Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung

Plagegeister aller Art und deren Bekämpfung: Avast meldet Dropper.gen, Eset DownloadSponsor.A in RecycleBin

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 26.06.2014, 12:05   #1
aethelstan
 
Avast meldet Dropper.gen, Eset DownloadSponsor.A in RecycleBin - Standard

Avast meldet Dropper.gen, Eset DownloadSponsor.A in RecycleBin



Hallo,

nachdem mein Rechner heute beim Hochfahren und auch später noch etwas rumgemuckt hat (zwar selten, aber kommt schon mal vor), habe ich sicherheitshalber mal einen Komplettscan mit Avast und Malwarebytes gemacht.

MBAM findet nichts:
Code:
ATTFilter
 Malwarebytes Anti-Malware 
www.malwarebytes.org

Suchlauf Datum: 26.06.2014
Suchlauf-Zeit: 10:08:19
Logdatei: mbam2606.txt
Administrator: Ja

Version: 2.00.2.1012
Malware Datenbank: v2014.06.26.02
Rootkit Datenbank: v2014.06.23.02
Lizenz: Kostenlos
Malware Schutz: Deaktiviert
Bösartiger Webseiten Schutz: Deaktiviert
Self-protection: Deaktiviert

Betriebssystem: Windows 8.1
CPU: x64
Dateisystem: NTFS
Benutzer: Thomas

Suchlauf-Art: Bedrohungs-Suchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 304913
Verstrichene Zeit: 24 Min, 45 Sek

Speicher: Aktiviert
Autostart: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristics: Aktiviert
PUP: Warnen
PUM: Aktiviert

Prozesse: 0
(No malicious items detected)

Module: 0
(No malicious items detected)

Registrierungsschlüssel: 0
(No malicious items detected)

Registrierungswerte: 0
(No malicious items detected)

Registrierungsdaten: 0
(No malicious items detected)

Ordner: 0
(No malicious items detected)

Dateien: 0
(No malicious items detected)

Physische Sektoren: 0
(No malicious items detected)


(end)
         
Avast hat mir allerdings eine Infektion im RecycleBin ausgespuckt:
Code:
ATTFilter
*
* avast! Protokolldatei
* Diese Protokolldatei wurde automatisch erstellt
*
* Prüfungsname: Vollständige Überprüfung
* Start: Donnerstag, 26. Juni 2014 11:31:27
* VPS: 140625-1, 26.06.2014
*

C:\Users\Thomas\SkyDrive:ms-properties [E] Datei ist offline - sie ist aktuell nicht verfügbar. (42006)
C:\Users\Thomas\SkyDrive\Bilder:ms-properties [E] Datei ist offline - sie ist aktuell nicht verfügbar. (42006)
C:\Users\Thomas\SkyDrive\Öffentlich:ms-properties [E] Datei ist offline - sie ist aktuell nicht verfügbar. (42006)
C:\Users\Thomas\SkyDrive\Dokumente:ms-properties [E] Datei ist offline - sie ist aktuell nicht verfügbar. (42006)
C:\$Recycle.Bin\S-1-5-21-1527760966-2949252006-2613962477-1001\$RV74OQC.exe|>[Embedded_R#6c550] [L] Win32:Dropper-gen [Drp] (0)
Infizierte Dateien: 1
Dateien gesamt: 372609
Ordner gesamt: 34546
Gesamtgröße: 124,2 GB

*
* Prüfung beendet: Donnerstag, 26. Juni 2014 12:15:44
* Laufzeit war 44 Minute(n), 44 Sekunde(n)
*
         
Daraufhin ESet-Scan gemacht, das findet dieselbe Datei, erkennt da allerdings, wenn ich das richtig verstehe, "nur" Adware, nämlich DownloadSponsor.A. (Habe den Scan aus Zeitgründen erst mal abgebrochen, weil ich weg muss. Komplettes Ergebnis / Log reiche ich ggf. nach, falls sich noch was findet.)

Die befallene Datei lässt sich leider gerade auch nicht in die Quarantäne verschieben, Avast meldet dann, der Server sei nicht erreichbar.

Ich scanne so einmal die Woche mit Avast und MBAM, bisher immer ohne Fund. Der Guard von Avast hat einmal "Classic Explorer Bar" als schlecht bewertet beanstandet, aber da das zu Classic Shell gehört und das schon seit langem auf meinem Rechner ist, hatte ich das ignoriert.

Die weiteren Scans:

Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 25-06-2014
Ran by Thomas (administrator) on ELMOS_PC on 26-06-2014 12:07:12
Running from C:\Users\Thomas\Desktop
Platform: Windows 8.1 Pro (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: hxxp://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/ 
Download link for 64-Bit Version: hxxp://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/ 
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(NTI Corporation) C:\Program Files (x86)\NTI\NTI Backup Now EZ\BackupNowEZSvr.exe
(Almico Software (www.almico.com)) C:\Program Files (x86)\SpeedFan\speedfan.exe
(IvoSoft) C:\Program Files\Classic Shell\ClassicStartMenu.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
(VIA Technologies, Inc.) C:\Windows\System32\ViakaraokeSrv.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(NTI Corporation) C:\Program Files (x86)\NTI\NTI Backup Now EZ\BackupNowEZtray.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [HDAudDeck] => C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe [5299320 2012-10-25] (VIA)
HKLM\...\Run: [XboxStat] => C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe [825184 2009-10-01] (Microsoft Corporation)
HKLM\...\Run: [Classic Start Menu] => C:\Program Files\Classic Shell\ClassicStartMenu.exe [161984 2014-01-18] (IvoSoft)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [NokiaMServer] => C:\Program Files (x86)\Common Files\Nokia\MPlatform\NokiaMServer /watchfiles startup
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [3890208 2014-06-05] (AVAST Software)
HKLM-x32\...\Run: [NSU_agent] => C:\Program Files (x86)\Nokia\Nokia Software Updater\nsu3ui_agent.exe [190768 2012-02-28] ()
HKLM-x32\...\Run: [BackupNowEZtray] => C:\Program Files (x86)\NTI\NTI Backup Now EZ\BackupNowEZtray.exe [581624 2013-02-05] (NTI Corporation)
HKU\S-1-5-21-1527760966-2949252006-2613962477-1001\...\Run: [Spotify Web Helper] => C:\Users\Thomas\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1176632 2014-05-16] (Spotify Ltd)
HKU\S-1-5-21-1527760966-2949252006-2613962477-1001\...\Run: [PC Suite Tray] => C:\Program Files (x86)\Nokia\Nokia PC Suite 7\PCSuite.exe [1516632 2012-06-26] (Nokia)
HKU\S-1-5-21-1527760966-2949252006-2613962477-1001\...\MountPoints2: {1a6fcc9c-37e3-11e3-8250-806e6f6e6963} - "K:\setup.exe" 
ShellIconOverlayIdentifiers: 00avast -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (AVAST Software)
ShellIconOverlayIdentifiers: ShareOverlay -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer64.dll (IvoSoft)
ShellIconOverlayIdentifiers-x32: ShareOverlay -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer32.dll (IvoSoft)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://t.de.msn.com/
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0xC386C2E4A488CF01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE
BHO: ExplorerBHO Class - {449D0D6E-2412-4E61-B68F-1CB625CD9E52} - C:\Program Files\Classic Shell\ClassicExplorer64.dll (IvoSoft)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO: ClassicIEBHO Class - {EA801577-E6AD-4BD5-8F71-4BE0154331A4} - C:\Program Files\Classic Shell\ClassicIEDLL_64.dll (IvoSoft)
BHO-x32: ExplorerBHO Class - {449D0D6E-2412-4E61-B68F-1CB625CD9E52} - C:\Program Files\Classic Shell\ClassicExplorer32.dll (IvoSoft)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: ClassicIEBHO Class - {EA801577-E6AD-4BD5-8F71-4BE0154331A4} - C:\Program Files\Classic Shell\ClassicIEDLL_32.dll (IvoSoft)
Toolbar: HKLM - No Name - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} -  No File
Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} -  No File
Toolbar: HKLM - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer64.dll (IvoSoft)
Toolbar: HKLM-x32 - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer32.dll (IvoSoft)
DPF: HKLM-x32 {7530BFB8-7293-4D34-9923-61A11451AFC5} hxxp://download.eset.com/special/eos/OnlineScanner.cab
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1

FireFox:
========
FF ProfilePath: C:\Users\Thomas\AppData\Roaming\Mozilla\Firefox\Profiles\mbvrg5ki.default
FF Homepage: www.spiegel.de
FF Plugin: @adobe.com/FlashPlayer - C:\WINDOWS\system32\Macromed\Flash\NPSWF64_14_0_0_125.dll ()
FF Plugin: @java.com/DTPlugin,version=10.60.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.60.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_125.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\WINDOWS\SysWOW64\Adobe\Director\np32dsw_1205146.dll (Adobe Systems, Inc.)
FF Plugin-x32: @esn/npbattlelog,version=2.4.0 - C:\Program Files (x86)\Battlelog Web Plugins\2.4.0\npbattlelog.dll (EA Digital Illusions CE AB)
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @java.com/DTPlugin,version=10.60.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.60.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.0 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.2 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: Bitdefender QuickScan - C:\Users\Thomas\AppData\Roaming\Mozilla\Firefox\Profiles\mbvrg5ki.default\Extensions\{e001c731-5e37-4538-a5cb-8168736a2360} [2013-11-07]
FF Extension: NoScript - C:\Users\Thomas\AppData\Roaming\Mozilla\Firefox\Profiles\mbvrg5ki.default\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2013-06-18]
FF Extension: Adblock Plus - C:\Users\Thomas\AppData\Roaming\Mozilla\Firefox\Profiles\mbvrg5ki.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2013-06-18]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2013-10-18]
FF HKLM-x32\...\Firefox\Extensions: [{A27F3FEF-1113-4cfb-A032-8E12D7D8EE70}] - C:\Program Files (x86)\Nokia\Nokia Ovi Suite\Connectors\Bookmarks Connector\FirefoxExtension
FF Extension: Firefox Synchronisation Extension - C:\Program Files (x86)\Nokia\Nokia Ovi Suite\Connectors\Bookmarks Connector\FirefoxExtension [2013-08-18]

Chrome: 
=======
CHR Extension: (AdBlock) - C:\Users\Thomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2014-04-15]
CHR Extension: (avast! Online Security) - C:\Users\Thomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2013-10-18]
CHR Extension: (Google Wallet) - C:\Users\Thomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-30]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-04-23]

==================== Services (Whitelisted) =================

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-04-23] (AVAST Software)
R2 NTI BackupNowEZSvr; C:\Program Files (x86)\NTI\NTI Backup Now EZ\BackupNowEZSvr.exe [46072 2013-02-05] (NTI Corporation)
R2 VIAKaraokeService; C:\Windows\system32\viakaraokesrv.exe [27768 2012-10-22] (VIA Technologies, Inc.)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347880 2014-03-24] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2014-03-24] (Microsoft Corporation)
S2 DAUpdaterSvc; E:\Origin\Dragon Age\\bin_ship\daupdatersvc.service.exe [X]

