| JamesKirk12 | 08.11.2015 23:25 |
Windows 8: Ständige Werbepopups
Hallo!
Seit etwa einer Woche habe ich ein Problem mit meinem Computer:
Es öffnen sich etwa alle 30 Sekunden beim Klicken in beliebigen Browsern (Sogar im Steam - Browser) Werbeanzeigen wie beispielsweise "ReImage Repair" oder "PC - Reparatur" etc. Das passierte jedes mal 3 mal, bevor ich auf den gewünschten Link drücken konnte. Seit ich DNS-Unlocker deinstalliert habe, passiert das nur noch 1 mal. (Ich bin auf diese Seite erst später gestossen) Allerdings kommen weiterhin die typischen Hover-Ads "powered by DNSUnlocker".
Außerdem hat Adblock gerne mal 500 Anzeigen geblockt, wenn man eine Seite 5 Minuten in ihrem Zustand lässt. Antiviren-Programme haben bislang nichts schädliches gefunden. Hier meine Logs:
defogger hat sofort "Finished!" ausgegeben, nichts ist weiter passiert.
FRST: Code:
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:07-11-2015
durchgeführt von *Name* (Administrator) auf *Name*PC (08-11-2015 22:24:58)
Gestartet von C:\Users\\Downloads
Geladene Profile: *Name* (Verfügbare Profile: *Name*)
Platform: Windows 8.1 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(NVIDIA Corporation) C:\WINDOWS\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe
(CyberLink) C:\Program Files (x86)\CyberLink\PowerDVD10\Device\MediaServer\CLMSMonitorService.exe
(CyberLink) C:\Program Files (x86)\CyberLink\PowerDVD10\Device\MediaServer\CLMSServer.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
() C:\Program Files\CyberLink\Shared files\RichVideo64.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.28.15\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.28.15\GoogleCrashHandler64.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\WINDOWS\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Microsoft Corporation) C:\WINDOWS\System32\SkyDrive.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
() C:\Program Files (x86)\MOUSE Editor\MouseEditor.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Microsoft Corporation) C:\WINDOWS\System32\GWX\GWX.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
(GOG.com) C:\Program Files (x86)\GalaxyClient\GalaxyClient.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
(Dropbox, Inc.) C:\Users\*Name*\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe
(Wondershare) C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
() C:\Users\*Name*\Desktop\SkinSpotlightsReplays.RELEASE.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(GOG.com) C:\Program Files (x86)\GalaxyClient\GalaxyClient Helper.exe
(GOG.com) C:\Program Files (x86)\GalaxyClient\GalaxyClient Helper.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Microsoft Corporation) C:\WINDOWS\System32\SettingSyncHost.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe
() C:\Users\*Name*\Downloads\Defogger.exe
==================== Registry (Nicht auf der Ausnahmeliste) ===========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13219984 2012-11-07] (Realtek Semiconductor)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2585744 2015-03-13] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [285240 2012-11-19] (Intel Corporation)
HKLM-x32\...\Run: [CLMLServer_For_P2G8] => C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [110144 2013-03-05] (CyberLink)
HKLM-x32\...\Run: [CLVirtualDrive] => C:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe [492248 2012-12-26] (CyberLink Corp.)
HKLM-x32\...\Run: [RemoteControl10] => C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [95192 2013-03-11] (CyberLink Corp.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [508800 2014-12-17] (Oracle Corporation)
HKLM-x32\...\Run: [AVP] => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\runner_avp.exe [24504 2012-10-04] (Kaspersky Lab ZAO)
HKLM-x32\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [1980416 2013-12-18] (Wondershare)
HKLM-x32\...\Run: [DelaypluginInstall] => C:\ProgramData\Wondershare\AllMyTube\DelayPluginI.exe [1960336 2015-05-22] ()
HKLM-x32\...\Run: [BrowserPlugInHelper] => C:\Program Files (x86)\Wondershare\Video Converter Ultimate\BrowserPlugInHelper.exe [410472 2012-09-28] (Wondershare Software)
HKLM\...\Policies\Explorer: [ConfirmFileDelete] 1
HKU\S-1-5-21-575014512-1550774308-974230977-1003\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [7451928 2015-03-13] (Piriform Ltd)
HKU\S-1-5-21-575014512-1550774308-974230977-1003\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3011152 2015-11-05] (Valve Corporation)
HKU\S-1-5-21-575014512-1550774308-974230977-1003\...\Run: [GalaxyClient] => C:\Program Files (x86)\GalaxyClient\GalaxyClient.exe [7744568 2015-10-15] (GOG.com)
HKU\S-1-5-21-575014512-1550774308-974230977-1003\...\Run: [OKAYFREEDOM_Update] => "C:\Program Files (x86)\OkayFreedom\Updater.exe" --resume --verbosity silent
HKU\S-1-5-21-575014512-1550774308-974230977-1003\...\Run: [Dropbox Update] => C:\Users\*Name*\AppData\Local\Dropbox\Update\DropboxUpdate.exe [134512 2015-06-19] (Dropbox, Inc.)
HKU\S-1-5-21-575014512-1550774308-974230977-1003\...\Run: [OscarEditor] => C:\Program Files (x86)\MOUSE Editor\MouseEditor.exe [3333632 2015-06-22] ()
HKU\S-1-5-21-575014512-1550774308-974230977-1003\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [57987712 2015-09-27] (Skype Technologies S.A.)
HKU\S-1-5-21-575014512-1550774308-974230977-1003\...\MountPoints2: {7070d632-cc30-11e4-824e-806e6f6e6963} - "E:\Autorun.exe"
ShellIconOverlayIdentifiers: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\*Name*\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-10-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\*Name*\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-10-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\*Name*\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-10-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\*Name*\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-10-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\*Name*\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-10-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\*Name*\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-10-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\*Name*\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-10-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\*Name*\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-10-13] (Dropbox, Inc.)
Startup: C:\Users\*Name*\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2015-10-17]
ShortcutTarget: Dropbox.lnk -> C:\Users\*Name*\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\Users\*Name*\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\SkinSpotlightsReplays.RELEASE - Verknüpfung.lnk [2015-10-26]
ShortcutTarget: SkinSpotlightsReplays.RELEASE - Verknüpfung.lnk -> C:\Users\*Name*\Desktop\SkinSpotlightsReplays.RELEASE.exe ()
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{3E6467D9-2B58-4A83-BDD4-CBA393E1A384}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{7EDBE508-D8F9-4584-84A0-B0CC96EDA048}: [DhcpNameServer] 192.168.1.1
Internet Explorer:
==================
HKU\S-1-5-21-575014512-1550774308-974230977-1003\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://google.de/
HKU\S-1-5-21-575014512-1550774308-974230977-1003\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://lenovo13.msn.com
BHO: Content Blocker Plugin -> {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\x64\IEExt\ContentBlocker\ie_content_blocker_plugin.dll [2015-03-01] (Kaspersky Lab ZAO)
BHO: Virtual Keyboard Plugin -> {73455575-E40C-433C-9784-C78DC7761455} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\x64\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll [2015-03-01] (Kaspersky Lab ZAO)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_31\bin\ssv.dll [2015-03-03] (Oracle Corporation)
BHO: Safe Money Plugin -> {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\x64\IEExt\OnlineBanking\online_banking_bho.dll [2015-03-01] (Kaspersky Lab ZAO)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_31\bin\jp2ssv.dll [2015-03-03] (Oracle Corporation)
BHO: URL Advisor Plugin -> {E33CF602-D945-461A-83F0-819F76A199F8} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\x64\IEExt\UrlAdvisor\klwtbbho.dll [2015-03-01] (Kaspersky Lab ZAO)
BHO-x32: Wondershare AllMyTube 4.3.0 -> {067DF9EC-26B7-40DC-8DB8-CD8BE85AE367} -> C:\ProgramData\Wondershare\AllMyTube\WSBrowserAppMgr.dll [2015-05-22] (Wondershare)
BHO-x32: Content Blocker Plugin -> {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\ContentBlocker\ie_content_blocker_plugin.dll [2015-03-01] (Kaspersky Lab ZAO)
BHO-x32: Wondershare Video Converter Ultimate -> {65DEE40A-3E93-4cae-9F98-B8E06DCEE2BF} -> C:\Program Files (x86)\Wondershare\Video Converter Ultimate\SVRIEPlugin.dll [2012-09-28] (Wondershare Software Co., Ltd.)
BHO-x32: Virtual Keyboard Plugin -> {73455575-E40C-433C-9784-C78DC7761455} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll [2015-03-01] (Kaspersky Lab ZAO)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\ssv.dll [2015-03-01] (Oracle Corporation)
BHO-x32: Safe Money Plugin -> {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\OnlineBanking\online_banking_bho.dll [2015-03-01] (Kaspersky Lab ZAO)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\jp2ssv.dll [2015-03-01] (Oracle Corporation)
BHO-x32: URL Advisor Plugin -> {E33CF602-D945-461A-83F0-819F76A199F8} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\UrlAdvisor\klwtbbho.dll [2015-03-01] (Kaspersky Lab ZAO)
Handler: WSAllMyTubechrome - {0A0C95CF-A116-4C74 - Keine Datei
FireFox:
========
FF ProfilePath: C:\Users\*Name*\AppData\Roaming\Mozilla\Firefox\Profiles\k3s6mb9w.default
FF Plugin: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll [2015-03-03] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files\Java\jre1.8.0_31\bin\plugin2\npjp2.dll [2015-03-03] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-27] ( Microsoft Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-11-16] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-11-16] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll [2015-03-01] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\plugin2\npjp2.dll [2015-03-01] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-27] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3505.0912 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-09-12] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-07-23] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-07-23] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-15] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-15] (Google Inc.)
