06 - 2014-02-06 11:32 - 00218624 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2014-02-12 15:06 - 2014-02-06 11:20 - 02724864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2014-02-12 15:06 - 2014-02-06 11:17 - 00195584 _____ (Microsoft Corporation) C:\WINDOWS\system32\msrating.dll
2014-02-12 15:06 - 2014-02-06 11:11 - 05768704 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2014-02-12 15:06 - 2014-02-06 11:01 - 00061952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iesetup.dll
2014-02-12 15:06 - 2014-02-06 10:57 - 00627200 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2014-02-12 15:06 - 2014-02-06 10:52 - 00043008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jsproxy.dll
2014-02-12 15:06 - 2014-02-06 10:52 - 00032768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iernonce.dll
2014-02-12 15:06 - 2014-02-06 10:50 - 02041856 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2014-02-12 15:06 - 2014-02-06 10:47 - 00112128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieUnatt.exe
2014-02-12 15:06 - 2014-02-06 10:46 - 00553472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2014-02-12 15:06 - 2014-02-06 10:25 - 04244480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2014-02-12 15:06 - 2014-02-06 10:25 - 00164864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrating.dll
2014-02-12 15:06 - 2014-02-06 10:24 - 02334208 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2014-02-12 15:06 - 2014-02-06 10:22 - 13051392 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2014-02-12 15:06 - 2014-02-06 10:13 - 00524288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2014-02-12 15:06 - 2014-02-06 10:09 - 01964032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2014-02-12 15:06 - 2014-02-06 10:03 - 11266048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2014-02-12 15:06 - 2014-02-06 09:55 - 01393664 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2014-02-12 15:06 - 2014-02-06 09:41 - 01820160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2014-02-12 15:06 - 2014-02-06 09:40 - 00817664 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2014-02-12 15:06 - 2014-02-06 09:36 - 01156096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2014-02-12 15:06 - 2014-02-06 09:34 - 00703488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2014-02-12 15:06 - 2014-01-09 09:25 - 02804224 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2014-02-12 15:06 - 2014-01-09 08:59 - 01020928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll
2014-02-12 15:06 - 2014-01-09 08:59 - 00115712 _____ (Microsoft Corporation) C:\WINDOWS\system32\winbici.dll
2014-02-12 15:06 - 2014-01-09 08:49 - 00919040 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmCoreR.dll
2014-02-12 15:06 - 2014-01-09 08:44 - 00720384 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDriveTelemetry.dll
2014-02-12 15:06 - 2014-01-09 08:43 - 00121344 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDriveShell.dll
2014-02-12 15:06 - 2014-01-09 08:29 - 00105984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SkyDriveShell.dll
2014-02-12 15:06 - 2014-01-09 08:28 - 04217344 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncEngine.dll
2014-02-12 15:06 - 2014-01-09 08:28 - 00628736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MrmCoreR.dll
2014-02-12 15:06 - 2014-01-09 08:18 - 00870912 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDrive.exe
2014-02-12 15:06 - 2014-01-07 08:03 - 00018944 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcaui.exe
2014-02-12 15:06 - 2014-01-07 06:59 - 00017408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\pcaui.exe
2014-02-12 15:06 - 2014-01-04 21:50 - 01462216 _____ (Microsoft Corporation) C:\WINDOWS\system32\propsys.dll
2014-02-12 15:06 - 2014-01-04 20:22 - 01202888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\propsys.dll
2014-02-12 15:06 - 2014-01-04 15:30 - 13209088 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2014-02-12 15:06 - 2014-01-04 15:23 - 11702272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2014-02-12 15:06 - 2014-01-04 14:42 - 01105408 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFolder.dll
2014-02-12 15:06 - 2014-01-04 14:40 - 07416832 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Search.dll
2014-02-12 15:06 - 2014-01-04 14:36 - 00830976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchFolder.dll
2014-02-12 15:06 - 2014-01-04 14:28 - 04961792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Search.dll
2014-02-12 15:06 - 2013-12-21 03:10 - 00009701 _____ () C:\WINDOWS\SysWOW64\connectedsearch-results.searchconnector-ms
2014-02-12 15:06 - 2013-12-21 03:10 - 00009701 _____ () C:\WINDOWS\system32\connectedsearch-results.searchconnector-ms
2014-02-12 15:06 - 2013-12-20 11:10 - 01113040 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2014-02-12 15:06 - 2013-12-20 07:13 - 00835584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2014-02-12 15:06 - 2013-12-09 03:57 - 00548864 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2014-02-12 15:06 - 2013-12-09 02:51 - 00454656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2014-02-07 18:40 - 2014-02-26 01:28 - 00000000 ____D () C:\Users\DAVUT\AppData\Roaming\FileZilla
2014-02-07 18:38 - 2014-02-07 18:38 - 04812567 _____ (Tim Kosse) C:\Users\DAVUT\Downloads\FileZilla_3.7.3_win32-setup [1].exe
2014-02-07 18:38 - 2014-02-07 18:38 - 00658856 _____ ( ) C:\Users\DAVUT\Downloads\FileZilla_3.7.3_win32-setup.exe
2014-02-07 18:36 - 2014-02-07 18:36 - 06792574 _____ () C:\Users\DAVUT\Downloads\wordpress-3.8.1-tr_TR.zip
2014-02-07 18:33 - 2014-02-07 18:33 - 58556247 _____ () C:\Users\DAVUT\Downloads\flavor16.zip
2014-02-07 18:24 - 2014-02-07 18:24 - 05295874 _____ () C:\Users\DAVUT\Downloads\broadcast13.zip
2014-02-07 18:23 - 2014-02-07 18:23 - 04816248 _____ () C:\Users\DAVUT\Downloads\rule_10.zip
2014-02-05 22:52 - 2014-02-05 22:52 - 00721408 _____ () C:\Users\DAVUT\Downloads\Finanzplanung_Tool_12_2013.xls
2014-02-05 22:47 - 2014-02-05 22:47 - 00000000 ____D () C:\Users\DAVUT\AppData\Roaming\OpenOffice
2014-02-05 22:41 - 2014-03-02 02:25 - 00000000 ____D () C:\WINDOWS\Minidump
2014-02-05 22:40 - 2014-02-05 22:43 - 163606685 _____ () C:\Users\DAVUT\Downloads\Apache_OpenOffice_4.0.1_Win_x86_install_de.exe
2014-02-05 12:15 - 2014-02-05 12:15 - 00000000 ____H () C:\WINDOWS\system32\Drivers\Msft_Kernel_netaapl64_01009.Wdf
2014-02-04 21:16 - 2014-02-04 21:16 - 00012164 _____ () C:\Users\DAVUT\Downloads\TWI_SAGA_GER_720p_BRay_x264-voxx2xmbn9h05.dlc
2014-02-04 15:47 - 2014-02-04 15:47 - 00000000 ____D () C:\Users\DAVUT\.shsh
2014-02-04 15:43 - 2014-02-04 15:43 - 75743528 _____ (Apple Inc.) C:\Users\DAVUT\Downloads\iTunes64Setup(1).exe
2014-02-04 15:42 - 2014-02-04 15:44 - 938891219 _____ () C:\Users\DAVUT\Downloads\iPhone3,1_6.1.3_10B329_Restore.ipsw
2014-02-04 15:42 - 2014-02-04 15:42 - 04984425 _____ () C:\Users\DAVUT\Downloads\ifaith-v1.5.9.zip
==================== One Month Modified Files and Folders =======
2014-03-05 21:06 - 2014-03-03 14:38 - 00013546 _____ () C:\Users\DAVUT\Desktop\FRST.txt
2014-03-05 21:06 - 2014-03-03 14:37 - 00000000 ____D () C:\FRST
2014-03-05 21:05 - 2014-03-05 21:05 - 00000000 ____D () C:\Users\DAVUT\Desktop\FRST-OlderVersion
2014-03-05 21:05 - 2014-03-03 14:36 - 02157056 _____ (Farbar) C:\Users\DAVUT\Desktop\FRST64.exe
2014-03-05 21:04 - 2014-03-05 21:04 - 00987425 _____ () C:\Users\DAVUT\Desktop\SecurityCheck.exe
2014-03-05 21:00 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\sru
2014-03-05 18:27 - 2014-03-02 20:04 - 00305892 _____ () C:\WINDOWS\WindowsUpdate.log
2014-03-05 18:13 - 2014-03-05 18:13 - 00000000 ____D () C:\Program Files (x86)\ESET
2014-03-05 18:11 - 2014-03-05 18:10 - 02347384 _____ (ESET) C:\Users\DAVUT\Desktop\esetsmartinstaller_enu(1).exe
2014-03-05 18:09 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\FxsTmp
2014-03-05 18:07 - 2013-11-12 01:06 - 00000000 __RDO () C:\Users\DAVUT\SkyDrive
2014-03-05 12:42 - 2013-08-22 14:25 - 00262144 ___SH () C:\WINDOWS\system32\config\ELAM
2014-03-05 12:41 - 2013-10-15 18:58 - 00003600 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2309657365-2291247431-1116468141-1000
2014-03-05 12:37 - 2013-09-30 05:14 - 01776918 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2014-03-05 12:37 - 2013-09-30 04:56 - 00764340 _____ () C:\WINDOWS\system32\perfh007.dat
2014-03-05 12:37 - 2013-09-30 04:56 - 00159160 _____ () C:\WINDOWS\system32\perfc007.dat
2014-03-05 12:34 - 2013-10-28 17:23 - 00000000 ____D () C:\Users\DAVUT\AppData\Local\Adobe
2014-03-05 12:31 - 2013-08-22 15:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2014-03-04 22:25 - 2013-10-15 21:19 - 00000000 ____D () C:\Users\DAVUT\AppData\Roaming\TS3Client
2014-03-04 22:17 - 2013-10-21 22:16 - 00000000 ____D () C:\ProgramData\Origin
2014-03-04 22:17 - 2013-10-15 21:36 - 00291128 _____ () C:\WINDOWS\SysWOW64\PnkBstrB.xtr
2014-03-04 22:17 - 2013-10-15 21:34 - 00291128 _____ () C:\WINDOWS\SysWOW64\PnkBstrB.exe
2014-03-04 22:16 - 2014-03-04 22:16 - 00000882 _____ () C:\WINDOWS\setupact.log
2014-03-04 22:16 - 2014-03-04 22:16 - 00000000 _____ () C:\WINDOWS\setuperr.log
2014-03-04 19:02 - 2014-03-04 19:02 - 02347384 _____ (ESET) C:\Users\DAVUT\Downloads\esetsmartinstaller_deu.exe
2014-03-04 19:01 - 2014-03-04 19:01 - 02347384 _____ (ESET) C:\Users\DAVUT\Downloads\esetsmartinstaller_enu.exe
2014-03-04 18:47 - 2014-03-04 18:47 - 00060813 _____ () C:\Users\DAVUT\Desktop\FRST2.txt
2014-03-04 18:46 - 2014-03-04 18:46 - 00000618 _____ () C:\Users\DAVUT\Desktop\JRT.txt
2014-03-04 18:44 - 2014-03-04 18:44 - 00000000 ____D () C:\WINDOWS\ERUNT
2014-03-04 18:43 - 2014-03-04 18:43 - 00001375 _____ () C:\Users\DAVUT\Desktop\AdwCleaner[S0].txt
2014-03-04 18:42 - 2013-08-22 14:25 - 00262144 ___SH () C:\WINDOWS\system32\config\BBI
2014-03-04 18:41 - 2014-03-04 18:39 - 00000000 ____D () C:\AdwCleaner
2014-03-04 18:39 - 2014-03-04 18:39 - 01244192 _____ () C:\Users\DAVUT\Desktop\adwcleaner.exe
2014-03-04 18:39 - 2014-03-04 18:39 - 01037734 _____ (Thisisu) C:\Users\DAVUT\Desktop\JRT.exe
2014-03-04 18:39 - 2014-03-01 21:44 - 00000000 ____D () C:\ProgramData\EPSON
2014-03-04 16:26 - 2013-10-15 21:34 - 00291128 _____ () C:\WINDOWS\SysWOW64\PnkBstrB.ex0
2014-03-03 21:51 - 2013-10-26 02:31 - 00000000 ____D () C:\Users\DAVUT\AppData\Roaming\vlc
2014-03-03 21:47 - 2014-03-03 21:47 - 00000000 _____ () C:\Users\DAVUT\Sti_Trace.log
2014-03-03 21:47 - 2013-11-12 00:57 - 00000000 ____D () C:\Users\DAVUT
2014-03-03 21:46 - 2014-03-03 21:46 - 00000682 _____ () C:\WINDOWS\PFRO.log
2014-03-03 18:46 - 2014-03-03 18:46 - 00000000 ____D () C:\WINDOWS\pss
2014-03-03 18:38 - 2013-10-15 19:02 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-03-03 18:33 - 2013-10-15 22:05 - 00000000 ____D () C:\Program Files (x86)\Overwolf
2014-03-03 18:25 - 2014-03-03 18:25 - 00002724 _____ () C:\Users\DAVUT\Desktop\malware.txt
2014-03-03 14:42 - 2014-03-03 14:41 - 05185084 _____ (Swearware) C:\Users\DAVUT\Desktop\ComboFix.exe
2014-03-03 14:39 - 2014-03-03 14:38 - 00033080 _____ () C:\Users\DAVUT\Desktop\Addition.txt
2014-03-02 03:50 - 2014-03-02 02:09 - 00153834 _____ () C:\Users\DAVUT\Desktop\sfcdetails.txt
2014-03-02 03:49 - 2014-02-12 16:01 - 00000000 ____D () C:\Users\DAVUT\AppData\Roaming\Notepad++
2014-03-02 03:42 - 2014-03-02 00:01 - 00000000 ____D () C:\Users\DAVUT\AppData\Roaming\.oit
2014-03-02 03:38 - 2013-03-03 14:46 - 00004456 _____ () C:\Users\DAVUT\Desktop\Not Defteri.txt
2014-03-02 03:20 - 2014-03-01 21:45 - 00000000 ____D () C:\Users\DAVUT\AppData\Roaming\Epson
2014-03-02 03:19 - 2013-08-22 15:44 - 04980448 _____ () C:\WINDOWS\system32\FNTCACHE.DAT
2014-03-02 03:17 - 2013-10-21 22:49 - 00000000 ____D () C:\Program Files (x86)\Battlelog Web Plugins
2014-03-02 02:39 - 2014-03-02 02:39 - 01021432 _____ (Microsoft Corporation) C:\Users\DAVUT\Downloads\NDP451-KB2859818-Web.exe
2014-03-02 02:25 - 2014-02-05 22:41 - 00000000 ____D () C:\WINDOWS\Minidump