==================== Drivers (Whitelisted) ====================

R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [13440 2013-06-26] ()
R1 AsUpIO; C:\Windows\SysWow64\drivers\AsUpIO.sys [13368 2013-06-26] ()
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-04-23] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [79184 2014-04-23] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-04-23] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-04-23] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1039096 2014-05-15] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [423240 2014-05-15] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [85328 2014-05-15] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [208416 2014-04-23] ()
S3 MHIKEY10; C:\Windows\System32\Drivers\MHIKEY10x64.sys [60288 2010-09-15] (Generic USB smartcard reader)
R3 MTsensor; C:\Windows\system32\DRIVERS\ASACPI.sys [17280 2013-05-17] ()
R1 UimBus; C:\Windows\System32\drivers\uimx64.sys [90960 2013-03-15] (Windows (R) 2000 DDK provider)
R1 Uim_IM; C:\Windows\System32\Drivers\Uim_IMx64.sys [633680 2013-03-15] (Paragon)
R1 Uim_VIM; C:\Windows\System32\Drivers\uim_vimx64.sys [390352 2013-03-15] (Paragon)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [123224 2014-03-24] (Microsoft Corporation)
S3 xusb22; C:\Windows\System32\drivers\xusb22.sys [87040 2014-03-18] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-06-26 12:07 - 2014-06-26 12:07 - 00012771 _____ () C:\Users\Thomas\Desktop\FRST.txt
2014-06-26 12:07 - 2014-06-26 12:07 - 00000000 ____D () C:\FRST
2014-06-26 12:03 - 2014-06-26 12:03 - 00001148 _____ () C:\Users\Thomas\Desktop\mbam2606.txt
2014-06-26 12:00 - 2014-06-26 12:00 - 02082816 _____ (Farbar) C:\Users\Thomas\Desktop\FRST64.exe
2014-06-26 12:00 - 2014-06-26 12:00 - 00380416 _____ () C:\Users\Thomas\Desktop\3xsw6f1i.exe
2014-06-26 11:37 - 2014-06-26 11:58 - 00000000 ____D () C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2014-06-26 11:36 - 2014-06-26 11:58 - 00000000 ____D () C:\Users\Thomas\Desktop\mbar
2014-06-26 11:36 - 2014-06-26 11:36 - 14349744 _____ (Malwarebytes Corp.) C:\Users\Thomas\Downloads\mbar-1.07.0.1012.exe
2014-06-26 10:46 - 2014-06-26 10:46 - 02347384 _____ (ESET) C:\Users\Thomas\Downloads\esetsmartinstaller_deu.exe
2014-06-25 23:56 - 2014-06-25 23:56 - 00000000 ____D () C:\Users\Thomas\AppData\Local\Daedalic Entertainment
2014-06-25 00:50 - 2014-06-25 00:50 - 00000769 _____ () C:\Users\Public\Desktop\The Dark Eye - Chains of Satinav.lnk
2014-06-25 00:50 - 2014-06-25 00:50 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\The Dark Eye - Chains of Satinav [GOG.com]
2014-06-25 00:32 - 2014-06-25 00:34 - 211601369 _____ () C:\Users\Thomas\Downloads\setup_the_dark_eye_chains_of_satinav_2.0.0.4-4.bin
2014-06-24 23:27 - 2014-06-24 23:27 - 00789168 _____ (GOG.com ) C:\Users\Thomas\Downloads\setup_the_dark_eye_chains_of_satinav_2.0.0.4(1).exe
2014-06-24 23:26 - 2014-06-24 23:26 - 00789168 _____ (GOG.com ) C:\Users\Thomas\Downloads\setup_the_dark_eye_chains_of_satinav_2.0.0.4.exe
2014-06-23 20:52 - 2014-06-23 20:52 - 00000000 ____D () C:\Users\Thomas\AppData\Roaming\3909
2014-06-22 12:48 - 2014-06-22 12:48 - 03956896 _____ (Miranda IM Project) C:\Users\Thomas\Downloads\miranda-im-v0.10.23-unicode.exe
2014-06-18 12:08 - 2014-06-18 12:08 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-06-16 23:25 - 2014-06-16 23:25 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kehrmaschinen-Simulator 2011
2014-06-16 13:07 - 2014-06-16 13:07 - 00000000 ____D () C:\Users\Thomas\Documents\Street Cleaning
2014-06-16 13:07 - 2014-06-16 13:07 - 00000000 ____D () C:\Users\Thomas\AppData\Local\Street Cleaning
2014-06-15 22:05 - 2014-06-15 22:12 - 00000000 ____D () C:\Users\Thomas\Documents\FUSSBALL MANAGER 13
2014-06-15 21:59 - 2014-06-15 21:59 - 00000806 _____ () C:\Users\Thomas\AppData\Roaming\Microsoft\Windows\Start Menu\ Origins.lnk
2014-06-15 20:06 - 2014-06-15 20:06 - 00000789 _____ () C:\Users\Public\Desktop\Dragon Age Origins.lnk
2014-06-15 20:06 - 2014-06-15 20:06 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dragon Age Origins
2014-06-15 05:10 - 2014-06-15 05:10 - 26170048 _____ (BioWare) C:\Users\Thomas\Downloads\DAUServiceDiagnostic_beta.exe
2014-06-15 05:10 - 2014-06-15 05:10 - 00007356 _____ () C:\Users\Thomas\Documents\Dragon Age Origins Addins Repair.log
2014-06-15 05:10 - 2014-06-15 05:10 - 00002660 _____ () C:\Users\Thomas\Documents\Dragon Age Origins Service Diagnostic.log
2014-06-15 02:34 - 2014-06-15 02:33 - 00313256 _____ (Oracle Corporation) C:\WINDOWS\system32\javaws.exe
2014-06-15 02:33 - 2014-06-15 02:33 - 00189352 _____ (Oracle Corporation) C:\WINDOWS\system32\javaw.exe
2014-06-15 02:33 - 2014-06-15 02:33 - 00189352 _____ (Oracle Corporation) C:\WINDOWS\system32\java.exe
2014-06-15 02:33 - 2014-06-15 02:33 - 00111016 _____ (Oracle Corporation) C:\WINDOWS\system32\WindowsAccessBridge-64.dll
2014-06-15 02:33 - 2014-06-15 02:33 - 00000000 ____D () C:\Program Files\Java
2014-06-15 02:27 - 2014-06-15 02:28 - 30984104 _____ (Oracle Corporation) C:\Users\Thomas\Downloads\jre-7u60-windows-x64.exe
2014-06-15 00:46 - 2014-06-15 00:46 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FUSSBALL MANAGER 13
2014-06-14 02:18 - 2014-05-07 15:02 - 00098216 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll
2014-06-14 02:18 - 2014-05-07 14:59 - 00264616 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\javaws.exe
2014-06-14 02:18 - 2014-05-07 14:59 - 00175528 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\javaw.exe
2014-06-14 02:18 - 2014-05-07 14:58 - 00175528 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\java.exe
2014-06-14 02:17 - 2014-06-14 02:18 - 00004100 _____ () C:\WINDOWS\SysWOW64\jupdate-1.7.0_60-b19.log
2014-06-14 02:16 - 2014-06-14 02:16 - 00918952 _____ (Oracle Corporation) C:\Users\Thomas\Downloads\jxpiinstall.exe
2014-06-13 12:26 - 2014-06-13 12:26 - 00000000 ____D () C:\Users\Thomas\AppData\Local\Adobe
2014-06-11 15:22 - 2014-05-30 12:21 - 23414784 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2014-06-11 15:22 - 2014-05-30 11:45 - 02768384 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2014-06-11 15:22 - 2014-05-30 11:28 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll
2014-06-11 15:22 - 2014-05-30 11:20 - 00752640 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2014-06-11 15:22 - 2014-05-30 11:18 - 17271296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2014-06-11 15:22 - 2014-05-30 11:08 - 05782528 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2014-06-11 15:22 - 2014-05-30 11:06 - 00452096 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtmsft.dll
2014-06-11 15:22 - 2014-05-30 10:46 - 00085504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2014-06-11 15:22 - 2014-05-30 10:44 - 00295424 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2014-06-11 15:22 - 2014-05-30 10:43 - 00061952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iesetup.dll
2014-06-11 15:22 - 2014-05-30 10:38 - 02179072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2014-06-11 15:22 - 2014-05-30 10:35 - 00608768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2014-06-11 15:22 - 2014-05-30 10:29 - 00631808 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2014-06-11 15:22 - 2014-05-30 10:27 - 00592896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2014-06-11 15:22 - 2014-05-30 10:23 - 02040832 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2014-06-11 15:22 - 2014-05-30 10:16 - 00368128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtmsft.dll
2014-06-11 15:22 - 2014-05-30 10:04 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2014-06-11 15:22 - 2014-05-30 10:02 - 00242688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2014-06-11 15:22 - 2014-05-30 09:56 - 04244992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2014-06-11 15:22 - 2014-05-30 09:56 - 02266112 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2014-06-11 15:22 - 2014-05-30 09:54 - 00526336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2014-06-11 15:22 - 2014-05-30 09:49 - 01964544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2014-06-11 15:22 - 2014-05-30 09:43 - 13522944 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2014-06-11 15:22 - 2014-05-30 09:40 - 11725312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2014-06-11 15:22 - 2014-05-30 09:30 - 01398272 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2014-06-11 15:22 - 2014-05-30 09:21 - 01790976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2014-06-11 15:22 - 2014-05-30 09:15 - 01143296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2014-06-11 15:22 - 2014-05-30 09:13 - 00846336 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2014-06-11 15:22 - 2014-05-30 09:13 - 00704512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2014-06-11 15:22 - 2014-05-10 05:46 - 02151424 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2014-06-11 15:22 - 2014-05-10 05:22 - 01312256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll
2014-06-11 15:22 - 2014-05-09 01:06 - 00295424 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ks.sys
2014-06-11 15:22 - 2014-05-05 06:02 - 03360256 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2014-06-11 15:22 - 2014-05-03 09:14 - 00079872 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSReset.exe
2014-06-11 15:22 - 2014-05-03 06:21 - 00249344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2014-06-11 15:22 - 2014-05-03 06:07 - 00189952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2014-06-11 15:22 - 2014-05-03 05:41 - 00921088 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSShared.dll
2014-06-11 15:22 - 2014-05-03 05:38 - 00754688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSShared.dll
2014-06-11 15:22 - 2014-04-30 13:16 - 01336648 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll
2014-06-11 15:22 - 2014-04-30 05:51 - 01064448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32.dll
2014-06-11 15:22 - 2014-04-03 09:59 - 02518872 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2014-06-11 15:22 - 2014-04-03 09:59 - 00428888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS
2014-06-11 15:21 - 2014-04-18 16:57 - 00032600 _____ (Microsoft Corporation) C:\WINDOWS\system32\ploptin.dll
2014-06-11 15:21 - 2014-04-18 16:44 - 01466856 _____ (Microsoft Corporation) C:\WINDOWS\system32\propsys.dll
2014-06-11 15:21 - 2014-04-18 15:29 - 01200288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\propsys.dll
2014-06-11 15:21 - 2014-04-18 11:44 - 00055296 _____ (Microsoft Corporation) C:\WINDOWS\system32\energyprov.dll
2014-06-11 15:21 - 2014-04-18 11:32 - 13287936 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2014-06-11 15:21 - 2014-04-18 10:58 - 11792384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2014-06-11 15:21 - 2014-04-18 10:32 - 00805376 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32spl.dll
2014-06-11 15:21 - 2014-04-18 10:21 - 01126912 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFolder.dll
2014-06-11 15:21 - 2014-04-18 10:09 - 08652800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Search.dll
2014-06-11 15:21 - 2014-04-18 09:51 - 00836608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchFolder.dll
2014-06-11 15:21 - 2014-04-18 09:49 - 05833216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Search.dll
2014-06-11 15:21 - 2014-04-14 11:20 - 00324888 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFCaptureEngine.dll
2014-06-11 15:21 - 2014-04-14 10:01 - 00285144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFCaptureEngine.dll
2014-06-11 15:21 - 2014-04-11 06:51 - 00250368 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpencom.dll
2014-06-11 15:21 - 2014-04-11 06:23 - 00209920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpencom.dll
2014-06-11 15:21 - 2014-04-11 05:30 - 00449536 _____ (Microsoft Corporation) C:\WINDOWS\system32\defragsvc.dll
2014-06-11 15:21 - 2014-04-09 13:53 - 00337240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Classpnp.sys
2014-06-11 15:21 - 2014-04-09 08:39 - 00191488 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpchttp.dll
2014-06-11 15:21 - 2014-04-09 07:44 - 00144384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpchttp.dll
2014-06-11 15:21 - 2014-04-09 06:35 - 01411584 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2014-06-11 15:21 - 2014-04-09 05:33 - 00135168 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscsvc.dll
2014-06-11 15:21 - 2014-04-08 04:01 - 00589656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fvevol.sys
2014-06-11 15:21 - 2014-04-06 18:34 - 00372568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storport.sys
2014-06-11 15:21 - 2014-04-06 18:34 - 00275800 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msiscsi.sys
2014-06-11 15:21 - 2014-04-06 18:32 - 00125496 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmapi.dll
2014-06-11 15:21 - 2014-04-06 18:31 - 21268952 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2014-06-11 15:21 - 2014-04-06 18:30 - 00201920 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVideoDSP.dll
2014-06-11 15:21 - 2014-04-06 18:24 - 00360792 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fltMgr.sys
2014-06-11 15:21 - 2014-04-06 18:20 - 02140888 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2014-06-11 15:21 - 2014-04-06 18:20 - 01403856 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmde.dll
2014-06-11 15:21 - 2014-04-06 18:20 - 01379064 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpmde.dll
2014-06-11 15:21 - 2014-04-06 18:20 - 00881616 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll
2014-06-11 15:21 - 2014-04-06 18:20 - 00765408 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2014-06-11 15:21 - 2014-04-06 18:20 - 00609448 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf.dll
2014-06-11 15:21 - 2014-04-06 18:20 - 00491744 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2014-06-11 15:21 - 2014-04-06 18:20 - 00467496 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2014-06-11 15:21 - 2014-04-06 18:20 - 00463256 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2014-06-11 15:21 - 2014-04-06 18:20 - 00364640 _____ (Microsoft Corporation) C:\WINDOWS\system32\AUDIOKSE.dll
2014-06-11 15:21 - 2014-04-06 18:20 - 00244880 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe
2014-06-11 15:21 - 2014-04-06 18:20 - 00233912 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2014-06-11 15:21 - 2014-04-06 18:20 - 00028408 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfpmp.exe
2014-06-11 15:21 - 2014-04-06 17:23 - 00098584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmapi.dll
2014-06-11 15:21 - 2014-04-06 17:22 - 18755672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2014-06-11 15:21 - 2014-04-06 17:22 - 00178184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVideoDSP.dll
2014-06-11 15:21 - 2014-04-06 17:16 - 02144984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2014-06-11 15:21 - 2014-04-06 17:16 - 01209616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmde.dll
2014-06-11 15:21 - 2014-04-06 17:16 - 00707048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll
2014-06-11 15:21 - 2014-04-06 17:16 - 00669856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll
2014-06-11 15:21 - 2014-04-06 17:16 - 00518544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf.dll
2014-06-11 15:21 - 2014-04-06 17:16 - 00406504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioEng.dll
2014-06-11 15:21 - 2014-04-06 17:16 - 00387896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2014-06-11 15:21 - 2014-04-06 17:16 - 00326024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2014-06-11 15:21 - 2014-04-06 17:16 - 00305768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AUDIOKSE.dll
2014-06-11 15:21 - 2014-04-06 16:10 - 04190720 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2014-06-11 15:21 - 2014-04-06 14:58 - 00070656 _____ (Microsoft Corporation) C:\WINDOWS\system32\srclient.dll
2014-06-11 15:21 - 2014-04-06 14:51 - 00467968 _____ (Microsoft Corporation) C:\WINDOWS\system32\srcore.dll
2014-06-11 15:21 - 2014-04-06 14:33 - 00335872 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDEServer.exe
2014-06-11 15:21 - 2014-04-06 14:24 - 00271872 _____ (Microsoft Corporation) C:\WINDOWS\system32\rstrui.exe
2014-06-11 15:21 - 2014-04-06 14:06 - 00061440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\srclient.dll
2014-06-11 15:21 - 2014-04-06 13:55 - 16872448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2014-06-11 15:21 - 2014-04-06 13:54 - 12711424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2014-06-11 15:21 - 2014-04-06 13:26 - 00143872 _____ (Microsoft Corporation) C:\WINDOWS\system32\BootMenuUX.dll
2014-06-11 15:21 - 2014-04-06 13:20 - 00201216 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2014-06-11 15:21 - 2014-04-06 13:01 - 00834048 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2014-06-11 15:21 - 2014-04-06 12:52 - 00955904 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2014-06-11 15:21 - 2014-04-06 12:51 - 01230336 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2014-06-11 15:21 - 2014-04-06 12:37 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2014-06-11 15:21 - 2014-04-06 12:36 - 00888320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2014-06-11 15:21 - 2014-04-06 12:05 - 01222656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Streaming.dll
2014-06-11 15:21 - 2014-04-06 11:59 - 00982016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Streaming.dll
2014-06-11 15:21 - 2014-04-03 10:12 - 02124840 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d9.dll
2014-06-11 15:21 - 2014-04-03 10:12 - 00307304 _____ (Microsoft Corporation) C:\WINDOWS\system32\wintrust.dll
2014-06-11 15:21 - 2014-04-03 10:12 - 00130144 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpapi.dll
2014-06-11 15:21 - 2014-04-03 06:03 - 00230808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wintrust.dll
2014-06-11 15:21 - 2014-04-03 06:03 - 00111528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gpapi.dll
2014-06-11 15:21 - 2014-04-03 05:53 - 01797896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d9.dll
2014-06-11 15:21 - 2014-04-03 04:53 - 04269056 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncEngine.dll
2014-06-11 15:21 - 2014-04-03 04:53 - 00677376 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2014-06-11 15:21 - 2014-04-03 04:51 - 01584128 _____ (Microsoft Corporation) C:\WINDOWS\system32\workfolderssvc.dll
2014-06-11 15:21 - 2014-04-03 04:23 - 00563200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\afd.sys
2014-06-11 15:21 - 2014-04-03 04:23 - 00402432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
2014-06-11 15:21 - 2014-04-03 04:23 - 00046592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tlscsp.dll
2014-06-11 15:21 - 2014-04-03 04:22 - 00047616 _____ (Microsoft Corporation) C:\WINDOWS\system32\tlscsp.dll
2014-06-11 15:21 - 2014-04-01 08:23 - 00384856 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys
2014-06-11 15:21 - 2014-03-31 07:42 - 07425368 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2014-06-11 15:21 - 2014-03-31 02:41 - 00011776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d8thk.dll
2014-06-11 15:21 - 2014-03-31 02:01 - 00186880 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkFoldersShell.dll
2014-06-11 15:21 - 2014-03-31 01:43 - 00761856 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkfoldersControl.dll
2014-06-11 15:21 - 2014-03-31 00:54 - 01308160 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpsvc.dll
2014-06-11 15:21 - 2014-03-31 00:49 - 01287168 _____ (Microsoft Corporation) C:\WINDOWS\system32\mispace.dll
2014-06-11 15:21 - 2014-03-31 00:35 - 01029120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mispace.dll
2014-06-11 15:21 - 2014-03-31 00:11 - 00721408 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDriveTelemetry.dll
2014-06-11 15:21 - 2014-03-30 23:47 - 00872448 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDrive.exe
2014-06-11 15:21 - 2014-03-28 17:58 - 00407016 _____ (Microsoft Corporation) C:\WINDOWS\system32\services.exe
2014-06-11 15:21 - 2014-03-27 08:16 - 00246272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srvnet.sys
2014-06-11 15:21 - 2014-03-27 07:36 - 00281600 _____ (Microsoft Corporation) C:\WINDOWS\system32\resutils.dll
2014-06-11 15:21 - 2014-03-27 06:59 - 00426496 _____ (Microsoft Corporation) C:\WINDOWS\system32\clusapi.dll
2014-06-11 15:21 - 2014-03-27 06:48 - 00219136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\resutils.dll
2014-06-11 15:21 - 2014-03-27 06:19 - 00313344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\clusapi.dll
2014-06-11 15:21 - 2014-03-27 05:46 - 00323072 _____ (Microsoft Corporation) C:\WINDOWS\system32\srvsvc.dll
2014-06-11 15:21 - 2014-03-27 05:15 - 00718336 _____ (Microsoft Corporation) C:\WINDOWS\system32\swprv.dll
2014-06-11 15:21 - 2014-03-27 05:10 - 01436160 _____ (Microsoft Corporation) C:\WINDOWS\system32\VSSVC.exe
2014-06-11 15:21 - 2014-03-25 00:58 - 00206848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys
2014-06-11 15:21 - 2014-03-21 06:14 - 00219136 _____ (Microsoft Corporation) C:\WINDOWS\system32\tscfgwmi.dll
2014-06-11 15:21 - 2014-03-20 05:48 - 00263424 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlows.exe
2014-06-11 15:21 - 2014-03-20 02:51 - 00667648 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpprefcl.dll
2014-06-11 15:21 - 2014-03-20 02:44 - 06645248 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2014-06-11 15:21 - 2014-03-20 01:38 - 00590336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gpprefcl.dll
2014-06-11 15:21 - 2014-03-20 01:33 - 05774848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2014-06-11 15:21 - 2014-03-19 10:15 - 00011264 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanhlp.dll
2014-06-11 15:21 - 2014-03-19 10:07 - 00443904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\nwifi.sys
2014-06-11 15:21 - 2014-03-19 09:24 - 00064512 _____ (Microsoft Corporation) C:\WINDOWS\system32\tsgqec.dll
2014-06-11 15:21 - 2014-03-19 09:17 - 00011264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlanhlp.dll
2014-06-11 15:21 - 2014-03-19 08:36 - 01057280 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdvidcrl.dll
2014-06-11 15:21 - 2014-03-19 07:56 - 00855552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdvidcrl.dll
2014-06-11 15:21 - 2014-03-19 07:45 - 00443904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansec.dll
2014-06-11 15:21 - 2014-03-19 07:19 - 00296960 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanapi.dll
2014-06-11 15:21 - 2014-03-19 07:07 - 00370176 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanmsm.dll
2014-06-11 15:21 - 2014-03-19 07:02 - 01527296 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll
2014-06-11 15:21 - 2014-03-19 07:00 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlanapi.dll
2014-06-11 15:21 - 2014-03-19 06:51 - 00300544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlanmsm.dll
2014-06-11 15:21 - 2014-03-19 06:31 - 02100736 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlowUI.dll
2014-06-11 15:21 - 2014-03-19 06:18 - 02688000 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers.dll
2014-06-11 15:21 - 2014-03-18 10:19 - 00077312 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hdaudbus.sys
2014-06-11 15:21 - 2014-03-18 10:18 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\xusb22.sys
2014-06-11 15:21 - 2014-03-18 07:00 - 07173120 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2014-06-11 15:21 - 2014-03-18 06:52 - 05104640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2014-06-11 15:21 - 2014-03-17 07:09 - 00462336 _____ (Microsoft Corporation) C:\WINDOWS\system32\XpsGdiConverter.dll
2014-06-11 15:21 - 2014-03-17 06:11 - 00337408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XpsGdiConverter.dll
2014-06-11 15:21 - 2014-03-17 05:01 - 00486912 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2014-06-11 15:21 - 2014-03-17 04:47 - 01025024 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2014-06-11 15:21 - 2014-03-17 04:45 - 00370176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv
2014-06-11 15:21 - 2014-03-14 08:26 - 00491520 _____ (Microsoft Corporation) C:\WINDOWS\system32\GeofenceMonitorService.dll
2014-06-11 15:21 - 2014-03-14 08:10 - 00357376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GeofenceMonitorService.dll
2014-06-11 15:21 - 2014-03-06 14:42 - 00310616 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\volsnap.sys
2014-06-11 15:20 - 2014-05-19 08:31 - 00057856 _____ (Microsoft Corporation) C:\WINDOWS\system32\drvcfg.exe
2014-06-11 15:20 - 2014-05-19 08:21 - 00110592 _____ (Microsoft Corporation) C:\WINDOWS\system32\drvinst.exe
2014-06-11 15:20 - 2014-05-19 07:23 - 00098816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\drvinst.exe
2014-06-11 15:20 - 2014-05-01 15:31 - 03048904 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcMon.exe
2014-06-11 15:20 - 2014-05-01 15:31 - 00055328 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wpcfltr.sys
2014-06-11 15:20 - 2014-05-01 09:14 - 03118080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Wpc.dll
2014-06-11 15:20 - 2014-05-01 09:05 - 02861056 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebSync.dll
2014-06-11 15:20 - 2014-05-01 08:51 - 02344448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Wpc.dll
2014-06-11 15:20 - 2014-05-01 07:24 - 02834944 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpccpl.dll
2014-06-11 15:20 - 2014-04-30 06:43 - 01975296 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll
2014-06-11 15:20 - 2014-04-30 06:26 - 01345536 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll
2014-06-11 15:20 - 2014-04-30 05:47 - 01509888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWrite.dll
2014-06-11 15:18 - 2014-06-11 15:18 - 00053248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tsgqec.dll
2014-06-11 15:17 - 2014-06-11 15:17 - 00195584 _____ (Microsoft Corporation) C:\WINDOWS\system32\msrating.dll
2014-06-11 15:17 - 2014-06-11 15:17 - 00164864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrating.dll
2014-06-11 15:17 - 2014-06-11 15:17 - 00139264 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieUnatt.exe
2014-06-11 15:17 - 2014-06-11 15:17 - 00112128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieUnatt.exe
2014-06-11 15:17 - 2014-06-11 15:17 - 00111616 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwcollector.exe
2014-06-11 15:17 - 2014-06-11 15:17 - 00066048 _____ (Microsoft Corporation) C:\WINDOWS\system32\iesetup.dll
2014-06-11 15:17 - 2014-06-11 15:17 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieetwproxystub.dll
2014-06-11 15:17 - 2014-06-11 15:17 - 00048640 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwproxystub.dll
2014-06-11 15:17 - 2014-06-11 15:17 - 00043008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jsproxy.dll
2014-06-11 15:17 - 2014-06-11 15:17 - 00033792 _____ (Microsoft Corporation) C:\WINDOWS\system32\iernonce.dll
2014-06-11 15:17 - 2014-06-11 15:17 - 00032768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iernonce.dll
2014-06-11 15:17 - 2014-06-11 15:17 - 00004096 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwcollectorres.dll
2014-06-11 11:43 - 2014-06-11 22:13 - 00000000 ____D () C:\Program Files (x86)\Mozilla Thunderbird
2014-05-31 16:35 - 2014-05-31 16:35 - 05096296 _____ (Igor Pavlov) C:\Users\Thomas\Downloads\USBDrivers_231.exe
2014-05-29 16:54 - 2014-05-29 16:54 - 00000000 ____D () C:\Users\Thomas\Documents\Battlefield 3
2014-05-29 16:53 - 2014-05-29 16:53 - 02247960 _____ () C:\Users\Thomas\Downloads\battlelog-web-plugins_2.4.0_141.exe
2014-05-29 16:53 - 2014-05-29 16:53 - 00000000 ____D () C:\Users\Thomas\AppData\Local\ESN
2014-05-29 16:53 - 2014-05-29 16:53 - 00000000 ____D () C:\Program Files (x86)\Battlelog Web Plugins
2014-05-29 16:51 - 2014-05-29 16:51 - 00000000 ____D () C:\ProgramData\EA Core
2014-05-29 00:29 - 2014-05-29 09:52 - 00000000 ____D () C:\Users\Thomas\AppData\Roaming\Origin
2014-05-29 00:29 - 2014-05-29 01:30 - 00000000 ____D () C:\Users\Thomas\AppData\Local\Origin
2014-05-29 00:29 - 2014-05-29 00:29 - 00000000 ____D () C:\Program Files (x86)\Origin Games
2014-05-29 00:27 - 2014-06-26 00:39 - 00000000 ____D () C:\ProgramData\Origin
2014-05-29 00:27 - 2014-06-25 22:59 - 00000000 ____D () C:\Program Files (x86)\Origin
2014-05-29 00:27 - 2014-05-29 00:27 - 17009768 _____ (Electronic Arts, Inc.) C:\Users\Thomas\Downloads\OriginThinSetup.exe
2014-05-29 00:27 - 2014-05-29 00:27 - 00000995 _____ () C:\Users\Public\Desktop\Origin.lnk
2014-05-29 00:27 - 2014-05-29 00:27 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Origin

