Trojaner-Board
Seite 2 von 2 1 2
100 Beiträge dieses Themas auf einer Seite anzeigen

Trojaner-Board (https://www.trojaner-board.de/)
-   Plagegeister aller Art und deren Bekämpfung (https://www.trojaner-board.de/plagegeister-aller-art-deren-bekaempfung/)
-   -   PC reagiert kaum noch (https://www.trojaner-board.de/173472-pc-reagiert-kaum-noch.html)

Babock 03.12.2015 00:38
Code:
ComboFix 15-11-30.01 - buebi 02.12.2015  23:38:12.1.4 - x64
Microsoft Windows 7 Home Premium  6.1.7601.1.1252.49.1031.18.8174.6522 [GMT 1:00]
ausgeführt von:: c:\users\buebi\Desktop\ComboFix.exe
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((  Weitere Löschungen  ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
C:\END
c:\programdata\@system3.att
c:\users\buebi\AppData\Roaming\Microsoft\Windows\Recent\_how_recover_ieh.HTML
c:\users\buebi\AppData\Roaming\Microsoft\Windows\Recent\_how_recover_ieh.TXT
c:\users\buebi\AppData\Roaming\Microsoft\Windows\Recent\_how_recover_mxh.HTML
c:\users\buebi\AppData\Roaming\Microsoft\Windows\Recent\_how_recover_mxh.TXT
c:\users\buebi\AppData\Roaming\Microsoft\Windows\Recent\_how_recover_pap.HTML
c:\users\buebi\AppData\Roaming\Microsoft\Windows\Recent\_how_recover_pap.TXT
c:\users\buebi\AppData\Roaming\Microsoft\Windows\Recent\_how_recover_txi.HTML
c:\users\buebi\AppData\Roaming\Microsoft\Windows\Recent\_how_recover_txi.TXT
c:\users\buebi\AppData\Roaming\Microsoft\Windows\Recent\_how_recover_xwl.HTML
c:\users\buebi\AppData\Roaming\Microsoft\Windows\Recent\_how_recover_xwl.TXT
c:\users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files\_how_recover_ieh.HTML
c:\users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files\_how_recover_ieh.TXT
c:\users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files\_how_recover_mxh.HTML
c:\users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files\_how_recover_mxh.TXT
c:\users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files\_how_recover_txi.HTML
c:\users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files\_how_recover_txi.TXT
c:\users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files\_how_recover_xwl.HTML
c:\users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files\_how_recover_xwl.TXT
D:\install.exe
D:\setup.exe
.
.
(((((((((((((((((((((((  Dateien erstellt von 2015-11-02 bis 2015-12-02  ))))))))))))))))))))))))))))))
.
.
2015-12-01 22:13 . 2015-12-01 23:09        --------        d-----w-        c:\programdata\Malwarebytes' Anti-Malware (portable)
2015-11-29 19:05 . 2015-11-29 19:05        --------        d-----w-        c:\users\buebi\AppData\Local\ElevatedDiagnostics
2015-11-29 18:24 . 2015-11-29 18:24        68104        ----a-w-        c:\windows\system32\XAPOFX1_0.dll
2015-11-29 17:58 . 2015-11-29 17:58        --------        d-----w-        C:\VTRoot
2015-11-29 15:08 . 2015-11-29 15:08        --------        d-----w-        c:\programdata\Shared Space
2015-11-29 15:08 . 2015-11-30 07:51        --------        d-----w-        c:\program files\COMODO
2015-11-29 15:07 . 2015-11-29 15:07        --------        d-----w-        c:\users\buebi\AppData\Local\Comodo
2015-11-29 15:05 . 2015-11-29 15:09        --------        d-----w-        c:\programdata\Comodo
2015-11-29 14:05 . 2015-11-30 07:48        --------        d-----w-        c:\program files (x86)\Microsoft
2015-11-29 11:03 . 2015-11-29 11:03        --------        d-----w-        c:\program files (x86)\Common Files\Java
2015-11-29 11:03 . 2015-11-29 11:03        110176        ----a-w-        c:\windows\system32\WindowsAccessBridge-64.dll
2015-11-29 11:03 . 2015-11-29 11:03        --------        d-----w-        c:\program files\Java
2015-11-29 10:53 . 2015-11-29 10:54        1905272        ----a-w-        c:\windows\system32\nvdispco6435900.dll
2015-11-29 10:53 . 2015-11-29 10:54        1564792        ----a-w-        c:\windows\system32\nvdispgenco6435900.dll
2015-11-29 10:40 . 2015-11-29 10:40        39240        ----a-w-        c:\windows\system32\nvhdap64.dll
2015-11-29 10:40 . 2015-11-29 10:40        205456        ----a-w-        c:\windows\system32\drivers\nvhda64v.sys
2015-11-29 09:11 . 2015-11-29 09:11        --------        d-----w-        c:\programdata\McAfee
2015-11-29 03:24 . 2015-11-29 11:03        --------        d-----w-        c:\users\buebi\.oracle_jre_usage
2015-11-28 15:47 . 2015-12-01 22:58        192216        ----a-w-        c:\windows\system32\drivers\MBAMSwissArmy.sys
2015-11-28 15:47 . 2015-12-01 22:56        109272        ----a-w-        c:\windows\system32\drivers\mbamchameleon.sys
2015-11-28 15:47 . 2015-11-28 15:47        --------        d-----w-        c:\programdata\Malwarebytes
2015-11-28 15:47 . 2015-10-05 08:50        63704        ----a-w-        c:\windows\system32\drivers\mwac.sys
2015-11-28 15:47 . 2015-10-05 08:50        25816        ----a-w-        c:\windows\system32\drivers\mbam.sys
2015-11-28 14:51 . 2015-11-28 14:51        --------        d-----w-        c:\programdata\{FD6F83C0-EC70-4581-8361-C70CD1AA4B98}
2015-11-26 15:19 . 2015-11-30 08:44        --------        d-----w-        C:\FRST
2015-11-24 14:02 . 2015-10-29 09:28        11138400        ----a-w-        c:\programdata\Microsoft\Windows Defender\Definition Updates\{4DC505AB-6E9F-440D-967A-3B04408C2F13}\mpengine.dll
2015-11-12 14:41 . 2015-11-03 17:55        3211264        ----a-w-        c:\windows\system32\win32k.sys
2015-11-11 14:49 . 2015-10-30 22:58        2724864        ----a-w-        c:\windows\SysWow64\mshtml.tlb
2015-11-07 12:40 . 2015-11-07 12:40        37888        ----a-w-        c:\windows\system32\wups2.dll
2015-11-04 08:59 . 2015-11-25 19:09        --------        d-----w-        c:\programdata\Blizzard Entertainment
2015-11-04 08:58 . 2015-11-26 13:24        --------        d-----w-        c:\programdata\Battle.net
2015-11-03 23:06 . 2015-11-25 19:09        --------        d-----w-        c:\users\buebi\AppData\Local\CEF
2015-11-03 22:35 . 2015-11-29 11:15        --------        d-----w-        c:\users\buebi\AppData\Local\NVIDIA
2015-11-03 22:32 . 2015-11-29 11:16        938800        ----a-w-        c:\windows\system32\nvvsvc.exe
2015-11-03 22:32 . 2015-11-14 06:06        6358832        ----a-w-        c:\windows\system32\nvcpl.dll
2015-11-03 22:32 . 2015-11-14 06:06        2983032        ----a-w-        c:\windows\system32\nvsvc64.dll
2015-11-03 22:32 . 2015-11-14 06:06        62768        ----a-w-        c:\windows\system32\nvshext.dll
2015-11-03 22:32 . 2015-11-14 06:06        385144        ----a-w-        c:\windows\system32\nvmctray.dll
2015-11-03 22:32 . 2015-11-14 06:06        2554488        ----a-w-        c:\windows\system32\nvsvcr.dll
2015-11-03 22:32 . 2015-10-28 08:17        6027430        ----a-w-        c:\windows\system32\nvcoproc.bin
2015-11-03 22:32 . 2015-11-29 11:16        112760        ----a-w-        c:\windows\system32\OpenCL.dll
2015-11-03 22:32 . 2015-11-29 11:16        105080        ----a-w-        c:\windows\SysWow64\OpenCL.dll
2015-11-03 22:32 . 2015-11-29 11:16        --------        d-----w-        c:\programdata\NVIDIA Corporation
2015-11-03 22:31 . 2015-11-29 10:40        1572496        ----a-w-        c:\windows\system32\nvhdagenco6420103.dll
2015-11-03 11:42 . 2015-11-25 19:26        --------        d-----w-        c:\users\buebi\AppData\Local\YSearchUtil
2015-11-03 11:42 . 2015-11-03 11:42        --------        d-----w-        c:\program files (x86)\Yahoo!
2015-11-03 11:42 . 2015-11-29 11:18        --------        d-----w-        c:\programdata\NVIDIA
2015-11-03 11:40 . 2015-11-03 11:40        97888        ----a-w-        c:\windows\SysWow64\WindowsAccessBridge-32.dll
2015-11-03 11:40 . 2015-11-25 19:09        --------        d-----w-        c:\programdata\Oracle
2015-11-03 11:40 . 2015-11-03 11:40        --------        d-----w-        c:\program files (x86)\Java
2015-11-03 11:37 . 2015-11-03 11:37        584288        ----a-w-        c:\users\buebi\JavaSetup8u65.exe
2015-11-03 10:46 . 2015-10-03 05:06        1905456        ----a-w-        c:\windows\system32\nvdispco6435850.dll
2015-11-03 10:46 . 2015-10-03 05:06        1564976        ----a-w-        c:\windows\system32\nvdispgenco6435850.dll
.
.
.
((((((((((((((((((((((((((((((((((((  Find3M Bericht  ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2015-11-29 12:52 . 2015-06-11 00:33        26912        ----a-w-        c:\windows\system32\drivers\LGVirHid.sys
2015-11-29 12:52 . 2015-06-11 00:33        68384        ----a-w-        c:\windows\system32\drivers\LGJoyXlCore.sys
2015-11-29 12:52 . 2015-06-11 00:33        37408        ----a-w-        c:\windows\system32\drivers\LGBusEnum.sys
2015-11-29 12:52 . 2013-03-10 13:21        18960        ----a-w-        c:\windows\system32\drivers\LNonPnP.sys
2015-11-29 11:17 . 2015-05-25 11:20        14617288        ----a-w-        c:\windows\SysWow64\nvwgf2um.dll
2015-11-29 11:17 . 2015-05-25 11:20        927440        ----a-w-        c:\windows\SysWow64\nvumdshim.dll
2015-11-29 11:17 . 2015-05-25 11:20        24053576        ----a-w-        c:\windows\SysWow64\nvoglv32.dll
2015-11-29 11:17 . 2015-05-25 11:20        12852784        ----a-w-        c:\windows\SysWow64\nvopencl.dll
2015-11-29 11:17 . 2015-05-25 11:20        128512        ----a-w-        c:\windows\SysWow64\nvoglshim32.dll
2015-11-29 11:17 . 2015-05-25 11:20        2573456        ----a-w-        c:\windows\SysWow64\nvcuvid.dll
2015-11-29 11:17 . 2015-05-25 11:20        154256        ----a-w-        c:\windows\SysWow64\nvinit.dll
2015-11-29 11:17 . 2015-05-25 11:20        12689592        ----a-w-        c:\windows\SysWow64\nvd3dum.dll
2015-11-29 11:17 . 2015-05-25 11:20        11380728        ----a-w-        c:\windows\SysWow64\nvcuda.dll
2015-11-29 11:17 . 2015-05-25 11:20        25375048        ----a-w-        c:\windows\SysWow64\nvcompiler.dll
2015-11-29 11:17 . 2015-05-25 11:20        2935416        ----a-w-        c:\windows\SysWow64\nvapi.dll
2015-11-29 11:17 . 2015-05-25 11:20        17176128        ----a-w-        c:\windows\system32\nvwgf2umx.dll
2015-11-29 11:17 . 2015-05-25 11:20        1086424        ----a-w-        c:\windows\system32\nvumdshimx.dll
2015-11-29 11:17 . 2015-05-25 11:20        31570064        ----a-w-        c:\windows\system32\nvoglv64.dll
2015-11-29 11:17 . 2015-05-25 11:20        15716232        ----a-w-        c:\windows\system32\nvopencl.dll
2015-11-29 11:17 . 2015-05-25 11:20        970568        ----a-w-        c:\windows\SysWow64\NvIFR.dll