2014-03-02 02:07 - 2014-03-02 02:07 - 00002772 _____ () C:\WINDOWS\System32\Tasks\CCleanerSkipUAC
2014-03-02 02:06 - 2014-03-02 02:06 - 03645064 _____ (Piriform Ltd) C:\Users\DAVUT\Downloads\ccsetup410_slim.exe
2014-03-02 02:06 - 2014-03-02 02:06 - 00000706 _____ () C:\Users\Public\Desktop\CCleaner.lnk
2014-03-02 02:01 - 2014-01-10 13:32 - 00000000 ____D () C:\ProgramData\Apple
2014-03-02 02:00 - 2014-01-10 13:33 - 00000000 ____D () C:\Program Files\Common Files\Apple
2014-03-02 01:36 - 2014-03-02 01:33 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
2014-03-02 01:34 - 2014-03-02 01:34 - 00000000 ____D () C:\Users\DAVUT\AppData\Roaming\Malwarebytes
2014-03-02 01:34 - 2014-03-02 01:34 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-03-02 01:33 - 2014-03-02 01:33 - 00000000 ____D () C:\WINDOWS\System32\Tasks\Safer-Networking
2014-03-02 01:32 - 2014-03-02 01:32 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\DAVUT\Downloads\mbam-setup-1.75.0.1300.exe
2014-03-02 01:31 - 2014-03-02 01:31 - 40658208 _____ (Safer-Networking Ltd. ) C:\Users\DAVUT\Downloads\spybot-2.2.25.exe
2014-03-02 00:02 - 2014-03-02 00:01 - 00000000 ____D () C:\Users\DAVUT\Documents\My PageManager
2014-03-02 00:01 - 2014-03-02 00:01 - 00000000 ____D () C:\Users\DAVUT\AppData\Roaming\NewSoft
2014-03-02 00:01 - 2014-03-02 00:01 - 00000000 ____D () C:\Users\DAVUT\AppData\Local\NewSoft
2014-03-02 00:01 - 2014-03-01 22:50 - 00000264 _____ () C:\WINDOWS\setup.iss
2014-03-01 23:58 - 2014-03-01 23:58 - 00000000 ____D () C:\WINDOWS\SysWOW64\color
2014-03-01 22:51 - 2014-03-01 22:51 - 00000000 ____D () C:\ProgramData\UDL
2014-03-01 22:50 - 2014-03-01 21:45 - 00000000 ____D () C:\Program Files (x86)\Epson Software
2014-03-01 21:52 - 2014-03-01 21:52 - 00000000 ____D () C:\Program Files\Common Files\EPSON
2014-03-01 21:45 - 2014-03-01 21:44 - 00000000 ____D () C:\Program Files (x86)\epson
2014-03-01 21:44 - 2014-03-01 21:44 - 00000000 ____D () C:\Program Files\EpsonNet
2014-03-01 00:00 - 2014-01-25 17:51 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-02-28 23:58 - 2013-10-15 18:55 - 00000000 ____D () C:\Users\DAVUT\AppData\Roaming\Audacity
2014-02-28 23:58 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\WinMetadata
2014-02-28 23:57 - 2013-11-10 00:41 - 00000000 ____D () C:\Users\DAVUT\AppData\Roaming\Skype
2014-02-28 23:57 - 2013-10-31 14:21 - 00000000 ____D () C:\Program Files (x86)\ExKode
2014-02-28 23:57 - 2013-10-31 14:03 - 00000000 ____D () C:\Users\DAVUT\AppData\Local\Dxtory Software
2014-02-28 23:57 - 2013-10-15 18:52 - 00000000 ____D () C:\Users\DAVUT\AppData\Roaming\Adobe
2014-02-28 23:57 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\registration
2014-02-28 22:34 - 2014-02-28 22:34 - 02404986 _____ () C:\Users\DAVUT\Downloads\08ab5107.zip
2014-02-28 20:14 - 2013-05-05 17:21 - 01722880 ___SH () C:\Users\DAVUT\Desktop\Thumbs.db
2014-02-28 14:30 - 2014-02-28 14:30 - 00273688 _____ () C:\Users\DAVUT\Downloads\Ihre Anfrage an Unitymedia.zip
2014-02-26 01:28 - 2014-02-07 18:40 - 00000000 ____D () C:\Users\DAVUT\AppData\Roaming\FileZilla
2014-02-26 01:23 - 2014-01-28 15:41 - 00000132 _____ () C:\Users\DAVUT\AppData\Roaming\Adobe CS6-PNG-Format - Voreinstellungen
2014-02-26 01:20 - 2014-02-26 01:20 - 00000000 ____D () C:\Users\DAVUT\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1
2014-02-26 01:00 - 2014-02-26 01:00 - 00034304 _____ () C:\Users\DAVUT\Downloads\de.community4wcf.wcf.page.simplepage.tar
2014-02-24 23:28 - 2014-02-24 23:28 - 00058071 _____ () C:\Users\DAVUT\Downloads\WFB_2.0.0.zip
2014-02-24 23:21 - 2014-02-24 23:21 - 00715264 _____ () C:\Users\DAVUT\Downloads\de.codequake.cms.tar
2014-02-24 22:50 - 2014-02-24 22:50 - 00000000 ____D () C:\WINDOWS\system32\appmgmt
2014-02-24 13:08 - 2014-02-24 13:08 - 00001633 _____ () C:\Users\DAVUT\Downloads\photoshop-action-Smooth skin.zip
2014-02-24 13:07 - 2014-02-24 13:07 - 00001545 _____ () C:\Users\DAVUT\Downloads\action_hue_nic_a_by_cutebb-d5ysyee.zip
2014-02-24 13:04 - 2014-02-24 13:04 - 00001003 _____ () C:\Users\DAVUT\Downloads\action_005___nostalgia_by_eliska_olsanska-d601xtv.rar
2014-02-24 12:30 - 2014-02-24 12:30 - 00003416 _____ () C:\Users\DAVUT\Downloads\4o563y2ekts7n5t.dlc
2014-02-24 12:13 - 2014-02-24 12:13 - 00270336 _____ () C:\Users\DAVUT\Downloads\de.orlando-forum.messagesidebar.contacticon.tar
2014-02-22 20:42 - 2014-02-22 20:42 - 99114034 _____ () C:\Users\DAVUT\Downloads\bossFlam2013.rar
2014-02-22 20:33 - 2014-02-22 20:33 - 00001200 _____ () C:\Users\DAVUT\Downloads\bsss_hsss.dlc
2014-02-22 20:29 - 2014-02-22 20:29 - 00000098 _____ () C:\Users\DAVUT\Downloads\603920b3-f38c-4792-b2d7-58d607cb338f.htm
2014-02-22 20:14 - 2014-02-22 20:14 - 00000000 ____D () C:\Users\DAVUT\AppData\Local\Line
2014-02-22 20:13 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\AppReadiness
2014-02-22 20:12 - 2014-02-22 20:12 - 17939816 _____ (LINE Corporation) C:\Users\DAVUT\Downloads\LineInst.exe
2014-02-22 20:08 - 2013-04-17 13:44 - 00000000 ____D () C:\Users\DAVUT\AppData\Local\Packages
2014-02-19 22:56 - 2014-02-19 22:56 - 00003056 _____ () C:\Users\DAVUT\Downloads\Walking_Dead_S04_720p_PRETAiL_Aktuell-thkp8vmdymin.dlc
2014-02-19 21:04 - 2013-11-10 00:41 - 00000000 ____D () C:\ProgramData\Skype
2014-02-19 21:03 - 2013-11-10 00:41 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-02-18 20:06 - 2013-10-17 11:24 - 88567024 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2014-02-18 20:06 - 2013-10-17 11:24 - 00000000 ____D () C:\WINDOWS\system32\MRT
2014-02-18 17:18 - 2014-02-18 17:18 - 00000000 ____D () C:\ProgramData\RELOADED
2014-02-18 17:10 - 2014-02-18 17:10 - 00006936 _____ () C:\Users\DAVUT\Downloads\87c855fbcc0d664ea0d61d471c65d7a5.dlc
2014-02-18 16:12 - 2014-02-18 16:12 - 00000000 ___RD () C:\Users\DAVUT\Downloads\Microsoft.SkypeApp_kzf8qxf38zg5c!App
2014-02-18 14:58 - 2013-05-26 13:47 - 00560640 ___SH () C:\Users\DAVUT\Downloads\Thumbs.db
2014-02-17 22:00 - 2013-08-22 16:38 - 00693240 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2014-02-17 22:00 - 2013-08-22 16:38 - 00105464 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2014-02-17 17:11 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\rescache
2014-02-17 14:04 - 2014-02-17 14:03 - 02782415 _____ () C:\Users\DAVUT\Downloads\Fraps 3.5.99 Build 15618.rar
2014-02-17 13:15 - 2013-10-15 18:53 - 00000000 ___RD () C:\Users\DAVUT\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-02-17 13:15 - 2013-10-15 18:53 - 00000000 ___RD () C:\Users\DAVUT\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-02-17 13:15 - 2013-08-22 16:36 - 00000000 ___RD () C:\WINDOWS\ToastData
2014-02-17 13:15 - 2013-08-22 14:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\Dism
2014-02-17 13:15 - 2013-08-22 14:36 - 00000000 ____D () C:\WINDOWS\system32\Dism
2014-02-16 12:22 - 2014-02-16 12:22 - 20042717 _____ () C:\Users\DAVUT\Downloads\PES2014Patch107.zip
2014-02-16 12:09 - 2014-02-16 12:06 - 893575871 _____ () C:\Users\DAVUT\Downloads\PESEdit.com_2014_Data_Pack.7z
2014-02-16 12:08 - 2014-02-16 12:06 - 723654951 _____ () C:\Users\DAVUT\Downloads\PESEdit.com_2014_Patch_V._3.0.rar
2014-02-16 12:04 - 2014-02-16 12:04 - 00001304 _____ () C:\Users\DAVUT\Downloads\3l2km393x2tms88-ul.to.dlc
2014-02-16 00:28 - 2013-02-19 20:12 - 00000000 ____D () C:\Users\DAVUT\Documents\KONAMI
2014-02-16 00:23 - 2014-02-16 00:23 - 00000000 ____D () C:\ProgramData\KONAMI
2014-02-16 00:09 - 2014-02-16 00:09 - 00760320 _____ () C:\Users\DAVUT\Downloads\de.voolia.news.tar
2014-02-15 00:03 - 2014-02-15 00:03 - 00026624 _____ () C:\Users\DAVUT\Downloads\1.0.0.tar
2014-02-14 23:12 - 2014-02-14 23:12 - 00000000 ____D () C:\Users\DAVUT\Downloads\wbb4.0.2pl1
2014-02-14 23:06 - 2014-02-14 23:06 - 03531940 _____ () C:\Users\DAVUT\Downloads\wbb4.0.2pl1.zip
2014-02-14 22:32 - 2014-02-14 22:32 - 00155024 _____ () C:\Users\DAVUT\Downloads\com.insidepixel.style.simpleBlue.tar.tgz
2014-02-13 21:07 - 2014-02-13 21:07 - 00008344 _____ () C:\Users\DAVUT\Downloads\relink.us__521iuhdshf743834iusdf8932_9hf9gui3g374__uploaded.net__bbbc5edf59489ee7526d760eaa6e0b.dlc
2014-02-12 18:07 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\MediaViewer
2014-02-12 18:07 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\FileManager
2014-02-12 18:07 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\Camera
2014-02-12 16:10 - 2014-02-12 16:09 - 02668307 _____ () C:\Users\DAVUT\Downloads\teknoloji.rar
2014-02-12 16:01 - 2014-02-12 16:01 - 07598942 _____ () C:\Users\DAVUT\Downloads\npp.6.5.3.Installer.exe
2014-02-12 16:01 - 2014-02-12 16:01 - 00000776 _____ () C:\Users\UpdatusUser\Desktop\Notepad++.lnk
2014-02-12 16:01 - 2014-02-12 16:01 - 00000000 ____D () C:\Users\DAVUT\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Notepad++
2014-02-12 15:20 - 2014-02-12 15:20 - 00285395 _____ () C:\Users\DAVUT\Downloads\parament.1.3.zip
2014-02-12 15:14 - 2014-02-12 15:14 - 01122467 _____ () C:\Users\DAVUT\Downloads\gamepress.1.0.5(1).zip
2014-02-12 15:10 - 2014-02-12 15:10 - 01122467 _____ () C:\Users\DAVUT\Downloads\gamepress.1.0.5.zip
2014-02-07 19:30 - 2014-01-19 23:03 - 00001456 _____ () C:\Users\DAVUT\AppData\Local\Adobe Für Web speichern 13.0 Prefs
2014-02-07 18:38 - 2014-02-07 18:38 - 04812567 _____ (Tim Kosse) C:\Users\DAVUT\Downloads\FileZilla_3.7.3_win32-setup [1].exe
2014-02-07 18:38 - 2014-02-07 18:38 - 00658856 _____ ( ) C:\Users\DAVUT\Downloads\FileZilla_3.7.3_win32-setup.exe
2014-02-07 18:36 - 2014-02-07 18:36 - 06792574 _____ () C:\Users\DAVUT\Downloads\wordpress-3.8.1-tr_TR.zip
2014-02-07 18:33 - 2014-02-07 18:33 - 58556247 _____ () C:\Users\DAVUT\Downloads\flavor16.zip
2014-02-07 18:24 - 2014-02-07 18:24 - 05295874 _____ () C:\Users\DAVUT\Downloads\broadcast13.zip
2014-02-07 18:23 - 2014-02-07 18:23 - 04816248 _____ () C:\Users\DAVUT\Downloads\rule_10.zip
2014-02-06 13:16 - 2014-02-12 15:06 - 23170048 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2014-02-06 12:30 - 2014-02-12 15:06 - 02724864 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2014-02-06 12:30 - 2014-02-12 15:06 - 00004096 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwcollectorres.dll
2014-02-06 12:12 - 2014-02-12 15:07 - 02765824 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2014-02-06 12:07 - 2014-02-12 15:06 - 00066048 _____ (Microsoft Corporation) C:\WINDOWS\system32\iesetup.dll
2014-02-06 12:06 - 2014-02-12 15:06 - 00048640 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwproxystub.dll
2014-02-06 11:57 - 2014-02-12 15:06 - 00053760 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll
2014-02-06 11:56 - 2014-02-12 15:06 - 00033792 _____ (Microsoft Corporation) C:\WINDOWS\system32\iernonce.dll
2014-02-06 11:49 - 2014-02-12 15:06 - 00139264 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieUnatt.exe
2014-02-06 11:48 - 2014-02-12 15:06 - 00708608 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2014-02-06 11:48 - 2014-02-12 15:06 - 00111616 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwcollector.exe
2014-02-06 11:38 - 2014-02-12 15:06 - 17103872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2014-02-06 11:32 - 2014-02-12 15:06 - 00218624 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2014-02-06 11:20 - 2014-02-12 15:06 - 02724864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2014-02-06 11:17 - 2014-02-12 15:06 - 00195584 _____ (Microsoft Corporation) C:\WINDOWS\system32\msrating.dll
2014-02-06 11:11 - 2014-02-12 15:06 - 05768704 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2014-02-06 11:01 - 2014-02-12 15:06 - 00061952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iesetup.dll
2014-02-06 11:00 - 2014-02-12 15:07 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieetwproxystub.dll
2014-02-06 10:57 - 2014-02-12 15:07 - 02168320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2014-02-06 10:57 - 2014-02-12 15:06 - 00627200 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2014-02-06 10:52 - 2014-02-12 15:06 - 00043008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jsproxy.dll