==================== One Month Modified Files and Folders =======

2014-06-26 12:07 - 2014-06-26 12:07 - 00012771 _____ () C:\Users\Thomas\Desktop\FRST.txt
2014-06-26 12:07 - 2014-06-26 12:07 - 00000000 ____D () C:\FRST
2014-06-26 12:06 - 2013-09-25 10:45 - 00003934 _____ () C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{5BC5BD7C-E531-4B3F-92CE-F8B8374F6F5E}
2014-06-26 12:03 - 2014-06-26 12:03 - 00001148 _____ () C:\Users\Thomas\Desktop\mbam2606.txt
2014-06-26 12:02 - 2014-04-10 10:14 - 00122584 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2014-06-26 12:02 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\system32\sru
2014-06-26 12:00 - 2014-06-26 12:00 - 02082816 _____ (Farbar) C:\Users\Thomas\Desktop\FRST64.exe
2014-06-26 12:00 - 2014-06-26 12:00 - 00380416 _____ () C:\Users\Thomas\Desktop\3xsw6f1i.exe
2014-06-26 11:59 - 2013-10-18 13:08 - 00000000 ____D () C:\Users\Thomas\AppData\Roaming\ClassicShell
2014-06-26 11:58 - 2014-06-26 11:37 - 00000000 ____D () C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2014-06-26 11:58 - 2014-06-26 11:36 - 00000000 ____D () C:\Users\Thomas\Desktop\mbar
2014-06-26 11:44 - 2013-06-18 11:28 - 00000884 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2014-06-26 11:36 - 2014-06-26 11:36 - 14349744 _____ (Malwarebytes Corp.) C:\Users\Thomas\Downloads\mbar-1.07.0.1012.exe
2014-06-26 11:36 - 2014-04-10 10:14 - 00092888 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2014-06-26 11:18 - 2013-09-30 06:14 - 01776918 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2014-06-26 11:18 - 2013-09-30 05:56 - 00764340 _____ () C:\WINDOWS\system32\perfh007.dat
2014-06-26 11:18 - 2013-09-30 05:56 - 00159160 _____ () C:\WINDOWS\system32\perfc007.dat
2014-06-26 11:17 - 2013-06-18 11:16 - 00003598 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1527760966-2949252006-2613962477-1001
2014-06-26 11:14 - 2013-08-10 15:41 - 00002195 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-06-26 11:14 - 2013-06-18 11:33 - 00001128 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2014-06-26 11:12 - 2013-10-18 13:05 - 00000000 __RDO () C:\Users\Thomas\SkyDrive
2014-06-26 11:12 - 2013-08-22 16:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2014-06-26 11:12 - 2013-06-26 22:19 - 00000000 ____D () C:\Program Files (x86)\SpeedFan
2014-06-26 11:12 - 2013-06-18 11:33 - 00001124 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2014-06-26 10:46 - 2014-06-26 10:46 - 02347384 _____ (ESET) C:\Users\Thomas\Downloads\esetsmartinstaller_deu.exe
2014-06-26 10:32 - 2013-10-19 11:44 - 00570368 ___SH () C:\Users\Thomas\Desktop\Thumbs.db
2014-06-26 10:03 - 2013-11-07 18:20 - 00000000 ____D () C:\Users\Thomas\AppData\Roaming\QuickScan
2014-06-26 09:48 - 2013-10-18 12:54 - 00000000 ____D () C:\Users\Thomas
2014-06-26 09:42 - 2014-04-14 19:27 - 01479227 _____ () C:\WINDOWS\WindowsUpdate.log
2014-06-26 09:40 - 2013-08-04 10:05 - 00004182 _____ () C:\WINDOWS\System32\Tasks\avast! Emergency Update
2014-06-26 00:39 - 2014-05-29 00:27 - 00000000 ____D () C:\ProgramData\Origin
2014-06-26 00:39 - 2013-08-22 15:25 - 00262144 ___SH () C:\WINDOWS\system32\config\BBI
2014-06-25 23:56 - 2014-06-25 23:56 - 00000000 ____D () C:\Users\Thomas\AppData\Local\Daedalic Entertainment
2014-06-25 22:59 - 2014-05-29 00:27 - 00000000 ____D () C:\Program Files (x86)\Origin
2014-06-25 22:59 - 2014-05-01 12:10 - 00000000 ____D () C:\ProgramData\PopCap Games
2014-06-25 22:48 - 2013-06-18 12:31 - 00000000 ____D () C:\Program Files (x86)\Steam
2014-06-25 15:22 - 2013-06-18 12:34 - 00000000 ____D () C:\Users\Thomas\AppData\Roaming\Spotify
2014-06-25 14:57 - 2013-06-18 12:34 - 00000000 ____D () C:\Users\Thomas\AppData\Local\Spotify
2014-06-25 00:50 - 2014-06-25 00:50 - 00000769 _____ () C:\Users\Public\Desktop\The Dark Eye - Chains of Satinav.lnk
2014-06-25 00:50 - 2014-06-25 00:50 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\The Dark Eye - Chains of Satinav [GOG.com]
2014-06-25 00:34 - 2014-06-25 00:32 - 211601369 _____ () C:\Users\Thomas\Downloads\setup_the_dark_eye_chains_of_satinav_2.0.0.4-4.bin
2014-06-24 23:27 - 2014-06-24 23:27 - 00789168 _____ (GOG.com ) C:\Users\Thomas\Downloads\setup_the_dark_eye_chains_of_satinav_2.0.0.4(1).exe
2014-06-24 23:26 - 2014-06-24 23:26 - 00789168 _____ (GOG.com ) C:\Users\Thomas\Downloads\setup_the_dark_eye_chains_of_satinav_2.0.0.4.exe
2014-06-24 00:09 - 2013-06-18 11:33 - 00004100 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2014-06-24 00:09 - 2013-06-18 11:33 - 00003864 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2014-06-23 20:52 - 2014-06-23 20:52 - 00000000 ____D () C:\Users\Thomas\AppData\Roaming\3909
2014-06-23 07:21 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\AppReadiness
2014-06-22 13:43 - 2012-07-26 09:59 - 00000000 ____D () C:\WINDOWS\CbsTemp
2014-06-22 12:48 - 2014-06-22 12:48 - 03956896 _____ (Miranda IM Project) C:\Users\Thomas\Downloads\miranda-im-v0.10.23-unicode.exe
2014-06-21 23:56 - 2013-08-22 15:25 - 00262144 ___SH () C:\WINDOWS\system32\config\ELAM
2014-06-20 15:16 - 2013-06-18 11:19 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-06-19 11:48 - 2014-04-17 15:26 - 00012235 _____ () C:\WINDOWS\setupact.log
2014-06-18 12:08 - 2014-06-18 12:08 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-06-16 23:25 - 2014-06-16 23:25 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kehrmaschinen-Simulator 2011
2014-06-16 13:07 - 2014-06-16 13:07 - 00000000 ____D () C:\Users\Thomas\Documents\Street Cleaning
2014-06-16 13:07 - 2014-06-16 13:07 - 00000000 ____D () C:\Users\Thomas\AppData\Local\Street Cleaning
2014-06-15 22:12 - 2014-06-15 22:05 - 00000000 ____D () C:\Users\Thomas\Documents\FUSSBALL MANAGER 13
2014-06-15 21:59 - 2014-06-15 21:59 - 00000806 _____ () C:\Users\Thomas\AppData\Roaming\Microsoft\Windows\Start Menu\ Origins.lnk
2014-06-15 20:06 - 2014-06-15 20:06 - 00000789 _____ () C:\Users\Public\Desktop\Dragon Age Origins.lnk
2014-06-15 20:06 - 2014-06-15 20:06 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dragon Age Origins
2014-06-15 20:06 - 2014-05-03 18:02 - 00241401 _____ () C:\WINDOWS\DirectX.log
2014-06-15 05:12 - 2013-09-25 14:48 - 00000000 ____D () C:\ProgramData\BioWare
2014-06-15 05:10 - 2014-06-15 05:10 - 26170048 _____ (BioWare) C:\Users\Thomas\Downloads\DAUServiceDiagnostic_beta.exe
2014-06-15 05:10 - 2014-06-15 05:10 - 00007356 _____ () C:\Users\Thomas\Documents\Dragon Age Origins Addins Repair.log
2014-06-15 05:10 - 2014-06-15 05:10 - 00002660 _____ () C:\Users\Thomas\Documents\Dragon Age Origins Service Diagnostic.log
2014-06-15 03:06 - 2013-07-29 17:43 - 00000000 ____D () C:\Users\Thomas\Documents\BioWare
2014-06-15 02:33 - 2014-06-15 02:34 - 00313256 _____ (Oracle Corporation) C:\WINDOWS\system32\javaws.exe
2014-06-15 02:33 - 2014-06-15 02:33 - 00189352 _____ (Oracle Corporation) C:\WINDOWS\system32\javaw.exe
2014-06-15 02:33 - 2014-06-15 02:33 - 00189352 _____ (Oracle Corporation) C:\WINDOWS\system32\java.exe
2014-06-15 02:33 - 2014-06-15 02:33 - 00111016 _____ (Oracle Corporation) C:\WINDOWS\system32\WindowsAccessBridge-64.dll
2014-06-15 02:33 - 2014-06-15 02:33 - 00000000 ____D () C:\Program Files\Java
2014-06-15 02:28 - 2014-06-15 02:27 - 30984104 _____ (Oracle Corporation) C:\Users\Thomas\Downloads\jre-7u60-windows-x64.exe
2014-06-15 00:46 - 2014-06-15 00:46 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FUSSBALL MANAGER 13
2014-06-14 11:03 - 2014-04-26 08:40 - 00000000 ____D () C:\Users\Thomas\Desktop\HGWG
2014-06-14 02:18 - 2014-06-14 02:17 - 00004100 _____ () C:\WINDOWS\SysWOW64\jupdate-1.7.0_60-b19.log
2014-06-14 02:18 - 2014-01-16 16:22 - 00000000 ____D () C:\Program Files (x86)\Java
2014-06-14 02:18 - 2013-10-01 07:24 - 00000000 ____D () C:\ProgramData\Oracle
2014-06-14 02:16 - 2014-06-14 02:16 - 00918952 _____ (Oracle Corporation) C:\Users\Thomas\Downloads\jxpiinstall.exe
2014-06-13 16:36 - 2013-06-18 11:38 - 00000000 ____D () C:\Users\Thomas\AppData\Local\Paint.NET
2014-06-13 12:26 - 2014-06-13 12:26 - 00000000 ____D () C:\Users\Thomas\AppData\Local\Adobe
2014-06-13 00:28 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\rescache
2014-06-12 04:42 - 2013-08-22 16:44 - 00393104 _____ () C:\WINDOWS\system32\FNTCACHE.DAT
2014-06-11 23:58 - 2013-08-22 17:36 - 00000000 ___RD () C:\WINDOWS\ToastData
2014-06-11 23:58 - 2013-08-22 17:36 - 00000000 ___RD () C:\WINDOWS\ImmersiveControlPanel
2014-06-11 23:58 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\WinStore
2014-06-11 23:58 - 2013-08-22 15:36 - 00000000 ____D () C:\WINDOWS\system32\oobe
2014-06-11 23:56 - 2013-07-19 02:20 - 00000000 ____D () C:\WINDOWS\system32\MRT
2014-06-11 23:47 - 2013-06-18 11:50 - 95414520 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2014-06-11 22:13 - 2014-06-11 11:43 - 00000000 ____D () C:\Program Files (x86)\Mozilla Thunderbird
2014-06-11 15:18 - 2014-06-11 15:18 - 00053248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tsgqec.dll
2014-06-11 15:17 - 2014-06-11 15:17 - 00195584 _____ (Microsoft Corporation) C:\WINDOWS\system32\msrating.dll
2014-06-11 15:17 - 2014-06-11 15:17 - 00164864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrating.dll
2014-06-11 15:17 - 2014-06-11 15:17 - 00139264 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieUnatt.exe
2014-06-11 15:17 - 2014-06-11 15:17 - 00112128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieUnatt.exe
2014-06-11 15:17 - 2014-06-11 15:17 - 00111616 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwcollector.exe
2014-06-11 15:17 - 2014-06-11 15:17 - 00066048 _____ (Microsoft Corporation) C:\WINDOWS\system32\iesetup.dll
2014-06-11 15:17 - 2014-06-11 15:17 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieetwproxystub.dll
2014-06-11 15:17 - 2014-06-11 15:17 - 00048640 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwproxystub.dll
2014-06-11 15:17 - 2014-06-11 15:17 - 00043008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jsproxy.dll
2014-06-11 15:17 - 2014-06-11 15:17 - 00033792 _____ (Microsoft Corporation) C:\WINDOWS\system32\iernonce.dll
2014-06-11 15:17 - 2014-06-11 15:17 - 00032768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iernonce.dll
2014-06-11 15:17 - 2014-06-11 15:17 - 00004096 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwcollectorres.dll
2014-06-11 10:40 - 2013-06-18 11:28 - 00003772 _____ () C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2014-06-04 21:30 - 2014-04-10 10:14 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2014-06-04 21:30 - 2014-04-10 10:14 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2014-06-04 21:30 - 2013-07-21 21:45 - 00001118 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-05-31 16:35 - 2014-05-31 16:35 - 05096296 _____ (Igor Pavlov) C:\Users\Thomas\Downloads\USBDrivers_231.exe
2014-05-31 07:13 - 2013-08-22 17:38 - 00703992 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2014-05-31 07:13 - 2013-08-22 17:38 - 00105464 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2014-05-31 01:00 - 2014-05-04 10:31 - 00005300 _____ () C:\WINDOWS\PFRO.log
2014-05-30 12:21 - 2014-06-11 15:22 - 23414784 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2014-05-30 11:45 - 2014-06-11 15:22 - 02768384 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2014-05-30 11:28 - 2014-06-11 15:22 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll
2014-05-30 11:20 - 2014-06-11 15:22 - 00752640 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2014-05-30 11:18 - 2014-06-11 15:22 - 17271296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2014-05-30 11:08 - 2014-06-11 15:22 - 05782528 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2014-05-30 11:06 - 2014-06-11 15:22 - 00452096 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtmsft.dll
2014-05-30 10:46 - 2014-06-11 15:22 - 00085504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2014-05-30 10:44 - 2014-06-11 15:22 - 00295424 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2014-05-30 10:43 - 2014-06-11 15:22 - 00061952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iesetup.dll
2014-05-30 10:38 - 2014-06-11 15:22 - 02179072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2014-05-30 10:35 - 2014-06-11 15:22 - 00608768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2014-05-30 10:29 - 2014-06-11 15:22 - 00631808 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2014-05-30 10:27 - 2014-06-11 15:22 - 00592896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2014-05-30 10:23 - 2014-06-11 15:22 - 02040832 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2014-05-30 10:16 - 2014-06-11 15:22 - 00368128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtmsft.dll
2014-05-30 10:04 - 2014-06-11 15:22 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2014-05-30 10:02 - 2014-06-11 15:22 - 00242688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2014-05-30 09:56 - 2014-06-11 15:22 - 04244992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2014-05-30 09:56 - 2014-06-11 15:22 - 02266112 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2014-05-30 09:54 - 2014-06-11 15:22 - 00526336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2014-05-30 09:49 - 2014-06-11 15:22 - 01964544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2014-05-30 09:43 - 2014-06-11 15:22 - 13522944 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2014-05-30 09:40 - 2014-06-11 15:22 - 11725312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2014-05-30 09:30 - 2014-06-11 15:22 - 01398272 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2014-05-30 09:21 - 2014-06-11 15:22 - 01790976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2014-05-30 09:15 - 2014-06-11 15:22 - 01143296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2014-05-30 09:13 - 2014-06-11 15:22 - 00846336 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2014-05-30 09:13 - 2014-06-11 15:22 - 00704512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2014-05-29 22:06 - 2013-09-25 12:08 - 00056380 _____ () C:\Users\Thomas\Documents\Install Dragon Age.log
2014-05-29 21:45 - 2013-09-25 12:49 - 00016198 _____ () C:\Users\Thomas\Documents\DAO Ultimate Addins Updater.log
2014-05-29 16:54 - 2014-05-29 16:54 - 00000000 ____D () C:\Users\Thomas\Documents\Battlefield 3
2014-05-29 16:53 - 2014-05-29 16:53 - 02247960 _____ () C:\Users\Thomas\Downloads\battlelog-web-plugins_2.4.0_141.exe
2014-05-29 16:53 - 2014-05-29 16:53 - 00000000 ____D () C:\Users\Thomas\AppData\Local\ESN
2014-05-29 16:53 - 2014-05-29 16:53 - 00000000 ____D () C:\Program Files (x86)\Battlelog Web Plugins
2014-05-29 16:51 - 2014-05-29 16:51 - 00000000 ____D () C:\ProgramData\EA Core
2014-05-29 16:36 - 2013-08-24 12:48 - 00000000 ____D () C:\ProgramData\Electronic Arts
2014-05-29 09:52 - 2014-05-29 00:29 - 00000000 ____D () C:\Users\Thomas\AppData\Roaming\Origin
2014-05-29 01:30 - 2014-05-29 00:29 - 00000000 ____D () C:\Users\Thomas\AppData\Local\Origin
2014-05-29 00:29 - 2014-05-29 00:29 - 00000000 ____D () C:\Program Files (x86)\Origin Games
2014-05-29 00:27 - 2014-05-29 00:27 - 17009768 _____ (Electronic Arts, Inc.) C:\Users\Thomas\Downloads\OriginThinSetup.exe
2014-05-29 00:27 - 2014-05-29 00:27 - 00000995 _____ () C:\Users\Public\Desktop\Origin.lnk
2014-05-29 00:27 - 2014-05-29 00:27 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Origin