FF HKLM-x32\...\Firefox\Extensions: - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\url_advisor@kaspersky.com
FF Extension: Kaspersky URL Advisor - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\url_advisor@kaspersky.com [2015-03-01] [ist nicht signiert]
FF HKLM-x32\...\Firefox\Extensions: [virtual_keyboard@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\virtual_keyboard@kaspersky.com
FF Extension: Virtual Keyboard - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\virtual_keyboard@kaspersky.com [2015-03-01] [ist nicht signiert]
FF HKLM-x32\...\Firefox\Extensions: [content_blocker@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\content_blocker@kaspersky.com
FF Extension: Dangerous Websites Blocker - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\content_blocker@kaspersky.com [2015-03-01] [ist nicht signiert]
FF HKLM-x32\...\Firefox\Extensions: [anti_banner@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\anti_banner@kaspersky.com
FF Extension: Anti-Banner - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\anti_banner@kaspersky.com [2015-03-01] [ist nicht signiert]
FF HKLM-x32\...\Firefox\Extensions: [online_banking@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\online_banking@kaspersky.com
FF Extension: Safe Money - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\online_banking@kaspersky.com [2015-03-01] [ist nicht signiert]
FF HKLM-x32\...\Firefox\Extensions: [AllMyTube@Wondershare.com] - C:\ProgramData\Wondershare\AllMyTube\AllMyTube@Wondershare.com
FF Extension: Wondershare AllMyTube - C:\ProgramData\Wondershare\AllMyTube\AllMyTube@Wondershare.com [2015-07-19] [ist nicht signiert]
FF HKLM-x32\...\Firefox\Extensions: [{8D150B8F-EFE8-45a3-A4A3-053020F48FAC}] - C:\Program Files (x86)\Wondershare\Video Converter Ultimate\SVRFirefoxExt
FF Extension: Wondershare Video Converter Ultimate - C:\Program Files (x86)\Wondershare\Video Converter Ultimate\SVRFirefoxExt [2015-07-19] [ist nicht signiert]
Chrome:
=======
CHR Profile: C:\Users\*Name*\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Präsentationen) - C:\Users\*Name*\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-03-01]
CHR Extension: (Media Hint) - C:\Users\*Name*\AppData\Local\Google\Chrome\User Data\Default\Extensions\akipcefbjlmpbcejgdaopmmidpnjlhnb [2015-08-11]
CHR Extension: (Google Docs) - C:\Users\*Name*\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-03-01]
CHR Extension: (Google Drive) - C:\Users\*Name*\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-21]
CHR Extension: (OkayFreedom) - C:\Users\*Name*\AppData\Local\Google\Chrome\User Data\Default\Extensions\bckipplcmnfhblnpibpbehenelnkpecd [2015-06-12]
CHR Extension: (YouTube) - C:\Users\*Name*\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-25]
CHR Extension: (Adblock Plus) - C:\Users\*Name*\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2015-09-25]
CHR Extension: (Wondershare Video Converter Ultimate) - C:\Users\*Name*\AppData\Local\Google\Chrome\User Data\Default\Extensions\chgdeabpmphfhkoemjjglmilajldekbp [2015-07-19]
CHR Extension: (Google-Suche) - C:\Users\*Name*\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-27]
CHR Extension: (Modul zur Link-Untersuchung) - C:\Users\*Name*\AppData\Local\Google\Chrome\User Data\Default\Extensions\dchlnpcodkpfdpacogkljefecpegganj [2015-03-01]
CHR Extension: (Google Tabellen) - C:\Users\*Name*\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-03-01]
CHR Extension: (Google Text & Tabellen Offline) - C:\Users\*Name*\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-09-05]
CHR Extension: (Sicherer Zahlungsverkehr) - C:\Users\*Name*\AppData\Local\Google\Chrome\User Data\Default\Extensions\hakdifolhalapjijoafobooafbilfakh [2015-03-01]
CHR Extension: (Modul für das Blockieren gefährlicher Webseiten) - C:\Users\*Name*\AppData\Local\Google\Chrome\User Data\Default\Extensions\hghkgaeecgjhjkannahfamoehjmkjail [2015-03-01]
CHR Extension: (Virtuelle Tastatur) - C:\Users\*Name*\AppData\Local\Google\Chrome\User Data\Default\Extensions\jagncdcchgajhfhijbbhecadmaiegcmh [2015-03-01]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\*Name*\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-08-02]
CHR Extension: (Google Mail) - C:\Users\*Name*\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-29]
CHR Extension: (Anti-Banner) - C:\Users\*Name*\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjldcfjmnllhmgjclecdnfampinooman [2015-03-01]
CHR HKLM-x32\...\Chrome\Extension: [chgdeabpmphfhkoemjjglmilajldekbp] - C:\Program Files (x86)\Wondershare\Video Converter Ultimate\SVRChromePlugin.crx [2015-07-19]
CHR HKLM-x32\...\Chrome\Extension: [dchlnpcodkpfdpacogkljefecpegganj] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\ChromeExt\urladvisor.crx [2012-10-04]
CHR HKLM-x32\...\Chrome\Extension: [hakdifolhalapjijoafobooafbilfakh] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\ChromeExt\online_banking_chrome.crx [2012-10-04]
CHR HKLM-x32\...\Chrome\Extension: [hghkgaeecgjhjkannahfamoehjmkjail] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\ChromeExt\content_blocker_chrome.crx [2012-10-04]
CHR HKLM-x32\...\Chrome\Extension: [jagncdcchgajhfhijbbhecadmaiegcmh] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\ChromeExt\virtkbd.crx [2012-10-04]
CHR HKLM-x32\...\Chrome\Extension: [lpoimibckejjdjcfbdnajaicnklhfplh] - hxxps://chrome.google.com/webstore/detail/lpoimibckejjdjcfbdnajaicnklhfplh
CHR HKLM-x32\...\Chrome\Extension: [pjldcfjmnllhmgjclecdnfampinooman] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\ChromeExt\ab.crx [2012-10-04]
==================== Dienste (Nicht auf der Ausnahmeliste) ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R2 AVP; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe [356128 2015-03-01] (Kaspersky Lab ZAO)
R2 CyberLink PowerDVD 10 MS Monitor Service; C:\Program Files (x86)\CyberLink\PowerDVD10\Device\MediaServer\CLMSMonitorService.exe [74712 2013-03-11] (CyberLink)
R2 CyberLink PowerDVD 10 MS Service; C:\Program Files (x86)\CyberLink\PowerDVD10\Device\MediaServer\CLMSServer.exe [316376 2013-03-11] (CyberLink)
S3 EasyAntiCheat; C:\WINDOWS\SysWOW64\EasyAntiCheat.exe [238376 2015-06-30] (EasyAntiCheat Ltd)
S3 GalaxyClientService; C:\Program Files (x86)\GalaxyClient\GalaxyClientService.exe [1616440 2015-10-15] (GOG.com)
S3 GalaxyCommunication; C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe [6952504 2015-10-15] (GOG.com)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1148560 2015-03-13] (NVIDIA Corporation)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [130592 2012-11-16] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [166432 2012-11-16] (Intel Corporation)
S3 Lenovo EasyPlus Hotspot; C:\Program Files (x86)\Common Files\LENOVO\easyplussdk\bin\EPHotspot64.exe [625632 2015-07-22] (Lenovo)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1706128 2015-03-13] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [21833360 2015-03-13] (NVIDIA Corporation)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [1910640 2015-03-22] (Electronic Arts)
R2 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [386344 2010-08-19] ()
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366552 2015-07-07] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2015-07-07] (Microsoft Corporation)
===================== Treiber (Nicht auf der Ausnahmeliste) ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [91712 2013-03-05] (CyberLink)
S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3357024 2013-08-22] (Broadcom Corporation)
R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [458336 2015-03-01] (Kaspersky Lab ZAO)
S0 klelam; C:\Windows\System32\DRIVERS\klelam.sys [29616 2012-07-27] (Kaspersky Lab)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [627296 2015-03-01] (Kaspersky Lab ZAO)
R1 KLIM6; C:\Windows\system32\DRIVERS\klim6.sys [30304 2015-03-01] (Kaspersky Lab ZAO)
R3 klkbdflt; C:\Windows\system32\DRIVERS\klkbdflt.sys [29280 2015-03-01] (Kaspersky Lab ZAO)
R3 klmouflt; C:\Windows\system32\DRIVERS\klmouflt.sys [29280 2015-03-01] (Kaspersky Lab ZAO)
R1 klwfp; C:\Windows\system32\DRIVERS\klwfp.sys [50448 2015-03-01] (Kaspersky Lab ZAO)
R1 kneps; C:\Windows\system32\DRIVERS\kneps.sys [177864 2015-03-01] (Kaspersky Lab ZAO)
S3 ManyCam; C:\Windows\system32\DRIVERS\mcvidrv.sys [49272 2014-12-29] (Visicom Media Inc.)
S3 mcaudrv_simple; C:\Windows\system32\drivers\mcaudrv_x64.sys [35960 2014-12-29] (Visicom Media Inc.)
R3 Neo_VPN; C:\Windows\system32\DRIVERS\Neo_VPN.sys [28768 2015-06-12] (SoftEther VPN Project at University of Tsukuba, Japan.)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19600 2015-03-13] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [38032 2015-03-13] (NVIDIA Corporation)
S1 qatukztm; C:\WINDOWS\system32\drivers\qatukztm.sys [55168 2015-11-04] (Microsoft Corporation)
R3 RtlWlanu; C:\Windows\system32\DRIVERS\rtwlanu.sys [1975000 2013-07-31] (Realtek Semiconductor Corporation )
S3 taphss6; C:\Windows\system32\DRIVERS\taphss6.sys [42184 2015-05-08] (Anchorfree Inc.)