2015-11-29 11:17 . 2015-05-25 11:20        962192        ----a-w-        c:\windows\SysWow64\NvFBC.dll
2015-11-29 11:17 . 2015-05-25 11:20        150648        ----a-w-        c:\windows\system32\nvoglshim64.dll
2015-11-29 11:17 . 2015-05-25 11:20        175880        ----a-w-        c:\windows\system32\nvinitx.dll
2015-11-29 11:17 . 2015-05-25 11:20        15818528        ----a-w-        c:\windows\system32\nvd3dumx.dll
2015-11-29 11:17 . 2015-05-25 11:20        2896528        ----a-w-        c:\windows\system32\nvcuvid.dll
2015-11-29 11:17 . 2015-05-25 11:20        14006752        ----a-w-        c:\windows\system32\nvcuda.dll
2015-11-29 11:17 . 2015-05-25 11:20        30397072        ----a-w-        c:\windows\system32\nvcompiler.dll
2015-11-29 11:17 . 2015-05-25 11:20        3317344        ----a-w-        c:\windows\system32\nvapi64.dll
2015-11-29 11:17 . 2015-05-25 11:20        1047368        ----a-w-        c:\windows\system32\NvIFR64.dll
2015-11-29 11:17 . 2015-05-25 11:20        10423952        ----a-w-        c:\windows\system32\drivers\nvlddmkm.sys
2015-11-29 11:17 . 2015-05-25 11:20        1037640        ----a-w-        c:\windows\system32\NvFBC64.dll
2015-11-29 10:56 . 2015-05-30 14:20        1898312        ----a-w-        c:\windows\system32\nvdispco6435286.dll
2015-11-29 10:56 . 2015-05-30 14:20        1557648        ----a-w-        c:\windows\system32\nvdispgenco6435286.dll
2015-11-29 09:10 . 2013-03-12 17:35        780488        ----a-w-        c:\windows\SysWow64\FlashPlayerApp.exe
2015-11-29 09:10 . 2013-03-12 17:35        142536        ----a-w-        c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2015-10-30 15:49 . 2015-10-30 15:49        668784        ----a-w-        C:\SecurityScanner.dll
2015-10-29 17:50 . 2015-11-11 14:49        350208        ----a-w-        c:\windows\apppatch\AppPatch64\AcLayers.dll
2015-10-29 17:50 . 2015-11-11 14:49        309248        ----a-w-        c:\windows\apppatch\AppPatch64\AcGenral.dll
2015-10-29 17:50 . 2015-11-11 14:49        135168        ----a-w-        c:\windows\apppatch\AppPatch64\AcXtrnal.dll
2015-10-29 17:50 . 2015-11-11 14:49        103424        ----a-w-        c:\windows\apppatch\AppPatch64\acspecfc.dll
2015-10-29 17:49 . 2015-11-11 14:49        562176        ----a-w-        c:\windows\apppatch\AcLayers.dll
2015-10-29 17:49 . 2015-11-11 14:49        470528        ----a-w-        c:\windows\apppatch\AcSpecfc.dll
2015-10-29 17:49 . 2015-11-11 14:49        2178560        ----a-w-        c:\windows\apppatch\AcGenral.dll
2015-10-29 17:49 . 2015-11-11 14:49        211968        ----a-w-        c:\windows\apppatch\AcXtrnal.dll
2015-10-29 17:39 . 2015-11-11 14:49        2560        ----a-w-        c:\windows\apppatch\AcRes.dll
2015-10-20 00:45 . 2015-11-11 14:49        44032        ----a-w-        c:\windows\apppatch\acwow64.dll
2015-10-13 12:35 . 2015-10-13 12:35        430808        ----a-w-        c:\windows\system32\drivers\asmtxhci.sys
2015-10-13 00:29 . 2015-10-13 00:29        875720        ----a-w-        c:\windows\SysWow64\msvcr120_clr0400.dll
2015-10-13 00:22 . 2015-10-13 00:22        869568        ----a-w-        c:\windows\system32\msvcr120_clr0400.dll
2015-10-01 18:06 . 2015-10-14 13:07        692672        ----a-w-        c:\windows\system32\winload.efi
2015-10-01 18:04 . 2015-10-14 13:07        616360        ----a-w-        c:\windows\system32\winresume.efi
2015-10-01 18:00 . 2015-10-14 13:07        63488        ----a-w-        c:\windows\system32\setbcdlocale.dll
2015-10-01 18:00 . 2015-10-14 13:07        59392        ----a-w-        c:\windows\system32\appidapi.dll
2015-10-01 18:00 . 2015-10-14 13:07        32768        ----a-w-        c:\windows\system32\appidsvc.dll
2015-10-01 18:00 . 2015-10-14 13:07        17920        ----a-w-        c:\windows\system32\appidcertstorecheck.exe
2015-10-01 18:00 . 2015-10-14 13:07        147456        ----a-w-        c:\windows\system32\appidpolicyconverter.exe
2015-10-01 17:50 . 2015-10-14 13:07        50688        ----a-w-        c:\windows\SysWow64\appidapi.dll
2015-10-01 17:00 . 2015-10-14 13:07        61440        ----a-w-        c:\windows\system32\drivers\appid.sys
2015-09-18 19:22 . 2015-10-15 12:52        25432        ----a-w-        c:\windows\system32\CompatTelRunner.exe
2015-09-18 19:19 . 2015-10-15 12:52        700416        ----a-w-        c:\windows\system32\invagent.dll
2015-09-18 19:19 . 2015-10-15 12:52        766464        ----a-w-        c:\windows\system32\generaltel.dll
2015-09-18 19:19 . 2015-10-15 12:52        503808        ----a-w-        c:\windows\system32\devinv.dll
2015-09-18 19:19 . 2015-10-15 12:52        73216        ----a-w-        c:\windows\system32\acmigration.dll
2015-09-18 19:19 . 2015-10-15 12:52        1291264        ----a-w-        c:\windows\system32\appraiser.dll
2015-09-18 19:09 . 2015-10-15 12:52        1163776        ----a-w-        c:\windows\system32\aeinv.dll
2015-09-16 13:31 . 2015-09-16 13:31        39936        ----a-w-        c:\windows\system32\drivers\tssecsrv.sys
2015-09-16 13:31 . 2015-09-16 13:31        22528        ----a-w-        c:\windows\system32\icaapi.dll
2015-09-16 13:30 . 2015-09-16 13:30        984448        ----a-w-        c:\windows\system32\ucrtbase.dll
2015-09-16 13:30 . 2015-09-16 13:30        901264        ----a-w-        c:\windows\SysWow64\ucrtbase.dll
2015-09-16 13:30 . 2015-09-16 13:30        66400        ----a-w-        c:\windows\SysWow64\api-ms-win-crt-private-l1-1-0.dll
2015-09-16 13:30 . 2015-09-16 13:30        63840        ----a-w-        c:\windows\system32\api-ms-win-crt-private-l1-1-0.dll
2015-09-16 13:30 . 2015-09-16 13:30        22368        ----a-w-        c:\windows\SysWow64\api-ms-win-crt-math-l1-1-0.dll
2015-09-16 13:30 . 2015-09-16 13:30        20832        ----a-w-        c:\windows\system32\api-ms-win-crt-math-l1-1-0.dll
2015-09-16 13:30 . 2015-09-16 13:30        19808        ----a-w-        c:\windows\SysWow64\api-ms-win-crt-multibyte-l1-1-0.dll
2015-09-16 13:30 . 2015-09-16 13:30        19808        ----a-w-        c:\windows\system32\api-ms-win-crt-multibyte-l1-1-0.dll
2015-09-16 13:30 . 2015-09-16 13:30        17760        ----a-w-        c:\windows\SysWow64\api-ms-win-crt-string-l1-1-0.dll
2015-09-16 13:30 . 2015-09-16 13:30        17760        ----a-w-        c:\windows\SysWow64\api-ms-win-crt-stdio-l1-1-0.dll
2015-09-16 13:30 . 2015-09-16 13:30        17760        ----a-w-        c:\windows\system32\api-ms-win-crt-string-l1-1-0.dll
2015-09-16 13:30 . 2015-09-16 13:30        17760        ----a-w-        c:\windows\system32\api-ms-win-crt-stdio-l1-1-0.dll
2015-09-16 13:30 . 2015-09-16 13:30        16224        ----a-w-        c:\windows\SysWow64\api-ms-win-crt-runtime-l1-1-0.dll
2015-09-16 13:30 . 2015-09-16 13:30        16224        ----a-w-        c:\windows\system32\api-ms-win-crt-runtime-l1-1-0.dll
2015-09-16 13:30 . 2015-09-16 13:30        15712        ----a-w-        c:\windows\SysWow64\api-ms-win-crt-convert-l1-1-0.dll
2015-09-16 13:30 . 2015-09-16 13:30        15712        ----a-w-        c:\windows\system32\api-ms-win-crt-convert-l1-1-0.dll
2015-09-16 13:30 . 2015-09-16 13:30        14176        ----a-w-        c:\windows\SysWow64\api-ms-win-crt-time-l1-1-0.dll
2015-09-16 13:30 . 2015-09-16 13:30        14176        ----a-w-        c:\windows\SysWow64\api-ms-win-core-localization-l1-2-0.dll
2015-09-16 13:30 . 2015-09-16 13:30        14176        ----a-w-        c:\windows\system32\api-ms-win-crt-time-l1-1-0.dll
2015-09-16 13:30 . 2015-09-16 13:30        14176        ----a-w-        c:\windows\system32\api-ms-win-core-localization-l1-2-0.dll
2015-09-16 13:30 . 2015-09-16 13:30        13664        ----a-w-        c:\windows\SysWow64\api-ms-win-crt-filesystem-l1-1-0.dll
2015-09-16 13:30 . 2015-09-16 13:30        13664        ----a-w-        c:\windows\system32\api-ms-win-crt-filesystem-l1-1-0.dll
2015-09-16 13:30 . 2015-09-16 13:30        12640        ----a-w-        c:\windows\SysWow64\api-ms-win-crt-process-l1-1-0.dll
2015-09-16 13:30 . 2015-09-16 13:30        12640        ----a-w-        c:\windows\SysWow64\api-ms-win-crt-heap-l1-1-0.dll
2015-09-16 13:30 . 2015-09-16 13:30        12640        ----a-w-        c:\windows\SysWow64\api-ms-win-crt-conio-l1-1-0.dll
2015-09-16 13:30 . 2015-09-16 13:30        12640        ----a-w-        c:\windows\system32\api-ms-win-crt-process-l1-1-0.dll
2015-09-16 13:30 . 2015-09-16 13:30        12640        ----a-w-        c:\windows\system32\api-ms-win-crt-heap-l1-1-0.dll
2015-09-16 13:30 . 2015-09-16 13:30        12640        ----a-w-        c:\windows\system32\api-ms-win-crt-conio-l1-1-0.dll
2015-09-16 13:30 . 2015-09-16 13:30        12128        ----a-w-        c:\windows\SysWow64\api-ms-win-crt-utility-l1-1-0.dll
2015-09-16 13:30 . 2015-09-16 13:30        12128        ----a-w-        c:\windows\SysWow64\api-ms-win-crt-locale-l1-1-0.dll
2015-09-16 13:30 . 2015-09-16 13:30        12128        ----a-w-        c:\windows\SysWow64\api-ms-win-crt-environment-l1-1-0.dll
2015-09-16 13:30 . 2015-09-16 13:30        12128        ----a-w-        c:\windows\SysWow64\api-ms-win-core-synch-l1-2-0.dll
2015-09-16 13:30 . 2015-09-16 13:30        12128        ----a-w-        c:\windows\SysWow64\api-ms-win-core-processthreads-l1-1-1.dll
.
.
((((((((((((((((((((((((((((  Autostartpunkte der Registrierung  ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Advanced SystemCare 9"="c:\program files (x86)\IObit\Advanced SystemCare\ASCTray.exe" [2015-11-17 2010912]
"GUDelayStartup"="d:\program files (x86)\Glary Utilities 5\StartupManager.exe" [2015-02-12 37152]
"CCleaner Monitoring"="d:\program files\CCleaner\CCleaner64.exe" [2015-11-16 8591272]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"Turbo Key"="c:\program files (x86)\ASUS\Turbo Key\TurboKey.exe" [2009-11-24 1874432]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2015-10-28 1067736]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2015-11-29 597040]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"SpUninstallDeleteDir"="rmdir" [X]
.
c:\users\buebi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
CurseClientStartup.ccip [2015-11-29 0]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Bigfoot Networks Killer Network Manager.lnk - d:\program files\Bigfoot Networks\Killer Network Manager\KillerNetManager.exe -minimized [2013-10-9 564224]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