Some content of TEMP:
====================
C:\Users\Thomas\AppData\Local\Temp\sfamcc00001.dll
C:\Users\Thomas\AppData\Local\Temp\sfamcc00002.dll
C:\Users\Thomas\AppData\Local\Temp\sfareca00001.dll
C:\Users\Thomas\AppData\Local\Temp\sfareca00002.dll


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-06-25 06:57

==================== End Of Log ============================
         
Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 25-06-2014
Ran by Thomas at 2014-06-26 12:08:38
Running from C:\Users\Thomas\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}

==================== Installed Programs ======================

7-Zip 9.22 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0922-000001000000}) (Version: 9.22.00.0 - Igor Pavlov)
Adobe Flash Player 14 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 14.0.0.125 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.07) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.07 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.0 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.0.5.146 - Adobe Systems, Inc.)
AIDA64 Extreme Edition v3.00 (HKLM-x32\...\AIDA64 Extreme Edition_is1) (Version: 3.00 - FinalWire Ltd.)
AIDA64 Extreme v4.00 (HKLM-x32\...\AIDA64 Extreme_is1) (Version: 4.00 - FinalWire Ltd.)
AMD Catalyst Install Manager (HKLM\...\{2BFD590F-1D73-3533-E734-FDDAC3746E4A}) (Version: 8.0.911.0 - Advanced Micro Devices, Inc.)
Arma: Cold War Assault (HKLM-x32\...\Steam App 65790) (Version:  - Bohemia Interactive)
Assassin's Creed (HKLM-x32\...\{8CFA9151-6404-409A-AF22-4632D04582FD}) (Version: 1.02 - Ubisoft)
ASUSUpdate (HKLM-x32\...\{587178E7-B1DF-494E-9838-FA4DD36E873C}) (Version:  - )
Audacity 2.0.3 (HKLM-x32\...\Audacity_is1) (Version: 2.0.3 - Audacity Team)
avast! Free Antivirus (HKLM-x32\...\Avast) (Version: 9.0.2018 - Avast Software)
Avencast (HKLM-x32\...\Steam App 46410) (Version:  - ClockStone Studios)
Awesomenauts (HKLM-x32\...\Steam App 204300) (Version:  - Ronimo Games)
Batman: Arkham Asylum GOTY Edition (HKLM-x32\...\Steam App 35140) (Version:  - Rocksteady Studios)
Battlefield 3™ (HKLM-x32\...\{76285C16-411A-488A-BCE3-C83CB933D8CF}) (Version: 1.6.0.0 - Electronic Arts)
Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.4.0 - EA Digital Illusions CE AB)
Bejeweled 3 (HKLM-x32\...\Steam App 78000) (Version:  - PopCap Games, Inc.)
BioShock (HKLM-x32\...\Steam App 7670) (Version:  - 2K Boston)
Blood Bowl: Legendary Edition (HKLM-x32\...\Steam App 58520) (Version:  - Cyanide Studios)
BookWorm Deluxe (HKLM-x32\...\Steam App 3370) (Version:  - PopCap Games, Inc.)
Burnout Paradise: The Ultimate Box (HKLM-x32\...\Steam App 24740) (Version:  - Criterion Games)
Capsized (HKLM-x32\...\Steam App 95300) (Version:  - Alientrap Games Inc)
CCleaner (HKLM\...\CCleaner) (Version: 4.02 - Piriform)
Cities XL Platinum (HKLM-x32\...\Steam App 231140) (Version:  - Focus Home Interactive)
Classic Shell (HKLM\...\{2368907C-E8F6-4750-A023-254C3E2B5E8D}) (Version: 4.0.4 - IvoSoft)
Cognition: An Erica Reed Thriller (HKLM-x32\...\Steam App 242780) (Version:  - Phoenix Online Studios)
Command & Conquer Generals (HKLM-x32\...\InstallShield_{06F80017-8F98-4C94-B868-52358569FC32}) (Version: 0.50.0000 - Electronic Arts)
Command & Conquer Generals (x32 Version: 0.50.0000 - Electronic Arts) Hidden
Command and Conquer: Red Alert 3 - Uprising (HKLM-x32\...\Steam App 24800) (Version:  - EA Los Angeles)
Command and ConquerTM Generals Zero Hour (HKLM-x32\...\InstallShield_{F3E9C243-122E-4D6B-ACC1-E1FEC02F6CA1}) (Version: 1.00.0000 - Electronic Arts)
Command and ConquerTM Generals Zero Hour (x32 Version: 1.00.0000 - Electronic Arts) Hidden
Company of Heroes (New Steam Version) (HKLM-x32\...\Steam App 228200) (Version:  - )
Company of Heroes: Opposing Fronts (HKLM-x32\...\Steam App 9340) (Version:  - Relic Entertainment)
Company of Heroes: Tales of Valor (HKLM-x32\...\Steam App 20540) (Version:  - Relic Entertainment)
Confrontation (HKLM-x32\...\Steam App 204560) (Version:  - Cyanide Studios)
Dark Sector (HKLM-x32\...\Steam App 29900) (Version:  - Digital Extremes)
Dead Space (HKLM-x32\...\Steam App 17470) (Version:  - EA Redwood Shores)
Dear Esther (HKLM-x32\...\Steam App 203810) (Version:  - thechineseroom & Robert Briscoe)
Deus Ex: Human Revolution (HKLM-x32\...\Steam App 28050) (Version:  - Eidos Montreal)
DHTML Editing Component (HKLM-x32\...\{2EA870FA-585F-4187-903D-CB9FFD21E2E0}) (Version: 6.02.0001 - Microsoft Corporation)
Divinity II: Developer's Cut (HKLM-x32\...\Steam App 219780) (Version:  - Larian Studios)
Dragon Age: Origins (HKLM-x32\...\{AEC81925-9C76-4707-84A9-40696C613ED3}) (Version: 1.05.0.0 - Electronic Arts)
Dream Pinball 3D (HKLM-x32\...\Steam App 215790) (Version:  - ASK Homework)
Dungeonland (HKLM-x32\...\Steam App 218130) (Version:  - Critical Studio)
Earth 2160 (HKLM-x32\...\Steam App 1900) (Version:  - Reality Pump Studios)
EaseUS Data Recovery Wizard 7.5 (HKLM-x32\...\EaseUS Data Recovery Wizard 7.5_is1) (Version:  - EaseUS)
EasyBCD 2.2 (HKLM-x32\...\EasyBCD) (Version: 2.2 - NeoSmart Technologies)
ElsterFormular (HKLM-x32\...\ElsterFormular) (Version: 15.0.13587 - Landesfinanzdirektion Thüringen)
EPSON AL-C1600 (HKLM\...\EPSON AL-C1600) (Version:  - )
Escape Rosecliff Island (HKLM-x32\...\Steam App 3600) (Version:  - SpinTop Games)
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version:  - )
Euro Truck Simulator 2 (HKLM-x32\...\Steam App 227300) (Version:  - SCS Software)
Europa Universalis III (HKLM-x32\...\Steam App 25800) (Version:  - Paradox Development Studio)
Exact Audio Copy 1.0beta3 (HKLM-x32\...\Exact Audio Copy) (Version: 1.0beta3 - Andre Wiethoff)
F.E.A.R. (HKLM-x32\...\Steam App 21090) (Version:  - Monolith )
F.E.A.R. 2: Project Origin (HKLM-x32\...\Steam App 16450) (Version:  - Monolith)
Fallout: New Vegas (HKLM-x32\...\Steam App 22380) (Version:  - Obsidian Entertainment)
Feeding Frenzy 2: Shipwreck Showdown Deluxe (HKLM-x32\...\Steam App 3390) (Version:  - PopCap Games, Inc.)
FreeDoko 0.7.11 (HKLM-x32\...\FreeDoko) (Version: 0.7.11 - Borg Enders und Diether Knof)
FTL: Faster Than Light (HKLM-x32\...\Steam App 212680) (Version:  - Subset Games)
FUSSBALL MANAGER 13 (HKLM-x32\...\{80AF0300-866F-400F-A350-D53E3C3E34E0}) (Version: 1.0.4.0 - Electronic Arts)
Galactic Civilizations I: Ultimate Edition (HKLM-x32\...\Steam App 214150) (Version:  - Stardock Entertainment)
Game of Thrones  (HKLM-x32\...\Steam App 208730) (Version:  - Cyanide Studios)
Garmin Training Center (HKLM-x32\...\{7D542452-84EB-47C0-97BA-735C523AB555}) (Version: 3.6.5 - Garmin Ltd or its subsidiaries)
Garmin USB Drivers (HKLM-x32\...\{3D5D6CFC-3097-425A-8D8F-7EAF5D57641D}) (Version: 2.3.1.0 - Garmin Ltd or its subsidiaries)
Giana Sisters: Twisted Dreams - Rise of the Owlverlord (HKLM-x32\...\Steam App 246960) (Version:  - Black Forest Games)
Giana Sisters: Twisted Dreams (HKLM-x32\...\Steam App 223220) (Version:  - Black Forest Games)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 35.0.1916.153 - Google Inc.)
Google Earth (HKLM-x32\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Update Helper (x32 Version: 1.3.24.15 - Google Inc.) Hidden
Grand Theft Auto IV (HKLM-x32\...\Steam App 12210) (Version:  - Rockstar North)
Grand Theft Auto: San Andreas (HKLM-x32\...\Steam App 12120) (Version:  - Rockstar Games)
GTR Evolution (HKLM-x32\...\Steam App 8660) (Version:  - SimBin)
Guardians of Middle-earth (HKLM-x32\...\Steam App 111900) (Version:  - Zombie Studios)
Gumboy Crazy Features (HKLM-x32\...\Steam App 2525) (Version:  - CINEMAX, s.r.o.)
Gumboy: Crazy Adventures (HKLM-x32\...\Steam App 2520) (Version:  - CINEMAX, s.r.o.)
Hearts of Iron III (HKLM-x32\...\Steam App 25890) (Version:  - Paradox Development Studio)
Ihf Handball Challenge 12 (HKLM-x32\...\Steam App 283490) (Version:  - Neutron Games)
International Snooker (HKLM-x32\...\Steam App 299500) (Version:  - Big Head Games)
IsoBuster 3.3 (HKLM-x32\...\IsoBuster3_is1) (Version: 3.3 - Smart Projects)
Jagged Alliance 2 - Wildfire  (HKLM-x32\...\Steam App 215930) (Version:  - I-deal Games)
Java 7 Update 60 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F06417060FF}) (Version: 7.0.600 - Oracle)
Java 7 Update 60 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217051FF}) (Version: 7.0.600 - Oracle)
Java Auto Updater (x32 Version: 2.1.60.19 - Oracle, Inc.) Hidden
Kehrmaschinen-Simulator 2011 (HKLM-x32\...\Kehrmaschinen-Simulator 2011_is1) (Version:  - astragon)
King Arthur - Fallen Champions (HKLM-x32\...\Steam App 24460) (Version:  - NEOCORE GAMES)
King Arthur: Collection (HKLM-x32\...\Steam App 24470) (Version:  - NeoCoreGames)
L.A. Noire (HKLM-x32\...\Steam App 110800) (Version:  - Team Bondi)
Left 4 Dead 2 (HKLM-x32\...\Steam App 550) (Version:  - Valve)
Legend of Grimrock (HKLM-x32\...\Steam App 207170) (Version:  - Almost Human Games)
Leviathan: Warships (HKLM-x32\...\Steam App 202270) (Version:  - Pieces Interactive)
LibreOffice 4.0.4.2 (HKLM-x32\...\{FE88323B-9F0E-4596-8F56-37757C6918E9}) (Version: 4.0.4.2 - The Document Foundation)
Magicka (HKLM-x32\...\Steam App 42910) (Version:  - Arrowhead Game Studios)
Making History: The Calm & The Storm (HKLM-x32\...\Steam App 6250) (Version:  - Muzzy Lane)
Malwarebytes Anti-Malware Version 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
Mass Effect (HKLM-x32\...\Steam App 17460) (Version:  - BioWare)
Medal of Honor(TM) Single Player (HKLM-x32\...\Steam App 47790) (Version:  - Electronic Arts)
Medieval II: Total War (HKLM-x32\...\Steam App 4700) (Version:  - The Creative Assembly)
Metro 2033 (HKLM-x32\...\Steam App 43110) (Version:  - 4A Games)
Microsoft Chart Controls for Microsoft .NET Framework 3.5 (HKLM-x32\...\{41785C66-90F2-40CE-8CB5-1C94BFC97280}) (Version: 3.5.0.0 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{42AA4CA8-DCD8-4308-BCAB-0B6D75856A9D}) (Version: 3.5.95.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (HKLM-x32\...\{67F42018-F647-4D3C-BE62-F8CB4FE2FCD5}) (Version: 3.5.67.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)
Microsoft Sync Framework 2.0 Core Components (x64) ENU  (HKLM\...\{8CCBEC22-D2DB-4DC9-A58A-E1A1F3A38C8A}) (Version: 2.0.1578.0 - Microsoft Corporation)
Microsoft Sync Framework 2.0 Provider Services (x64) ENU  (HKLM\...\{03AC245F-4C64-425C-89CF-7783C1D3AB2C}) (Version: 2.0.1578.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.51106 (HKLM-x32\...\{6e8f74e0-43bd-4dce-8477-6ff6828acc07}) (Version: 11.0.51106.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.51106 (HKLM-x32\...\{8e70e4e1-06d7-470b-9f74-a51bef21088e}) (Version: 11.0.51106.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.51106 (Version: 11.0.51106 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.51106 (Version: 11.0.51106 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.51106 (x32 Version: 11.0.51106 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.51106 (x32 Version: 11.0.51106 - Microsoft Corporation) Hidden
Microsoft Xbox 360 Accessories 1.2 (HKLM\...\{B3B750C0-8C22-439D-B7CE-67F3ED99CC2B}) (Version: 1.20.146.0 - Microsoft)
Microsoft XNA Framework Redistributable 3.1 (HKLM-x32\...\{19BFDA5D-1FE2-4F25-97F9-1A79DD04EE20}) (Version: 3.1.10527.0 - Microsoft Corporation)