S0 WdBoot; C:\Windows\System32\drivers\WdBoot.sys [44560 2015-07-07] (Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [270168 2015-07-07] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114520 2015-07-07] (Microsoft Corporation)
R3 WsAudio_Device; C:\Windows\system32\drivers\VirtualAudio.sys [31080 2013-09-03] (Wondershare)
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat: Erstellte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2015-11-08 22:24 - 2015-11-08 22:26 - 00027829 _____ C:\Users\*Name*\Downloads\FRST.txt
2015-11-08 22:24 - 2015-11-08 22:25 - 00000000 ____D C:\FRST
2015-11-08 22:24 - 2015-11-08 22:24 - 02198528 _____ (Farbar) C:\Users\*Name*\Downloads\FRST64.exe
2015-11-08 22:23 - 2015-11-08 22:23 - 00000017 _____ C:\Users\*Name*\AppData\Local\resmon.resmoncfg
2015-11-08 22:22 - 2015-11-08 22:22 - 00000470 _____ C:\Users\*Name*\Downloads\defogger_disable.log
2015-11-08 22:22 - 2015-11-08 22:22 - 00000000 _____ C:\Users\*Name*\defogger_reenable
2015-11-08 22:21 - 2015-11-08 22:21 - 00050477 _____ C:\Users\*Name*\Downloads\Defogger.exe
2015-11-07 09:46 - 2015-11-07 09:46 - 00000000 ____D C:\Users\*Name*\AppData\Roaming\uplay
2015-11-07 09:45 - 2015-11-07 09:46 - 00000000 ____D C:\Users\*Name*\Documents\Anno 2205
2015-11-07 08:59 - 2015-11-07 08:59 - 00000847 _____ C:\Users\Public\Desktop\Anno 2205 - Gold Edition.lnk
2015-11-06 15:36 - 2015-11-06 15:36 - 00000000 ____D C:\Users\*Name*\AppData\Roaming\Ubisoft
2015-11-06 15:33 - 2010-06-02 04:55 - 00239960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_7.dll
2015-11-06 15:33 - 2010-06-02 04:55 - 00176984 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_7.dll
2015-11-06 15:33 - 2010-05-26 11:41 - 02401112 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_43.dll
2015-11-06 15:33 - 2010-05-26 11:41 - 01907552 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dcsx_43.dll
2015-11-06 15:33 - 2010-05-26 11:41 - 01868128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dcsx_43.dll
2015-11-06 15:33 - 2010-05-26 11:41 - 00511328 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_43.dll
2015-11-06 15:33 - 2010-05-26 11:41 - 00470880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_43.dll
2015-11-06 15:33 - 2010-02-04 10:01 - 00530776 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_6.dll
2015-11-06 15:33 - 2010-02-04 10:01 - 00528216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_6.dll
2015-11-06 15:33 - 2010-02-04 10:01 - 00238936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_6.dll
2015-11-06 15:33 - 2010-02-04 10:01 - 00176984 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_6.dll
2015-11-06 15:33 - 2010-02-04 10:01 - 00078680 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAPOFX1_4.dll
2015-11-06 15:33 - 2010-02-04 10:01 - 00074072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAPOFX1_4.dll
2015-11-06 15:33 - 2010-02-04 10:01 - 00024920 _____ (Microsoft Corporation) C:\WINDOWS\system32\X3DAudio1_7.dll
2015-11-06 15:33 - 2010-02-04 10:01 - 00022360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\X3DAudio1_7.dll
2015-11-06 15:33 - 2009-09-04 17:44 - 00517960 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_5.dll
2015-11-06 15:33 - 2009-09-04 17:44 - 00515416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_5.dll
2015-11-06 15:33 - 2009-09-04 17:44 - 00238936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_5.dll
2015-11-06 15:33 - 2009-09-04 17:44 - 00176968 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_5.dll
2015-11-06 15:33 - 2009-09-04 17:44 - 00073544 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAPOFX1_3.dll
2015-11-06 15:33 - 2009-09-04 17:44 - 00069464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAPOFX1_3.dll
2015-11-06 15:33 - 2009-09-04 17:29 - 05554512 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dcsx_42.dll
2015-11-06 15:33 - 2009-09-04 17:29 - 05501792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dcsx_42.dll
2015-11-06 15:33 - 2009-09-04 17:29 - 02582888 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_42.dll
2015-11-06 15:33 - 2009-09-04 17:29 - 02475352 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_42.dll
2015-11-06 15:33 - 2009-09-04 17:29 - 00285024 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx11_42.dll
2015-11-06 15:33 - 2009-09-04 17:29 - 00235344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx11_42.dll
2015-11-06 15:33 - 2009-03-16 14:18 - 00521560 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_4.dll
2015-11-06 15:33 - 2009-03-16 14:18 - 00517448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_4.dll
2015-11-06 15:33 - 2009-03-16 14:18 - 00235352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_4.dll
2015-11-06 15:33 - 2009-03-16 14:18 - 00174936 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_4.dll
2015-11-06 15:33 - 2009-03-16 14:18 - 00024920 _____ (Microsoft Corporation) C:\WINDOWS\system32\X3DAudio1_6.dll
2015-11-06 15:33 - 2009-03-16 14:18 - 00022360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\X3DAudio1_6.dll
2015-11-06 15:33 - 2009-03-09 15:27 - 05425496 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_41.dll
2015-11-06 15:33 - 2009-03-09 15:27 - 02430312 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_41.dll
2015-11-06 15:33 - 2009-03-09 15:27 - 00520544 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_41.dll
2015-11-06 15:33 - 2008-10-27 10:04 - 00518480 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_3.dll
2015-11-06 15:33 - 2008-10-27 10:04 - 00514384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_3.dll
2015-11-06 15:33 - 2008-10-27 10:04 - 00235856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_3.dll
2015-11-06 15:33 - 2008-10-27 10:04 - 00175440 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_3.dll
2015-11-06 15:33 - 2008-10-27 10:04 - 00074576 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAPOFX1_2.dll
2015-11-06 15:33 - 2008-10-27 10:04 - 00070992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAPOFX1_2.dll
2015-11-06 15:33 - 2008-10-27 10:04 - 00025936 _____ (Microsoft Corporation) C:\WINDOWS\system32\X3DAudio1_5.dll
2015-11-06 15:33 - 2008-10-27 10:04 - 00023376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\X3DAudio1_5.dll
2015-11-06 15:33 - 2008-10-15 06:22 - 05631312 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_40.dll
2015-11-06 15:33 - 2008-10-15 06:22 - 02605920 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_40.dll
2015-11-06 15:33 - 2008-10-15 06:22 - 02036576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_40.dll
2015-11-06 15:33 - 2008-10-15 06:22 - 00519000 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_40.dll
2015-11-06 15:33 - 2008-10-15 06:22 - 00452440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_40.dll
2015-11-06 15:33 - 2008-07-31 10:41 - 00238088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_2.dll
2015-11-06 15:33 - 2008-07-31 10:41 - 00177672 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_2.dll
2015-11-06 15:33 - 2008-07-31 10:41 - 00072200 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAPOFX1_1.dll
2015-11-06 15:33 - 2008-07-31 10:40 - 00513544 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_2.dll
2015-11-06 15:33 - 2008-07-10 11:00 - 04992520 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_39.dll
2015-11-06 15:33 - 2008-07-10 11:00 - 01942552 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_39.dll
2015-11-06 15:33 - 2008-07-10 11:00 - 00540688 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_39.dll
2015-11-06 15:33 - 2008-05-30 14:19 - 00511496 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_1.dll
2015-11-06 15:33 - 2008-05-30 14:19 - 00507400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_1.dll
2015-11-06 15:33 - 2008-05-30 14:18 - 00238088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_1.dll
2015-11-06 15:33 - 2008-05-30 14:18 - 00177672 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_1.dll
2015-11-06 15:33 - 2008-05-30 14:17 - 00068104 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAPOFX1_0.dll
2015-11-06 15:33 - 2008-05-30 14:17 - 00065032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAPOFX1_0.dll
2015-11-06 15:33 - 2008-05-30 14:17 - 00025608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\X3DAudio1_4.dll
2015-11-06 15:33 - 2008-05-30 14:16 - 00028168 _____ (Microsoft Corporation) C:\WINDOWS\system32\X3DAudio1_4.dll
2015-11-06 15:33 - 2008-05-30 14:11 - 04991496 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_38.dll
2015-11-06 15:33 - 2008-05-30 14:11 - 01941528 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_38.dll
2015-11-06 15:33 - 2008-05-30 14:11 - 01491992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_38.dll