"EnableLinkedConnections"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\run-disabled]
"DivXUpdate"="c:\program files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
"ApnTBMon"="c:\program files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe"
"DivXMediaServer"="c:\program files (x86)\DivX\DivX Media Server\DivXMediaServer.exe"
.
R1 VBoxNetAdp;VirtualBox NDIS 6.0 Miniport Service;c:\windows\system32\DRIVERS\VBoxNetAdp6.sys;c:\windows\SYSNATIVE\DRIVERS\VBoxNetAdp6.sys [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 LiveUpdateSvc;LiveUpdate;c:\program files (x86)\IObit\LiveUpdate\LiveUpdate.exe;c:\program files (x86)\IObit\LiveUpdate\LiveUpdate.exe [x]
R2 MBAMService;MBAMService;d:\program files (x86)\Malwarebytes Anti-Malware\mbamservice.exe;d:\program files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [x]
R3 asmthub3;ASMedia USB3 Hub Service;c:\windows\system32\DRIVERS\asmthub3.sys;c:\windows\SYSNATIVE\DRIVERS\asmthub3.sys [x]
R3 cmdvirth;COMODO Virtual Service Manager;c:\program files\COMODO\COMODO Internet Security\cmdvirth.exe;c:\program files\COMODO\COMODO Internet Security\cmdvirth.exe [x]
R3 DrvAgent64;DrvAgent64;c:\windows\SysWOW64\Drivers\DrvAgent64.SYS;c:\windows\SysWOW64\Drivers\DrvAgent64.SYS [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 MBAMWebAccessControl;MBAMWebAccessControl;c:\windows\system32\drivers\mwac.sys;c:\windows\SYSNATIVE\drivers\mwac.sys [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 TFsExDisk;TFsExDisk;c:\windows\System32\Drivers\TFsExDisk.sys;c:\windows\SYSNATIVE\Drivers\TFsExDisk.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R4 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);c:\windows\system32\drivers\nvvad64v.sys;c:\windows\SYSNATIVE\drivers\nvvad64v.sys [x]
S0 amdide64;amdide64;c:\windows\system32\DRIVERS\amdide64.sys;c:\windows\SYSNATIVE\DRIVERS\amdide64.sys [x]
S0 SmartDefragDriver;SmartDefragDriver;c:\windows\System32\Drivers\SmartDefragDriver.sys;c:\windows\SYSNATIVE\Drivers\SmartDefragDriver.sys [x]
S1 cmderd;COMODO Internet Security Eradication Driver;c:\windows\system32\DRIVERS\cmderd.sys;c:\windows\SYSNATIVE\DRIVERS\cmderd.sys [x]
S1 cmdGuard;COMODO Internet Security Sandbox Driver;c:\windows\system32\DRIVERS\cmdguard.sys;c:\windows\SYSNATIVE\DRIVERS\cmdguard.sys [x]
S1 cmdHlp;COMODO Internet Security Helper Driver;c:\windows\system32\DRIVERS\cmdhlp.sys;c:\windows\SYSNATIVE\DRIVERS\cmdhlp.sys [x]
S1 GUBootStartup;GUBootStartup;c:\windows\System32\drivers\GUBootStartup.sys;c:\windows\SYSNATIVE\drivers\GUBootStartup.sys [x]
S2 AdvancedSystemCareService9;Advanced SystemCare Service 9;c:\program files (x86)\IObit\Advanced SystemCare\ASCService.exe;c:\program files (x86)\IObit\Advanced SystemCare\ASCService.exe [x]
S2 AsSysCtrlService;ASUS System Control Service;c:\program files (x86)\ASUS\AsSysCtrlService\1.00.02\AsSysCtrlService.exe;c:\program files (x86)\ASUS\AsSysCtrlService\1.00.02\AsSysCtrlService.exe [x]
S2 Bigfoot Networks Killer Service;Bigfoot Networks Killer Service;d:\program files\Bigfoot Networks\Killer Network Manager\BFNService.exe;d:\program files\Bigfoot Networks\Killer Network Manager\BFNService.exe [x]
S2 DiagTrack;Diagnostics Tracking Service;c:\windows\System32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x]
S2 LGCoreTemp;Logitech CPU Core Tempurature;c:\program files\Logitech Gaming Software\Drivers\LgCoreTemp\lgcoretemp.sys;c:\program files\Logitech Gaming Software\Drivers\LgCoreTemp\lgcoretemp.sys [x]
S2 LogiRegistryService;Logitech Gaming Registry Service;c:\program files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe;c:\program files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe [x]
S3 asmtxhci;ASMEDIA XHCI Service;c:\windows\system32\DRIVERS\asmtxhci.sys;c:\windows\SYSNATIVE\DRIVERS\asmtxhci.sys [x]
S3 BfEdge7x64;Bigfoot Networks Killer Ethernet Service;c:\windows\system32\DRIVERS\Edge7x64.sys;c:\windows\SYSNATIVE\DRIVERS\Edge7x64.sys [x]
S3 BFN7x64;Bigfoot Networks Killer Gaming Service;c:\windows\system32\DRIVERS\Xeno7x64.sys;c:\windows\SYSNATIVE\DRIVERS\Xeno7x64.sys [x]
S3 LGBusEnum;Logitech Gaming Virtual Bus Enumerator Driver;c:\windows\system32\drivers\LGBusEnum.sys;c:\windows\SYSNATIVE\drivers\LGBusEnum.sys [x]
S3 LGJoyXlCore;Logitech Translation Layer Driver (LGS);c:\windows\system32\drivers\LGJoyXlCore.sys;c:\windows\SYSNATIVE\drivers\LGJoyXlCore.sys [x]
S3 LGSHidFilt;Logitech Gaming KMDF HID Filter Driver;c:\windows\system32\DRIVERS\LGSHidFilt.Sys;c:\windows\SYSNATIVE\DRIVERS\LGSHidFilt.Sys [x]
S3 LGSUsbFilt;Logitech Gaming KMDF USB Filter Driver;c:\windows\system32\DRIVERS\LGSUsbFilt.Sys;c:\windows\SYSNATIVE\DRIVERS\LGSUsbFilt.Sys [x]
S3 LGVirHid;Logitech Gamepanel Virtual HID Device Driver;c:\windows\system32\drivers\LGVirHid.sys;c:\windows\SYSNATIVE\drivers\LGVirHid.sys [x]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys;c:\windows\SYSNATIVE\drivers\mbam.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{A6EADE66-0000-0000-484E-7E8A45000000}]
2015-11-18 16:22        286904        ----a-w-        c:\program files (x86)\Adobe\Acrobat Reader DC\Esl\AiodLite.dll
.
Inhalt des "geplante Tasks" Ordners
.
2015-11-29 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-03-12 09:10]
.
2015-11-28 c:\windows\Tasks\GlaryInitialize 5.job
- d:\program files (x86)\Glary Utilities 5\Initialize.exe [2015-02-12 08:03]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Launch LCore"="c:\program files\Logitech Gaming Software\LCore.exe" [2015-11-29 15033976]
"COMODO Internet Security"="c:\program files\COMODO\COMODO Internet Security\cistray.exe" [2015-04-01 1426136]
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = about:Tabs
mDefault_Search_URL = https://safesearch.avira.com/#web/result?source=art&q=
mDefault_Page_URL = https://safesearch.avira.com/#web/result?source=art&q=
mStart Page = https://safesearch.avira.com/#web/result?source=art&q=
mLocal Page = c:\windows\SysWOW64\blank.htm
mSearch Page = https://safesearch.avira.com/#web/result?source=art&q=
IE: {{d8f67242-b229-4065-95fa-391b077ed6ca} - {d8f67242-b229-4065-95fa-391b077ed6ca} - mscoree.dll
LSP: %SYSTEMROOT%\system32\BfLLR.dll
TCP: DhcpNameServer = 192.168.178.1
TCP: Interfaces\{4A67349A-00D0-4C9E-B689-69B4EF2FAF4F}: NameServer = 156.154.70.25,156.154.71.25
Handler: abs - {E00957BD-D0E1-4eb9-A025-7743FDC8B27B} - c:\windows\System32\mscoree.dll
FF - ProfilePath - c:\users\buebi\AppData\Roaming\Mozilla\Firefox\Profiles\w33kqme1.default\
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
Toolbar-Locked - (no file)
Wow6432Node-HKLM-Run-NPSStartup - (no file)
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk - c:\program files\McAfee Security Scan\3.8.150\SSScheduler.exe
HKLM_Wow6432Node-ActiveSetup-{8A69D345-D564-463c-AFF1-A69D9E530F96} - c:\program files (x86)\Google\Chrome\Application\40.0.2214.115\Installer\chrmstp.exe
Toolbar-Locked - (no file)
.
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_USERS\S-1-5-21-1771663753-3355759307-1885394415-1000_Classes\Drive\ShellEx\FolderExtensions\{F6BF8414-962C-40FE-90F1-B80A7E72DB9A}]
@Denied: (C D 2 3 6) (CreatorAuthority-4)
@Denied: (C D 2 3 6) (Everyone)
@Allowed: (Read) (S-1-5-21-1771663753-3355759307-1885394415-1000)
@SACL=(02 0001)
@Ace=(0x11) (1 3) (S-1-16-12288)
"DriveMask"=dword:ffffffff
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_18_0_0_232_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_18_0_0_232_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Drive\shellex\FolderExtensions\{F6BF8414-962C-40FE-90F1-B80A7E72DB9A}]
@Denied: (C D 2 3 6) (CreatorAuthority-4)
@Denied: (C D 2 3 6) (Everyone)
@SACL=(02 0001)
@Ace=(0x11) (1 3) (S-1-16-12288)
"DriveMask"=dword:ffffffff
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_18_0_0_232_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_18_0_0_232_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_18_0_0_232.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.18"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_18_0_0_232.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_18_0_0_232.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_18_0_0_232.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\COMODO\CIS\Installer\Sym_Cam\CIS]
"SymbolicLinkValue"=hex(6):5c,00,52,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
  00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,4f,00,46,00,\
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\CmdAgent\Mode\Configurations]
"SymbolicLinkValue"=hex(6):5c,00,52,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
  00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,59,00,53,00,\
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\CmdAgent\Mode\Data]
"SymbolicLinkValue"=hex(6):5c,00,52,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
  00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,4f,00,46,00,\
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\CmdAgent\Mode\Options]
"SymbolicLinkValue"=hex(6):5c,00,52,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
  00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,4f,00,46,00,\
.
[HKEY_LOCAL_MACHINE\system\Software\COMODO\Cam]
"SymbolicLinkValue"=hex(6):5c,00,52,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
  00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,4f,00,46,00,\
.
[HKEY_LOCAL_MACHINE\system\Software\COMODO\Firewall Pro]
"SymbolicLinkValue"=hex(6):5c,00,52,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
  00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,59,00,53,00,\
.
[HKEY_LOCAL_MACHINE\system\VritualRoot\MACHINE\Software\Classes\Drive\ShellEx\FolderExtensions\{F6BF8414-962C-40FE-90F1-B80A7E72DB9A}]
@Denied: (C D 2 3 6) (CreatorAuthority-4)
@Denied: (C D 2 3 6) (Everyone)
@SACL=(02 0001)
@Ace=(0x11) (1 3) (S-1-16-12288)
.
------------------------ Weitere laufende Prozesse ------------------------
.
c:\program files (x86)\IObit\Advanced SystemCare\Monitor.exe
c:\program files (x86)\IObit\Smart Defrag 4\SmartDefrag.exe
.
**************************************************************************
.
Zeit der Fertigstellung: 2015-12-03  00:18:19 - PC wurde neu gestartet
ComboFix-quarantined-files.txt  2015-12-02 23:18
.
Vor Suchlauf: 4.128.964.608 Bytes frei
Nach Suchlauf: 3.942.727.680 Bytes frei
.
- - End Of File - - 6DB5AE83D3FB4797DF9994E162FC351A
A36C5E4F47E84449FF07ED3517B43A31
so da isses^^
Danke und Gruß Heinz