2014-02-06 10:52 - 2014-02-12 15:06 - 00032768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iernonce.dll
2014-02-06 10:50 - 2014-02-12 15:06 - 02041856 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2014-02-06 10:47 - 2014-02-12 15:06 - 00112128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieUnatt.exe
2014-02-06 10:46 - 2014-02-12 15:06 - 00553472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2014-02-06 10:25 - 2014-02-12 15:06 - 04244480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2014-02-06 10:25 - 2014-02-12 15:06 - 00164864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrating.dll
2014-02-06 10:24 - 2014-02-12 15:06 - 02334208 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2014-02-06 10:22 - 2014-02-12 15:06 - 13051392 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2014-02-06 10:13 - 2014-02-12 15:06 - 00524288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2014-02-06 10:09 - 2014-02-12 15:06 - 01964032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2014-02-06 10:03 - 2014-02-12 15:06 - 11266048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2014-02-06 09:55 - 2014-02-12 15:06 - 01393664 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2014-02-06 09:41 - 2014-02-12 15:06 - 01820160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2014-02-06 09:40 - 2014-02-12 15:06 - 00817664 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2014-02-06 09:36 - 2014-02-12 15:06 - 01156096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2014-02-06 09:34 - 2014-02-12 15:06 - 00703488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2014-02-05 22:52 - 2014-02-05 22:52 - 00721408 _____ () C:\Users\DAVUT\Downloads\Finanzplanung_Tool_12_2013.xls
2014-02-05 22:47 - 2014-02-05 22:47 - 00000000 ____D () C:\Users\DAVUT\AppData\Roaming\OpenOffice
2014-02-05 22:43 - 2014-02-05 22:40 - 163606685 _____ () C:\Users\DAVUT\Downloads\Apache_OpenOffice_4.0.1_Win_x86_install_de.exe
2014-02-05 12:15 - 2014-02-05 12:15 - 00000000 ____H () C:\WINDOWS\system32\Drivers\Msft_Kernel_netaapl64_01009.Wdf
2014-02-04 21:16 - 2014-02-04 21:16 - 00012164 _____ () C:\Users\DAVUT\Downloads\TWI_SAGA_GER_720p_BRay_x264-voxx2xmbn9h05.dlc
2014-02-04 15:47 - 2014-02-04 15:47 - 00000000 ____D () C:\Users\DAVUT\.shsh
2014-02-04 15:44 - 2014-02-04 15:42 - 938891219 _____ () C:\Users\DAVUT\Downloads\iPhone3,1_6.1.3_10B329_Restore.ipsw
2014-02-04 15:43 - 2014-02-04 15:43 - 75743528 _____ (Apple Inc.) C:\Users\DAVUT\Downloads\iTunes64Setup(1).exe
2014-02-04 15:42 - 2014-02-04 15:42 - 04984425 _____ () C:\Users\DAVUT\Downloads\ifaith-v1.5.9.zip
Some content of TEMP:
====================
C:\Users\DAVUT\AppData\Local\Temp\Quarantine.exe
C:\Users\DAVUT\AppData\Local\Temp\_is15E7.exe
C:\Users\DAVUT\AppData\Local\Temp\_is62DD.exe
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2014-03-05 12:41
==================== End Of Log ============================
--- --- --- Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x64) Version: 05-03-2014
Ran by DAVUT at 2014-03-05 21:07:21
Running from C:\Users\DAVUT\Desktop
Boot Mode: Normal
==========================================================
==================== Security Center ========================
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Spybot - Search and Destroy (Enabled - Out of date) {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
==================== Installed Programs ======================
Adobe Flash Player 11 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 11.9.900.117 - Adobe Systems Incorporated)
Adobe Photoshop CS6 (HKLM-x32\...\{74EB3499-8B95-4B5C-96EB-7B342F3FD0C6}) (Version: 13.0 - Adobe Systems Incorporated)
AMD Accelerated Video Transcoding (Version: 13.15.100.31008 - Advanced Micro Devices, Inc.) Hidden
AMD APP SDK Runtime (Version: 10.0.938.2 - Advanced Micro Devices Inc.) Hidden
AMD Catalyst Control Center (x32 Version: 2013.1008.932.15229 - Ihr Firmenname) Hidden
AMD Catalyst Install Manager (HKLM\...\{5AE0838D-19B1-5D12-5FE8-E6503B2C8716}) (Version: 8.0.915.0 - Advanced Micro Devices, Inc.)
ASUS GPU Tweak (HKLM-x32\...\InstallShield_{532F6E8A-AF97-41C3-915F-39F718EC07D1}) (Version: 2.2.8.1 - ASUSTek COMPUTER INC.)
ASUS GPU Tweak (x32 Version: 2.2.8.1 - ASUSTek COMPUTER INC.) Hidden
ASUS Product Register Program (HKLM-x32\...\{C0B16F2E-3980-44F8-8CF4-F84696541FF7}) (Version: 1.0.017 - ASUSTek Computer Inc.)
ASUS Xonar D2 Audio (HKLM-x32\...\{8FFA0EAF-5AFB-4492-B5F7-C56B03DF08DF}) (Version: - )
Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 2.1.0.7 - Atheros Communications Inc.)
Battlefield 3™ (HKLM-x32\...\{76285C16-411A-488A-BCE3-C83CB933D8CF}) (Version: 1.6.0.0 - Electronic Arts)
Battlefield 4™ (HKLM-x32\...\{ABADE36E-EC37-413B-8179-B432AD3FACE7}) (Version: 1.1.0.1 - Electronic Arts)
Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.3.2 - EA Digital Illusions CE AB)
Catalyst Control Center - Branding (x32 Version: 1.00.0000 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Graphics Previews Common (x32 Version: 2013.1008.932.15229 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center InstallProxy (x32 Version: 2013.1008.932.15229 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Localization All (x32 Version: 2013.1008.932.15229 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Standard (x32 Version: 2013.1008.0931.15229 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Traditional (x32 Version: 2013.1008.0931.15229 - Advanced Micro Devices, Inc.) Hidden
CCC Help Czech (x32 Version: 2013.1008.0931.15229 - Advanced Micro Devices, Inc.) Hidden
CCC Help Danish (x32 Version: 2013.1008.0931.15229 - Advanced Micro Devices, Inc.) Hidden
CCC Help Dutch (x32 Version: 2013.1008.0931.15229 - Advanced Micro Devices, Inc.) Hidden
CCC Help English (x32 Version: 2013.1008.0931.15229 - Advanced Micro Devices, Inc.) Hidden
CCC Help Finnish (x32 Version: 2013.1008.0931.15229 - Advanced Micro Devices, Inc.) Hidden
CCC Help French (x32 Version: 2013.1008.0931.15229 - Advanced Micro Devices, Inc.) Hidden
CCC Help German (x32 Version: 2013.1008.0931.15229 - Advanced Micro Devices, Inc.) Hidden
CCC Help Greek (x32 Version: 2013.1008.0931.15229 - Advanced Micro Devices, Inc.) Hidden
CCC Help Hungarian (x32 Version: 2013.1008.0931.15229 - Advanced Micro Devices, Inc.) Hidden
CCC Help Italian (x32 Version: 2013.1008.0931.15229 - Advanced Micro Devices, Inc.) Hidden
CCC Help Japanese (x32 Version: 2013.1008.0931.15229 - Advanced Micro Devices, Inc.) Hidden
CCC Help Korean (x32 Version: 2013.1008.0931.15229 - Advanced Micro Devices, Inc.) Hidden
CCC Help Norwegian (x32 Version: 2013.1008.0931.15229 - Advanced Micro Devices, Inc.) Hidden
CCC Help Polish (x32 Version: 2013.1008.0931.15229 - Advanced Micro Devices, Inc.) Hidden
CCC Help Portuguese (x32 Version: 2013.1008.0931.15229 - Advanced Micro Devices, Inc.) Hidden
CCC Help Russian (x32 Version: 2013.1008.0931.15229 - Advanced Micro Devices, Inc.) Hidden
CCC Help Spanish (x32 Version: 2013.1008.0931.15229 - Advanced Micro Devices, Inc.) Hidden
CCC Help Swedish (x32 Version: 2013.1008.0931.15229 - Advanced Micro Devices, Inc.) Hidden
CCC Help Thai (x32 Version: 2013.1008.0931.15229 - Advanced Micro Devices, Inc.) Hidden
CCC Help Turkish (x32 Version: 2013.1008.0931.15229 - Advanced Micro Devices, Inc.) Hidden
ccc-utility64 (Version: 2013.1008.932.15229 - Advanced Micro Devices, Inc.) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 4.10 - Piriform)
Counter-Strike (HKLM-x32\...\Steam App 10) (Version: - Valve)
Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version: - Valve)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Dogfight 1942 (c) City Interactive version 1 (HKLM-x32\...\Dogfight 1942 (c) City Interactive_is1) (Version: 1 - )
Dxtory version 2.0.126 (HKLM-x32\...\Dxtory2.0_is1) (Version: 2.0.126 - ExKode Co. Ltd.)
Epson Connect Guide (HKLM-x32\...\Epson Connect Guide) (Version: - )
Epson Connect Printer Setup (HKLM-x32\...\{D9B1D51B-EB56-410D-AEB5-1CCFAC4B6C8C}) (Version: 1.1.1 - SEIKO EPSON CORPORATION)
Epson Easy Photo Print 2 (HKLM-x32\...\{02A312B5-1542-47B6-BFE9-F51358C39E86}) (Version: 2.4.0.0 - SEIKO EPSON CORPORATION)
Epson Easy Photo Print Plug-in for PMB(Picture Motion Browser) (HKLM-x32\...\{B2D55EB8-32C5-4B43-9006-9E97DECBA178}) (Version: 1.00.0000 - SEIKO EPSON CORPORATION2)
Epson Event Manager (HKLM-x32\...\{8F01524C-0676-4CC1-B4AE-64753C723391}) (Version: 3.01.0005 - Seiko Epson Corporation)
Epson Netzwerkhandbuch WF-3520 Series (HKLM-x32\...\WF-3520 Series Netg) (Version: - )
EPSON Printer Finder (HKLM-x32\...\{B8ECD0D3-AE08-4891-B6C7-32F96B75EB6C}) (Version: 1.0.0 - SEIKO EPSON CORPORATION)
EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version: - Seiko Epson Corporation)
EPSON WF-3520 Series Printer Uninstall (HKLM\...\EPSON WF-3520 Series) (Version: - SEIKO EPSON Corporation)
EpsonNet Print (HKLM-x32\...\{3E31400D-274E-4647-916C-2CACC3741799}) (Version: 2.5.00 - SEIKO EPSON CORPORATION)
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version: - )
FileZilla Client 3.7.3 (HKLM-x32\...\FileZilla Client) (Version: 3.7.3 - Tim Kosse)
Fotogalerie (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Fraps (remove only) (HKLM-x32\...\Fraps) (Version: - )
GPUTweakStreaming (HKLM-x32\...\InstallShield_{D2A41AA7-4313-43D5-AA39-7E3FBBE0556D}) (Version: 1.0.3.5 - ASUS)
GPUTweakStreaming (x32 Version: 1.0.3.5 - ASUS) Hidden
HydraVision (x32 Version: 4.2.236.0 - Advanced Micro Devices, Inc.) Hidden
iCloud (HKLM\...\{81E20D41-C277-4526-934D-F2380AF91B78}) (Version: 3.1.0.40 - Apple Inc.)
Infestation: Survivor Stories (HKLM-x32\...\Steam App 226700) (Version: - Hammerpoint Interactive)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1252 - Intel Corporation)
Intel® Trusted Connect Service Client (Version: 1.24.388.1 - Intel Corporation) Hidden
JDownloader 0.9 (HKLM-x32\...\5513-1208-7298-9440) (Version: 0.9 - AppWork GmbH)
Lagarith Lossless Codec (1.3.27) (HKLM-x32\...\{F59AC46C-10C3-4023-882C-4212A92283B3}_is1) (Version: - )
Left 4 Dead 2 (HKLM-x32\...\Steam App 550) (Version: - Valve)
LINE (HKLM-x32\...\LINE) (Version: 3.4.0.21 - LINE Corporation)
Malwarebytes Anti-Malware Version 1.75.0.1300 (HKLM-x32\...\Malwarebytes' Anti-Malware_is1) (Version: 1.75.0.1300 - Malwarebytes Corporation)
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft IntelliType Pro 7.1 (HKLM\...\{E6B7BD80-A921-4C72-A68B-44A9EB438BE4}) (Version: 7.10.344.0 - Microsoft)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.50727 (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.60610 (Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.50727 (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.60610 (Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.50727 (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.60610 (x32 Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.50727 (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.60610 (x32 Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft_VC80_CRT_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC90_CRT_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
MKVToolNix 6.7.0 [20140102-565] (HKLM-x32\...\MKVToolNix) (Version: 6.7.0 - Moritz Bunkus)
Movie Maker (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Mozilla Firefox 24.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 24.0 (x86 de)) (Version: 24.0 - Mozilla)
Mozilla Firefox 27.0.1 (x86 de) (HKCU\...\Mozilla Firefox 27.0.1 (x86 de)) (Version: 27.0.1 - Mozilla)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT110 (x32 Version: 16.4.1108.0727 - Microsoft) Hidden
MSVCRT110_amd64 (Version: 16.4.1109.0912 - Microsoft) Hidden
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.5.3 - Notepad++ Team)
Octoshape Streaming Services (HKCU\...\Octoshape Streaming Services) (Version: - Octoshape ApS)
Open Broadcaster Software (HKLM-x32\...\Open Broadcaster Software) (Version: - )
Origin (HKLM-x32\...\Origin) (Version: 9.3.10.4710 - Electronic Arts, Inc.)