2015-11-06 15:33 - 2008-05-30 14:11 - 00540688 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_38.dll
2015-11-06 15:33 - 2008-05-30 14:11 - 00467984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_38.dll
2015-11-06 15:33 - 2008-03-05 16:04 - 00489480 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_0.dll
2015-11-06 15:33 - 2008-03-05 16:03 - 00479752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_0.dll
2015-11-06 15:33 - 2008-03-05 16:03 - 00238088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_0.dll
2015-11-06 15:33 - 2008-03-05 16:03 - 00177672 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_0.dll
2015-11-06 15:33 - 2008-03-05 16:00 - 00028168 _____ (Microsoft Corporation) C:\WINDOWS\system32\X3DAudio1_3.dll
2015-11-06 15:33 - 2008-03-05 16:00 - 00025608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\X3DAudio1_3.dll
2015-11-06 15:33 - 2008-03-05 15:56 - 04910088 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_37.dll
2015-11-06 15:33 - 2008-03-05 15:56 - 01860120 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_37.dll
2015-11-06 15:33 - 2008-03-05 15:56 - 01420824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_37.dll
2015-11-06 15:33 - 2008-02-05 23:07 - 00529424 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_37.dll
2015-11-06 15:33 - 2008-02-05 23:07 - 00462864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_37.dll
2015-11-06 15:33 - 2007-10-22 03:40 - 00411656 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_10.dll
2015-11-06 15:33 - 2007-10-22 03:39 - 00267272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_10.dll
2015-11-06 15:33 - 2007-10-12 15:14 - 05081608 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_36.dll
2015-11-06 15:33 - 2007-10-12 15:14 - 02006552 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_36.dll
2015-11-06 15:33 - 2007-10-12 15:14 - 01374232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_36.dll
2015-11-06 15:33 - 2007-10-02 09:56 - 00508264 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_36.dll
2015-11-06 15:33 - 2007-10-02 09:56 - 00444776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_36.dll
2015-11-06 15:33 - 2007-07-20 00:57 - 00411496 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_9.dll
2015-11-06 15:33 - 2007-07-20 00:57 - 00267112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_9.dll
2015-11-06 15:33 - 2007-07-19 18:14 - 05073256 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_35.dll
2015-11-06 15:33 - 2007-07-19 18:14 - 01985904 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_35.dll
2015-11-06 15:33 - 2007-07-19 18:14 - 01358192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_35.dll
2015-11-06 15:33 - 2007-07-19 18:14 - 00508264 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_35.dll
2015-11-06 15:33 - 2007-07-19 18:14 - 00444776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_35.dll
2015-11-06 15:32 - 2007-10-22 03:37 - 00021000 _____ (Microsoft Corporation) C:\WINDOWS\system32\X3DAudio1_2.dll
2015-11-06 15:32 - 2007-10-22 03:37 - 00017928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\X3DAudio1_2.dll
2015-11-06 15:32 - 2007-06-20 20:49 - 00409960 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_8.dll
2015-11-06 15:32 - 2007-06-20 20:46 - 00266088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_8.dll
2015-11-06 15:32 - 2007-05-16 16:45 - 04496232 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_34.dll
2015-11-06 15:32 - 2007-05-16 16:45 - 01401200 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_34.dll
2015-11-06 15:32 - 2007-05-16 16:45 - 01124720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_34.dll
2015-11-06 15:32 - 2007-05-16 16:45 - 00506728 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_34.dll
2015-11-06 15:32 - 2007-05-16 16:45 - 00443752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_34.dll
2015-11-06 15:32 - 2007-04-04 18:55 - 00403304 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_7.dll
2015-11-06 15:32 - 2007-04-04 18:55 - 00261480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_7.dll
2015-11-06 15:32 - 2007-04-04 18:54 - 00107368 _____ (Microsoft Corporation) C:\WINDOWS\system32\xinput1_3.dll
2015-11-06 15:32 - 2007-03-15 16:57 - 00506728 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_33.dll
2015-11-06 15:32 - 2007-03-15 16:57 - 00443752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_33.dll
2015-11-06 15:32 - 2007-03-12 16:42 - 04494184 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_33.dll
2015-11-06 15:32 - 2007-03-12 16:42 - 01400176 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_33.dll
2015-11-06 15:32 - 2007-03-12 16:42 - 01123696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_33.dll
2015-11-06 15:32 - 2007-03-05 12:42 - 00017688 _____ (Microsoft Corporation) C:\WINDOWS\system32\x3daudio1_1.dll
2015-11-06 15:32 - 2007-03-05 12:42 - 00015128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\x3daudio1_1.dll
2015-11-06 15:32 - 2007-01-24 15:27 - 00393576 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_6.dll
2015-11-06 15:32 - 2007-01-24 15:27 - 00255848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_6.dll
2015-11-06 15:32 - 2006-12-08 12:02 - 00251672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_5.dll
2015-11-06 15:32 - 2006-12-08 12:00 - 00390424 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_5.dll
2015-11-06 15:32 - 2006-11-29 13:06 - 00469264 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10.dll
2015-11-06 15:32 - 2006-11-29 13:06 - 00440080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10.dll
2015-11-06 15:32 - 2006-09-28 16:05 - 03977496 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_31.dll
2015-11-06 15:32 - 2006-09-28 16:05 - 00237848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_4.dll
2015-11-06 15:32 - 2006-09-28 16:04 - 00364824 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_4.dll
2015-11-06 15:32 - 2006-07-28 09:31 - 00083736 _____ (Microsoft Corporation) C:\WINDOWS\system32\xinput1_2.dll
2015-11-06 15:32 - 2006-07-28 09:30 - 00363288 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_3.dll
2015-11-06 15:32 - 2006-07-28 09:30 - 00236824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_3.dll
2015-11-06 15:32 - 2006-05-31 07:24 - 00230168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_2.dll
2015-11-06 15:32 - 2006-05-31 07:22 - 00354072 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_2.dll
2015-11-06 15:32 - 2006-03-31 12:41 - 03927248 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_30.dll
2015-11-06 15:32 - 2006-03-31 12:40 - 00352464 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_1.dll
2015-11-06 15:32 - 2006-03-31 12:39 - 00229584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_1.dll
2015-11-06 15:32 - 2006-03-31 12:39 - 00083664 _____ (Microsoft Corporation) C:\WINDOWS\system32\xinput1_1.dll
2015-11-06 15:32 - 2006-02-03 08:43 - 03830992 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_29.dll
2015-11-06 15:32 - 2006-02-03 08:42 - 00355536 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_0.dll
2015-11-06 15:32 - 2006-02-03 08:42 - 00230096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_0.dll
2015-11-06 15:32 - 2006-02-03 08:41 - 00016592 _____ (Microsoft Corporation) C:\WINDOWS\system32\x3daudio1_0.dll
2015-11-06 15:32 - 2006-02-03 08:41 - 00014032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\x3daudio1_0.dll
2015-11-06 15:32 - 2005-12-05 18:09 - 03815120 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_28.dll
2015-11-06 15:32 - 2005-07-22 19:59 - 03807440 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_27.dll
2015-11-06 15:32 - 2005-05-26 15:34 - 03767504 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_26.dll
2015-11-06 15:32 - 2005-03-18 17:19 - 03823312 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_25.dll
2015-11-06 15:32 - 2005-02-05 19:45 - 03544272 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_24.dll
2015-11-06 15:19 - 2015-11-07 01:28 - 00000000 ____D C:\Users\*Name*\Downloads\Anno 2205 - Gold Edition [FitGirl Repack]
2015-11-06 15:19 - 2015-11-06 15:33 - 00000000 ____D C:\Program Files (x86)\Ubisoft
2015-11-04 19:32 - 2015-11-04 19:32 - 00055168 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\qatukztm.sys
2015-11-03 22:35 - 2015-11-03 22:36 - 00000035 _____ C:\Users\*Name*\Desktop\Ranked Team Probespiel.txt
2015-11-01 12:35 - 2015-11-01 12:41 - 00000000 ____D C:\Users\*Name*\AppData\Local\Mozilla
2015-11-01 12:35 - 2015-11-01 12:35 - 00001175 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2015-11-01 12:35 - 2015-11-01 12:35 - 00001163 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2015-11-01 12:35 - 2015-11-01 12:35 - 00000000 ____D C:\Users\*Name*\AppData\Roaming\Mozilla