schrauber 03.12.2015 22:03
Downloade Dir bitte Malwarebytes Anti-Malware
  • Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
  • Starte Malwarebytes' Anti-Malware (MBAM).
  • Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
  • Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
  • Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
  • Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
  • Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
  • Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.


Downloade Dir bitte AdwCleaner Logo Icon AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
  • Starte die AdwCleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel löschen
    • Winsock Einstellungen zurücksetzen
    • Proxy Einstellungen zurücksetzen
    • Internet Explorer Richtlinien zurücksetzen
    • Chrome Richtlinien zurücksetzen
    • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

  • Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
  • Drücke eine beliebige Taste, um das Tool zu starten.
  • Je nach System kann der Scan eine Weile dauern.
  • Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
  • Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.


und ein frisches FRST log bitte.

Babock 04.12.2015 00:38
Code:
Malwarebytes Anti-Malware
www.malwarebytes.org

Suchlaufdatum: 03.12.2015
Suchlaufzeit: 23:25
Protokolldatei: MBAM.txt
Administrator: Ja

Version: 2.2.0.1024
Malware-Datenbank: v2015.12.03.05
Rootkit-Datenbank: v2015.11.26.01
Lizenz: Kostenlose Version
Malware-Schutz: Deaktiviert
Schutz vor bösartigen Websites: Deaktiviert
Selbstschutz: Deaktiviert

Betriebssystem: Windows 7 Service Pack 1
CPU: x64
Dateisystem: NTFS
Benutzer: buebi

Suchlauftyp: Bedrohungssuchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 364092
Abgelaufene Zeit: 6 Min., 1 Sek.

Speicher: Aktiviert
Start: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristik: Aktiviert
PUP: Aktiviert
PUM: Aktiviert

Prozesse: 0
(keine bösartigen Elemente erkannt)

Module: 0
(keine bösartigen Elemente erkannt)

Registrierungsschlüssel: 0
(keine bösartigen Elemente erkannt)

Registrierungswerte: 0
(keine bösartigen Elemente erkannt)

Registrierungsdaten: 0
(keine bösartigen Elemente erkannt)

Ordner: 0
(keine bösartigen Elemente erkannt)

Dateien: 0
(keine bösartigen Elemente erkannt)

Physische Sektoren: 0
(keine bösartigen Elemente erkannt)


(end)
Code:
# AdwCleaner v5.023 - Bericht erstellt am 03/12/2015 um 23:42:18
# Aktualisiert am 30/11/2015 von Xplode
# Datenbank : 2015-12-03.1 [Server]
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (x64)
# Benutzername : buebi - BUEBI-PC
# Gestartet von : C:\Users\buebi\Downloads\AdwCleaner_5.023.exe
# Option : Löschen
# Unterstützung : hxxp://toolslib.net/forum

***** [ Dienste ] *****


***** [ Ordner ] *****

[-] Ordner Gelöscht : C:\SearchProtect
[-] Ordner Gelöscht : C:\Program Files (x86)\eSupport.com
[-] Ordner Gelöscht : C:\Program Files (x86)\BinarySense
[-] Ordner Gelöscht : C:\ProgramData\Conduit
[-] Ordner Gelöscht : C:\ProgramData\BinarySense
[-] Ordner Gelöscht : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\eSupport.com
[-] Ordner Gelöscht : C:\Users\buebi\AppData\Local\eSupport.com
[-] Ordner Gelöscht : C:\Users\buebi\AppData\Local\NativeMessaging
[-] Ordner Gelöscht : C:\Users\buebi\AppData\Local\YSearchUtil
[-] Ordner Gelöscht : C:\Users\buebi\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaacalgebmfelllfiaoknifldpngjh
[-] Ordner Gelöscht : C:\Users\buebi\AppData\Roaming\Mozilla\Firefox\Profiles\{DefaultProfilesFolder}\Extensions\ascsurfingprotection@iobit.com
[!] Ordner Nicht Gelöscht : C:\Users\buebi\AppData\Roaming\Mozilla\Firefox\Profiles\{DefaultProfilesFolder}\Extensions\ascsurfingprotection@iobit.com
[-] Ordner Gelöscht : C:\Users\buebi\AppData\Roaming\Mozilla\Firefox\Profiles\w33kqme1.default\Extensions\ascsurfingprotection@iobit.com
[!] Ordner Nicht Gelöscht : C:\Users\buebi\AppData\Roaming\Mozilla\Firefox\Profiles\w33kqme1.default\Extensions\ascsurfingprotection@iobit.com
[-] Ordner Gelöscht : C:\Windows\SysWOW64\config\systemprofile\AppData\Local\YSearchUtil

***** [ Dateien ] *****

[-] Datei Gelöscht : C:\Users\buebi\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_aaaaacalgebmfelllfiaoknifldpngjh_0.localstorage
[-] Datei Gelöscht : C:\Users\buebi\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\aaaaacalgebmfelllfiaoknifldpngjh
[-] Datei Gelöscht : C:\Users\buebi\AppData\Roaming\Mozilla\Firefox\Profiles\w33kqme1.default\searchplugins\avira-safesearch.xml
[-] Datei Gelöscht : C:\Users\buebi\Desktop\Find Drivers with DriverAgent.lnk
[-] Datei Gelöscht : C:\Users\Public\Desktop\Find Drivers with DriverAgent.lnk