PDF Settings CS6 (x32 Version: 11.0 - Adobe Systems Incorporated) Hidden
Photo Common (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Photo Gallery (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Presto! PageManager 9.03 SE (HKLM-x32\...\{04AF7536-446D-4F5A-8920-B4E885E4581B}) (Version: 9.03.06 - Newsoft Technology Corporation)
Pro Evolution Soccer 2014 (HKLM-x32\...\{5EFD3544-2371-4900-8ACA-F157BA80FB0C}) (Version: 1.04.0000 - KONAMI)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.993 - Even Balance, Inc.)
Razer Synapse 2.0 (HKLM-x32\...\{0D78BEE2-F8FF-4498-AF1A-3FF81CED8AC6}) (Version: 1.15.4 - Razer Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6662 - Realtek Semiconductor Corp.)
Skype™ 6.11 (HKLM-x32\...\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}) (Version: 6.11.102 - Skype Technologies S.A.)
Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.2.25 - Safer-Networking Ltd.)
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.13 - TeamSpeak Systems GmbH)
TeamViewer 8 (HKLM-x32\...\TeamViewer 8) (Version: 8.0.26038 - TeamViewer)
VLC media player 2.1.0 (HKLM-x32\...\VLC media player) (Version: 2.1.0 - VideoLAN)
Windows Live Communications Platform (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3508.0205 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
WinRAR 5.00 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.00.0 - win.rar GmbH)
==================== Restore Points =========================
05-03-2014 18:55:11 Geplanter Prüfpunkt
==================== Hosts content: ==========================
2012-07-26 06:26 - 2013-11-03 00:27 - 00000894 ____A C:\WINDOWS\system32\Drivers\etc\hosts
127.0.0.1 lmlicenses.wip4.adobe.com
127.0.0.1 lm.licenses.adobe.com
==================== Scheduled Tasks (whitelisted) =============
Task: {003C309C-F60B-45DB-ABBB-4BE9B297FDD1} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => D:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe
Task: {05293577-D647-4185-B859-C94839A0B2E3} - System32\Tasks\Microsoft\Windows\SettingSync\NetworkStateChangeTask
Task: {0B545118-B563-42FC-8D07-B78F602FCF34} - System32\Tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask => Rundll32.exe WSClient.dll,RefreshBannedAppsList
Task: {2085BF56-520D-4951-B7C0-DF34AF90CC6A} - System32\Tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask => Rundll32.exe sysmain.dll,PfSvWsSwapAssessmentTask
Task: {2C9C0C6C-2A74-46F2-858A-4389D253EAD0} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCachePrepopulate
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\Windows\System32\AutoWorkplace.exe [2013-08-22] (Microsoft Corporation)
Task: {3B6D8A73-F20B-4C93-B8FB-56A154F172D2} - System32\Tasks\Microsoft\Windows\Time Zone\SynchronizeTimeZone => C:\Windows\system32\tzsync.exe [2013-08-22] (Microsoft Corporation)
Task: {49754026-21E1-41FC-94FD-727AFE414FE7} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCacheRebalance
Task: {61FD0431-131C-4D31-AF25-92D6FA47A992} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => D:\Program Files (x86)\Spybot - Search & Destroy 2\SDScan.exe
Task: {6AA91E8C-DDBD-4979-8464-4062F7681A19} - System32\Tasks\Microsoft\Windows\Plug and Play\Plug and Play Cleanup
Task: {6DFCB649-0769-4F83-BB10-F60F235F6D3D} - System32\Tasks\Microsoft\Windows\SkyDrive\Idle Sync Maintenance Task
Task: {73B1B253-CE67-4501-AE1A-377DD1D68B65} - System32\Tasks\Microsoft\Windows\Application Experience\StartupAppTask => Rundll32.exe Startupscan.dll,SusRunTask
Task: {77F1D869-6E65-4079-A2A0-E2023408EF97} - System32\Tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState => Rundll32.exe Windows.Storage.ApplicationData.dll,CleanupTemporaryState
Task: {872D0E53-FD2E-41E3-B431-698AF82882CE} - System32\Tasks\Microsoft\Windows\SkyDrive\Routine Maintenance Task
Task: {8CC813C9-712A-41EF-9512-B233444FC669} - System32\Tasks\Microsoft\Windows\AppxDeploymentClient\Pre-staged app cleanup => Rundll32.exe %windir%\system32\AppxDeploymentClient.dll,AppxPreStageCleanupRunTask
Task: {9A910D6B-757B-45F4-A04F-63FB0C190F71} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => D:\Program Files (x86)\Spybot - Search & Destroy 2\SDImmunize.exe
Task: {9FF4C139-5234-410C-B7FA-23EE2FD2AB53} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Maintenance Work
Task: {ADE4287C-7D72-4F1F-8AA5-484B2028FBB4} - System32\Tasks\Microsoft_Hardware_Launch_IType_exe => C:\Program Files\Microsoft IntelliType Pro\IType.exe [2009-11-05] (Microsoft Corporation)
Task: {C1E3B7EE-F69F-45BA-87D7-DB659B9C20F1} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2014-02-18] (Microsoft Corporation)
Task: {C5B58101-F4E5-4A12-9D80-FFB0F13E321A} - System32\Tasks\AdobeAAMUpdater-1.0-MicrosoftAccount-dvt91@outlook.com => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2012-04-04] (Adobe Systems Incorporated)
Task: {CFD7C21A-808B-487B-A6EC-8A10E44E8360} - System32\Tasks\Microsoft\Windows\SettingSync\BackupTask
Task: {D88FEC9E-A82A-46F9-87E2-B6B97B301C1A} - System32\Tasks\Microsoft\Windows\WS\License Validation => Rundll32.exe WSClient.dll,WSpTLR licensing
Task: {DA46820F-FF8A-4B5E-A6B2-B12185DCFFFB} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Logon Synchronization
Task: {DCA34986-71FC-4ADF-BA36-C1465DE42637} - System32\Tasks\CCleanerSkipUAC => D:\Program Files\CCleaner\CCleaner.exe [2014-01-21] (Piriform Ltd)
Task: {E6D378FA-E068-4BCB-80DE-56D43A249507} - System32\Tasks\Microsoft\Windows\RecoveryEnvironment\VerifyWinRE
==================== Loaded Modules (whitelisted) =============
2012-01-17 10:24 - 2012-01-17 10:24 - 00055296 _____ () C:\Windows\SysWOW64\ASGT.exe
2012-09-11 16:27 - 2012-09-11 16:27 - 00062128 _____ () C:\Program Files (x86)\ASUS\APRP\AsusProductRegisterService.exe
2013-10-15 21:34 - 2013-11-12 15:19 - 00076888 _____ () C:\WINDOWS\SysWOW64\PnkBstrA.exe
2010-01-02 15:42 - 2010-01-02 15:42 - 00098304 _____ () D:\Program Files (x86)\FileZilla FTP Client\fzshellext_64.dll
2013-10-15 21:00 - 2008-07-11 14:04 - 00200704 _____ () C:\Windows\SysWOW64\HsMgr.exe
2013-10-15 21:00 - 2008-07-11 14:03 - 00282112 _____ () C:\Windows\System\HsMgr64.exe
2014-03-02 01:33 - 2012-08-23 10:38 - 00574840 _____ () D:\Program Files (x86)\Spybot - Search & Destroy 2\sqlite3.dll
2014-03-02 01:33 - 2013-05-16 10:55 - 00113496 _____ () D:\Program Files (x86)\Spybot - Search & Destroy 2\snlThirdParty150.bpl
2014-03-02 01:33 - 2013-05-16 10:55 - 00416600 _____ () D:\Program Files (x86)\Spybot - Search & Destroy 2\DEC150.bpl
2014-03-02 01:33 - 2013-05-16 10:55 - 00161112 _____ () D:\Program Files (x86)\Spybot - Search & Destroy 2\snlFileFormats150.bpl
2014-03-02 01:33 - 2012-04-03 17:06 - 00565640 _____ () D:\Program Files (x86)\Spybot - Search & Destroy 2\av\BDSmartDB.dll
2013-10-15 21:08 - 2012-06-25 09:41 - 01198912 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll
2013-10-15 21:00 - 2012-06-06 08:56 - 00143360 ____N () C:\Program Files\ASUS Xonar D2 Audio\Customapp\VmixP8.dll
2013-09-14 00:51 - 2013-09-14 00:51 - 00087952 _____ () D:\Program Files (x86)\Common Files\Apple\Internet Services\zlib1.dll
2013-09-14 00:50 - 2013-09-14 00:50 - 01242952 _____ () D:\Program Files (x86)\Common Files\Apple\Internet Services\libxml2.dll
2014-02-15 01:11 - 2014-02-15 01:11 - 03578992 _____ () D:\Program Files (x86)\Mozilla Firefox\mozjs.dll
==================== Alternate Data Streams (whitelisted) =========
AlternateDataStreams: C:\Users\DAVUT\SkyDrive:ms-properties
==================== Safe Mode (whitelisted) ===================
==================== Disabled items from MSCONFIG ==============
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (03/05/2014 09:01:58 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.16384_none_62475f7becb72503.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.16384_none_62475f7becb72503.manifest2" in Zeile C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.16384_none_62475f7becb72503.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.16384_none_62475f7becb72503.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.16384_none_a9f4965301334e09.manifest.
Error: (03/05/2014 08:23:51 PM) (Source: Microsoft-Windows-Immersive-Shell) (User: DAVUT-PC)
Description: Bei der Aktivierung der App „Microsoft.BingFinance_8wekyb3d8bbwe!AppexFinance“ ist folgender Fehler aufgetreten: -2147023170. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.
Error: (03/05/2014 07:55:55 PM) (Source: Microsoft-Windows-Defrag) (User: )
Description: Das Volume "System-reserviert" wurde aufgrund eines Fehlers nicht optimiert: Falscher Parameter. (0x80070057)
Error: (03/05/2014 07:55:55 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.16384_none_62475f7becb72503.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.16384_none_62475f7becb72503.manifest2" in Zeile C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.16384_none_62475f7becb72503.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.16384_none_62475f7becb72503.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.16384_none_a9f4965301334e09.manifest.
Error: (03/05/2014 07:55:12 PM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".
Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft-Verbindungsschichterkennungsprotokoll.
System Error:
Zugriff verweigert
.
Error: (03/05/2014 07:38:51 PM) (Source: Microsoft-Windows-Immersive-Shell) (User: DAVUT-PC)
Description: Bei der Aktivierung der App „Microsoft.BingWeather_8wekyb3d8bbwe!App“ ist folgender Fehler aufgetreten: -2147023170. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.
Error: (03/05/2014 06:23:51 PM) (Source: Microsoft-Windows-Immersive-Shell) (User: DAVUT-PC)
Description: Bei der Aktivierung der App „Microsoft.BingFinance_8wekyb3d8bbwe!AppexFinance“ ist folgender Fehler aufgetreten: -2147023170. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.
Error: (03/05/2014 06:13:34 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.16384_none_62475f7becb72503.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.16384_none_62475f7becb72503.manifest2" in Zeile C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.16384_none_62475f7becb72503.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.16384_none_62475f7becb72503.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.16384_none_a9f4965301334e09.manifest.
Error: (03/05/2014 06:13:34 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.16384_none_62475f7becb72503.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.16384_none_62475f7becb72503.manifest2" in Zeile C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.16384_none_62475f7becb72503.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.16384_none_62475f7becb72503.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.16384_none_a9f4965301334e09.manifest.
Error: (03/05/2014 06:13:29 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.16384_none_62475f7becb72503.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.16384_none_62475f7becb72503.manifest2" in Zeile C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.16384_none_62475f7becb72503.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.16384_none_62475f7becb72503.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.16384_none_a9f4965301334e09.manifest.
System errors:
=============
Error: (03/05/2014 06:07:32 PM) (Source: disk) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk6\DR6 gefunden.
Error: (03/05/2014 06:07:32 PM) (Source: disk) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk5\DR5 gefunden.
Error: (03/05/2014 06:07:32 PM) (Source: disk) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk4\DR4 gefunden.
Error: (03/05/2014 00:44:56 PM) (Source: disk) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk3\DR3 gefunden.
Error: (03/05/2014 00:44:56 PM) (Source: disk) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk4\DR4 gefunden.
Error: (03/05/2014 00:44:56 PM) (Source: disk) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk6\DR6 gefunden.
Error: (03/05/2014 00:44:51 PM) (Source: DCOM) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalAktivierung{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar
Error: (03/05/2014 00:34:14 PM) (Source: DCOM) (User: NT-AUTORITÄT)
Description: ComputerstandardLokalAktivierung{C2F03A33-21F5-47FA-B4BB-156362A2F239}{316CDED5-E4AE-4B15-9113-7055D84DCC97}NT-AUTORITÄTLokaler DienstS-1-5-19LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar
Error: (03/04/2014 10:25:51 PM) (Source: DCOM) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalAktivierung{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar
Error: (03/04/2014 10:16:36 PM) (Source: DCOM) (User: DAVUT-PC)
Description: AnwendungsspezifischLokalStart{7022A3B3-D004-4F52-AF11-E9E987FEE25F}{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}DAVUT-PCDAVUTS-1-5-21-2309657365-2291247431-1116468141-1000LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar
Microsoft Office Sessions:
=========================
Error: (03/05/2014 09:01:58 PM) (Source: SideBySide)(User: )
Description: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.16384_none_62475f7becb72503.manifestC:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.16384_none_a9f4965301334e09.manifestC:\Program Files (x86)\ESET\ESET Online Scanner\ESETSmartInstaller.exe
Error: (03/05/2014 08:23:51 PM) (Source: Microsoft-Windows-Immersive-Shell)(User: DAVUT-PC)
Description: Microsoft.BingFinance_8wekyb3d8bbwe!AppexFinance-2147023170
Error: (03/05/2014 07:55:55 PM) (Source: Microsoft-Windows-Defrag)(User: )
Description: System-reserviertFalscher Parameter. (0x80070057)
Error: (03/05/2014 07:55:55 PM) (Source: SideBySide)(User: )
Description: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.16384_none_62475f7becb72503.manifestC:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.16384_none_a9f4965301334e09.manifestC:\Program Files (x86)\ESET\ESET Online Scanner\ESETSmartInstaller.exe
Error: (03/05/2014 07:55:12 PM) (Source: Microsoft-Windows-CAPI2)(User: )
Description:
Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft-Verbindungsschichterkennungsprotokoll.