Miranda IM 0.10.21 (HKLM-x32\...\Miranda IM) (Version: 0.10.21 - Miranda IM Project)
Mirror's Edge (HKLM-x32\...\Steam App 17410) (Version:  - DICE)
Mortal Kombat Kollection (HKLM-x32\...\Steam App 205350) (Version:  - Other Ocean Interactive)
Mozilla Firefox 30.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 30.0 (x86 de)) (Version: 30.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
Mozilla Thunderbird 24.6.0 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 24.6.0 (x86 de)) (Version: 24.6.0 - Mozilla)
MSVC80_x64_v2 (Version: 1.0.3.0 - Nokia) Hidden
MSVC80_x86_v2 (x32 Version: 1.0.3.0 - Nokia) Hidden
MSVC90_x64 (Version: 1.0.1.2 - Nokia) Hidden
MSVC90_x86 (x32 Version: 1.0.1.2 - Nokia) Hidden
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
Napoleon: Total War (HKLM-x32\...\Steam App 34030) (Version:  - The Creative Assembly)
Natural Selection 2 (HKLM-x32\...\Steam App 4920) (Version:  - Unknown Worlds Entertainment)
Neighbours From Hell Compilation (HKLM-x32\...\{DE790600-2AEB-456D-836A-6654DB2577CD}) (Version: 1.0.0 - JoWooD Studio Vienna)
NHL06 (HKLM-x32\...\{D0DC1674-B5E8-4364-009E-B350048DD006}) (Version:  - )
NirSoft BlueScreenView (HKLM-x32\...\NirSoft BlueScreenView) (Version:  - )
Nokia Connectivity Cable Driver (HKLM-x32\...\{A57025CC-5F2E-4D01-B387-06DB10500D43}) (Version: 7.1.78.0 - Nokia)
Nokia Map Loader (HKLM-x32\...\{45D4F727-43B5-49CD-B474-B9866A8F4FB8}) (Version: 3.0.22 - Nokia)
Nokia Ovi Suite (HKLM-x32\...\Nokia Ovi Suite) (Version: 2.0.2.42 - Nokia)
Nokia Ovi Suite (x32 Version: 2.0.2.42 - Nokia) Hidden
Nokia Ovi Suite Software Updater (HKLM-x32\...\{EE5B5B24-EEFC-4C8B-BF8B-256D705BAD89}) (Version: 02.05.008.43342 - Nokia Corporation)
Nokia PC Suite (HKLM-x32\...\Nokia PC Suite) (Version: 7.1.180.94 - Nokia)
Nokia PC Suite (x32 Version: 7.1.180.94 - Nokia) Hidden
Nokia Software Updater (HKLM-x32\...\{7130468A-F53F-4698-8C09-A339EA3B05E6}) (Version: 3.0.655 - Nokia Corporation)
NTI Backup Now EZ (HKLM-x32\...\InstallShield_{B9ECA41B-55CC-4654-B6B5-6731D009EC69}) (Version: 3.0.2.32 - NTI Corporation)
NTI Backup Now EZ (x32 Version: 3.0.2.32 - NTI Corporation) Hidden
NVIDIA PhysX (HKLM-x32\...\{7B5AA67E-FEA0-40BB-BAB5-CA56645A589C}) (Version: 9.13.0725 - NVIDIA Corporation)
NVIDIA PhysX (Legacy) (HKLM-x32\...\{FAAC26AD-73BA-40CE-86AA-C9213F9E064A}) (Version: 9.13.0604 - NVIDIA Corporation)
OpenOffice.org 3.4.1 (HKLM-x32\...\{9F1F2AEA-C72A-4DD6-991E-C5506A5625E4}) (Version: 3.41.9593 - Apache Software Foundation)
Operation Flashpoint: Dragon Rising (HKLM-x32\...\Steam App 12830) (Version:  - Codemasters Studios)
Operation Flashpoint: Red River (HKLM-x32\...\Steam App 44340) (Version:  - Codemasters Action Studio)
Origin (HKLM-x32\...\Origin) (Version: 9.4.7.2799 - Electronic Arts, Inc.)
Overlord (HKLM-x32\...\Steam App 11450) (Version:  - Triumph Studios)
Overlord: Raising Hell (HKLM-x32\...\Steam App 12710) (Version:  - Triumph Studios)
Ovi Desktop Sync Engine (x32 Version: 1.2.234.0 - Nokia) Hidden
OviMPlatform (x32 Version: 2.6.40.0 - Nokia) Hidden
Pacific Storm: Allies (HKLM-x32\...\Steam App 11260) (Version:  - Buka)
Paint.NET v3.5.11 (HKLM\...\{72EF03F5-0507-4861-9A44-D99FD4C41418}) (Version: 3.61.0 - dotPDN LLC)
PandoraRecovery (Remove Only) (HKLM-x32\...\PandoraRecovery) (Version:  - )
Papers, Please (HKLM-x32\...\Steam App 239030) (Version:  - 3909)
Paragon Backup & Recovery™ 2013 Free (HKLM-x32\...\{C268B5E1-A5DA-11DF-A289-005056C00008}) (Version: 90.00.0003 - Paragon Software)
Patrician IV: Steam Special Edition (HKLM-x32\...\Steam App 57620) (Version:  - Gaming Minds Studios)
PC Connectivity Solution (HKLM-x32\...\{644F4910-E812-49AD-93EC-86828CB81A0D}) (Version: 12.0.27.0 - Nokia)
Peggle Deluxe (HKLM-x32\...\Steam App 3480) (Version:  - PopCap Games, Inc.)
Pflanzen gegen Zombies™ (HKLM-x32\...\{5E6536C2-E79A-49CF-83EA-817AD81F9FC8}) (Version: 1.2.0.1093 - Electronic Arts, Inc.)
Platform (x32 Version: 1.39 - VIA Technologies, Inc.) Hidden
Poker Night 2 (HKLM-x32\...\Steam App 234710) (Version:  - Telltale Games)
Pool Nation (HKLM-x32\...\Steam App 254440) (Version:  - Cherry Pop Games)
Puran File Recovery 1.2 (HKLM\...\Puran File Recovery_is1) (Version:  - Puran Software)
R.U.S.E (HKLM-x32\...\Steam App 21970) (Version:  - Eugen Systems)
RACE 07 - Formula RaceRoom Add-On (HKLM-x32\...\Steam App 44630) (Version:  - )
RACE 07 (HKLM-x32\...\Steam App 8600) (Version:  - SimBin)
Rage Runner (HKLM-x32\...\Steam App 279520) (Version:  - Hypercane Studios)
RAW - Realms of Ancient War (HKLM-x32\...\Steam App 209730) (Version:  - Wizarbox)
Recuva (HKLM\...\Recuva) (Version: 1.51 - Piriform)
Red Faction: Armageddon (HKLM-x32\...\Steam App 55110) (Version:  - Volition)
Red Orchestra 2: Heroes of Stalingrad - Single Player (HKLM-x32\...\Steam App 236830) (Version:  - )
Restaurant Empire II (HKLM-x32\...\Steam App 32900) (Version:  - Enlight Software Limited )
Rise of the Argonauts (HKLM-x32\...\Steam App 12770) (Version:  - Liquid Entertainment)
Risen 2 - Dark Waters (HKLM-x32\...\Steam App 40390) (Version:  - Piranha Bytes)
Robin Hood (HKLM-x32\...\Steam App 46560) (Version:  - Spellbound)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.1.0.6 - Rockstar Games)
Rome: Total War - Alexander (HKLM-x32\...\Steam App 4770) (Version:  - The Creative Assembly)
Rome: Total War (HKLM-x32\...\Steam App 4760) (Version:  - The Creative Assembly)
Sacred 2 Gold (HKLM-x32\...\Steam App 225640) (Version:  - Ascaron)
Saints Row: The Third (HKLM-x32\...\Steam App 55230) (Version:  - Volition)
Sanctum 2 (HKLM-x32\...\Steam App 210770) (Version:  - Coffee Stain Studios)
Scribblenauts Unlimited (HKLM-x32\...\Steam App 218680) (Version:  - 5th Cell Media)
Sherlock Holmes versus Jack the Ripper (HKLM-x32\...\Steam App 11190) (Version:  - Frogwares)
Sherlock Holmes: Nemesis (HKLM-x32\...\Steam App 11040) (Version:  - Frogwares)
Sherlock Holmes: The Awakened - Remastered (HKLM-x32\...\Steam App 11140) (Version:  - Frogwares)
Sherlock Holmes: The Mystery of The Mummy (HKLM-x32\...\Steam App 11130) (Version:  - Frogwares  )
Sherlock Holmes: The Mystery of The Persian Carpet (HKLM-x32\...\Steam App 11180) (Version:  - Frogwares)
Sherlock Holmes: The Secret of the Silver Earring (HKLM-x32\...\Steam App 11150) (Version:  - Frogwares)
Sid Meier’s Ace Patrol: Pacific Skies (HKLM-x32\...\Steam App 244090) (Version:  - Firaxis)
Sid Meier's Ace Patrol (HKLM-x32\...\Steam App 244070) (Version:  - Firaxis Games)
Sid Meier's Civilization V (HKLM-x32\...\Steam App 8930) (Version:  - Firaxis Games)
Sid Meier's Pirates! (HKLM-x32\...\InstallShield_{1632FD86-1BA4-4FC4-8B25-A8C655D63F68}) (Version: 2.00.0000 - Firaxis Games)
Sid Meier's Pirates! (x32 Version: 2.00.0000 - Firaxis Games) Hidden
Sid Meier's Railroads! (HKLM-x32\...\Steam App 7600) (Version:  - Firaxis Games)
Sins of a Solar Empire (HKLM-x32\...\Sins of a Solar Empire) (Version:  - Stardock Entertainment)
Sins of a Solar Empire (x32 Version: 1.05 - Kalypso) Hidden
Smart Data Recovery v4.3 (HKLM-x32\...\Smart Data Recovery_is1) (Version: 4.3 - Smart PC Solutions)
Sniper Elite V2 (HKLM-x32\...\Steam App 63380) (Version:  - Rebellion)
Space Pirates and Zombies (HKLM-x32\...\Steam App 107200) (Version:  - MinMax Games Ltd.)
SpaceChem (HKLM-x32\...\Steam App 92800) (Version:  - Zachtronics)
Speedball 2: Tournament (HKLM-x32\...\Steam App 10700) (Version:  - Kylotonn Entertainment)
SpeedFan (remove only) (HKLM-x32\...\SpeedFan) (Version:  - )
Spiral Knights (HKLM-x32\...\Steam App 99900) (Version:  - Three Rings)
SportTracks 2.1 (HKLM-x32\...\{E6FA148F-1E7D-4A42-A9A2-7DFABC2C6A2B}) (Version: 2.1.3478 - Zone Five Software)
Spotify (HKCU\...\Spotify) (Version: 0.9.10.14.g578d350b - Spotify AB)
Star Wars: Knights of the Old Republic (HKLM-x32\...\Steam App 32370) (Version:  - BioWare)
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
Still Life (HKLM-x32\...\Steam App 46480) (Version:  - Anuman / Microids)
Supreme Commander (HKLM-x32\...\Steam App 9350) (Version:  - Gas Powered Games)
Supreme Commander: Forged Alliance (HKLM-x32\...\Steam App 9420) (Version:  - Gas Powered Games)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Syberia (HKLM-x32\...\Steam App 46500) (Version:  - Anuman / Microids)
SyncToy 2.1 (x64) (HKLM\...\{88DAAF05-5A72-46D2-A7C5-C3759697E943}) (Version: 2.1.0 - Microsoft)
TeamViewer 8 (HKLM-x32\...\TeamViewer 8) (Version: 8.0.19045 - TeamViewer)
The Dark Eye -  Chains of Satinav (HKLM-x32\...\GOGPACKDARKEYECHAINSOFSATINAV_is1) (Version: 2.0.0.4 - GOG.com)
The Dark Eye - Chains of Satinav (HKLM-x32\...\Satinav) (Version: 1.0 - Daedalic Entertainment)
The Elder Scrolls V: Skyrim (HKLM-x32\...\Steam App 72850) (Version:  - Bethesda Game Studios)
The Guild II (HKLM-x32\...\Steam App 39650) (Version:  - 4 Head Studios)
The Longest Journey (HKLM-x32\...\Steam App 6310) (Version:  - Funcom)
The Lord of the Rings: War in the North (HKLM-x32\...\Steam App 32800) (Version:  - Snowblind Studios)
The Political Machine 2012 (HKLM-x32\...\Steam App 211120) (Version:  - Stardock Entertainment)
The Showdown Effect (HKLM-x32\...\Steam App 204080) (Version:  - Arrowhead Game Studios)
The Testament of Sherlock Holmes (HKLM-x32\...\Steam App 205650) (Version:  - Frogwares)
Toki Tori (HKLM-x32\...\Steam App 38700) (Version:  - Two Tribes)
Trine (HKLM-x32\...\Steam App 35700) (Version:  - Frozenbyte)
Tropico 3 - Steam Special Edition (HKLM-x32\...\Steam App 23490) (Version:  - Haemimont Games)
Tropico 3: Absolute Power (HKLM-x32\...\Steam App 57600) (Version:  - Haemimont Games)
Turbo Lister 2 (HKLM-x32\...\{8927E07C-97F7-4A54-88FB-D976F50DD46E}) (Version: 2.00.0000 - eBay Inc.)
Uplink (HKLM-x32\...\Steam App 1510) (Version:  - Introversion Software)
VIA Plattform-Geräte-Manager (HKLM-x32\...\InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}) (Version: 1.39 - VIA Technologies, Inc.)
VLC media player 2.1.3 (HKLM-x32\...\VLC media player) (Version: 2.1.3 - VideoLAN)
War of the Roses (HKLM-x32\...\Steam App 42160) (Version:  - Fatshark)
Wargame: European Escalation (HKLM-x32\...\Steam App 58610) (Version:  - Eugen Systems)
Warhammer 40,000: Dawn of War - Game of the Year Edition (HKLM-x32\...\Steam App 4570) (Version:  - Relic Entertainment)
Warlock - Master of the Arcane (HKLM-x32\...\Steam App 203630) (Version:  - Ino-Co Plus)
WhoCrashed 4.01 (HKLM\...\WhoCrashed_is1) (Version:  - Resplendence Software Projects Sp.)
Windows Driver Package - Garmin (grmnusb) GARMIN Devices  (04/19/2012 2.3.1.0) (HKLM\...\98157A226B40B173301B0F53C8E98C47805D5152) (Version: 04/19/2012 2.3.1.0 - Garmin)
Windows-Treiberpaket - Nokia Modem  (02/25/2011 4.7) (HKLM\...\E0AC723A3DE3A04256288CADBBB011B112AED454) (Version: 02/25/2011 4.7 - Nokia)
Windows-Treiberpaket - Nokia Modem  (02/25/2011 7.01.0.9) (HKLM\...\72A50F48CC5601190B9C4E74D81161693133E7F7) (Version: 02/25/2011 7.01.0.9 - Nokia)
Windows-Treiberpaket - Nokia pccsmcfd  (08/22/2008 7.0.0.0) (HKLM\...\FCEC33AD40CEA5E0FC4CEE6E42041A0DA189652D) (Version: 08/22/2008 7.0.0.0 - Nokia)
Windows-Treiberpaket - Nokia pccsmcfd LegacyDriver  (05/31/2012 7.1.2.0) (HKLM\...\62BBD193ADFDBB228C7E1ADB56463F5732FF7F6F) (Version: 05/31/2012 7.1.2.0 - Nokia)
Xvid 1.2.2 final uninstall (HKLM-x32\...\Xvid_is1) (Version: 1.2 - Xvid team (Koepi))