***** [ DLLs ] *****


***** [ Verknüpfungen ] *****


***** [ Aufgabenplanung ] *****


***** [ Registrierungsdatenbank ] *****

[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Google\Chrome\NativeMessagingHosts\com.apn.native_messaging_host_aaaaacalgebmfelllfiaoknifldpngjh
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{459DD0F7-0D55-D3DC-67BC-E6BE37E9D762}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{884189CF-7C10-41E8-A014-F7B2BE40AADB}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6}
[-] Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6}
[-] Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6978F29A-3493-40B2-8CDC-9C13A02F85A4}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D7949A66-D936-4028-9552-14F7DC50F38D}
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6978F29A-3493-40B2-8CDC-9C13A02F85A4}
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D7949A66-D936-4028-9552-14F7DC50F38D}
[-] Schlüssel Gelöscht : HKCU\Software\eSupport.com
[-] Schlüssel Gelöscht : HKCU\Software\OCS
[-] Schlüssel Gelöscht : HKCU\Software\DriverTuner_Init
[-] Schlüssel Gelöscht : HKCU\Software\DriverTuner
[-] Schlüssel Gelöscht : HKCU\Software\Reg\Clean
[-] Schlüssel Gelöscht : HKCU\Software\BinarySense
[-] Schlüssel Gelöscht : HKCU\Software\AppDataLow\Toolbar
[-] Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\Conduit
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Reg\Clean
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\BinarySense
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\DriverAgent_is1
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Yahoo! SearchSet
[-] Schlüssel Gelöscht : HKU\S-1-5-21-1771663753-3355759307-1885394415-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\eSupport.com
[-] Schlüssel Gelöscht : HKU\S-1-5-21-1771663753-3355759307-1885394415-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\OCS
[-] Schlüssel Gelöscht : HKU\S-1-5-21-1771663753-3355759307-1885394415-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\DriverTuner_Init
[-] Schlüssel Gelöscht : HKU\S-1-5-21-1771663753-3355759307-1885394415-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\DriverTuner
[-] Schlüssel Gelöscht : HKU\S-1-5-21-1771663753-3355759307-1885394415-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Reg\Clean
[-] Schlüssel Gelöscht : HKU\S-1-5-21-1771663753-3355759307-1885394415-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\BinarySense
[-] Schlüssel Gelöscht : HKU\S-1-5-21-1771663753-3355759307-1885394415-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\AppDataLow\Toolbar
[-] Schlüssel Gelöscht : HKU\S-1-5-21-1771663753-3355759307-1885394415-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\AppDataLow\Software\Conduit
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Installer\UpgradeCodes\7AB5857A57A0687786597A857BFFFFFF
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\8036C72171EF4ba46856BF57969F6A36
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\89BB7852687BDC34B9A81E01C7FF9173
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\89EA4F1B8FBCDEF47AE328E455E28AA0
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\8CBC85D72B148084ABE8C2F072F781F4
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\8CC5A38A64D6098468BC8395BA0EFF03
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\8DF9A1AC557F56c49B56F6B83E293C15
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\97ECFF59EE08D4F47BB1464DEC37DA87
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A8CB937199A57E748B6AC433DA453EE2
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A97C590397DCC454AA8923563BAB10E4
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B08932C78B697C244BE7BA3E6FF09B62
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B4E78E12704AFCE408C7FBE501F1AA0A
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\C6A54B56C58C82a4688AFB93F42EA17B
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CFA51B44D54927c4E9B7BC1D3FD1E49F
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D14A7F65792054F418578C78367D13F7
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DFE9F0BD163D827438CB6AD6B100EC48
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F0390A76D28822743A68D7F1AB22E6D0
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F739A19A8327dc64C9A8B641A9E89646
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0A5AC497E6BBC8D45BE8AD6619DA8217
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\158D6D9E3FE81fa428925F22ACB3A965
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\15E6C514FEFC09f45BAFAAE1D7546ED4
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1DB42320A8525634AA089F0BEC86473B
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\22468B0D6050b2e46B9C4B67A8F59577
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2251BF05A2F606d43BB064BD63CBD87E
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\3255D95681398614190EDF0A4F3F77DB
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\3CDF313E9B28c944FBC7579CF4949414
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\71E54748EDD3dc1468548785DC856EDA
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\754590DD06DE8d249B526503432F99D4
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\7AB5857A57A0687786597A857BFFFFFF
[-] Daten Wiederhergestellt : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL]
[-] Daten Wiederhergestellt : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL]
[-] Daten Wiederhergestellt : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]
[-] Daten Wiederhergestellt : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page]
[-] Daten Wiederhergestellt : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]

***** [ Internetbrowser ] *****

[-] [C:\Users\buebi\AppData\Roaming\Mozilla\Firefox\Profiles\w33kqme1.default\prefs.js] [Preference] Gelöscht : user_pref("browser.uiCustomization.state", "{\"placements\":{\"PanelUI-contents\":[\"edit-controls\",\"zoom-controls\",\"new-window-button\",\"privatebrowsing-button\",\"save-page-button\",\"print-but[...]
[-] [C:\Users\buebi\AppData\Roaming\Mozilla\Firefox\Profiles\w33kqme1.default\prefs.js] [Preference] Gelöscht : user_pref("extensions.safesearch@avira.com.MP_DISTINCT_ID", "7d4577ab7d6ecf2ab854612a49f4fe6f3a92b725");
[-] [C:\Users\buebi\AppData\Roaming\Mozilla\Firefox\Profiles\w33kqme1.default\prefs.js] [Preference] Gelöscht : user_pref("extensions.safesearch@avira.com.install", "1448734050230");
[-] [C:\Users\buebi\AppData\Roaming\Mozilla\Firefox\Profiles\w33kqme1.default\prefs.js] [Preference] Gelöscht : user_pref("extensions.safesearch@avira.com.migration_1_2_1", true);
[-] [C:\Users\buebi\AppData\Roaming\Mozilla\Firefox\Profiles\w33kqme1.default\prefs.js] [Preference] Gelöscht : user_pref("extensions.safesearch@avira.com.sdk.baseURI", "resource://safesearch-at-avira-dot-com/");
[-] [C:\Users\buebi\AppData\Roaming\Mozilla\Firefox\Profiles\w33kqme1.default\prefs.js] [Preference] Gelöscht : user_pref("extensions.safesearch@avira.com.sdk.domain", "safesearch-at-avira-dot-com");
[-] [C:\Users\buebi\AppData\Roaming\Mozilla\Firefox\Profiles\w33kqme1.default\prefs.js] [Preference] Gelöscht : user_pref("extensions.safesearch@avira.com.sdk.load.reason", "startup");
[-] [C:\Users\buebi\AppData\Roaming\Mozilla\Firefox\Profiles\w33kqme1.default\prefs.js] [Preference] Gelöscht : user_pref("extensions.safesearch@avira.com.sdk.rootURI", "jar:file:///C:/Users/buebi/AppData/Roaming/Mozilla/Firefox/Profiles/w33kqme1.default/extensions/safesearch@avira.com.xpi!/");
[-] [C:\Users\buebi\AppData\Roaming\Mozilla\Firefox\Profiles\w33kqme1.default\prefs.js] [Preference] Gelöscht : user_pref("extensions.safesearch@avira.com.sdk.version", "1.3.0");
[-] [C:\Users\buebi\AppData\Roaming\Mozilla\Firefox\Profiles\w33kqme1.default\prefs.js] [Preference] Gelöscht : user_pref("extensions.safesearch@avira.com.settings_offer_default_search_chosen", "true");
[-] [C:\Users\buebi\AppData\Roaming\Mozilla\Firefox\Profiles\w33kqme1.default\prefs.js] [Preference] Gelöscht : user_pref("extensions.safesearch@avira.com.settings_offer_newtab_chosen", "true");

*************************

:: "Tracing" Schlüssel gelöscht
:: Winsock Einstellungen zurückgesetzt

########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt - [13102 Bytes] ##########
Code:
# AdwCleaner v5.023 - Bericht erstellt am 03/12/2015 um 23:51:00
# Aktualisiert am 30/11/2015 von Xplode
# Datenbank : 2015-12-03.1 [Server]
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (x64)
# Benutzername : buebi - BUEBI-PC
# Gestartet von : C:\Users\buebi\Desktop\AdwCleaner_5.023.exe
# Option : Löschen
# Unterstützung : hxxp://toolslib.net/forum

***** [ Dienste ] *****


***** [ Ordner ] *****


***** [ Dateien ] *****

[-] Datei Gelöscht : C:\Users\buebi\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\aaaaacalgebmfelllfiaoknifldpngjh

***** [ DLLs ] *****


***** [ Verknüpfungen ] *****


***** [ Aufgabenplanung ] *****


***** [ Registrierungsdatenbank ] *****


***** [ Internetbrowser ] *****

[-] [C:\Users\buebi\AppData\Roaming\Mozilla\Firefox\Profiles\w33kqme1.default\prefs.js] [Preference] Gelöscht : user_pref("browser.uiCustomization.state", "{\"placements\":{\"PanelUI-contents\":[\"edit-controls\",\"zoom-controls\",\"new-window-button\",\"privatebrowsing-button\",\"save-page-button\",\"print-but[...]
[-] [C:\Users\buebi\AppData\Roaming\Mozilla\Firefox\Profiles\w33kqme1.default\prefs.js] [Preference] Gelöscht : user_pref("extensions.safesearch@avira.com.MP_DISTINCT_ID", "db49a032f2a244ad0635613bd58d942a55d4fcf0");
[-] [C:\Users\buebi\AppData\Roaming\Mozilla\Firefox\Profiles\w33kqme1.default\prefs.js] [Preference] Gelöscht : user_pref("extensions.safesearch@avira.com.install", "1449182824097");
[-] [C:\Users\buebi\AppData\Roaming\Mozilla\Firefox\Profiles\w33kqme1.default\prefs.js] [Preference] Gelöscht : user_pref("extensions.safesearch@avira.com.migration_1_2_1", true);
[-] [C:\Users\buebi\AppData\Roaming\Mozilla\Firefox\Profiles\w33kqme1.default\prefs.js] [Preference] Gelöscht : user_pref("extensions.safesearch@avira.com.sdk.baseURI", "resource://safesearch-at-avira-dot-com/");
[-] [C:\Users\buebi\AppData\Roaming\Mozilla\Firefox\Profiles\w33kqme1.default\prefs.js] [Preference] Gelöscht : user_pref("extensions.safesearch@avira.com.sdk.domain", "safesearch-at-avira-dot-com");
[-] [C:\Users\buebi\AppData\Roaming\Mozilla\Firefox\Profiles\w33kqme1.default\prefs.js] [Preference] Gelöscht : user_pref("extensions.safesearch@avira.com.sdk.load.reason", "startup");
[-] [C:\Users\buebi\AppData\Roaming\Mozilla\Firefox\Profiles\w33kqme1.default\prefs.js] [Preference] Gelöscht : user_pref("extensions.safesearch@avira.com.sdk.rootURI", "jar:file:///C:/Users/buebi/AppData/Roaming/Mozilla/Firefox/Profiles/w33kqme1.default/extensions/safesearch@avira.com.xpi!/");
[-] [C:\Users\buebi\AppData\Roaming\Mozilla\Firefox\Profiles\w33kqme1.default\prefs.js] [Preference] Gelöscht : user_pref("extensions.safesearch@avira.com.sdk.version", "1.3.0");

*************************

:: "Tracing" Schlüssel gelöscht
:: Proxy Einstellungen zurückgesetzt
:: Winsock Einstellungen zurückgesetzt
:: Internet Explorer Richtlinien gelöscht
:: Chrome Richtlinien gelöscht

########## EOF - C:\AdwCleaner\AdwCleaner[C2].txt - [2994 Bytes] ##########
Code:
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.0.1 (11.24.2015)
Operating System: Windows 7 Home Premium x64
Ran by buebi (Administrator) on 03.12.2015 at 23:57:09,52
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




File System: 10

Successfully deleted: C:\ProgramData\iobit\driver booster (Folder)
Successfully deleted: C:\ProgramData\productdata (Folder)
Successfully deleted: C:\Users\buebi\AppData\Local\cre (Folder)
Successfully deleted: C:\Users\buebi\AppData\Roaming\iobit\driver booster (Folder)
Successfully deleted: C:\Users\buebi\AppData\Roaming\Mozilla\Firefox\Profiles\{DefaultProfilesFolder}\extensions\iobitascsurfingprotection@iobit.com (Folder)
Successfully deleted: C:\Users\buebi\AppData\Roaming\Mozilla\Firefox\Profiles\w33kqme1.default\extensions\iobitascsurfingprotection@iobit.com (Folder)
Successfully deleted: C:\Users\buebi\AppData\Roaming\productdata (Folder)
Successfully deleted: C:\Windows\system32\Tasks\Avira System Speedup Tray (Task)
Successfully deleted: C:\Windows\system32\Tasks\Driver Booster SkipUAC (buebi) (Task)
Successfully deleted: C:\Windows\system32\Tasks\SmartDefrag4_Startup (Task)