System Error:
Zugriff verweigert
Error: (03/05/2014 07:38:51 PM) (Source: Microsoft-Windows-Immersive-Shell)(User: DAVUT-PC)
Description: Microsoft.BingWeather_8wekyb3d8bbwe!App-2147023170
Error: (03/05/2014 06:23:51 PM) (Source: Microsoft-Windows-Immersive-Shell)(User: DAVUT-PC)
Description: Microsoft.BingFinance_8wekyb3d8bbwe!AppexFinance-2147023170
Error: (03/05/2014 06:13:34 PM) (Source: SideBySide)(User: )
Description: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.16384_none_62475f7becb72503.manifestC:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.16384_none_a9f4965301334e09.manifestC:\Users\DAVUT\Desktop\esetsmartinstaller_enu(1).exe
Error: (03/05/2014 06:13:34 PM) (Source: SideBySide)(User: )
Description: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.16384_none_62475f7becb72503.manifestC:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.16384_none_a9f4965301334e09.manifestC:\Users\DAVUT\Desktop\esetsmartinstaller_enu(1).exe
Error: (03/05/2014 06:13:29 PM) (Source: SideBySide)(User: )
Description: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.16384_none_62475f7becb72503.manifestC:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.16384_none_a9f4965301334e09.manifestC:\Users\DAVUT\Desktop\esetsmartinstaller_enu(1).exe
CodeIntegrity Errors:
===================================
Date: 2014-03-04 22:16:39.059
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\usbaapl64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
==================== Memory info ===========================
Percentage of memory in use: 13%
Total physical RAM: 16345.06 MB
Available physical RAM: 14067.65 MB
Total Pagefile: 32729.06 MB
Available Pagefile: 29572.39 MB
Total Virtual: 131072 MB
Available Virtual: 131071.83 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:111.45 GB) (Free:52.97 GB) NTFS
Drive d: () (Fixed) (Total:931.51 GB) (Free:303.1 GB) NTFS
Drive f: () (Fixed) (Total:931.29 GB) (Free:886.87 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 932 GB) (Disk ID: 00000000)
Partition: GPT Partition Type.
========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 112 GB) (Disk ID: 4FAF89A0)
Partition 1: (Active) - (Size=350 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=111 GB) - (Type=07 NTFS)
========================================================
Disk: 2 (MBR Code: Windows 7 or 8) (Size: 932 GB) (Disk ID: 3670366F)
Partition 1: (Active) - (Size=932 GB) - (Type=07 NTFS)
==================== End Of Log ============================
Was ist mit PSEDIT.com ? Das hatte ich runtergeladen, es war ein Update von Pro Evo Soccer 2014 (Fussball Spiel) Für Winter Transfers und neue Stadien? auch ein Trojaner? Sonst, habe ich aber keine Probleme mehr bin ich Safe? Fehlermeldung: Microfost Visual C++ Runtime Library Runtime Error! Program: C/Windows/Explorer.exe This application has requested the Runtime to terminate it an unsusal way. Please contact the applications support team for more information. `? wasn das? |
|
06.03.2014, 19:47
| #8 |
| /// the machine /// TB-Ausbilder | Program.exe - Ungültiges Bild (mehrere Programme) Nee lass die 4, Fehlalarme. Screenshot von der Meldung bitte. Wann kommt die?
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
06.03.2014, 23:03
| #9 |
| | Program.exe - Ungültiges Bild (mehrere Programme) Shit hatte vor eine zu machen habe ich aber nicht gemacht es kommt einfach plötzlich, vor einer woche war es auch da, jetzt habe ich den Eset Scan durchlaufen lassen, nachdem es fertig war und ich den log gepostet habe, bin ich essen gegangen, als ich kam war die meldung da, mit einem klick auf ok, war die taskleistte kurz weg (explorer.exe) hat sich neugestartet einfach so... ich schaue mal ob es die tage nochmal kommt... Siehe Bild via google gefunden:  SFCDETEILS Logfile Code:
ATTFilter 2014-03-06 22:47:49, Info CSI 0000000a [SR] Verifying 100 (0x0000000000000064) components
2014-03-06 22:47:49, Info CSI 0000000b [SR] Beginning Verify and Repair transaction
2014-03-06 22:47:51, Info CSI 0000000c [SR] Verify complete
2014-03-06 22:47:51, Info CSI 0000000d [SR] Verifying 100 (0x0000000000000064) components
2014-03-06 22:47:51, Info CSI 0000000e [SR] Beginning Verify and Repair transaction
2014-03-06 22:47:53, Info CSI 0000000f [SR] Verify complete
2014-03-06 22:47:53, Info CSI 00000010 [SR] Verifying 100 (0x0000000000000064) components
2014-03-06 22:47:53, Info CSI 00000011 [SR] Beginning Verify and Repair transaction
2014-03-06 22:47:54, Info CSI 00000012 [SR] Verify complete
2014-03-06 22:47:55, Info CSI 00000013 [SR] Verifying 100 (0x0000000000000064) components
2014-03-06 22:47:55, Info CSI 00000014 [SR] Beginning Verify and Repair transaction
2014-03-06 22:47:56, Info CSI 00000015 [SR] Verify complete
2014-03-06 22:47:56, Info CSI 00000016 [SR] Verifying 100 (0x0000000000000064) components
2014-03-06 22:47:56, Info CSI 00000017 [SR] Beginning Verify and Repair transaction
2014-03-06 22:47:58, Info CSI 00000018 [SR] Verify complete
2014-03-06 22:47:58, Info CSI 00000019 [SR] Verifying 100 (0x0000000000000064) components
2014-03-06 22:47:58, Info CSI 0000001a [SR] Beginning Verify and Repair transaction
2014-03-06 22:47:59, Info CSI 0000001b [SR] Verify complete
2014-03-06 22:47:59, Info CSI 0000001c [SR] Verifying 100 (0x0000000000000064) components
2014-03-06 22:47:59, Info CSI 0000001d [SR] Beginning Verify and Repair transaction
2014-03-06 22:48:01, Info CSI 0000001e [SR] Verify complete
2014-03-06 22:48:01, Info CSI 0000001f [SR] Verifying 100 (0x0000000000000064) components
2014-03-06 22:48:01, Info CSI 00000020 [SR] Beginning Verify and Repair transaction
2014-03-06 22:48:03, Info CSI 00000021 [SR] Verify complete
2014-03-06 22:48:03, Info CSI 00000022 [SR] Verifying 100 (0x0000000000000064) components
2014-03-06 22:48:03, Info CSI 00000023 [SR] Beginning Verify and Repair transaction
2014-03-06 22:48:05, Info CSI 00000024 [SR] Verify complete
2014-03-06 22:48:05, Info CSI 00000025 [SR] Verifying 100 (0x0000000000000064) components
2014-03-06 22:48:05, Info CSI 00000026 [SR] Beginning Verify and Repair transaction
2014-03-06 22:48:06, Info CSI 00000027 [SR] Verify complete
2014-03-06 22:48:07, Info CSI 00000028 [SR] Verifying 100 (0x0000000000000064) components
2014-03-06 22:48:07, Info CSI 00000029 [SR] Beginning Verify and Repair transaction
2014-03-06 22:48:08, Info CSI 0000002a [SR] Verify complete
2014-03-06 22:48:08, Info CSI 0000002b [SR] Verifying 100 (0x0000000000000064) components
2014-03-06 22:48:08, Info CSI 0000002c [SR] Beginning Verify and Repair transaction
2014-03-06 22:48:10, Info CSI 0000002d [SR] Verify complete
2014-03-06 22:48:10, Info CSI 0000002e [SR] Verifying 100 (0x0000000000000064) components
2014-03-06 22:48:10, Info CSI 0000002f [SR] Beginning Verify and Repair transaction
2014-03-06 22:48:12, Info CSI 00000030 [SR] Verify complete
2014-03-06 22:48:12, Info CSI 00000031 [SR] Verifying 100 (0x0000000000000064) components
2014-03-06 22:48:12, Info CSI 00000032 [SR] Beginning Verify and Repair transaction
2014-03-06 22:48:13, Info CSI 00000033 [SR] Verify complete
2014-03-06 22:48:13, Info CSI 00000034 [SR] Verifying 100 (0x0000000000000064) components
2014-03-06 22:48:13, Info CSI 00000035 [SR] Beginning Verify and Repair transaction
2014-03-06 22:48:15, Info CSI 00000036 [SR] Verify complete
2014-03-06 22:48:15, Info CSI 00000037 [SR] Verifying 100 (0x0000000000000064) components
2014-03-06 22:48:15, Info CSI 00000038 [SR] Beginning Verify and Repair transaction
2014-03-06 22:48:17, Info CSI 00000039 [SR] Verify complete
2014-03-06 22:48:17, Info CSI 0000003a [SR] Verifying 100 (0x0000000000000064) components
2014-03-06 22:48:17, Info CSI 0000003b [SR] Beginning Verify and Repair transaction
2014-03-06 22:48:19, Info CSI 0000003c [SR] Verify complete
2014-03-06 22:48:19, Info CSI 0000003d [SR] Verifying 100 (0x0000000000000064) components
2014-03-06 22:48:19, Info CSI 0000003e [SR] Beginning Verify and Repair transaction
2014-03-06 22:48:22, Info CSI 00000057 [SR] Verify complete
2014-03-06 22:48:22, Info CSI 00000058 [SR] Verifying 100 (0x0000000000000064) components
2014-03-06 22:48:22, Info CSI 00000059 [SR] Beginning Verify and Repair transaction
2014-03-06 22:48:24, Info CSI 00000060 [SR] Verify complete
2014-03-06 22:48:25, Info CSI 00000061 [SR] Verifying 100 (0x0000000000000064) components
2014-03-06 22:48:25, Info CSI 00000062 [SR] Beginning Verify and Repair transaction
2014-03-06 22:48:27, Info CSI 00000066 [SR] Verify complete
2014-03-06 22:48:27, Info CSI 00000067 [SR] Verifying 100 (0x0000000000000064) components
2014-03-06 22:48:27, Info CSI 00000068 [SR] Beginning Verify and Repair transaction
2014-03-06 22:48:29, Info CSI 0000006c [SR] Verify complete
2014-03-06 22:48:29, Info CSI 0000006d [SR] Verifying 100 (0x0000000000000064) components
2014-03-06 22:48:29, Info CSI 0000006e [SR] Beginning Verify and Repair transaction
2014-03-06 22:48:32, Info CSI 00000076 [SR] Verify complete
2014-03-06 22:48:32, Info CSI 00000077 [SR] Verifying 100 (0x0000000000000064) components
2014-03-06 22:48:32, Info CSI 00000078 [SR] Beginning Verify and Repair transaction
2014-03-06 22:48:34, Info CSI 0000007a [SR] Verify complete
2014-03-06 22:48:35, Info CSI 0000007b [SR] Verifying 100 (0x0000000000000064) components
2014-03-06 22:48:35, Info CSI 0000007c [SR] Beginning Verify and Repair transaction
2014-03-06 22:48:37, Info CSI 0000007d [SR] Verify complete
2014-03-06 22:48:37, Info CSI 0000007e [SR] Verifying 100 (0x0000000000000064) components
2014-03-06 22:48:37, Info CSI 0000007f [SR] Beginning Verify and Repair transaction
2014-03-06 22:48:41, Info CSI 00000099 [SR] Verify complete
2014-03-06 22:48:41, Info CSI 0000009a [SR] Verifying 100 (0x0000000000000064) components
2014-03-06 22:48:41, Info CSI 0000009b [SR] Beginning Verify and Repair transaction
2014-03-06 22:48:44, Info CSI 000000a4 [SR] Verify complete
2014-03-06 22:48:44, Info CSI 000000a5 [SR] Verifying 100 (0x0000000000000064) components
2014-03-06 22:48:44, Info CSI 000000a6 [SR] Beginning Verify and Repair transaction
2014-03-06 22:48:48, Info CSI 000000ce [SR] Verify complete
2014-03-06 22:48:48, Info CSI 000000cf [SR] Verifying 100 (0x0000000000000064) components
2014-03-06 22:48:48, Info CSI 000000d0 [SR] Beginning Verify and Repair transaction
2014-03-06 22:48:51, Info CSI 000000d6 [SR] Verify complete
2014-03-06 22:48:51, Info CSI 000000d7 [SR] Verifying 100 (0x0000000000000064) components
2014-03-06 22:48:51, Info CSI 000000d8 [SR] Beginning Verify and Repair transaction
2014-03-06 22:48:54, Info CSI 000000e8 [SR] Verify complete
2014-03-06 22:48:54, Info CSI 000000e9 [SR] Verifying 100 (0x0000000000000064) components
2014-03-06 22:48:54, Info CSI 000000ea [SR] Beginning Verify and Repair transaction
2014-03-06 22:48:57, Info CSI 000000fb [SR] Verify complete
2014-03-06 22:48:57, Info CSI 000000fc [SR] Verifying 100 (0x0000000000000064) components
2014-03-06 22:48:57, Info CSI 000000fd [SR] Beginning Verify and Repair transaction
2014-03-06 22:49:00, Info CSI 00000103 [SR] Verify complete
2014-03-06 22:49:00, Info CSI 00000104 [SR] Verifying 100 (0x0000000000000064) components
2014-03-06 22:49:00, Info CSI 00000105 [SR] Beginning Verify and Repair transaction
2014-03-06 22:49:03, Info CSI 00000106 [SR] Verify complete
2014-03-06 22:49:03, Info CSI 00000107 [SR] Verifying 100 (0x0000000000000064) components
2014-03-06 22:49:03, Info CSI 00000108 [SR] Beginning Verify and Repair transaction
2014-03-06 22:49:05, Info CSI 0000010d [SR] Verify complete
2014-03-06 22:49:05, Info CSI 0000010e [SR] Verifying 100 (0x0000000000000064) components