2015-11-01 12:35 - 2015-11-01 12:35 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2015-11-01 12:35 - 2015-11-01 12:35 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2015-11-01 12:34 - 2015-11-01 12:34 - 00243888 _____ C:\Users\*Name*\Downloads\Firefox Setup Stub 41.0.2.exe
2015-10-31 00:24 - 2015-10-31 00:24 - 00001017 _____ C:\Users\*Name*\Desktop\LoL PBE.lnk
2015-10-30 22:29 - 2015-10-30 22:29 - 00614520 _____ C:\Users\*Name*\Downloads\PBE_Client_Shell.zip
2015-10-30 22:29 - 2015-10-30 22:29 - 00000000 ____D C:\Users\*Name*\Downloads\PBE_Client_Shell
2015-10-25 12:08 - 2015-10-25 13:27 - 00000000 ____D C:\Users\*Name*\AppData\Roaming\Steam
2015-10-25 10:26 - 2015-11-08 17:47 - 00003416 _____ C:\WINDOWS\System32\Tasks\SteamClient
2015-10-25 10:26 - 2015-10-25 10:26 - 00001482 _____ C:\Users\Public\Desktop\Life Is Strange.lnk
2015-10-25 10:26 - 2015-10-25 10:26 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Life Is Strange
2015-10-25 10:08 - 2015-10-26 09:59 - 00000000 ____D C:\Program Files (x86)\Life Is Strange
2015-10-24 21:42 - 2015-11-06 15:17 - 00000000 ____D C:\Users\*Name*\AppData\LocalLow\uTorrent
2015-10-24 21:23 - 2015-10-25 04:18 - 00000000 ____D C:\Users\*Name*\Downloads\Life Is Strange FINAL [Ep.1.2.3.4.5.. Multilang 2]
2015-10-23 21:39 - 2015-10-23 22:28 - 15872340 _____ C:\Users\*Name*\Desktop\Leona K 2 D 11 A 16 - 2354413593.replay
2015-10-23 19:39 - 2015-10-23 20:21 - 11301852 _____ C:\Users\*Name*\Desktop\Rengar K 9 D 10 A 13 - 2354223345.replay
2015-10-23 18:49 - 2015-10-23 19:15 - 06427464 _____ C:\Users\*Name*\Desktop\Talon K 12 D 2 A 1 - 2354164490.replay
2015-10-23 16:38 - 2015-10-23 17:14 - 09083504 _____ C:\Users\*Name*\Desktop\Fiora K 10 D 13 A 4 - 2353652173.replay
2015-10-23 16:10 - 2015-10-23 16:37 - 07709004 _____ C:\Users\*Name*\Desktop\Katarina K 11 D 2 A 2 - 2353741524.replay
2015-10-23 15:39 - 2015-10-23 16:04 - 06014856 _____ C:\Users\*Name*\Desktop\Rengar K 6 D 1 A 3 - 2353741046.replay
2015-10-23 12:45 - 2015-10-23 13:33 - 14440808 _____ C:\Users\*Name*\Desktop\Vayne K 29 D 17 A 9 - 2353331225.replay
2015-10-23 12:32 - 2015-11-07 23:57 - 00000000 ____D C:\Users\*Name*\Documents\Replays
2015-10-23 12:31 - 2015-10-23 12:32 - 00000000 ____D C:\Users\*Name*\Downloads\SkinSpotlightsReplays-2.0.0.16
2015-10-23 12:31 - 2015-10-23 12:31 - 01668734 _____ C:\Users\*Name*\Downloads\SkinSpotlightsReplays-2.0.0.16.zip
2015-10-21 12:45 - 2015-10-21 12:46 - 00000000 ____D C:\Program Files\Cloud Imperium Games
2015-10-21 12:45 - 2015-10-21 12:45 - 00000927 _____ C:\Users\*Name*\Desktop\Star Citizen Launcher.lnk
2015-10-21 12:45 - 2015-10-21 12:45 - 00000000 ____D C:\Users\*Name*\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Star Citizen Launcher
2015-10-21 12:45 - 2015-10-21 12:45 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Star Citizen Launcher
2015-10-21 12:44 - 2015-10-21 12:44 - 03848230 _____ (Cloud Imperium Games) C:\Users\*Name*\Downloads\Star_Citizen_Launcher_Setup.exe
2015-10-17 15:57 - 2015-10-17 15:57 - 00000000 ____D C:\Users\*Name*\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2015-10-15 15:09 - 2015-09-19 04:18 - 00035384 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2015-10-15 15:09 - 2015-09-18 14:42 - 01290752 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2015-10-15 15:09 - 2015-09-18 14:42 - 01163776 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2015-10-15 15:09 - 2015-09-18 14:42 - 00766464 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2015-10-15 15:09 - 2015-09-18 14:42 - 00699904 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2015-10-15 15:09 - 2015-09-18 14:42 - 00503296 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2015-10-15 15:09 - 2015-09-18 14:42 - 00073216 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2015-10-14 14:03 - 2015-09-29 13:31 - 07457624 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2015-10-14 14:03 - 2015-09-29 13:31 - 01658536 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2015-10-14 14:03 - 2015-09-29 13:31 - 01519592 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2015-10-14 14:03 - 2015-09-29 13:31 - 01487008 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2015-10-14 14:03 - 2015-09-29 13:31 - 01355848 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2015-10-14 14:03 - 2015-09-24 17:42 - 00348672 _____ (Microsoft Corporation) C:\WINDOWS\system32\bdesvc.dll
2015-10-14 14:03 - 2015-09-24 17:40 - 00737280 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll
2015-10-14 14:03 - 2015-09-10 19:02 - 25851392 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2015-10-14 14:03 - 2015-09-10 18:19 - 00585728 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2015-10-14 14:03 - 2015-09-10 18:18 - 02886656 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2015-10-14 14:03 - 2015-09-10 18:18 - 00088064 _____ (Microsoft Corporation) C:\WINDOWS\system32\MshtmlDac.dll
2015-10-14 14:03 - 2015-09-10 18:14 - 05990400 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2015-10-14 14:03 - 2015-09-10 18:09 - 20358144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2015-10-14 14:03 - 2015-09-10 18:06 - 00616960 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieui.dll
2015-10-14 14:03 - 2015-09-10 18:04 - 00817664 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2015-10-14 14:03 - 2015-09-10 17:51 - 00489984 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtmsft.dll
2015-10-14 14:03 - 2015-09-10 17:39 - 00504832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2015-10-14 14:03 - 2015-09-10 17:37 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2015-10-14 14:03 - 2015-09-10 17:37 - 00064000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MshtmlDac.dll
2015-10-14 14:03 - 2015-09-10 17:35 - 00315392 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2015-10-14 14:03 - 2015-09-10 17:33 - 02279936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2015-10-14 14:03 - 2015-09-10 17:28 - 01032704 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll
2015-10-14 14:03 - 2015-09-10 17:28 - 00480256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieui.dll
2015-10-14 14:03 - 2015-09-10 17:27 - 00663552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2015-10-14 14:03 - 2015-09-10 17:24 - 14456832 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2015-10-14 14:03 - 2015-09-10 17:21 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll
2015-10-14 14:03 - 2015-09-10 17:19 - 00801280 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2015-10-14 14:03 - 2015-09-10 17:19 - 00720896 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2015-10-14 14:03 - 2015-09-10 17:19 - 00374784 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2015-10-14 14:03 - 2015-09-10 17:17 - 02126336 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2015-10-14 14:03 - 2015-09-10 17:17 - 00416256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtmsft.dll
2015-10-14 14:03 - 2015-09-10 17:07 - 00076288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2015-10-14 14:03 - 2015-09-10 17:05 - 00279040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2015-10-14 14:03 - 2015-09-10 17:02 - 04527616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2015-10-14 14:03 - 2015-09-10 17:01 - 00880128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll
2015-10-14 14:03 - 2015-09-10 17:00 - 12853760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2015-10-14 14:03 - 2015-09-10 16:57 - 02487808 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2015-10-14 14:03 - 2015-09-10 16:57 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webcheck.dll
2015-10-14 14:03 - 2015-09-10 16:55 - 02052608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2015-10-14 14:03 - 2015-09-10 16:55 - 00689152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2015-10-14 14:03 - 2015-09-10 16:55 - 00327168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2015-10-14 14:03 - 2015-09-10 16:45 - 01546752 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2015-10-14 14:03 - 2015-09-10 16:34 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2015-10-14 14:03 - 2015-09-10 16:31 - 02011136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2015-10-14 14:03 - 2015-09-10 16:27 - 01311232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2015-10-14 14:03 - 2015-09-10 16:26 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2015-10-14 14:03 - 2015-08-27 03:43 - 22372152 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2015-10-14 14:03 - 2015-08-27 03:42 - 19795904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2015-10-14 14:03 - 2015-08-07 22:40 - 01736520 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2015-10-14 14:03 - 2015-08-07 22:40 - 01499920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2015-10-14 14:03 - 2015-08-07 22:40 - 01134752 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2015-10-14 14:03 - 2015-08-07 22:40 - 00686960 _____ (Microsoft Corporation) C:\WINDOWS\system32\advapi32.dll