Deleted the following from C:\Users\buebi\AppData\Roaming\Mozilla\Firefox\Profiles\w33kqme1.default\prefs.js
user_pref(browser.uiCustomization.state, {\placements\:{\PanelUI-contents\:[\edit-controls\,\zoom-controls\,\new-window-button\,\privatebrowsing-button\,\save-
user_pref(extensions.safesearch@avira.com.MP_DISTINCT_ID, da488520082080d704d9e53f7775972c5930f795);
user_pref(extensions.safesearch@avira.com.install, 1449183291892);
user_pref(extensions.safesearch@avira.com.migration_1_2_1, true);
user_pref(extensions.safesearch@avira.com.sdk.baseURI, resource://safesearch-at-avira-dot-com/);
user_pref(extensions.safesearch@avira.com.sdk.domain, safesearch-at-avira-dot-com);
user_pref(extensions.safesearch@avira.com.sdk.load.reason, startup);
user_pref(extensions.safesearch@avira.com.sdk.rootURI, jar:file:///C:/Users/buebi/AppData/Roaming/Mozilla/Firefox/Profiles/w33kqme1.default/extensions/safesearch@avira.com.
user_pref(extensions.safesearch@avira.com.sdk.version, 1.3.0);
user_pref(extensions.xpiState, {\app-profile\:{\abs@avira.com\:{\d\:\C:\\\\Users\\\\buebi\\\\AppData\\\\Roaming\\\\Mozilla\\\\Firefox\\\\Profiles\\\\w33kqme1.default



Registry: 0





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 04.12.2015 at  0:05:38,37
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Code:
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:01-12-2015
durchgeführt von buebi (Administrator) auf BUEBI-PC (04-12-2015 00:16:00)
Gestartet von C:\Users\buebi\Downloads
Geladene Profile: buebi (Verfügbare Profile: buebi)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser nicht gefunden!)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(IObit) C:\Program Files (x86)\IObit\Advanced SystemCare\ASCService.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avguard.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.02\AsSysCtrlService.exe
() D:\Program Files\Bigfoot Networks\Killer Network Manager\BFNService.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.SpeedupService.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cavwp.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avshadow.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\CisTray.exe
(Piriform Ltd) D:\Program Files\CCleaner\CCleaner64.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avgnt.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cis.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe
(Farbar) C:\Users\buebi\Downloads\FRST64(1).exe


==================== Registry (Nicht auf der Ausnahmeliste) ===========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [Launch LCore] => C:\Program Files\Logitech Gaming Software\LCore.exe [15033976 2015-11-29] (Logitech Inc.)
HKLM\...\Run: [COMODO Internet Security] => C:\Program Files\COMODO\COMODO Internet Security\cistray.exe [1426136 2015-04-01] (COMODO)
HKLM-x32\...\Run: [Turbo Key] => C:\Program Files (x86)\ASUS\Turbo Key\TurboKey.exe [1874432 2009-11-24] (ASUSTeK Computer Inc.)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1067736 2015-10-28] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [597040 2015-11-29] (Oracle Corporation)
HKLM-x32\...\Run: [Avira SystrayStartTrigger] => C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe [66320 2015-12-03] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\Antivirus\avgnt.exe [803200 2015-12-03] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [Avira System Speedup User Starter] => C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.Core.Common.Starter.exe [14408 2015-12-03] (Avira Operations GmbH & Co. KG)
HKU\S-1-5-21-1771663753-3355759307-1885394415-1000\...\Run: [Advanced SystemCare 9] => C:\Program Files (x86)\IObit\Advanced SystemCare\ASCTray.exe [2010912 2015-11-17] (IObit)
HKU\S-1-5-21-1771663753-3355759307-1885394415-1000\...\Run: [GUDelayStartup] => D:\Program Files (x86)\Glary Utilities 5\StartupManager.exe [37152 2015-02-12] (Glarysoft Ltd)
HKU\S-1-5-21-1771663753-3355759307-1885394415-1000\...\Run: [CCleaner Monitoring] => D:\Program Files\CCleaner\CCleaner64.exe [8591272 2015-11-16] (Piriform Ltd)
HKU\S-1-5-18\...\RunOnce: [SpUninstallDeleteDir] => rmdir /s /q "\SearchProtect"
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bigfoot Networks Killer Network Manager.lnk [2015-09-03]
ShortcutTarget: Bigfoot Networks Killer Network Manager.lnk -> D:\Program Files\Bigfoot Networks\Killer Network Manager\KillerNetManager.exe ()
Startup: C:\Users\buebi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\CurseClientStartup.ccip [2015-11-29] ()

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Winsock: Catalog9 01 C:\Windows\SysWOW64\BfLLR.dll [174592 2013-10-09] (Bigfoot Networks, Inc.)
Winsock: Catalog9 02 C:\Windows\SysWOW64\BfLLR.dll [174592 2013-10-09] (Bigfoot Networks, Inc.)
Winsock: Catalog9 03 C:\Windows\SysWOW64\BfLLR.dll [174592 2013-10-09] (Bigfoot Networks, Inc.)
Winsock: Catalog9 04 C:\Windows\SysWOW64\BfLLR.dll [174592 2013-10-09] (Bigfoot Networks, Inc.)
Winsock: Catalog9 15 C:\Windows\SysWOW64\BfLLR.dll [174592 2013-10-09] (Bigfoot Networks, Inc.)
Winsock: Catalog9-x64 01 C:\Windows\system32\BfLLR.dll [189952 2013-10-09] (Bigfoot Networks, Inc.)
Winsock: Catalog9-x64 02 C:\Windows\system32\BfLLR.dll [189952 2013-10-09] (Bigfoot Networks, Inc.)
Winsock: Catalog9-x64 03 C:\Windows\system32\BfLLR.dll [189952 2013-10-09] (Bigfoot Networks, Inc.)
Winsock: Catalog9-x64 04 C:\Windows\system32\BfLLR.dll [189952 2013-10-09] (Bigfoot Networks, Inc.)
Winsock: Catalog9-x64 15 C:\Windows\system32\BfLLR.dll [189952 2013-10-09] (Bigfoot Networks, Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{4A67349A-00D0-4C9E-B689-69B4EF2FAF4F}: [NameServer] 156.154.70.25,156.154.71.25
Tcpip\..\Interfaces\{4A67349A-00D0-4C9E-B689-69B4EF2FAF4F}: [DhcpNameServer] 192.168.178.1

Internet Explorer:
==================
HKU\S-1-5-21-1771663753-3355759307-1885394415-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Beschränkung <======= ACHTUNG
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-1771663753-3355759307-1885394415-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-1771663753-3355759307-1885394415-1000\Software\Microsoft\Internet Explorer\Main,Start Page = about:Tabs
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-1771663753-3355759307-1885394415-1000 -> {085A28F2-59A0-49F0-8AAC-B6C52B414F0C} URL = hxxps://de.search.yahoo.com/search?p={searchTerms}&fr=yset_ie_syc_oracle&type=orcl_default
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_66\bin\ssv.dll [2015-11-29] (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_66\bin\jp2ssv.dll [2015-11-29] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_65\bin\ssv.dll [2015-11-03] (Oracle Corporation)
BHO-x32: AviraBrowserSafety.BrowserSafety -> {c3c77255-42c0-499f-b664-6e981a0b1647} -> C:\Windows\SysWOW64\mscoree.dll [2010-11-21] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_65\bin\jp2ssv.dll [2015-11-03] (Oracle Corporation)
Toolbar: HKLM - Kein Name - {2318C2B1-4965-11d4-9B18-009027A5CD4F} -  Keine Datei
Toolbar: HKLM-x32 - Kein Name - {2318C2B1-4965-11d4-9B18-009027A5CD4F} -  Keine Datei
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Handler-x32: abs - {E00957BD-D0E1-4eb9-A025-7743FDC8B27B} - C:\Windows\SysWOW64\mscoree.dll [2010-11-21] (Microsoft Corporation)

FireFox:
========
FF ProfilePath: C:\Users\buebi\AppData\Roaming\Mozilla\Firefox\Profiles\w33kqme1.default
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_19_0_0_245.dll [2015-11-29] ()
FF Plugin: @java.com/DTPlugin,version=11.66.2 -> C:\Program Files\Java\jre1.8.0_66\bin\dtplugin\npDeployJava1.dll [2015-11-29] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.66.2 -> C:\Program Files\Java\jre1.8.0_66\bin\plugin2\npjp2.dll [2015-11-29] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_19_0_0_245.dll [2015-11-29] ()
FF Plugin-x32: @java.com/DTPlugin,version=11.65.2 -> C:\Program Files (x86)\Java\jre1.8.0_65\bin\dtplugin\npDeployJava1.dll [2015-11-03] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.65.2 -> C:\Program Files (x86)\Java\jre1.8.0_65\bin\plugin2\npjp2.dll [2015-11-03] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [Keine Datei]
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [Keine Datei]
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-09-30] (Adobe Systems Inc.)
FF SearchPlugin: C:\Users\buebi\AppData\Roaming\Mozilla\Firefox\Profiles\w33kqme1.default\searchplugins\yahoo-ysp.xml [2015-11-03]
FF SearchPlugin: C:\Users\buebi\AppData\Roaming\Mozilla\Firefox\Profiles\w33kqme1.default\searchplugins\_how_recover_ieh.HTML [2015-11-25]
FF SearchPlugin: C:\Users\buebi\AppData\Roaming\Mozilla\Firefox\Profiles\w33kqme1.default\searchplugins\_how_recover_ieh.TXT [2015-11-25]
FF SearchPlugin: C:\Users\buebi\AppData\Roaming\Mozilla\Firefox\Profiles\w33kqme1.default\searchplugins\_how_recover_mxh.HTML [2015-11-25]
FF SearchPlugin: C:\Users\buebi\AppData\Roaming\Mozilla\Firefox\Profiles\w33kqme1.default\searchplugins\_how_recover_mxh.TXT [2015-11-25]
FF SearchPlugin: C:\Users\buebi\AppData\Roaming\Mozilla\Firefox\Profiles\w33kqme1.default\searchplugins\_how_recover_pap.HTML [2015-11-24]
FF SearchPlugin: C:\Users\buebi\AppData\Roaming\Mozilla\Firefox\Profiles\w33kqme1.default\searchplugins\_how_recover_pap.TXT [2015-11-24]
FF SearchPlugin: C:\Users\buebi\AppData\Roaming\Mozilla\Firefox\Profiles\w33kqme1.default\searchplugins\_how_recover_txi.HTML [2015-11-24]
FF SearchPlugin: C:\Users\buebi\AppData\Roaming\Mozilla\Firefox\Profiles\w33kqme1.default\searchplugins\_how_recover_txi.TXT [2015-11-24]
FF SearchPlugin: C:\Users\buebi\AppData\Roaming\Mozilla\Firefox\Profiles\w33kqme1.default\searchplugins\_how_recover_xwl.HTML [2015-11-24]
FF SearchPlugin: C:\Users\buebi\AppData\Roaming\Mozilla\Firefox\Profiles\w33kqme1.default\searchplugins\_how_recover_xwl.TXT [2015-11-24]
FF Extension: Avira Browser Safety - C:\Users\buebi\AppData\Roaming\Mozilla\Firefox\Profiles\w33kqme1.default\Extensions\abs@avira.com [2015-12-03] [ist nicht signiert]
FF Extension: Avira SafeSearch - C:\Users\buebi\AppData\Roaming\Mozilla\Firefox\Profiles\w33kqme1.default\Extensions\safesearch@avira.com.xpi [2015-11-30] [ist nicht signiert]
FF Extension: Adblock Plus - C:\Users\buebi\AppData\Roaming\Mozilla\Firefox\Profiles\w33kqme1.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-11-28]
StartMenuInternet: FIREFOX.EXE - D:\Program Files\Mozilla Firefox\firefox.exe