2014-03-06 22:49:05, Info CSI 0000010f [SR] Beginning Verify and Repair transaction
2014-03-06 22:49:07, Info CSI 0000011c [SR] Verify complete
2014-03-06 22:49:07, Info CSI 0000011d [SR] Verifying 100 (0x0000000000000064) components
2014-03-06 22:49:07, Info CSI 0000011e [SR] Beginning Verify and Repair transaction
2014-03-06 22:49:11, Info CSI 0000014e [SR] Verify complete
2014-03-06 22:49:11, Info CSI 0000014f [SR] Verifying 100 (0x0000000000000064) components
2014-03-06 22:49:11, Info CSI 00000150 [SR] Beginning Verify and Repair transaction
2014-03-06 22:49:16, Info CSI 0000016f [SR] Verify complete
2014-03-06 22:49:16, Info CSI 00000170 [SR] Verifying 100 (0x0000000000000064) components
2014-03-06 22:49:16, Info CSI 00000171 [SR] Beginning Verify and Repair transaction
2014-03-06 22:49:25, Info CSI 00000189 [SR] Verify complete
2014-03-06 22:49:25, Info CSI 0000018a [SR] Verifying 100 (0x0000000000000064) components
2014-03-06 22:49:25, Info CSI 0000018b [SR] Beginning Verify and Repair transaction
2014-03-06 22:49:27, Info CSI 0000018d [SR] Verify complete
2014-03-06 22:49:27, Info CSI 0000018e [SR] Verifying 100 (0x0000000000000064) components
2014-03-06 22:49:27, Info CSI 0000018f [SR] Beginning Verify and Repair transaction
2014-03-06 22:49:29, Info CSI 00000197 [SR] Verify complete
2014-03-06 22:49:29, Info CSI 00000198 [SR] Verifying 100 (0x0000000000000064) components
2014-03-06 22:49:29, Info CSI 00000199 [SR] Beginning Verify and Repair transaction
2014-03-06 22:49:32, Info CSI 000001a1 [SR] Verify complete
2014-03-06 22:49:32, Info CSI 000001a2 [SR] Verifying 100 (0x0000000000000064) components
2014-03-06 22:49:32, Info CSI 000001a3 [SR] Beginning Verify and Repair transaction
2014-03-06 22:49:36, Info CSI 000001bd [SR] Verify complete
2014-03-06 22:49:36, Info CSI 000001be [SR] Verifying 100 (0x0000000000000064) components
2014-03-06 22:49:36, Info CSI 000001bf [SR] Beginning Verify and Repair transaction
2014-03-06 22:49:38, Info CSI 000001c0 [SR] Verify complete
2014-03-06 22:49:38, Info CSI 000001c1 [SR] Verifying 100 (0x0000000000000064) components
2014-03-06 22:49:38, Info CSI 000001c2 [SR] Beginning Verify and Repair transaction
2014-03-06 22:49:40, Info CSI 000001c3 [SR] Verify complete
2014-03-06 22:49:40, Info CSI 000001c4 [SR] Verifying 100 (0x0000000000000064) components
2014-03-06 22:49:40, Info CSI 000001c5 [SR] Beginning Verify and Repair transaction
2014-03-06 22:49:42, Info CSI 000001d1 [SR] Verify complete
2014-03-06 22:49:42, Info CSI 000001d2 [SR] Verifying 100 (0x0000000000000064) components
2014-03-06 22:49:42, Info CSI 000001d3 [SR] Beginning Verify and Repair transaction
2014-03-06 22:49:45, Info CSI 00000248 [SR] Verify complete
2014-03-06 22:49:45, Info CSI 00000249 [SR] Verifying 100 (0x0000000000000064) components
2014-03-06 22:49:45, Info CSI 0000024a [SR] Beginning Verify and Repair transaction
2014-03-06 22:49:48, Info CSI 0000024d [SR] Verify complete
2014-03-06 22:49:48, Info CSI 0000024e [SR] Verifying 100 (0x0000000000000064) components
2014-03-06 22:49:48, Info CSI 0000024f [SR] Beginning Verify and Repair transaction
2014-03-06 22:49:52, Info CSI 00000264 [SR] Verify complete
2014-03-06 22:49:52, Info CSI 00000265 [SR] Verifying 100 (0x0000000000000064) components
2014-03-06 22:49:52, Info CSI 00000266 [SR] Beginning Verify and Repair transaction
2014-03-06 22:49:54, Info CSI 00000267 [SR] Verify complete
2014-03-06 22:49:54, Info CSI 00000268 [SR] Verifying 100 (0x0000000000000064) components
2014-03-06 22:49:54, Info CSI 00000269 [SR] Beginning Verify and Repair transaction
2014-03-06 22:49:58, Info CSI 00000284 [SR] Verify complete
2014-03-06 22:49:58, Info CSI 00000285 [SR] Verifying 100 (0x0000000000000064) components
2014-03-06 22:49:58, Info CSI 00000286 [SR] Beginning Verify and Repair transaction
2014-03-06 22:50:01, Info CSI 00000293 [SR] Verify complete
2014-03-06 22:50:01, Info CSI 00000294 [SR] Verifying 100 (0x0000000000000064) components
2014-03-06 22:50:01, Info CSI 00000295 [SR] Beginning Verify and Repair transaction
2014-03-06 22:50:04, Info CSI 00000296 [SR] Verify complete
2014-03-06 22:50:04, Info CSI 00000297 [SR] Verifying 100 (0x0000000000000064) components
2014-03-06 22:50:04, Info CSI 00000298 [SR] Beginning Verify and Repair transaction
2014-03-06 22:50:07, Info CSI 000002a1 [SR] Verify complete
2014-03-06 22:50:08, Info CSI 000002a2 [SR] Verifying 100 (0x0000000000000064) components
2014-03-06 22:50:08, Info CSI 000002a3 [SR] Beginning Verify and Repair transaction
2014-03-06 22:50:14, Info CSI 000002c2 [SR] Verify complete
2014-03-06 22:50:14, Info CSI 000002c3 [SR] Verifying 100 (0x0000000000000064) components
2014-03-06 22:50:14, Info CSI 000002c4 [SR] Beginning Verify and Repair transaction
2014-03-06 22:50:16, Info CSI 000002c7 [SR] Verify complete
2014-03-06 22:50:16, Info CSI 000002c8 [SR] Verifying 100 (0x0000000000000064) components
2014-03-06 22:50:16, Info CSI 000002c9 [SR] Beginning Verify and Repair transaction
2014-03-06 22:50:19, Info CSI 000002d2 [SR] Verify complete
2014-03-06 22:50:19, Info CSI 000002d3 [SR] Verifying 100 (0x0000000000000064) components
2014-03-06 22:50:19, Info CSI 000002d4 [SR] Beginning Verify and Repair transaction
2014-03-06 22:50:24, Info CSI 000002e7 [SR] Verify complete
2014-03-06 22:50:24, Info CSI 000002e8 [SR] Verifying 100 (0x0000000000000064) components
2014-03-06 22:50:24, Info CSI 000002e9 [SR] Beginning Verify and Repair transaction
2014-03-06 22:50:26, Info CSI 00000318 [SR] Verify complete
2014-03-06 22:50:26, Info CSI 00000319 [SR] Verifying 100 (0x0000000000000064) components
2014-03-06 22:50:26, Info CSI 0000031a [SR] Beginning Verify and Repair transaction
2014-03-06 22:50:29, Info CSI 0000031b [SR] Verify complete
2014-03-06 22:50:29, Info CSI 0000031c [SR] Verifying 100 (0x0000000000000064) components
2014-03-06 22:50:29, Info CSI 0000031d [SR] Beginning Verify and Repair transaction
2014-03-06 22:50:31, Info CSI 0000032a [SR] Verify complete
2014-03-06 22:50:31, Info CSI 0000032b [SR] Verifying 100 (0x0000000000000064) components
2014-03-06 22:50:31, Info CSI 0000032c [SR] Beginning Verify and Repair transaction
2014-03-06 22:50:33, Info CSI 0000033c [SR] Verify complete
2014-03-06 22:50:33, Info CSI 0000033d [SR] Verifying 100 (0x0000000000000064) components
2014-03-06 22:50:33, Info CSI 0000033e [SR] Beginning Verify and Repair transaction
2014-03-06 22:50:36, Info CSI 00000344 [SR] Verify complete
2014-03-06 22:50:36, Info CSI 00000345 [SR] Verifying 100 (0x0000000000000064) components
2014-03-06 22:50:36, Info CSI 00000346 [SR] Beginning Verify and Repair transaction
2014-03-06 22:50:39, Info CSI 00000355 [SR] Verify complete
2014-03-06 22:50:39, Info CSI 00000356 [SR] Verifying 100 (0x0000000000000064) components
2014-03-06 22:50:39, Info CSI 00000357 [SR] Beginning Verify and Repair transaction
2014-03-06 22:50:41, Info CSI 00000360 [SR] Verify complete
2014-03-06 22:50:41, Info CSI 00000361 [SR] Verifying 100 (0x0000000000000064) components
2014-03-06 22:50:41, Info CSI 00000362 [SR] Beginning Verify and Repair transaction
2014-03-06 22:50:44, Info CSI 00000365 [SR] Verify complete
2014-03-06 22:50:44, Info CSI 00000366 [SR] Verifying 100 (0x0000000000000064) components
2014-03-06 22:50:44, Info CSI 00000367 [SR] Beginning Verify and Repair transaction
2014-03-06 22:50:46, Info CSI 00000369 [SR] Verify complete
2014-03-06 22:50:46, Info CSI 0000036a [SR] Verifying 100 (0x0000000000000064) components
2014-03-06 22:50:46, Info CSI 0000036b [SR] Beginning Verify and Repair transaction
2014-03-06 22:50:50, Info CSI 00000376 [SR] Verify complete
2014-03-06 22:50:50, Info CSI 00000377 [SR] Verifying 100 (0x0000000000000064) components
2014-03-06 22:50:50, Info CSI 00000378 [SR] Beginning Verify and Repair transaction
2014-03-06 22:50:52, Info CSI 00000381 [SR] Verify complete
2014-03-06 22:50:52, Info CSI 00000382 [SR] Verifying 100 (0x0000000000000064) components
2014-03-06 22:50:52, Info CSI 00000383 [SR] Beginning Verify and Repair transaction
2014-03-06 22:50:56, Info CSI 00000385 [SR] Verify complete
2014-03-06 22:50:56, Info CSI 00000386 [SR] Verifying 100 (0x0000000000000064) components
2014-03-06 22:50:56, Info CSI 00000387 [SR] Beginning Verify and Repair transaction
2014-03-06 22:50:58, Info CSI 00000391 [SR] Verify complete
2014-03-06 22:50:58, Info CSI 00000392 [SR] Verifying 100 (0x0000000000000064) components
2014-03-06 22:50:58, Info CSI 00000393 [SR] Beginning Verify and Repair transaction
2014-03-06 22:51:01, Info CSI 0000039a [SR] Verify complete
2014-03-06 22:51:01, Info CSI 0000039b [SR] Verifying 100 (0x0000000000000064) components
2014-03-06 22:51:01, Info CSI 0000039c [SR] Beginning Verify and Repair transaction
2014-03-06 22:51:04, Info CSI 000003a4 [SR] Verify complete
2014-03-06 22:51:04, Info CSI 000003a5 [SR] Verifying 100 (0x0000000000000064) components
2014-03-06 22:51:04, Info CSI 000003a6 [SR] Beginning Verify and Repair transaction
2014-03-06 22:51:08, Info CSI 000003d8 [SR] Verify complete
2014-03-06 22:51:08, Info CSI 000003d9 [SR] Verifying 100 (0x0000000000000064) components
2014-03-06 22:51:08, Info CSI 000003da [SR] Beginning Verify and Repair transaction
2014-03-06 22:51:11, Info CSI 000003e1 [SR] Verify complete
2014-03-06 22:51:11, Info CSI 000003e2 [SR] Verifying 100 (0x0000000000000064) components
2014-03-06 22:51:11, Info CSI 000003e3 [SR] Beginning Verify and Repair transaction
2014-03-06 22:51:14, Info CSI 000003e8 [SR] Verify complete
2014-03-06 22:51:14, Info CSI 000003e9 [SR] Verifying 100 (0x0000000000000064) components
2014-03-06 22:51:14, Info CSI 000003ea [SR] Beginning Verify and Repair transaction
2014-03-06 22:51:17, Info CSI 000003ee [SR] Verify complete
2014-03-06 22:51:17, Info CSI 000003ef [SR] Verifying 100 (0x0000000000000064) components
2014-03-06 22:51:17, Info CSI 000003f0 [SR] Beginning Verify and Repair transaction
2014-03-06 22:51:20, Info CSI 000003f1 [SR] Verify complete
2014-03-06 22:51:20, Info CSI 000003f2 [SR] Verifying 100 (0x0000000000000064) components
2014-03-06 22:51:20, Info CSI 000003f3 [SR] Beginning Verify and Repair transaction
2014-03-06 22:51:22, Info CSI 000003f8 [SR] Verify complete
2014-03-06 22:51:22, Info CSI 000003f9 [SR] Verifying 100 (0x0000000000000064) components
2014-03-06 22:51:22, Info CSI 000003fa [SR] Beginning Verify and Repair transaction
2014-03-06 22:51:25, Info CSI 000003fd [SR] Verify complete
2014-03-06 22:51:25, Info CSI 000003fe [SR] Verifying 100 (0x0000000000000064) components
2014-03-06 22:51:25, Info CSI 000003ff [SR] Beginning Verify and Repair transaction
2014-03-06 22:51:27, Info CSI 00000407 [SR] Repairing corrupted file [ml:520{260},l:112{56}]"\??\C:\ProgramData\Microsoft\Windows\Start Menu\Programs"\[l:20{10}]"Search.lnk" from store
2014-03-06 22:51:28, Info CSI 0000040f [SR] Verify complete
2014-03-06 22:51:28, Info CSI 00000410 [SR] Verifying 100 (0x0000000000000064) components
2014-03-06 22:51:28, Info CSI 00000411 [SR] Beginning Verify and Repair transaction
2014-03-06 22:51:31, Info CSI 0000041a [SR] Verify complete
2014-03-06 22:51:31, Info CSI 0000041b [SR] Verifying 100 (0x0000000000000064) components
2014-03-06 22:51:31, Info CSI 0000041c [SR] Beginning Verify and Repair transaction
2014-03-06 22:51:34, Info CSI 00000429 [SR] Verify complete
2014-03-06 22:51:34, Info CSI 0000042a [SR] Verifying 100 (0x0000000000000064) components
2014-03-06 22:51:34, Info CSI 0000042b [SR] Beginning Verify and Repair transaction
2014-03-06 22:51:37, Info CSI 00000442 [SR] Verify complete