2015-10-14 14:03 - 2015-08-07 22:40 - 00507176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\advapi32.dll
2015-10-14 14:03 - 2015-08-07 15:13 - 00862720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2015-10-14 14:03 - 2015-08-06 18:05 - 00669184 _____ (Microsoft Corporation) C:\WINDOWS\system32\hhctrl.ocx
2015-10-14 14:03 - 2015-08-06 17:47 - 04710400 _____ (Microsoft Corporation) C:\WINDOWS\system32\d2d1.dll
2015-10-14 14:03 - 2015-08-06 17:37 - 00536576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hhctrl.ocx
2015-10-14 14:03 - 2015-08-06 17:18 - 04068352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll
2015-10-14 14:02 - 2015-09-29 13:29 - 00136904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2015-10-14 14:02 - 2015-09-28 19:45 - 03705344 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2015-10-14 14:02 - 2015-09-28 19:26 - 00409088 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUSettingsProvider.dll
2015-10-14 14:02 - 2015-09-28 19:25 - 00140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuwebv.dll
2015-10-14 14:02 - 2015-09-28 19:25 - 00095744 _____ (Microsoft Corporation) C:\WINDOWS\system32\wudriver.dll
2015-10-14 14:02 - 2015-09-28 19:25 - 00035840 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapp.exe
2015-10-14 14:02 - 2015-09-28 19:22 - 00124928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuwebv.dll
2015-10-14 14:02 - 2015-09-28 19:22 - 00081920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wudriver.dll
2015-10-14 14:02 - 2015-09-28 19:22 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapp.exe
2015-10-14 14:02 - 2015-09-28 19:15 - 02243072 _____ (Microsoft Corporation) C:\WINDOWS\system32\wucltux.dll
2015-10-14 14:02 - 2015-09-28 19:13 - 00891904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2015-10-14 14:02 - 2015-09-28 19:12 - 00721920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2015-10-14 14:02 - 2015-08-22 14:42 - 00901264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ucrtbase.dll
2015-10-14 14:02 - 2015-08-22 14:42 - 00066400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-crt-private-l1-1-0.dll
2015-10-14 14:02 - 2015-08-22 14:42 - 00022368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-crt-math-l1-1-0.dll
2015-10-14 14:02 - 2015-08-22 14:42 - 00019808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-crt-multibyte-l1-1-0.dll
2015-10-14 14:02 - 2015-08-22 14:42 - 00017760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-crt-string-l1-1-0.dll
2015-10-14 14:02 - 2015-08-22 14:42 - 00017760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-crt-stdio-l1-1-0.dll
2015-10-14 14:02 - 2015-08-22 14:42 - 00016224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-crt-runtime-l1-1-0.dll
2015-10-14 14:02 - 2015-08-22 14:42 - 00015712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-crt-convert-l1-1-0.dll
2015-10-14 14:02 - 2015-08-22 14:42 - 00014176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-crt-time-l1-1-0.dll
2015-10-14 14:02 - 2015-08-22 14:42 - 00013664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-crt-filesystem-l1-1-0.dll
2015-10-14 14:02 - 2015-08-22 14:42 - 00012640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-crt-process-l1-1-0.dll
2015-10-14 14:02 - 2015-08-22 14:42 - 00012640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-crt-heap-l1-1-0.dll
2015-10-14 14:02 - 2015-08-22 14:42 - 00012640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-crt-conio-l1-1-0.dll
2015-10-14 14:02 - 2015-08-22 14:42 - 00012128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-crt-utility-l1-1-0.dll
2015-10-14 14:02 - 2015-08-22 14:42 - 00012128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-crt-locale-l1-1-0.dll
2015-10-14 14:02 - 2015-08-22 14:42 - 00012128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-crt-environment-l1-1-0.dll
2015-10-14 14:02 - 2015-08-22 14:35 - 00984448 _____ (Microsoft Corporation) C:\WINDOWS\system32\ucrtbase.dll
2015-10-14 14:02 - 2015-08-22 14:35 - 00063840 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-crt-private-l1-1-0.dll
2015-10-14 14:02 - 2015-08-22 14:35 - 00020832 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-crt-math-l1-1-0.dll
2015-10-14 14:02 - 2015-08-22 14:35 - 00019808 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-crt-multibyte-l1-1-0.dll
2015-10-14 14:02 - 2015-08-22 14:35 - 00017760 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-crt-string-l1-1-0.dll
2015-10-14 14:02 - 2015-08-22 14:35 - 00017760 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-crt-stdio-l1-1-0.dll
2015-10-14 14:02 - 2015-08-22 14:35 - 00016224 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-crt-runtime-l1-1-0.dll
2015-10-14 14:02 - 2015-08-22 14:35 - 00015712 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-crt-convert-l1-1-0.dll
2015-10-14 14:02 - 2015-08-22 14:35 - 00014176 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-crt-time-l1-1-0.dll
2015-10-14 14:02 - 2015-08-22 14:35 - 00013664 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-crt-filesystem-l1-1-0.dll
2015-10-14 14:02 - 2015-08-22 14:35 - 00012640 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-crt-process-l1-1-0.dll
2015-10-14 14:02 - 2015-08-22 14:35 - 00012640 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-crt-heap-l1-1-0.dll
2015-10-14 14:02 - 2015-08-22 14:35 - 00012640 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-crt-conio-l1-1-0.dll
2015-10-14 14:02 - 2015-08-22 14:35 - 00012128 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-crt-utility-l1-1-0.dll
2015-10-14 14:02 - 2015-08-22 14:35 - 00012128 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-crt-locale-l1-1-0.dll
2015-10-14 14:02 - 2015-08-22 14:35 - 00012128 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-crt-environment-l1-1-0.dll
2015-10-14 14:02 - 2015-07-16 19:58 - 00074752 _____ (Microsoft Corporation) C:\WINDOWS\system32\NcdAutoSetup.dll
2015-10-12 13:46 - 2015-10-12 13:46 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2015-10-12 13:45 - 2015-10-12 13:45 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2015-10-12 13:45 - 2015-10-12 13:45 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2015-10-12 13:44 - 2015-10-12 13:44 - 00000000 ____D C:\Users\Default\AppData\Local\Microsoft Help
2015-10-12 13:44 - 2015-10-12 13:44 - 00000000 ____D C:\Users\Default User\AppData\Local\Microsoft Help
2015-10-12 13:43 - 2015-10-12 13:43 - 00000000 ____D C:\Program Files (x86)\Microsoft ASP.NET
2015-10-11 20:05 - 2015-10-11 20:05 - 01457952 _____ C:\Users\*Name*\Downloads\DaVinci Resolve - CHIP-Installer.exe
2015-10-11 20:02 - 2015-10-11 20:02 - 00000000 ____D C:\Users\*Name*\AppData\Local\Windows Live
2015-10-11 20:01 - 2015-10-11 20:01 - 00002743 _____ C:\Users\*Name*\Documents\Mein Film.wlmp
==================== Ein Monat: Geänderte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2015-11-08 22:23 - 2015-04-11 17:25 - 00001900 _____ C:\WINDOWS\System32\Tasks\{AC6B3527-0187-4FBA-87EC-BC6FB4F6E3EB}
2015-11-08 22:22 - 2015-03-17 00:28 - 00000000 ____D C:\Users\*Name*
2015-11-08 22:16 - 2015-03-17 00:14 - 01068164 _____ C:\WINDOWS\WindowsUpdate.log
2015-11-08 22:13 - 2015-03-01 20:53 - 00003594 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-575014512-1550774308-974230977-1003
2015-11-08 22:08 - 2015-06-12 13:55 - 00000000 ____D C:\Program Files\SoftEther VPN Client
2015-11-08 22:08 - 2015-03-01 20:55 - 00000000 ____D C:\Users\*Name*\AppData\Roaming\Skype
2015-11-08 22:00 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\system32\sru
2015-11-08 21:47 - 2015-04-12 13:55 - 00000000 ____D C:\Program Files (x86)\Heroes of the Storm
2015-11-08 21:47 - 2015-03-08 17:54 - 00000000 ____D C:\Program Files (x86)\Hearthstone
2015-11-08 21:42 - 2015-03-08 17:53 - 00000000 ____D C:\Program Files (x86)\Battle.net
2015-11-08 21:41 - 2015-03-08 17:53 - 00000000 ____D C:\Users\*Name*\AppData\Local\Battle.net
2015-11-08 21:29 - 2015-06-19 13:19 - 00001234 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-575014512-1550774308-974230977-1003UA.job
2015-11-08 21:28 - 2015-03-01 20:46 - 00001132 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2015-11-08 17:54 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\AppReadiness
2015-11-08 17:47 - 2015-04-12 11:35 - 00003774 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{F82ACE09-0609-471E-8F4F-CA7A7FD50EEF}