Chrome:
=======
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\40.0.2214.115\PepperFlash\pepflashplayer.dll => Keine Datei
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\40.0.2214.115\ppGoogleNaClPluginChrome.dll => Keine Datei
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\40.0.2214.115\pdf.dll => Keine Datei
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll => Keine Datei
CHR Plugin: (NVIDIA 3D Vision) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll => Keine Datei
CHR Plugin: (NVIDIA 3D VISION) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll => Keine Datei
CHR Profile: C:\Users\buebi\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Avira SearchFree Toolbar plus Web Protection) - C:\Users\buebi\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-11-25]
CHR Extension: (Google Drive) - C:\Users\buebi\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-11-25]
CHR Extension: (YouTube) - C:\Users\buebi\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-11-25]
CHR Extension: (Google-Suche) - C:\Users\buebi\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-11-25]
CHR Extension: (Avira SearchFree Toolbar plus Web Protection) - C:\Users\buebi\AppData\Local\Google\Chrome\User Data\Default\Extensions\eglgfnfolcgijipffhlhbbnefdcbjbml [2015-11-25]
CHR Extension: (Google Wallet) - C:\Users\buebi\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-11-25]
CHR Extension: (Google Mail) - C:\Users\buebi\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-11-25]
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-1771663753-3355759307-1885394415-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [fkkcgfbgohboipdhliafmacjnhjbhmim] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx

==================== Dienste (Nicht auf der Ausnahmeliste) ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 AdvancedSystemCareService9; C:\Program Files (x86)\IObit\Advanced SystemCare\ASCService.exe [827680 2015-11-04] (IObit)
S2 AntiVirMailService; C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe [948392 2015-12-03] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\Antivirus\sched.exe [466408 2015-12-03] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\Antivirus\avguard.exe [466408 2015-12-03] (Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe [1418560 2015-12-03] (Avira Operations GmbH & Co. KG)
R2 AsSysCtrlService; C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.02\AsSysCtrlService.exe [90112 2009-08-19] (ASUSTeK Computer Inc.) [Datei ist nicht signiert]
R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [250648 2015-12-03] (Avira Operations GmbH & Co. KG)
R2 Bigfoot Networks Killer Service; D:\Program Files\Bigfoot Networks\Killer Network Manager\BFNService.exe [494080 2013-10-09] () [Datei ist nicht signiert]
R2 CmdAgent; C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [5540424 2015-04-01] (COMODO)
S3 cmdvirth; C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe [2265816 2015-04-01] (COMODO)
S2 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2934048 2015-11-10] (IObit)
R2 LogiRegistryService; C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe [193144 2015-11-29] (Logitech Inc.)
S2 MBAMService; D:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1135416 2015-10-05] (Malwarebytes)
R2 SpeedupService; C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.SpeedupService.exe [18016 2015-12-03] (Avira Operations GmbH & Co. KG)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)

===================== Treiber (Nicht auf der Ausnahmeliste) ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R0 amdide64; C:\Windows\System32\DRIVERS\amdide64.sys [11944 2015-02-13] (Advanced Micro Devices Inc.)
U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [13440 2009-08-04] ()
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [162072 2015-12-03] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [140448 2015-12-03] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2015-12-03] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\System32\DRIVERS\avnetflt.sys [75472 2015-12-03] (Avira Operations GmbH & Co. KG)
R3 BfEdge7x64; C:\Windows\System32\DRIVERS\Edge7x64.sys [31336 2013-10-09] (Bigfoot Networks, Inc.)
R3 BFN7x64; C:\Windows\System32\DRIVERS\Xeno7x64.sys [157288 2013-10-09] (Bigfoot Networks, Inc.)
R1 cmderd; C:\Windows\System32\DRIVERS\cmderd.sys [20696 2015-04-01] (COMODO)
R1 cmdGuard; C:\Windows\System32\DRIVERS\cmdguard.sys [797280 2015-04-01] (COMODO)
R1 cmdHlp; C:\Windows\System32\DRIVERS\cmdhlp.sys [45880 2015-04-01] (COMODO)
S3 DrvAgent64; C:\Windows\SysWOW64\Drivers\DrvAgent64.SYS [13824 2015-02-07] (Phoenix Technologies) [Datei ist nicht signiert]
S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
R1 GUBootStartup; C:\Windows\System32\drivers\GUBootStartup.sys [20160 2015-02-23] (Glarysoft Ltd)
R1 inspect; C:\Windows\System32\DRIVERS\inspect.sys [104608 2015-04-01] (COMODO)
R2 LGCoreTemp; C:\Program Files\Logitech Gaming Software\Drivers\LgCoreTemp\lgcoretemp.sys [14184 2015-06-21] (Logitech)
R3 LGJoyXlCore; C:\Windows\System32\drivers\LGJoyXlCore.sys [68384 2015-11-29] (Logitech Inc.)
R3 LGSHidFilt; C:\Windows\System32\DRIVERS\LGSHidFilt.Sys [64280 2013-05-30] (Logitech Inc.)
R3 LGSUsbFilt; C:\Windows\System32\DRIVERS\LGSUsbFilt.Sys [41752 2013-05-30] (Logitech Inc.)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-10-05] (Malwarebytes)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-10-05] (Malwarebytes Corporation)
R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [15416 2009-07-17] ()
R0 SmartDefragDriver; C:\Windows\System32\Drivers\SmartDefragDriver.sys [21184 2014-06-04] (IObit)
S1 VBoxNetAdp; C:\Windows\System32\DRIVERS\VBoxNetAdp6.sys [117768 2015-09-08] (Oracle Corporation)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S4 nvvad_WaveExtensible; system32\drivers\nvvad64v.sys [X]