==================== Restore Points  =========================

22-06-2014 10:16:08 Geplanter Prüfpunkt

==================== Hosts content: ==========================

2013-08-22 15:25 - 2013-08-22 15:25 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

Task: {05293577-D647-4185-B859-C94839A0B2E3} - System32\Tasks\Microsoft\Windows\SettingSync\NetworkStateChangeTask
Task: {086E9480-28C6-488B-B15C-D5053A33C449} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2013-05-24] (Piriform Ltd)
Task: {0A64376F-9FA7-4266-BDC9-DBD4D53BE937} - System32\Tasks\Microsoft\Windows\Shell\FamilySafetyUpload
Task: {0B545118-B563-42FC-8D07-B78F602FCF34} - System32\Tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask => Rundll32.exe WSClient.dll,RefreshBannedAppsList
Task: {182E5EE3-4DB8-4435-AAE6-23E18DFDCD36} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-06-18] (Google Inc.)
Task: {1EDD119C-FF2C-4702-A944-F5547B960775} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-06-18] (Google Inc.)
Task: {2085BF56-520D-4951-B7C0-DF34AF90CC6A} - System32\Tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask => Rundll32.exe sysmain.dll,PfSvWsSwapAssessmentTask
Task: {224CB08B-9F42-428A-A316-44C6552026CC} - System32\Tasks\Speedfan => C:\Program Files (x86)\SpeedFan\speedfan.exe [2013-03-15] (Almico Software (www.almico.com))
Task: {25BE08B0-07B1-4619-9FB2-9A8104F6BD12} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2014-06-11] (Microsoft Corporation)
Task: {2950E73E-90A5-49AE-AB7D-F0E77FDC0FBD} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2014-04-23] (AVAST Software)
Task: {2BBA18FA-B1C7-4D5B-B015-2A0614424237} - System32\Tasks\Microsoft\Windows\WOF\WIM-Hash-Management
Task: {2C9C0C6C-2A74-46F2-858A-4389D253EAD0} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCachePrepopulate
Task: {2FC67C5C-FD78-48EC-AA2F-6C270C23EEF4} - System32\Tasks\Microsoft\Windows\DiskCleanup\SilentCleanup => C:\Windows\system32\cleanmgr.exe [2014-02-22] (Microsoft Corporation)
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\Windows\System32\AutoWorkplace.exe [2013-08-22] (Microsoft Corporation)
Task: {3B6D8A73-F20B-4C93-B8FB-56A154F172D2} - System32\Tasks\Microsoft\Windows\Time Zone\SynchronizeTimeZone => C:\Windows\system32\tzsync.exe [2013-08-22] (Microsoft Corporation)
Task: {42645927-5356-4E63-9C6A-0FC800CC5E03} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-06-11] (Adobe Systems Incorporated)
Task: {49754026-21E1-41FC-94FD-727AFE414FE7} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCacheRebalance
Task: {6AA91E8C-DDBD-4979-8464-4062F7681A19} - System32\Tasks\Microsoft\Windows\Plug and Play\Plug and Play Cleanup
Task: {6DFCB649-0769-4F83-BB10-F60F235F6D3D} - System32\Tasks\Microsoft\Windows\SkyDrive\Idle Sync Maintenance Task
Task: {73B1B253-CE67-4501-AE1A-377DD1D68B65} - System32\Tasks\Microsoft\Windows\Application Experience\StartupAppTask => Rundll32.exe Startupscan.dll,SusRunTask
Task: {77F1D869-6E65-4079-A2A0-E2023408EF97} - System32\Tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState => Rundll32.exe Windows.Storage.ApplicationData.dll,CleanupTemporaryState
Task: {872D0E53-FD2E-41E3-B431-698AF82882CE} - System32\Tasks\Microsoft\Windows\SkyDrive\Routine Maintenance Task
Task: {8CA9600E-F7F2-4700-B8C3-BAD4CC78E2C2} - System32\Tasks\Microsoft\Windows\WOF\WIM-Hash-Validation
Task: {8CC813C9-712A-41EF-9512-B233444FC669} - System32\Tasks\Microsoft\Windows\AppxDeploymentClient\Pre-staged app cleanup => Rundll32.exe %windir%\system32\AppxDeploymentClient.dll,AppxPreStageCleanupRunTask
Task: {99AE2898-B5EB-4AE9-A5D6-5229DB4F1CA8} - System32\Tasks\Microsoft\Windows\DiskFootprint\Diagnostics
Task: {9FF4C139-5234-410C-B7FA-23EE2FD2AB53} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Maintenance Work
Task: {CFD7C21A-808B-487B-A6EC-8A10E44E8360} - System32\Tasks\Microsoft\Windows\SettingSync\BackupTask
Task: {D8188F21-C6F3-41EB-AB00-A0C0FAEC49C4} - System32\Tasks\ASUS\ASUS Update Checker => C:\Program Files (x86)\ASUS\ASUSUpdate\UpdateChecker\UpdateChecker.exe [2008-12-11] ()
Task: {D88FEC9E-A82A-46F9-87E2-B6B97B301C1A} - System32\Tasks\Microsoft\Windows\WS\License Validation => Rundll32.exe WSClient.dll,WSpTLR licensing
Task: {DA46820F-FF8A-4B5E-A6B2-B12185DCFFFB} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Logon Synchronization
Task: {E6D378FA-E068-4BCB-80DE-56D43A249507} - System32\Tasks\Microsoft\Windows\RecoveryEnvironment\VerifyWinRE
Task: {FAFD4D09-8B9F-403D-9254-BFFD7F3C11C9} - System32\Tasks\Microsoft\Windows\WindowsUpdate\Scheduled Start With Network => Sc.exe start wuauserv
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2014-06-26 09:40 - 2014-06-26 09:40 - 02783744 _____ () C:\Program Files\AVAST Software\Avast\defs\14062501\algo.dll
2013-02-05 10:11 - 2013-02-05 10:11 - 00465824 _____ () C:\Program Files (x86)\NTI\NTI Backup Now EZ\sqlite3.dll
2014-06-26 09:49 - 2014-06-26 11:12 - 00158720 _____ () C:\Users\Thomas\AppData\Local\Temp\sfareca00001.dll
2013-10-18 13:05 - 2014-06-26 11:12 - 00192512 _____ () C:\Users\Thomas\AppData\Local\Temp\sfamcc00001.dll
2013-10-18 13:14 - 2013-10-18 13:14 - 19336120 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2014-06-18 12:08 - 2014-06-18 12:08 - 03852912 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
2014-06-11 11:43 - 2014-06-11 11:43 - 03022960 _____ () C:\Program Files (x86)\Mozilla Thunderbird\mozjs.dll
2014-06-11 11:43 - 2014-06-11 11:43 - 00158832 _____ () C:\Program Files (x86)\Mozilla Thunderbird\NSLDAP32V60.dll
2014-06-11 11:43 - 2014-06-11 11:43 - 00023152 _____ () C:\Program Files (x86)\Mozilla Thunderbird\NSLDAPPR32V60.dll

==================== Alternate Data Streams (whitelisted) =========

AlternateDataStreams: C:\ProgramData\TEMP:E8BE05FA
AlternateDataStreams: C:\Users\Thomas\SkyDrive:ms-properties

==================== Safe Mode (whitelisted) ===================


==================== EXE Association (whitelisted) =============


==================== MSCONFIG/TASK MANAGER disabled items =========

HKLM\...\StartupApproved\Run: => "Logitech Download Assistant"
HKLM\...\StartupApproved\Run: => "XboxStat"
HKLM\...\StartupApproved\Run32: => "Adobe ARM"
HKLM\...\StartupApproved\Run32: => "StartCCC"
HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
HKLM\...\StartupApproved\Run32: => "SDTray"
HKLM\...\StartupApproved\Run32: => "NokiaMServer"
HKLM\...\StartupApproved\Run32: => "NSU_agent"
HKCU\...\StartupApproved\StartupFolder: => "Registration Assassin's Creed.LNK"
HKCU\...\StartupApproved\Run: => "icq"
HKCU\...\StartupApproved\Run: => "Steam"
HKCU\...\StartupApproved\Run: => "Spotify Web Helper"
HKCU\...\StartupApproved\Run: => "PC Suite Tray"

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (06/26/2014 00:06:46 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest2" in Zeile C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest.

Error: (06/26/2014 11:12:21 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: VDeck.exe, Version: 10.12.0.30, Zeitstempel: 0x5088de9d
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.3.9600.17031, Zeitstempel: 0x530895af
Ausnahmecode: 0xc0000374
Fehleroffset: 0x00000000000f8c9c
ID des fehlerhaften Prozesses: 0xe70
Startzeit der fehlerhaften Anwendung: 0xVDeck.exe0
Pfad der fehlerhaften Anwendung: VDeck.exe1
Pfad des fehlerhaften Moduls: VDeck.exe2
Berichtskennung: VDeck.exe3
Vollständiger Name des fehlerhaften Pakets: VDeck.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: VDeck.exe5

Error: (06/26/2014 10:47:24 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest2" in Zeile C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest.

Error: (06/26/2014 10:47:22 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest2" in Zeile C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest.

Error: (06/26/2014 10:47:19 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest2" in Zeile C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest.

Error: (06/26/2014 10:33:33 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: ELMOS_PC)
Description: Bei der Aktivierung der App „microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1“ ist folgender Fehler aufgetreten: -2147009284. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.

Error: (06/26/2014 10:33:33 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: ELMOS_PC)
Description: Bei der Aktivierung der App „microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1“ ist folgender Fehler aufgetreten: -2147009284. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.

Error: (06/26/2014 10:03:33 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: ELMOS_PC)
Description: Bei der Aktivierung der App „microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1“ ist folgender Fehler aufgetreten: -2147009284. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.

Error: (06/26/2014 10:03:33 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: ELMOS_PC)
Description: Bei der Aktivierung der App „microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1“ ist folgender Fehler aufgetreten: -2147009284. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.

Error: (06/26/2014 09:48:52 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: ELMOS_PC)
Description: Bei der Aktivierung der App „microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1“ ist folgender Fehler aufgetreten: -2147009284. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.


System errors:
=============
Error: (06/26/2014 11:12:00 AM) (Source: EventLog) (EventID: 6008) (User: )
Description: Das System wurde zuvor am ‎26.‎06.‎2014 um 11:08:29 unerwartet heruntergefahren.