2015-11-08 17:47 - 2013-03-25 09:34 - 00000000 ____D C:\ProgramData\Kaspersky Lab
2015-11-08 17:46 - 2015-04-07 22:36 - 00000000 ___RD C:\Users\*Name*\Dropbox
2015-11-08 17:46 - 2015-04-07 22:32 - 00000000 ____D C:\Users\*Name*\AppData\Roaming\Dropbox
2015-11-08 17:46 - 2015-03-17 16:05 - 00000000 ____D C:\Users\*Name*\OneDrive
2015-11-08 17:45 - 2015-06-12 14:00 - 00000000 ____D C:\Users\*Name*\AppData\Roaming\Steganos VPN
2015-11-08 17:44 - 2015-04-22 13:53 - 00000000 ____D C:\Program Files (x86)\Steam
2015-11-08 17:44 - 2015-03-01 20:46 - 00001128 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2015-11-08 00:04 - 2015-09-13 09:25 - 00000000 ____D C:\Users\*Name*\AppData\Roaming\uTorrent
2015-11-07 09:45 - 2015-09-26 13:37 - 00000000 ____D C:\WINDOWS\SysWOW64\directx
2015-11-07 09:43 - 2015-09-26 13:41 - 00000000 ___HD C:\WINDOWS\msdownld.tmp
2015-11-06 20:14 - 2015-03-03 19:22 - 00000000 ____D C:\Users\*Name*\AppData\Roaming\TS3Client
2015-11-06 15:33 - 2015-04-25 19:54 - 00062348 _____ C:\WINDOWS\DirectX.log
2015-11-06 15:33 - 2013-03-25 11:31 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2015-11-03 22:31 - 2015-03-03 19:22 - 00000000 ____D C:\Program Files\TeamSpeak 3 Client
2015-11-03 14:29 - 2015-06-19 13:19 - 00001182 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-575014512-1550774308-974230977-1003Core.job
2015-10-31 22:14 - 2015-03-29 14:58 - 00000000 ____D C:\Users\*Name*\Documents\Korrespondenzzirkel
2015-10-30 00:17 - 2015-04-13 18:17 - 00007464 _____ C:\WINDOWS\setupact.log
2015-10-25 12:08 - 2015-04-25 17:48 - 00000000 ____D C:\Users\*Name*\Documents\My Games
2015-10-25 10:19 - 2015-04-12 11:39 - 00157696 ___SH C:\Users\*Name*\Desktop\Thumbs.db
2015-10-24 23:31 - 2015-03-01 20:47 - 00002199 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2015-10-23 12:31 - 2015-08-18 04:24 - 02882048 _____ C:\Users\*Name*\Desktop\SkinSpotlightsReplays.RELEASE.exe
2015-10-23 12:31 - 2015-05-08 19:53 - 00000000 ____D C:\Users\*Name*\AppData\Local\SkinSpotlightsReplays
2015-10-22 09:19 - 2015-03-01 20:55 - 00000000 ____D C:\ProgramData\Skype
2015-10-21 13:46 - 2013-08-22 15:45 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2015-10-21 13:46 - 2013-04-19 13:56 - 00000000 ____D C:\ProgramData\NVIDIA
2015-10-20 23:24 - 2013-08-22 14:25 - 00262144 ___SH C:\WINDOWS\system32\config\BBI
2015-10-20 14:29 - 2015-03-29 14:26 - 00089320 _____ C:\Users\*Name*\AppData\Local\GDIPFONTCACHEV1.DAT
2015-10-20 14:25 - 2012-07-26 08:59 - 00000000 ____D C:\WINDOWS\CbsTemp
2015-10-18 08:47 - 2014-11-21 04:35 - 01780340 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2015-10-18 08:47 - 2014-11-21 03:45 - 00765378 _____ C:\WINDOWS\system32\perfh007.dat
2015-10-18 08:47 - 2014-11-21 03:45 - 00159696 _____ C:\WINDOWS\system32\perfc007.dat
2015-10-18 08:39 - 2015-03-12 16:31 - 00000000 ____D C:\WINDOWS\system32\appraiser
2015-10-18 08:39 - 2014-11-21 11:51 - 00000000 ___SD C:\WINDOWS\system32\CompatTel
2015-10-16 05:51 - 2014-11-21 12:01 - 00810488 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2015-10-16 05:51 - 2014-11-21 12:01 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2015-10-15 17:16 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\rescache
2015-10-15 14:57 - 2013-08-22 15:44 - 00387472 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2015-10-14 21:32 - 2013-08-22 16:36 - 00000000 ___RD C:\WINDOWS\ToastData
2015-10-14 19:49 - 2015-03-18 18:39 - 00000000 ____D C:\ProgramData\Microsoft Help
2015-10-14 19:46 - 2015-03-14 10:52 - 00000000 ____D C:\WINDOWS\system32\MRT
2015-10-14 19:40 - 2013-03-22 18:03 - 143481208 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2015-10-12 13:44 - 2015-03-18 18:44 - 00000000 ____D C:\Program Files (x86)\Microsoft Works
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======
2015-05-20 18:55 - 2015-05-20 18:58 - 0004608 _____ () C:\Users\*Name*\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-03-15 21:47 - 2015-03-15 21:47 - 0004801 _____ () C:\Users\*Name*\AppData\Local\recently-used.xbel
2015-11-08 22:23 - 2015-11-08 22:23 - 0000017 _____ () C:\Users\*Name*\AppData\Local\resmon.resmoncfg
Einige Dateien in TEMP:
====================
C:\Users\*Name*\AppData\Local\Temp\27fff54a706caf16275619fa9b79269c.dll
C:\Users\*Name*\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmp3vouva.dll
C:\Users\*Name*\AppData\Local\Temp\jansi-64-git-Spigot-2f787bd-ea28011-1012554861908899218.dll
C:\Users\*Name*\AppData\Local\Temp\jansi-64-git-Spigot-2f787bd-ea28011-1381677480782405458.dll
C:\Users\*Name*\AppData\Local\Temp\jansi-64-git-Spigot-2f787bd-ea28011-1427159732505585646.dll
C:\Users\*Name*\AppData\Local\Temp\jansi-64-git-Spigot-2f787bd-ea28011-2018350092230958129.dll
C:\Users\*Name*\AppData\Local\Temp\jansi-64-git-Spigot-2f787bd-ea28011-219942206223252560.dll
C:\Users\*Name*\AppData\Local\Temp\jansi-64-git-Spigot-2f787bd-ea28011-2232717126344515396.dll
C:\Users\*Name*\AppData\Local\Temp\jansi-64-git-Spigot-2f787bd-ea28011-2635247451785170113.dll
C:\Users\*Name*\AppData\Local\Temp\jansi-64-git-Spigot-2f787bd-ea28011-2642523929875522796.dll
C:\Users\*Name*\AppData\Local\Temp\jansi-64-git-Spigot-2f787bd-ea28011-2901436527110032319.dll
C:\Users\*Name*\AppData\Local\Temp\jansi-64-git-Spigot-2f787bd-ea28011-3198111673327532500.dll
C:\Users\*Name*\AppData\Local\Temp\jansi-64-git-Spigot-2f787bd-ea28011-3260639264539995959.dll
C:\Users\*Name*\AppData\Local\Temp\jansi-64-git-Spigot-2f787bd-ea28011-3572956870888410776.dll
C:\Users\*Name*\AppData\Local\Temp\jansi-64-git-Spigot-2f787bd-ea28011-3932107704716623474.dll
C:\Users\*Name*\AppData\Local\Temp\jansi-64-git-Spigot-2f787bd-ea28011-4116255810720806730.dll
C:\Users\*Name*\AppData\Local\Temp\jansi-64-git-Spigot-2f787bd-ea28011-4293208617779544961.dll
C:\Users\*Name*\AppData\Local\Temp\jansi-64-git-Spigot-2f787bd-ea28011-4579874609381748681.dll
C:\Users\*Name*\AppData\Local\Temp\jansi-64-git-Spigot-2f787bd-ea28011-4945155444444211899.dll
C:\Users\*Name*\AppData\Local\Temp\jansi-64-git-Spigot-2f787bd-ea28011-5148176392836136893.dll
C:\Users\*Name*\AppData\Local\Temp\jansi-64-git-Spigot-2f787bd-ea28011-5198043788641796985.dll
C:\Users\*Name*\AppData\Local\Temp\jansi-64-git-Spigot-2f787bd-ea28011-5464659556369998582.dll
C:\Users\*Name*\AppData\Local\Temp\jansi-64-git-Spigot-2f787bd-ea28011-5671872068299557701.dll
C:\Users\*Name*\AppData\Local\Temp\jansi-64-git-Spigot-2f787bd-ea28011-5834350210025559108.dll
C:\Users\*Name*\AppData\Local\Temp\jansi-64-git-Spigot-2f787bd-ea28011-6159177168454688866.dll
C:\Users\*Name*\AppData\Local\Temp\jansi-64-git-Spigot-2f787bd-ea28011-6230911925372636643.dll
C:\Users\*Name*\AppData\Local\Temp\jansi-64-git-Spigot-2f787bd-ea28011-6704961581734106009.dll
C:\Users\*Name*\AppData\Local\Temp\jansi-64-git-Spigot-2f787bd-ea28011-6885235315773734079.dll
C:\Users\*Name*\AppData\Local\Temp\jansi-64-git-Spigot-2f787bd-ea28011-7147697751346798842.dll
C:\Users\*Name*\AppData\Local\Temp\jansi-64-git-Spigot-2f787bd-ea28011-7322787335288537266.dll
C:\Users\*Name*\AppData\Local\Temp\jansi-64-git-Spigot-2f787bd-ea28011-7455917553370872523.dll
C:\Users\*Name*\AppData\Local\Temp\jansi-64-git-Spigot-2f787bd-ea28011-8082220765834048632.dll
C:\Users\*Name*\AppData\Local\Temp\jansi-64-git-Spigot-2f787bd-ea28011-8113107609279863253.dll
C:\Users\*Name*\AppData\Local\Temp\jansi-64-git-Spigot-2f787bd-ea28011-847233559866340316.dll
C:\Users\*Name*\AppData\Local\Temp\jansi-64-git-Spigot-2f787bd-ea28011-8476922057764384141.dll
C:\Users\*Name*\AppData\Local\Temp\jansi-64-git-Spigot-2f787bd-ea28011-8698210226539278213.dll
C:\Users\*Name*\AppData\Local\Temp\jansi-64-git-Spigot-2f787bd-ea28011-8755806032551486204.dll
C:\Users\*Name*\AppData\Local\Temp\jansi-64-git-Spigot-2f787bd-ea28011-892779783147452378.dll
C:\Users\*Name*\AppData\Local\Temp\jansi-64-git-Spigot-2f787bd-ea28011-8940683548173639300.dll
C:\Users\*Name*\AppData\Local\Temp\nvSCPAPI.dll
C:\Users\*Name*\AppData\Local\Temp\nvStInst.exe
==================== Bamital & volsnap =================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert
LastRegBack: 2015-10-21 16:05
==================== Ende von FRST.txt ============================
Und noch der Log von GMER: Code:
GMER Logfile:
Code:
GMER 2.1.19357 - hxxp://www.gmer.net
Rootkit scan 2015-11-08 22:48:36
Windows 6.2.9200 x64 \Device\Harddisk0\DR0 -> \Device\0000002e ST2000DM001-9YN164 rev.CC4G 1863,02GB
Running: Gmer-19357.exe; Driver: C:\Users\*Name*\AppData\Local\Temp\pfrdapoc.sys
---- Kernel code sections - GMER 2.1 ----
.text C:\WINDOWS\System32\win32k.sys!W32pServiceTable fffff96000176300 15 bytes [00, 0B, F2, 01, 00, 06, 6C, ...]
.text C:\WINDOWS\System32\win32k.sys!W32pServiceTable + 16 fffff96000176310 8 bytes [00, D7, FB, FF, 00, D3, CD, ...]