2014-03-06 22:51:37, Info CSI 00000443 [SR] Verifying 100 (0x0000000000000064) components
2014-03-06 22:51:37, Info CSI 00000444 [SR] Beginning Verify and Repair transaction
2014-03-06 22:51:39, Info CSI 00000445 [SR] Verify complete
2014-03-06 22:51:39, Info CSI 00000446 [SR] Verifying 100 (0x0000000000000064) components
2014-03-06 22:51:39, Info CSI 00000447 [SR] Beginning Verify and Repair transaction
2014-03-06 22:51:43, Info CSI 00000449 [SR] Verify complete
2014-03-06 22:51:43, Info CSI 0000044a [SR] Verifying 100 (0x0000000000000064) components
2014-03-06 22:51:43, Info CSI 0000044b [SR] Beginning Verify and Repair transaction
2014-03-06 22:51:47, Info CSI 00000454 [SR] Verify complete
2014-03-06 22:51:47, Info CSI 00000455 [SR] Verifying 100 (0x0000000000000064) components
2014-03-06 22:51:47, Info CSI 00000456 [SR] Beginning Verify and Repair transaction
2014-03-06 22:51:50, Info CSI 00000488 [SR] Verify complete
2014-03-06 22:51:50, Info CSI 00000489 [SR] Verifying 100 (0x0000000000000064) components
2014-03-06 22:51:50, Info CSI 0000048a [SR] Beginning Verify and Repair transaction
2014-03-06 22:51:52, Info CSI 0000048d [SR] Verify complete
2014-03-06 22:51:53, Info CSI 0000048e [SR] Verifying 100 (0x0000000000000064) components
2014-03-06 22:51:53, Info CSI 0000048f [SR] Beginning Verify and Repair transaction
2014-03-06 22:51:53, Info CSI 00000491 [SR] Cannot repair member file [l:24{12}]"mscorlib.dll" of mscorlib, Version = 4.0.9600.16480, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture neutral, VersionScope neutral, PublicKeyToken = {l:8 b:b77a5c561934e089}, Type neutral, TypeName neutral, PublicKey neutral in the store, hash mismatch
2014-03-06 22:51:53, Info CSI 00000493 [SR] Cannot repair member file [l:24{12}]"mscorlib.dll" of mscorlib, Version = 4.0.9600.16480, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture neutral, VersionScope neutral, PublicKeyToken = {l:8 b:b77a5c561934e089}, Type neutral, TypeName neutral, PublicKey neutral in the store, hash mismatch
2014-03-06 22:51:53, Info CSI 00000494 [SR] This component was referenced by [l:160{80}]"Package_41_for_KB2898871~31bf3856ad364e35~amd64~~6.3.1.1.2898871-106_neutral_GDR"
2014-03-06 22:51:53, Info CSI 00000497 [SR] Could not reproject corrupted file [ml:520{260},l:102{51}]"\??\C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319"\[l:24{12}]"mscorlib.dll"; source file in store is also corrupted
2014-03-06 22:51:55, Info CSI 000004a6 [SR] Verify complete
2014-03-06 22:51:55, Info CSI 000004a7 [SR] Verifying 100 (0x0000000000000064) components
2014-03-06 22:51:55, Info CSI 000004a8 [SR] Beginning Verify and Repair transaction
2014-03-06 22:51:57, Info CSI 000004a9 [SR] Verify complete
2014-03-06 22:51:58, Info CSI 000004aa [SR] Verifying 100 (0x0000000000000064) components
2014-03-06 22:51:58, Info CSI 000004ab [SR] Beginning Verify and Repair transaction
2014-03-06 22:52:00, Info CSI 000004ad [SR] Verify complete
2014-03-06 22:52:01, Info CSI 000004ae [SR] Verifying 100 (0x0000000000000064) components
2014-03-06 22:52:01, Info CSI 000004af [SR] Beginning Verify and Repair transaction
2014-03-06 22:52:03, Info CSI 000004b0 [SR] Verify complete
2014-03-06 22:52:03, Info CSI 000004b1 [SR] Verifying 100 (0x0000000000000064) components
2014-03-06 22:52:03, Info CSI 000004b2 [SR] Beginning Verify and Repair transaction
2014-03-06 22:52:05, Info CSI 000004b3 [SR] Verify complete
2014-03-06 22:52:05, Info CSI 000004b4 [SR] Verifying 100 (0x0000000000000064) components
2014-03-06 22:52:05, Info CSI 000004b5 [SR] Beginning Verify and Repair transaction
2014-03-06 22:52:08, Info CSI 000004b6 [SR] Verify complete
2014-03-06 22:52:08, Info CSI 000004b7 [SR] Verifying 100 (0x0000000000000064) components
2014-03-06 22:52:08, Info CSI 000004b8 [SR] Beginning Verify and Repair transaction
2014-03-06 22:52:11, Info CSI 000004b9 [SR] Verify complete
2014-03-06 22:52:11, Info CSI 000004ba [SR] Verifying 100 (0x0000000000000064) components
2014-03-06 22:52:11, Info CSI 000004bb [SR] Beginning Verify and Repair transaction
2014-03-06 22:52:13, Info CSI 000004bc [SR] Verify complete
2014-03-06 22:52:13, Info CSI 000004bd [SR] Verifying 100 (0x0000000000000064) components
2014-03-06 22:52:13, Info CSI 000004be [SR] Beginning Verify and Repair transaction
2014-03-06 22:52:15, Info CSI 000004bf [SR] Verify complete
2014-03-06 22:52:15, Info CSI 000004c0 [SR] Verifying 100 (0x0000000000000064) components
2014-03-06 22:52:15, Info CSI 000004c1 [SR] Beginning Verify and Repair transaction
2014-03-06 22:52:17, Info CSI 000004c2 [SR] Verify complete
2014-03-06 22:52:17, Info CSI 000004c3 [SR] Verifying 100 (0x0000000000000064) components
2014-03-06 22:52:17, Info CSI 000004c4 [SR] Beginning Verify and Repair transaction
2014-03-06 22:52:20, Info CSI 000004f7 [SR] Verify complete
2014-03-06 22:52:20, Info CSI 000004f8 [SR] Verifying 100 (0x0000000000000064) components
2014-03-06 22:52:20, Info CSI 000004f9 [SR] Beginning Verify and Repair transaction
2014-03-06 22:52:22, Info CSI 000004fa [SR] Verify complete
2014-03-06 22:52:22, Info CSI 000004fb [SR] Verifying 100 (0x0000000000000064) components
2014-03-06 22:52:22, Info CSI 000004fc [SR] Beginning Verify and Repair transaction
2014-03-06 22:52:25, Info CSI 000004ff [SR] Verify complete
2014-03-06 22:52:25, Info CSI 00000500 [SR] Verifying 100 (0x0000000000000064) components
2014-03-06 22:52:25, Info CSI 00000501 [SR] Beginning Verify and Repair transaction
2014-03-06 22:52:29, Info CSI 00000502 [SR] Verify complete
2014-03-06 22:52:29, Info CSI 00000503 [SR] Verifying 100 (0x0000000000000064) components
2014-03-06 22:52:29, Info CSI 00000504 [SR] Beginning Verify and Repair transaction
2014-03-06 22:52:31, Info CSI 00000505 [SR] Verify complete
2014-03-06 22:52:31, Info CSI 00000506 [SR] Verifying 100 (0x0000000000000064) components
2014-03-06 22:52:31, Info CSI 00000507 [SR] Beginning Verify and Repair transaction
2014-03-06 22:52:33, Info CSI 00000508 [SR] Verify complete
2014-03-06 22:52:33, Info CSI 00000509 [SR] Verifying 100 (0x0000000000000064) components
2014-03-06 22:52:33, Info CSI 0000050a [SR] Beginning Verify and Repair transaction
2014-03-06 22:52:35, Info CSI 0000050b [SR] Verify complete
2014-03-06 22:52:35, Info CSI 0000050c [SR] Verifying 100 (0x0000000000000064) components
2014-03-06 22:52:35, Info CSI 0000050d [SR] Beginning Verify and Repair transaction
2014-03-06 22:52:38, Info CSI 0000050e [SR] Verify complete
2014-03-06 22:52:38, Info CSI 0000050f [SR] Verifying 100 (0x0000000000000064) components
2014-03-06 22:52:38, Info CSI 00000510 [SR] Beginning Verify and Repair transaction
2014-03-06 22:52:41, Info CSI 0000051b [SR] Verify complete
2014-03-06 22:52:41, Info CSI 0000051c [SR] Verifying 100 (0x0000000000000064) components
2014-03-06 22:52:41, Info CSI 0000051d [SR] Beginning Verify and Repair transaction
2014-03-06 22:52:43, Info CSI 0000051e [SR] Verify complete
2014-03-06 22:52:44, Info CSI 0000051f [SR] Verifying 100 (0x0000000000000064) components
2014-03-06 22:52:44, Info CSI 00000520 [SR] Beginning Verify and Repair transaction
2014-03-06 22:52:46, Info CSI 00000560 [SR] Verify complete
2014-03-06 22:52:46, Info CSI 00000561 [SR] Verifying 100 (0x0000000000000064) components
2014-03-06 22:52:46, Info CSI 00000562 [SR] Beginning Verify and Repair transaction
2014-03-06 22:52:48, Info CSI 00000591 [SR] Verify complete
2014-03-06 22:52:48, Info CSI 00000592 [SR] Verifying 100 (0x0000000000000064) components
2014-03-06 22:52:48, Info CSI 00000593 [SR] Beginning Verify and Repair transaction
2014-03-06 22:52:50, Info CSI 00000596 [SR] Verify complete
2014-03-06 22:52:50, Info CSI 00000597 [SR] Verifying 100 (0x0000000000000064) components
2014-03-06 22:52:50, Info CSI 00000598 [SR] Beginning Verify and Repair transaction
2014-03-06 22:52:53, Info CSI 00000599 [SR] Verify complete
2014-03-06 22:52:53, Info CSI 0000059a [SR] Verifying 100 (0x0000000000000064) components
2014-03-06 22:52:53, Info CSI 0000059b [SR] Beginning Verify and Repair transaction
2014-03-06 22:52:55, Info CSI 0000059c [SR] Verify complete
2014-03-06 22:52:55, Info CSI 0000059d [SR] Verifying 100 (0x0000000000000064) components
2014-03-06 22:52:55, Info CSI 0000059e [SR] Beginning Verify and Repair transaction
2014-03-06 22:52:57, Info CSI 0000059f [SR] Verify complete
2014-03-06 22:52:57, Info CSI 000005a0 [SR] Verifying 100 (0x0000000000000064) components
2014-03-06 22:52:57, Info CSI 000005a1 [SR] Beginning Verify and Repair transaction
2014-03-06 22:53:00, Info CSI 000005a2 [SR] Verify complete
2014-03-06 22:53:00, Info CSI 000005a3 [SR] Verifying 100 (0x0000000000000064) components
2014-03-06 22:53:00, Info CSI 000005a4 [SR] Beginning Verify and Repair transaction
2014-03-06 22:53:02, Info CSI 000005b5 [SR] Verify complete
2014-03-06 22:53:02, Info CSI 000005b6 [SR] Verifying 100 (0x0000000000000064) components
2014-03-06 22:53:02, Info CSI 000005b7 [SR] Beginning Verify and Repair transaction
2014-03-06 22:53:05, Info CSI 000005cc [SR] Verify complete
2014-03-06 22:53:05, Info CSI 000005cd [SR] Verifying 100 (0x0000000000000064) components
2014-03-06 22:53:05, Info CSI 000005ce [SR] Beginning Verify and Repair transaction
2014-03-06 22:53:09, Info CSI 000005dd [SR] Verify complete
2014-03-06 22:53:10, Info CSI 000005de [SR] Verifying 100 (0x0000000000000064) components
2014-03-06 22:53:10, Info CSI 000005df [SR] Beginning Verify and Repair transaction
2014-03-06 22:53:12, Info CSI 000005e1 [SR] Verify complete
2014-03-06 22:53:12, Info CSI 000005e2 [SR] Verifying 100 (0x0000000000000064) components
2014-03-06 22:53:12, Info CSI 000005e3 [SR] Beginning Verify and Repair transaction
2014-03-06 22:53:14, Info CSI 000005e4 [SR] Verify complete
2014-03-06 22:53:14, Info CSI 000005e5 [SR] Verifying 100 (0x0000000000000064) components
2014-03-06 22:53:14, Info CSI 000005e6 [SR] Beginning Verify and Repair transaction
2014-03-06 22:53:18, Info CSI 000005f3 [SR] Verify complete
2014-03-06 22:53:18, Info CSI 000005f4 [SR] Verifying 100 (0x0000000000000064) components
2014-03-06 22:53:18, Info CSI 000005f5 [SR] Beginning Verify and Repair transaction
2014-03-06 22:53:21, Info CSI 000005f7 [SR] Verify complete
2014-03-06 22:53:21, Info CSI 000005f8 [SR] Verifying 100 (0x0000000000000064) components
2014-03-06 22:53:21, Info CSI 000005f9 [SR] Beginning Verify and Repair transaction
2014-03-06 22:53:25, Info CSI 0000061b [SR] Verify complete
2014-03-06 22:53:25, Info CSI 0000061c [SR] Verifying 100 (0x0000000000000064) components
2014-03-06 22:53:25, Info CSI 0000061d [SR] Beginning Verify and Repair transaction
2014-03-06 22:53:28, Info CSI 00000624 [SR] Verify complete
2014-03-06 22:53:28, Info CSI 00000625 [SR] Verifying 100 (0x0000000000000064) components
2014-03-06 22:53:28, Info CSI 00000626 [SR] Beginning Verify and Repair transaction
2014-03-06 22:53:31, Info CSI 00000635 [SR] Verify complete
2014-03-06 22:53:31, Info CSI 00000636 [SR] Verifying 100 (0x0000000000000064) components
2014-03-06 22:53:31, Info CSI 00000637 [SR] Beginning Verify and Repair transaction
2014-03-06 22:53:35, Info CSI 00000650 [SR] Verify complete
2014-03-06 22:53:35, Info CSI 00000651 [SR] Verifying 100 (0x0000000000000064) components
2014-03-06 22:53:35, Info CSI 00000652 [SR] Beginning Verify and Repair transaction
2014-03-06 22:53:39, Info CSI 000006b0 [SR] Verify complete
2014-03-06 22:53:39, Info CSI 000006b1 [SR] Verifying 100 (0x0000000000000064) components
2014-03-06 22:53:39, Info CSI 000006b2 [SR] Beginning Verify and Repair transaction
2014-03-06 22:53:42, Info CSI 000006b3 [SR] Verify complete