Error: (06/26/2014 10:33:28 AM) (Source: DCOM) (EventID: 10001) (User: ELMOS_PC)
Description: "C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20498_x64__8wekyb3d8bbwe\LiveComm.exe" -ServerName:Microsoft.WindowsLive.Platform.Server15612Microsoft.WindowsLive.Mail.AppXj3e9v0xw9sf8t58nqr15tqqb2yq4zsfg.mcaNicht verfügbarNicht verfügbar

Error: (06/26/2014 10:33:28 AM) (Source: DCOM) (EventID: 10001) (User: ELMOS_PC)
Description: "C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20498_x64__8wekyb3d8bbwe\LiveComm.exe" -ServerName:Microsoft.WindowsLive.Platform.Server15612Microsoft.WindowsLive.Mail.AppXj3e9v0xw9sf8t58nqr15tqqb2yq4zsfg.mcaNicht verfügbarNicht verfügbar

Error: (06/26/2014 10:03:28 AM) (Source: DCOM) (EventID: 10001) (User: ELMOS_PC)
Description: "C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20498_x64__8wekyb3d8bbwe\LiveComm.exe" -ServerName:Microsoft.WindowsLive.Platform.Server15612Microsoft.WindowsLive.Mail.AppXj3e9v0xw9sf8t58nqr15tqqb2yq4zsfg.mcaNicht verfügbarNicht verfügbar

Error: (06/26/2014 10:03:28 AM) (Source: DCOM) (EventID: 10001) (User: ELMOS_PC)
Description: "C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20498_x64__8wekyb3d8bbwe\LiveComm.exe" -ServerName:Microsoft.WindowsLive.Platform.Server15612Microsoft.WindowsLive.Mail.AppXj3e9v0xw9sf8t58nqr15tqqb2yq4zsfg.mcaNicht verfügbarNicht verfügbar

Error: (06/26/2014 09:48:47 AM) (Source: DCOM) (EventID: 10001) (User: ELMOS_PC)
Description: "BackgroundTransferHost.exe" -ServerName:BackgroundTransferHost.415612Windows.Networking.BackgroundTransfer.Internal.NetworkChangeTask.ClassId.4Nicht verfügbarNicht verfügbar

Error: (06/26/2014 09:48:47 AM) (Source: DCOM) (EventID: 10001) (User: ELMOS_PC)
Description: "C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20498_x64__8wekyb3d8bbwe\LiveComm.exe" -ServerName:Microsoft.WindowsLive.Platform.Server15612Microsoft.WindowsLive.Mail.AppXj3e9v0xw9sf8t58nqr15tqqb2yq4zsfg.mcaNicht verfügbarNicht verfügbar

Error: (06/26/2014 09:48:47 AM) (Source: DCOM) (EventID: 10001) (User: ELMOS_PC)
Description: "BackgroundTransferHost.exe" -ServerName:BackgroundTransferHost.415612Windows.Networking.BackgroundTransfer.Internal.NetworkChangeTask.ClassId.4Nicht verfügbarNicht verfügbar

Error: (06/26/2014 09:48:47 AM) (Source: DCOM) (EventID: 10001) (User: ELMOS_PC)
Description: "BackgroundTransferHost.exe" -ServerName:BackgroundTransferHost.415612Windows.Networking.BackgroundTransfer.Internal.NetworkChangeTask.ClassId.4Nicht verfügbarNicht verfügbar

Error: (06/26/2014 09:48:47 AM) (Source: DCOM) (EventID: 10001) (User: ELMOS_PC)
Description: "C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20498_x64__8wekyb3d8bbwe\LiveComm.exe" -ServerName:Microsoft.WindowsLive.Platform.Server15612Microsoft.WindowsLive.Mail.AppXj3e9v0xw9sf8t58nqr15tqqb2yq4zsfg.mcaNicht verfügbarNicht verfügbar


Microsoft Office Sessions:
=========================
Error: (06/26/2014 00:06:46 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifestC:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifestC:\Users\Thomas\Downloads\esetsmartinstaller_deu.exe

Error: (06/26/2014 11:12:21 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: VDeck.exe10.12.0.305088de9dntdll.dll6.3.9600.17031530895afc000037400000000000f8c9ce7001cf911ebc134ed0C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exeC:\WINDOWS\SYSTEM32\ntdll.dllfa750dd1-fd11-11e3-8024-002354c09b62

Error: (06/26/2014 10:47:24 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifestC:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifestC:\Users\Thomas\Downloads\esetsmartinstaller_deu.exe

Error: (06/26/2014 10:47:22 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifestC:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifestC:\Users\Thomas\Downloads\esetsmartinstaller_deu.exe

Error: (06/26/2014 10:47:19 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifestC:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifestC:\Users\Thomas\Downloads\esetsmartinstaller_deu.exe

Error: (06/26/2014 10:33:33 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: ELMOS_PC)
Description: microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1-2147009284

Error: (06/26/2014 10:33:33 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: ELMOS_PC)
Description: microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1-2147009284

Error: (06/26/2014 10:03:33 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: ELMOS_PC)
Description: microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1-2147009284

Error: (06/26/2014 10:03:33 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: ELMOS_PC)
Description: microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1-2147009284

Error: (06/26/2014 09:48:52 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: ELMOS_PC)
Description: microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1-2147009284


CodeIntegrity Errors:
===================================
  Date: 2014-01-07 21:05:48.235
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Users\Thomas\AppData\Local\Temp\EverestDriver.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2014-01-07 21:05:48.157
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files (x86)\Lavalys\EVEREST Home Edition\kerneld.amd64 because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2014-01-07 21:04:19.906
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Users\Thomas\AppData\Local\Temp\EverestDriver.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2014-01-07 21:04:19.813
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files (x86)\Lavalys\EVEREST Home Edition\kerneld.amd64 because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2013-10-21 01:13:19.524
  Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume1\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2013-10-21 01:13:19.184
  Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume1\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2013-10-21 01:13:19.068
  Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume1\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2013-10-21 01:13:18.851
  Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume1\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2013-10-21 01:13:18.650
  Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume1\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2013-10-21 01:13:17.997
  Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume1\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.


==================== Memory info =========================== 

Percentage of memory in use: 49%
Total physical RAM: 4095.11 MB
Available physical RAM: 2086.54 MB
Total Pagefile: 4799.11 MB
Available Pagefile: 2838.52 MB
Total Virtual: 131072 MB
Available Virtual: 131071.79 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:119.24 GB) (Free:10.97 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive d: () (Fixed) (Total:101.76 GB) (Free:5.47 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive e: (D:) (Fixed) (Total:474.88 GB) (Free:63.93 GB) NTFS
Drive f: (Volume) (Fixed) (Total:19.53 GB) (Free:13.92 GB) NTFS
Drive k: (Kehrmaschine) (CDROM) (Total:0.54 GB) (Free:0 GB) CDFS
Drive l: (Spiele und Daten) (Fixed) (Total:1863.01 GB) (Free:33.17 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 119 GB) (Disk ID: 87D89C25)
Partition 1: (Active) - (Size=119 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (Size: 596 GB) (Disk ID: F4853CA8)
Partition 1: (Active) - (Size=102 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=475 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=20 GB) - (Type=07 NTFS)

========================================================
Disk: 2 (MBR Code: Windows 7 or 8) (Size: 1863 GB) (Disk ID: 49A3C25B)
Partition 1: (Not Active) - (Size=-198626508800) - (Type=07 NTFS)

==================== End Of Log ============================
         
Mögt ihr einmal drüberschauen, und mir sagen, was davon zu halten ist? Im Zweifelsfall ziehe ich auf jeden Fall ein unkompromittiertes System vor, wichtige Daten sind auf der Platte nicht, nur System und Programme.

Schon mal ganz herzlichen Dank!

Alt 26.06.2014, 12:23   #2
schrauber
/// the machine
/// TB-Ausbilder
 

Avast meldet Dropper.gen, Eset DownloadSponsor.A in RecycleBin - Standard

Avast meldet Dropper.gen, Eset DownloadSponsor.A in RecycleBin



hi,

einfach mal den Papierkorb leeren
__________________

__________________

Alt 27.06.2014, 11:49   #3
aethelstan
 
Avast meldet Dropper.gen, Eset DownloadSponsor.A in RecycleBin - Standard

Avast meldet Dropper.gen, Eset DownloadSponsor.A in RecycleBin



Hi schrauber,

Papierkorb ist gelöscht, Avast meldet nun auch nichts mehr.

ESet habe ich auch noch einmal drüberlaufen lassen, der hat noch zwei weitere Funde gehabt, beides wohl Adware:
C:\Users\Thomas\AppData\Local\Temp\OCS\ocs_v71b.exe Variante von Win32/DownloadSponsor.A evtl. unerwünschte Anwendung
D:\Users\*\Downloads\ashampoo_photo_commander_7_7.31_7011.exe Variante von Win32/Toolbar.Conduit.B evtl. unerwünschte Anwendung

Reicht es, die beiden Dateien einfach zu löschen, oder sollte ich sicherheitshalber noch etwas Anderes machen?

Viele Grüße
aethelstan
__________________

Alt 28.06.2014, 12:48   #4
schrauber
/// the machine
/// TB-Ausbilder
 

Avast meldet Dropper.gen, Eset DownloadSponsor.A in RecycleBin - Standard

Avast meldet Dropper.gen, Eset DownloadSponsor.A in RecycleBin



nö, löschen reicht
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 28.06.2014, 16:36   #5
aethelstan
 
Avast meldet Dropper.gen, Eset DownloadSponsor.A in RecycleBin - Standard

Avast meldet Dropper.gen, Eset DownloadSponsor.A in RecycleBin



Hi schrauber,

das sind ja mal beruhigende Nachrichten. :-)

Dann kann der Thread zu.

Dank Dir ganz herzlich, und schönes WE noch,
aethelstan


Alt 29.06.2014, 10:59   #6
schrauber
/// the machine
/// TB-Ausbilder
 

Avast meldet Dropper.gen, Eset DownloadSponsor.A in RecycleBin - Standard

Avast meldet Dropper.gen, Eset DownloadSponsor.A in RecycleBin



Gern Geschehen
__________________
--> Avast meldet Dropper.gen, Eset DownloadSponsor.A in RecycleBin

Antwort

Themen zu Avast meldet Dropper.gen, Eset DownloadSponsor.A in RecycleBin
adobe, adware, alert, antivirus, association, avast, browser, defender, dropper.gen, fehler, firefox, flash player, focus, helper, homepage, livecomm.exe, mozilla, nemesis, pirates, registry, rundll, scan, schutz, security, server, shark, software, spotify web helper, svchost.exe, usb, windows, windowsapps



Ähnliche Themen: Avast meldet Dropper.gen, Eset DownloadSponsor.A in RecycleBin


  1. TR/Dropper.Gen und PUA/DownloadSponsor.Gen
    Plagegeister aller Art und deren Bekämpfung - 01.05.2015 (16)
  2. Windows 7; ESET Online-Scanner Fund "Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung"
    Log-Analyse und Auswertung - 27.04.2015 (13)
  3. DHL-Mail geöffnet - Avira meldet 'PUA/DownloadSponsor.Gen
    Log-Analyse und Auswertung - 11.03.2015 (11)
  4. Windows 7: Avira meldet am 09.03.15 zwei Funde: pua/downloadsponsor.gen
    Log-Analyse und Auswertung - 11.03.2015 (3)
  5. Windows7: Avira meldet am 6.3.2015 ebenfalls PUA/DownloadSponsor.Gen
    Log-Analyse und Auswertung - 10.03.2015 (9)
  6. Avira meldet Fund von PUA/DownloadSponsor.Gen - Versuch die hier geforderten Log-Dateien zu generieren scheitert bei Schritt 3
    Log-Analyse und Auswertung - 08.03.2015 (7)
  7. AVIRA meldet vermehrt Fund: PUA/DownloadSponsor.Gen
    Log-Analyse und Auswertung - 08.03.2015 (9)
  8. Pup.Optional.DownloadSponsor von Malwarebytes free beim Suchlauf gefunden, Avast hat nichts angezeigt.
    Plagegeister aller Art und deren Bekämpfung - 18.02.2015 (6)
  9. Eset Virenscan meldet befallene Website
    Plagegeister aller Art und deren Bekämpfung - 07.11.2014 (3)
  10. Windows 8.1: Avast meldet Fund "Win32:Dropper-gen[Drp]"
    Log-Analyse und Auswertung - 26.07.2014 (19)
  11. Windows7: ESET meldet Win32/StartPage OPH Trojaner
    Log-Analyse und Auswertung - 08.04.2014 (9)
  12. ESET meldet spy.zbot.aao trojaner
    Plagegeister aller Art und deren Bekämpfung - 05.12.2013 (9)
  13. Computer sehr langsam - ESET meldet Infektionen!
    Log-Analyse und Auswertung - 05.11.2013 (7)
  14. Eset meldet Win32/Virut.NBP Virus
    Plagegeister aller Art und deren Bekämpfung - 25.10.2013 (9)
  15. Eset meldet Kryptik AMQ Trojaner
    Log-Analyse und Auswertung - 08.11.2012 (2)
  16. ESET meldet CDBurnerXP als Virus
    Plagegeister aller Art und deren Bekämpfung - 01.08.2011 (1)
  17. ESET meldet WIN32/Conficker.AL Wurm
    Plagegeister aller Art und deren Bekämpfung - 02.07.2009 (0)

Zum Thema Avast meldet Dropper.gen, Eset DownloadSponsor.A in RecycleBin - Hallo, nachdem mein Rechner heute beim Hochfahren und auch später noch etwas rumgemuckt hat (zwar selten, aber kommt schon mal vor), habe ich sicherheitshalber mal einen Komplettscan mit Avast und - Avast meldet Dropper.gen, Eset DownloadSponsor.A in RecycleBin...
Archiv
Du betrachtest: Avast meldet Dropper.gen, Eset DownloadSponsor.A in RecycleBin auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.