---- Threads - GMER 2.1 ----
Thread C:\WINDOWS\System32\svchost.exe [1108:4636] 00007ff9f8df6370
Thread C:\WINDOWS\System32\svchost.exe [1108:4844] 00007ff9f8df98f0
Thread C:\WINDOWS\system32\svchost.exe [1136:5096] 00007ffa04c44ee0
Thread C:\WINDOWS\system32\svchost.exe [1136:6212] 00007ff9fa0d7240
Thread C:\WINDOWS\system32\svchost.exe [1136:6220] 00007ff9fa0f1ed0
Thread C:\WINDOWS\system32\svchost.exe [1136:6224] 00007ff9fa0f1ed0
Thread C:\WINDOWS\system32\svchost.exe [1136:3068] 00007ffa017c7470
Thread C:\WINDOWS\system32\svchost.exe [1136:11084] 00007ffa017c7470
Thread C:\WINDOWS\system32\svchost.exe [1136:14116] 00007ffa017c7470
Thread C:\WINDOWS\system32\svchost.exe [1136:11224] 00007ffa0288e480
Thread C:\WINDOWS\system32\svchost.exe [1136:11920] 00007ffa08381050
Thread C:\WINDOWS\system32\svchost.exe [1136:14648] 00007ffa0288e480
Thread C:\WINDOWS\SYSTEM32\ntdll.dll [1692:1696] 00000000011c301f
Thread C:\WINDOWS\SYSTEM32\ntdll.dll [1692:2480] 00000000736340f0
Thread C:\WINDOWS\SYSTEM32\ntdll.dll [1692:2060] 0000000071dc50f1
Thread C:\WINDOWS\SYSTEM32\ntdll.dll [1692:2648] 0000000071dc50f1
Thread C:\WINDOWS\SYSTEM32\ntdll.dll [1692:2016] 0000000071dc50f1
Thread C:\WINDOWS\SYSTEM32\ntdll.dll [1692:2056] 000000006d869420
Thread C:\WINDOWS\SYSTEM32\ntdll.dll [1692:6376] 00000000726f1120
Thread C:\Windows\System32\WUDFHost.exe [3608:4116] 00007ff9fa623850
Thread C:\WINDOWS\system32\csrss.exe [8800:8244] fffff960008d02d0
Thread C:\WINDOWS\Explorer.EXE [12168:5672] 00007ffa083ee630
Thread C:\WINDOWS\Explorer.EXE [12168:7032] 00007ffa0838e630
Thread C:\WINDOWS\Explorer.EXE [12168:10332] 00007ffa0838e630
Thread C:\Windows\System32\skydrive.exe [1040:8140] 00007ffa003a9b10
Thread C:\WINDOWS\SYSTEM32\ntdll.dll [6536:11468] 00000000011c301f
Thread C:\WINDOWS\SYSTEM32\ntdll.dll [6536:3496] 0000000074897240
Thread C:\WINDOWS\SYSTEM32\ntdll.dll [6536:12452] 00000000748975f0
Thread C:\WINDOWS\SYSTEM32\ntdll.dll [6536:12276] 00000000748975f0
Thread C:\WINDOWS\SYSTEM32\ntdll.dll [6536:5396] 0000000074a5c59c
Thread C:\WINDOWS\SYSTEM32\ntdll.dll [6536:4188] 0000000074a5c59c
Thread C:\WINDOWS\SYSTEM32\ntdll.dll [6536:4480] 0000000074a5c59c
Thread C:\WINDOWS\SYSTEM32\ntdll.dll [6536:13096] 0000000074a5c59c
Thread C:\WINDOWS\SYSTEM32\ntdll.dll [6536:3472] 0000000074a5c59c
Thread C:\WINDOWS\SYSTEM32\ntdll.dll [6536:10960] 0000000074a5c59c
Thread C:\WINDOWS\SYSTEM32\ntdll.dll [6536:9124] 0000000074a5c59c
Thread C:\WINDOWS\SYSTEM32\ntdll.dll [6536:13048] 0000000074a5c59c
Thread C:\WINDOWS\SYSTEM32\ntdll.dll [6536:8720] 0000000074a5c59c
Thread C:\WINDOWS\SYSTEM32\ntdll.dll [6536:11540] 0000000074a5c59c
---- Processes - GMER 2.1 ----
Process C:\Users\*Name*\AppData\Roaming\Dropbox\bin\Dropbox.exe (*** suspicious ***) @ C:\Users\*Name*\AppData\Roaming\Dropbox\bin\Dropbox.exe [11428] (FILE NOT FOUND) 0000000000e50000
Library C:\Users\*Name*\AppData\Roaming\Dropbox\bin\PYTHON27.DLL (*** suspicious ***) @ C:\Users\*Name*\AppData\Roaming\Dropbox\bin\Dropbox.exe [11428] (Python Core/Python Software Foundation)(2015-10-02 13:30:34) 000000001e000000
Library c:\users\*Name*\appdata\local\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmp3vouva.dll (*** suspicious ***) @ C:\Users\*Name*\AppData\Roaming\Dropbox\bin\Dropbox.exe [11428](2015-11-08 16:45:24) 000000006e980000
Library C:\Users\*Name*\AppData\Roaming\Dropbox\bin\Qt5Core.dll (*** suspicious ***) @ C:\Users\*Name*\AppData\Roaming\Dropbox\bin\Dropbox.exe [11428] (C++ application development framework./Digia Plc and/or its subsidiary(-ies))(2015-03-04 21:45:24) 0000000066de0000
Library C:\Users\*Name*\AppData\Roaming\Dropbox\bin\icuin55.dll (*** suspicious ***) @ C:\Users\*Name*\AppData\Roaming\Dropbox\bin\Dropbox.exe [11428] (ICU I18N DLL/The ICU Project)(2015-08-02 12:30:58) 000000004a900000
Library C:\Users\*Name*\AppData\Roaming\Dropbox\bin\icuuc55.dll (*** suspicious ***) @ C:\Users\*Name*\AppData\Roaming\Dropbox\bin\Dropbox.exe [11428] (ICU Common DLL/The ICU Project)(2015-08-02 12:30:58) 00000000059a0000
Library C:\Users\*Name*\AppData\Roaming\Dropbox\bin\icudt55.dll (*** suspicious ***) @ C:\Users\*Name*\AppData\Roaming\Dropbox\bin\Dropbox.exe [11428] (ICU Data DLL/The ICU Project)(2015-08-02 12:30:58) 0000000061010000
Library C:\Users\*Name*\AppData\Roaming\Dropbox\bin\Qt5Widgets.dll (*** suspicious ***) @ C:\Users\*Name*\AppData\Roaming\Dropbox\bin\Dropbox.exe [11428] (C++ application development framework./Digia Plc and/or its subsidiary(-ies))(2015-03-04 21:45:28) 00000000607e0000
Library C:\Users\*Name*\AppData\Roaming\Dropbox\bin\Qt5Gui.dll (*** suspicious ***) @ C:\Users\*Name*\AppData\Roaming\Dropbox\bin\Dropbox.exe [11428] (C++ application development framework./Digia Plc and/or its subsidiary(-ies))(2015-03-04 21:45:26) 00000000603a0000
Library C:\Users\*Name*\AppData\Roaming\Dropbox\bin\Qt5Network.dll (*** suspicious ***) @ C:\Users\*Name*\AppData\Roaming\Dropbox\bin\Dropbox.exe [11428] (C++ application development framework./Digia Plc and/or its subsidiary(-ies))(2015-03-04 21:45:26) 0000000060e70000
Library C:\Users\*Name*\AppData\Roaming\Dropbox\bin\Qt5WebKit.dll (*** suspicious ***) @ C:\Users\*Name*\AppData\Roaming\Dropbox\bin\Dropbox.exe [11428] (C++ application development framework./Digia Plc and/or its subsidiary(-ies))(2015-03-04 21:45:26) 000000005bea0000
Library C:\Users\*Name*\AppData\Roaming\Dropbox\bin\Qt5Quick.dll (*** suspicious ***) @ C:\Users\*Name*\AppData\Roaming\Dropbox\bin\Dropbox.exe [11428] (C++ application development framework./Digia Plc and/or its subsidiary(-ies))(2015-03-04 21:45:26) 000000005ffa0000
Library C:\Users\*Name*\AppData\Roaming\Dropbox\bin\Qt5Qml.dll (*** suspicious ***) @ C:\Users\*Name*\AppData\Roaming\Dropbox\bin\Dropbox.exe [11428] (C++ application development framework./Digia Plc and/or its subsidiary(-ies))(2015-03-04 21:45:26) 000000005fd30000
Library C:\Users\*Name*\AppData\Roaming\Dropbox\bin\Qt5WebChannel.dll (*** suspicious ***) @ C:\Users\*Name*\AppData\Roaming\Dropbox\bin\Dropbox.exe [11428] (C++ application development framework./Digia Plc and/or its subsidiary(-ies))(2015-08-02 12:30:59) 000000006ea20000
Library C:\Users\*Name*\AppData\Roaming\Dropbox\bin\Qt5Sql.dll (*** suspicious ***) @ C:\Users\*Name*\AppData\Roaming\Dropbox\bin\Dropbox.exe [11428] (C++ application development framework./Digia Plc and/or its subsidiary(-ies))(2015-03-04 21:45:26) 000000006b940000
Library C:\Users\*Name*\AppData\Roaming\Dropbox\bin\Qt5WebKitWidgets.dll (*** suspicious ***) @ C:\Users\*Name*\AppData\Roaming\Dropbox\bin\Dropbox.exe [11428] (C++ application development framework./Digia Plc and/or its subsidiary(-ies))(2015-03-04 21:45:28) 00000000668e0000
Library C:\Users\*Name*\AppData\Roaming\Dropbox\bin\Qt5PrintSupport.dll (*** suspicious ***) @ C:\Users\*Name*\AppData\Roaming\Dropbox\bin\Dropbox.exe [11428] (C++ application development framework./Digia Plc and/or its subsidiary(-ies))(2015-03-04 21:45:26) 000000005fbe0000
Library C:\Users\*Name*\AppData\Roaming\Dropbox\bin\Qt5OpenGL.dll (*** suspicious ***) @ C:\Users\*Name*\AppData\Roaming\Dropbox\bin\Dropbox.exe [11428] (C++ application development framework./Digia Plc and/or its subsidiary(-ies))(2015-03-04 21:45:26) 000000005a5f0000
Library C:\Users\*Name*\AppData\Roaming\Dropbox\bin\plugins\platforms\qwindows.dll (*** suspicious ***) @ C:\Users\*Name*\AppData\Roaming\Dropbox\bin\Dropbox.exe [11428] (C++ application development framework./Digia Plc and/or its subsidiary(-ies))(2015-03-04 21:45:30) 0000000058f70000
Library C:\Users\*Name*\AppData\Roaming\Dropbox\bin\plugins\imageformats\qgif.dll (*** suspicious ***) @ C:\Users\*Name*\AppData\Roaming\Dropbox\bin\Dropbox.exe [11428] (C++ application development framework./Digia Plc and/or its subsidiary(-ies))(2015-10-02 13:30:34) 000000006e540000
Library C:\Users\*Name*\AppData\Roaming\Dropbox\bin\plugins\imageformats\qjpeg.dll (*** suspicious ***) @ C:\Users\*Name*\AppData\Roaming\Dropbox\bin\Dropbox.exe [11428] (C++ application development framework./Digia Plc and/or its subsidiary(-ies))(2015-03-04 21:45:30) 000000006e500000
---- Disk sectors - GMER 2.1 ----
Disk \Device\Harddisk0\DR0 unknown MBR code
---- EOF - GMER 2.1 ----
--- --- ---
Beim noch einmal Durchgehen der Checkliste ist mir aufgefallen, dass defogger trotzdem einen Log erstellt: Code:
defogger_disable by jpshortstuff (23.02.10.1)
Log created at 22:22 on 08/11/2015 (*Name*)
Checking for autostart values...
HKCU\~\Run values retrieved.
HKLM\~\Run values retrieved.
Checking for services/drivers...
-=E.O.F=-
Für die Addition von FRST ist leider nicht genügend Platz im Post vorhanden, ich reiche sie ggf. nach Antwort ein, da in den Regeln steht, dass ich sonst als "behandelt" gelte.
EDIT: Zurücksetzen der Browsereinstellungen hat das Problem gelöst. Ich fühle mich ein wenig doof... |
Lesestoff:
Malwarebytes Anti-Malware 
AdwCleaner auf deinen Desktop.
FRST 32-Bit | FRST 64-Bit