2014-03-06 22:53:42, Info CSI 000006b4 [SR] Verifying 100 (0x0000000000000064) components
2014-03-06 22:53:42, Info CSI 000006b5 [SR] Beginning Verify and Repair transaction
2014-03-06 22:53:45, Info CSI 000006b6 [SR] Verify complete
2014-03-06 22:53:45, Info CSI 000006b7 [SR] Verifying 100 (0x0000000000000064) components
2014-03-06 22:53:45, Info CSI 000006b8 [SR] Beginning Verify and Repair transaction
2014-03-06 22:53:47, Info CSI 000006bb [SR] Verify complete
2014-03-06 22:53:47, Info CSI 000006bc [SR] Verifying 100 (0x0000000000000064) components
2014-03-06 22:53:47, Info CSI 000006bd [SR] Beginning Verify and Repair transaction
2014-03-06 22:53:50, Info CSI 000006d8 [SR] Verify complete
2014-03-06 22:53:50, Info CSI 000006d9 [SR] Verifying 100 (0x0000000000000064) components
2014-03-06 22:53:50, Info CSI 000006da [SR] Beginning Verify and Repair transaction
2014-03-06 22:53:54, Info CSI 000006ff [SR] Verify complete
2014-03-06 22:53:54, Info CSI 00000700 [SR] Verifying 100 (0x0000000000000064) components
2014-03-06 22:53:54, Info CSI 00000701 [SR] Beginning Verify and Repair transaction
2014-03-06 22:53:56, Info CSI 00000704 [SR] Verify complete
2014-03-06 22:53:56, Info CSI 00000705 [SR] Verifying 100 (0x0000000000000064) components
2014-03-06 22:53:56, Info CSI 00000706 [SR] Beginning Verify and Repair transaction
2014-03-06 22:53:59, Info CSI 0000070e [SR] Verify complete
2014-03-06 22:53:59, Info CSI 0000070f [SR] Verifying 100 (0x0000000000000064) components
2014-03-06 22:53:59, Info CSI 00000710 [SR] Beginning Verify and Repair transaction
2014-03-06 22:54:01, Info CSI 00000711 [SR] Verify complete
2014-03-06 22:54:02, Info CSI 00000712 [SR] Verifying 100 (0x0000000000000064) components
2014-03-06 22:54:02, Info CSI 00000713 [SR] Beginning Verify and Repair transaction
2014-03-06 22:54:04, Info CSI 00000720 [SR] Verify complete
2014-03-06 22:54:04, Info CSI 00000721 [SR] Verifying 100 (0x0000000000000064) components
2014-03-06 22:54:04, Info CSI 00000722 [SR] Beginning Verify and Repair transaction
2014-03-06 22:54:08, Info CSI 00000741 [SR] Verify complete
2014-03-06 22:54:08, Info CSI 00000742 [SR] Verifying 100 (0x0000000000000064) components
2014-03-06 22:54:08, Info CSI 00000743 [SR] Beginning Verify and Repair transaction
2014-03-06 22:54:12, Info CSI 00000757 [SR] Verify complete
2014-03-06 22:54:12, Info CSI 00000758 [SR] Verifying 100 (0x0000000000000064) components
2014-03-06 22:54:12, Info CSI 00000759 [SR] Beginning Verify and Repair transaction
2014-03-06 22:54:14, Info CSI 0000075d [SR] Verify complete
2014-03-06 22:54:15, Info CSI 0000075e [SR] Verifying 100 (0x0000000000000064) components
2014-03-06 22:54:15, Info CSI 0000075f [SR] Beginning Verify and Repair transaction
2014-03-06 22:54:16, Info CSI 00000761 [SR] Verify complete
2014-03-06 22:54:16, Info CSI 00000762 [SR] Verifying 100 (0x0000000000000064) components
2014-03-06 22:54:16, Info CSI 00000763 [SR] Beginning Verify and Repair transaction
2014-03-06 22:54:19, Info CSI 0000076d [SR] Verify complete
2014-03-06 22:54:19, Info CSI 0000076e [SR] Verifying 100 (0x0000000000000064) components
2014-03-06 22:54:19, Info CSI 0000076f [SR] Beginning Verify and Repair transaction
2014-03-06 22:54:23, Info CSI 00000789 [SR] Verify complete
2014-03-06 22:54:23, Info CSI 0000078a [SR] Verifying 100 (0x0000000000000064) components
2014-03-06 22:54:23, Info CSI 0000078b [SR] Beginning Verify and Repair transaction
2014-03-06 22:54:25, Info CSI 0000078c [SR] Verify complete
2014-03-06 22:54:25, Info CSI 0000078d [SR] Verifying 100 (0x0000000000000064) components
2014-03-06 22:54:25, Info CSI 0000078e [SR] Beginning Verify and Repair transaction
2014-03-06 22:54:28, Info CSI 00000795 [SR] Verify complete
2014-03-06 22:54:28, Info CSI 00000796 [SR] Verifying 100 (0x0000000000000064) components
2014-03-06 22:54:28, Info CSI 00000797 [SR] Beginning Verify and Repair transaction
2014-03-06 22:54:32, Info CSI 000007b4 [SR] Verify complete
2014-03-06 22:54:32, Info CSI 000007b5 [SR] Verifying 100 (0x0000000000000064) components
2014-03-06 22:54:32, Info CSI 000007b6 [SR] Beginning Verify and Repair transaction
2014-03-06 22:54:37, Info CSI 000007d0 [SR] Verify complete
2014-03-06 22:54:37, Info CSI 000007d1 [SR] Verifying 100 (0x0000000000000064) components
2014-03-06 22:54:37, Info CSI 000007d2 [SR] Beginning Verify and Repair transaction
2014-03-06 22:54:40, Info CSI 000007f3 [SR] Verify complete
2014-03-06 22:54:40, Info CSI 000007f4 [SR] Verifying 100 (0x0000000000000064) components
2014-03-06 22:54:40, Info CSI 000007f5 [SR] Beginning Verify and Repair transaction
2014-03-06 22:54:42, Info CSI 000007f7 [SR] Verify complete
2014-03-06 22:54:42, Info CSI 000007f8 [SR] Verifying 100 (0x0000000000000064) components
2014-03-06 22:54:42, Info CSI 000007f9 [SR] Beginning Verify and Repair transaction
2014-03-06 22:54:45, Info CSI 0000080c [SR] Verify complete
2014-03-06 22:54:45, Info CSI 0000080d [SR] Verifying 100 (0x0000000000000064) components
2014-03-06 22:54:45, Info CSI 0000080e [SR] Beginning Verify and Repair transaction
2014-03-06 22:54:47, Info CSI 00000811 [SR] Verify complete
2014-03-06 22:54:47, Info CSI 00000812 [SR] Verifying 100 (0x0000000000000064) components
2014-03-06 22:54:47, Info CSI 00000813 [SR] Beginning Verify and Repair transaction
2014-03-06 22:54:49, Info CSI 00000817 [SR] Verify complete
2014-03-06 22:54:49, Info CSI 00000818 [SR] Verifying 100 (0x0000000000000064) components
2014-03-06 22:54:49, Info CSI 00000819 [SR] Beginning Verify and Repair transaction
2014-03-06 22:54:52, Info CSI 0000081d [SR] Verify complete
2014-03-06 22:54:52, Info CSI 0000081e [SR] Verifying 100 (0x0000000000000064) components
2014-03-06 22:54:52, Info CSI 0000081f [SR] Beginning Verify and Repair transaction
2014-03-06 22:54:54, Info CSI 00000825 [SR] Verify complete
2014-03-06 22:54:54, Info CSI 00000826 [SR] Verifying 100 (0x0000000000000064) components
2014-03-06 22:54:54, Info CSI 00000827 [SR] Beginning Verify and Repair transaction
2014-03-06 22:54:56, Info CSI 0000082a [SR] Verify complete
2014-03-06 22:54:56, Info CSI 0000082b [SR] Verifying 100 (0x0000000000000064) components
2014-03-06 22:54:56, Info CSI 0000082c [SR] Beginning Verify and Repair transaction
2014-03-06 22:54:58, Info CSI 0000082e [SR] Verify complete
2014-03-06 22:54:58, Info CSI 0000082f [SR] Verifying 100 (0x0000000000000064) components
2014-03-06 22:54:58, Info CSI 00000830 [SR] Beginning Verify and Repair transaction
2014-03-06 22:55:01, Info CSI 00000835 [SR] Verify complete
2014-03-06 22:55:01, Info CSI 00000836 [SR] Verifying 100 (0x0000000000000064) components
2014-03-06 22:55:01, Info CSI 00000837 [SR] Beginning Verify and Repair transaction
2014-03-06 22:55:03, Info CSI 0000083a [SR] Verify complete
2014-03-06 22:55:03, Info CSI 0000083b [SR] Verifying 100 (0x0000000000000064) components
2014-03-06 22:55:03, Info CSI 0000083c [SR] Beginning Verify and Repair transaction
2014-03-06 22:55:06, Info CSI 00000849 [SR] Verify complete
2014-03-06 22:55:06, Info CSI 0000084a [SR] Verifying 100 (0x0000000000000064) components
2014-03-06 22:55:06, Info CSI 0000084b [SR] Beginning Verify and Repair transaction
2014-03-06 22:55:08, Info CSI 0000084d [SR] Verify complete
2014-03-06 22:55:08, Info CSI 0000084e [SR] Verifying 100 (0x0000000000000064) components
2014-03-06 22:55:08, Info CSI 0000084f [SR] Beginning Verify and Repair transaction
2014-03-06 22:55:12, Info CSI 00000851 [SR] Verify complete
2014-03-06 22:55:12, Info CSI 00000852 [SR] Verifying 100 (0x0000000000000064) components
2014-03-06 22:55:12, Info CSI 00000853 [SR] Beginning Verify and Repair transaction
2014-03-06 22:55:14, Info CSI 00000854 [SR] Verify complete
2014-03-06 22:55:14, Info CSI 00000855 [SR] Verifying 100 (0x0000000000000064) components
2014-03-06 22:55:14, Info CSI 00000856 [SR] Beginning Verify and Repair transaction
2014-03-06 22:55:17, Info CSI 00000857 [SR] Verify complete
2014-03-06 22:55:17, Info CSI 00000858 [SR] Verifying 100 (0x0000000000000064) components
2014-03-06 22:55:17, Info CSI 00000859 [SR] Beginning Verify and Repair transaction
2014-03-06 22:55:19, Info CSI 0000085a [SR] Verify complete
2014-03-06 22:55:19, Info CSI 0000085b [SR] Verifying 100 (0x0000000000000064) components
2014-03-06 22:55:19, Info CSI 0000085c [SR] Beginning Verify and Repair transaction
2014-03-06 22:55:21, Info CSI 0000085d [SR] Verify complete
2014-03-06 22:55:21, Info CSI 0000085e [SR] Verifying 100 (0x0000000000000064) components
2014-03-06 22:55:21, Info CSI 0000085f [SR] Beginning Verify and Repair transaction
2014-03-06 22:55:24, Info CSI 00000860 [SR] Verify complete
2014-03-06 22:55:24, Info CSI 00000861 [SR] Verifying 80 (0x0000000000000050) components
2014-03-06 22:55:24, Info CSI 00000862 [SR] Beginning Verify and Repair transaction
2014-03-06 22:55:26, Info CSI 00000865 [SR] Verify complete
2014-03-06 22:55:26, Info CSI 00000866 [SR] Repairing 2 components
2014-03-06 22:55:26, Info CSI 00000867 [SR] Beginning Verify and Repair transaction
2014-03-06 22:55:26, Info CSI 00000869 [SR] Cannot repair member file [l:24{12}]"mscorlib.dll" of mscorlib, Version = 4.0.9600.16480, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture neutral, VersionScope neutral, PublicKeyToken = {l:8 b:b77a5c561934e089}, Type neutral, TypeName neutral, PublicKey neutral in the store, hash mismatch
2014-03-06 22:55:26, Info CSI 0000086a [SR] Repairing corrupted file [ml:520{260},l:112{56}]"\??\C:\ProgramData\Microsoft\Windows\Start Menu\Programs"\[l:20{10}]"Search.lnk" from store
2014-03-06 22:55:26, Info CSI 00000871 [SR] Cannot repair member file [l:24{12}]"mscorlib.dll" of mscorlib, Version = 4.0.9600.16480, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture neutral, VersionScope neutral, PublicKeyToken = {l:8 b:b77a5c561934e089}, Type neutral, TypeName neutral, PublicKey neutral in the store, hash mismatch
2014-03-06 22:55:26, Info CSI 00000872 [SR] This component was referenced by [l:160{80}]"Package_41_for_KB2898871~31bf3856ad364e35~amd64~~6.3.1.1.2898871-106_neutral_GDR"
2014-03-06 22:55:26, Info CSI 00000875 [SR] Could not reproject corrupted file [ml:520{260},l:102{51}]"\??\C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319"\[l:24{12}]"mscorlib.dll"; source file in store is also corrupted
2014-03-06 22:55:26, Info CSI 00000876 [SR] Repair complete
2014-03-06 22:55:26, Info CSI 00000877 [SR] Committing transaction
2014-03-06 22:55:27, Info CSI 0000087c [SR] Verify and Repair Transaction completed. All files and registry keys listed in this transaction have been successfully repaired
|
|
07.03.2014, 19:13
| #10 |
| /// the machine /// TB-Ausbilder | Program.exe - Ungültiges Bild (mehrere Programme) Downloade dir bitte Windows Repair (All In One) von hier.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
08.03.2014, 20:54
| #11 |
| | Program.exe - Ungültiges Bild (mehrere Programme) Hatte noch keine Zeit für diesen letzten Check, habe heute aber 20 mal diese Fehlermeldung bekommen:  Habe solange auf Ok, geklickt bis es nicht mehr gekommen ist |
|
09.03.2014, 18:37
| #12 |
| /// the machine /// TB-Ausbilder | Program.exe - Ungültiges Bild (mehrere Programme) Mach obiges, dann: FRST öffnen, setz nen Haken bei Additional und scanne, poste bitte beide Logfiles.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
| Themen zu Program.exe - Ungültiges Bild (mehrere Programme) |
| 100%, c/windows/explorer.exe, defekt, file, gelöscht, loswerden, problem, pup.optional.installcore.a, scan, suche, systemadministrator, ungültiges, win32/kryptik.bwam, win32/packed.vmprotect.aah, windows start |
Linear-Darstellung