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2015-12-04 00:16 - 2015-12-04 00:16 - 00000000 ____D C:\Users\buebi\AppData\Roaming\ProductData
2015-12-04 00:16 - 2015-12-04 00:16 - 00000000 ____D C:\ProgramData\ProductData
2015-12-04 00:15 - 2015-12-04 00:15 - 02350080 _____ (Farbar) C:\Users\buebi\Downloads\FRST64(1).exe
2015-12-04 00:12 - 2015-12-04 00:12 - 02350080 _____ (Farbar) C:\Users\buebi\Downloads\FRST64(2).exe
2015-12-04 00:05 - 2015-12-04 00:06 - 00002638 _____ C:\Users\buebi\Desktop\JRT.txt
2015-12-03 23:56 - 2015-12-03 23:56 - 01599336 _____ (Malwarebytes) C:\Users\buebi\Downloads\JRT.exe
2015-12-03 23:54 - 2015-12-03 23:54 - 00003076 _____ C:\Users\buebi\Desktop\AdwCleaner[C2].txt
2015-12-03 23:46 - 2015-12-03 23:46 - 00013309 _____ C:\Users\buebi\Desktop\AdwCleaner[C1].txt
2015-12-03 23:45 - 2015-12-03 23:45 - 00000000 ____D C:\Users\buebi\Desktop\ADWCleaner
2015-12-03 23:40 - 2015-12-03 23:51 - 00000000 ____D C:\AdwCleaner
2015-12-03 23:38 - 2015-12-03 23:38 - 01736704 _____ C:\Users\buebi\Desktop\AdwCleaner_5.023.exe
2015-12-03 23:33 - 2015-12-03 23:33 - 00001208 _____ C:\Users\buebi\Desktop\MBAM.txt
2015-12-03 00:45 - 2015-12-03 00:45 - 00000000 ____D C:\Users\buebi\AppData\Roaming\Avira
2015-12-03 00:44 - 2015-12-03 00:45 - 00000000 ____D C:\Users\Public\Speedup Sessions
2015-12-03 00:44 - 2015-12-03 00:44 - 00001149 _____ C:\Users\Public\Desktop\Avira System Speedup.lnk
2015-12-03 00:44 - 2015-12-03 00:44 - 00000795 _____ C:\Windows\SysWOW64\InstallUtil.InstallLog
2015-12-03 00:43 - 2015-12-03 00:43 - 00162072 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2015-12-03 00:43 - 2015-12-03 00:43 - 00140448 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2015-12-03 00:43 - 2015-12-03 00:43 - 00075472 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avnetflt.sys
2015-12-03 00:43 - 2015-12-03 00:43 - 00028600 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avkmgr.sys
2015-12-03 00:39 - 2015-12-03 00:44 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2015-12-03 00:39 - 2015-12-03 00:39 - 04588512 _____ (Avira Operations GmbH & Co. KG) C:\Users\buebi\Downloads\avira_de_av_565f812334096__ws.exe
2015-12-03 00:39 - 2015-12-03 00:39 - 00001220 _____ C:\Users\Public\Desktop\Avira Launcher.lnk
2015-12-03 00:18 - 2015-12-03 00:18 - 00033677 _____ C:\ComboFix.txt
2015-12-02 23:36 - 2015-12-02 23:35 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2015-12-02 23:36 - 2015-12-02 23:35 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2015-12-02 23:36 - 2015-12-02 23:35 - 00256000 _____ C:\Windows\PEV.exe
2015-12-02 23:36 - 2015-12-02 23:35 - 00208896 _____ C:\Windows\MBR.exe
2015-12-02 23:36 - 2015-12-02 23:35 - 00098816 _____ C:\Windows\sed.exe
2015-12-02 23:36 - 2015-12-02 23:35 - 00080412 _____ C:\Windows\grep.exe
2015-12-02 23:36 - 2015-12-02 23:35 - 00068096 _____ C:\Windows\zip.exe
2015-12-02 23:36 - 2015-12-02 23:35 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2015-12-02 23:21 - 2015-12-02 23:21 - 05639299 ____R (Swearware) C:\Users\buebi\Desktop\ComboFix.exe
2015-12-02 23:19 - 2015-12-02 23:19 - 00159410 _____ C:\Users\buebi\Documents\cc_20151202_231938.reg
2015-12-02 23:10 - 2015-12-03 00:18 - 00000000 ____D C:\Qoobox
2015-12-02 23:09 - 2015-12-03 00:15 - 00000000 ____D C:\Windows\erdnt
2015-12-01 23:30 - 2015-12-01 23:35 - 00401658 _____ C:\TDSSKiller.3.1.0.7_01.12.2015_23.30.22_log.txt
2015-12-01 23:30 - 2015-12-01 23:30 - 04398264 _____ (Kaspersky Lab ZAO) C:\Users\buebi\Downloads\tdsskiller.exe
2015-12-01 23:13 - 2015-12-02 00:09 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2015-12-01 23:11 - 2015-12-01 23:12 - 16563352 _____ (Malwarebytes Corp.) C:\Users\buebi\Downloads\mbar-1.09.3.1001.exe
2015-11-30 09:38 - 2015-12-04 00:16 - 00020348 _____ C:\Users\buebi\Downloads\FRST.txt
2015-11-30 09:38 - 2015-11-30 10:05 - 00059889 _____ C:\Users\buebi\Downloads\Addition.txt
2015-11-30 09:37 - 2015-11-30 09:37 - 02350080 _____ (Farbar) C:\Users\buebi\Downloads\FRST64.exe
2015-11-29 20:07 - 2015-11-29 20:07 - 00002968 _____ C:\Windows\System32\Tasks\{A02B08A9-ABEB-4CAE-A526-CD638BD063A5}
2015-11-29 20:06 - 2015-11-29 20:06 - 00002968 _____ C:\Windows\System32\Tasks\{A492109E-110B-4220-B9D7-05ACA2BAA0C8}
2015-11-29 20:05 - 2015-11-29 20:05 - 00000000 ____D C:\Users\buebi\AppData\Local\ElevatedDiagnostics
2015-11-29 20:04 - 2015-11-29 20:04 - 00002980 _____ C:\Windows\System32\Tasks\{5697353D-EC7C-46EA-841C-CFCB920996B4}
2015-11-29 19:25 - 2015-11-29 19:25 - 05631312 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_40.dll
2015-11-29 19:25 - 2015-11-29 19:25 - 05554512 _____ (Microsoft Corporation) C:\Windows\system32\d3dcsx_42.dll
2015-11-29 19:25 - 2015-11-29 19:25 - 05501792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dcsx_42.dll
2015-11-29 19:25 - 2015-11-29 19:25 - 05425496 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_41.dll
2015-11-29 19:25 - 2015-11-29 19:25 - 04992520 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_39.dll
2015-11-29 19:25 - 2015-11-29 19:25 - 04379984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_40.dll
2015-11-29 19:25 - 2015-11-29 19:25 - 04178264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_41.dll
2015-11-29 19:25 - 2015-11-29 19:25 - 02605920 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_40.dll
2015-11-29 19:25 - 2015-11-29 19:25 - 02582888 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_42.dll
2015-11-29 19:25 - 2015-11-29 19:25 - 02526056 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_43.dll
2015-11-29 19:25 - 2015-11-29 19:25 - 02475352 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_42.dll
2015-11-29 19:25 - 2015-11-29 19:25 - 02430312 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_41.dll
2015-11-29 19:25 - 2015-11-29 19:25 - 02106216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_43.dll
2015-11-29 19:25 - 2015-11-29 19:25 - 02036576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_40.dll
2015-11-29 19:25 - 2015-11-29 19:25 - 01974616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_42.dll
2015-11-29 19:25 - 2015-11-29 19:25 - 01942552 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_39.dll
2015-11-29 19:25 - 2015-11-29 19:25 - 01907552 _____ (Microsoft Corporation) C:\Windows\system32\d3dcsx_43.dll
2015-11-29 19:25 - 2015-11-29 19:25 - 01892184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_42.dll
2015-11-29 19:25 - 2015-11-29 19:25 - 01868128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dcsx_43.dll
2015-11-29 19:25 - 2015-11-29 19:25 - 01846632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_41.dll
2015-11-29 19:25 - 2015-11-29 19:25 - 00540688 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_39.dll
2015-11-29 19:25 - 2015-11-29 19:25 - 00530776 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_6.dll
2015-11-29 19:25 - 2015-11-29 19:25 - 00528216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_6.dll
2015-11-29 19:25 - 2015-11-29 19:25 - 00527192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_7.dll
2015-11-29 19:25 - 2015-11-29 19:25 - 00523088 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_42.dll
2015-11-29 19:25 - 2015-11-29 19:25 - 00521560 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_4.dll
2015-11-29 19:25 - 2015-11-29 19:25 - 00520544 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_41.dll
2015-11-29 19:25 - 2015-11-29 19:25 - 00519000 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_40.dll
2015-11-29 19:25 - 2015-11-29 19:25 - 00518488 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_7.dll
2015-11-29 19:25 - 2015-11-29 19:25 - 00518480 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_3.dll
2015-11-29 19:25 - 2015-11-29 19:25 - 00517960 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_5.dll
2015-11-29 19:25 - 2015-11-29 19:25 - 00517448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_4.dll
2015-11-29 19:25 - 2015-11-29 19:25 - 00515416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_5.dll
2015-11-29 19:25 - 2015-11-29 19:25 - 00514384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_3.dll
2015-11-29 19:25 - 2015-11-29 19:25 - 00513544 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_2.dll
2015-11-29 19:25 - 2015-11-29 19:25 - 00509448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_2.dll
2015-11-29 19:25 - 2015-11-29 19:25 - 00453456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_42.dll
2015-11-29 19:25 - 2015-11-29 19:25 - 00453456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_41.dll
2015-11-29 19:25 - 2015-11-29 19:25 - 00452440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_40.dll
2015-11-29 19:25 - 2015-11-29 19:25 - 00285024 _____ (Microsoft Corporation) C:\Windows\system32\d3dx11_42.dll
2015-11-29 19:25 - 2015-11-29 19:25 - 00239960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_7.dll
2015-11-29 19:25 - 2015-11-29 19:25 - 00238936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_6.dll
2015-11-29 19:25 - 2015-11-29 19:25 - 00238936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_5.dll
2015-11-29 19:25 - 2015-11-29 19:25 - 00238088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_2.dll
2015-11-29 19:25 - 2015-11-29 19:25 - 00235856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_3.dll
2015-11-29 19:25 - 2015-11-29 19:25 - 00235352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_4.dll
2015-11-29 19:25 - 2015-11-29 19:25 - 00235344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx11_42.dll
2015-11-29 19:25 - 2015-11-29 19:25 - 00177672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_2.dll
2015-11-29 19:25 - 2015-11-29 19:25 - 00176984 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_7.dll
2015-11-29 19:25 - 2015-11-29 19:25 - 00176984 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_6.dll
2015-11-29 19:25 - 2015-11-29 19:25 - 00176968 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_5.dll
2015-11-29 19:25 - 2015-11-29 19:25 - 00175440 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_3.dll
2015-11-29 19:25 - 2015-11-29 19:25 - 00174936 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_4.dll
2015-11-29 19:25 - 2015-11-29 19:25 - 00078680 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_4.dll
2015-11-29 19:25 - 2015-11-29 19:25 - 00077656 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_5.dll
2015-11-29 19:25 - 2015-11-29 19:25 - 00074576 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_2.dll
2015-11-29 19:25 - 2015-11-29 19:25 - 00074072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_5.dll
2015-11-29 19:25 - 2015-11-29 19:25 - 00074072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_4.dll
2015-11-29 19:25 - 2015-11-29 19:25 - 00073544 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_3.dll
2015-11-29 19:25 - 2015-11-29 19:25 - 00072200 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_1.dll
2015-11-29 19:25 - 2015-11-29 19:25 - 00070992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_2.dll
2015-11-29 19:25 - 2015-11-29 19:25 - 00069464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_3.dll
2015-11-29 19:25 - 2015-11-29 19:25 - 00068616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_1.dll
2015-11-29 19:25 - 2015-11-29 19:25 - 00025936 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_5.dll
2015-11-29 19:25 - 2015-11-29 19:25 - 00024920 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_7.dll
2015-11-29 19:25 - 2015-11-29 19:25 - 00024920 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_6.dll
2015-11-29 19:25 - 2015-11-29 19:25 - 00023376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_5.dll
2015-11-29 19:25 - 2015-11-29 19:25 - 00022360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_7.dll
2015-11-29 19:25 - 2015-11-29 19:25 - 00022360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_6.dll
2015-11-29 19:24 - 2015-11-29 19:24 - 05081608 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_36.dll
2015-11-29 19:24 - 2015-11-29 19:24 - 05073256 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_35.dll
2015-11-29 19:24 - 2015-11-29 19:24 - 04991496 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_38.dll
2015-11-29 19:24 - 2015-11-29 19:24 - 04910088 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_37.dll
2015-11-29 19:24 - 2015-11-29 19:24 - 04496232 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_34.dll
2015-11-29 19:24 - 2015-11-29 19:24 - 04494184 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_33.dll
2015-11-29 19:24 - 2015-11-29 19:24 - 04398360 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_32.dll
2015-11-29 19:24 - 2015-11-29 19:24 - 03977496 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_31.dll
2015-11-29 19:24 - 2015-11-29 19:24 - 03927248 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_30.dll
2015-11-29 19:24 - 2015-11-29 19:24 - 03850760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_38.dll
2015-11-29 19:24 - 2015-11-29 19:24 - 03830992 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_29.dll
2015-11-29 19:24 - 2015-11-29 19:24 - 03823312 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_25.dll
2015-11-29 19:24 - 2015-11-29 19:24 - 03815120 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_28.dll
2015-11-29 19:24 - 2015-11-29 19:24 - 03807440 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_27.dll
2015-11-29 19:24 - 2015-11-29 19:24 - 03786760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_37.dll
2015-11-29 19:24 - 2015-11-29 19:24 - 03767504 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_26.dll
2015-11-29 19:24 - 2015-11-29 19:24 - 03734536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_36.dll
2015-11-29 19:24 - 2015-11-29 19:24 - 03727720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_35.dll
2015-11-29 19:24 - 2015-11-29 19:24 - 03544272 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_24.dll
2015-11-29 19:24 - 2015-11-29 19:24 - 03497832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_34.dll
2015-11-29 19:24 - 2015-11-29 19:24 - 03495784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_33.dll
2015-11-29 19:24 - 2015-11-29 19:24 - 03426072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_32.dll
2015-11-29 19:24 - 2015-11-29 19:24 - 02414360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_31.dll
2015-11-29 19:24 - 2015-11-29 19:24 - 02388176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_30.dll
2015-11-29 19:24 - 2015-11-29 19:24 - 02337488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_25.dll
2015-11-29 19:24 - 2015-11-29 19:24 - 02332368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_29.dll
2015-11-29 19:24 - 2015-11-29 19:24 - 02323664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_28.dll
2015-11-29 19:24 - 2015-11-29 19:24 - 02319568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_27.dll
2015-11-29 19:24 - 2015-11-29 19:24 - 02297552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_26.dll
2015-11-29 19:24 - 2015-11-29 19:24 - 02222800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_24.dll
2015-11-29 19:24 - 2015-11-29 19:24 - 02006552 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_36.dll
2015-11-29 19:24 - 2015-11-29 19:24 - 01985904 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_35.dll
2015-11-29 19:24 - 2015-11-29 19:24 - 01941528 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_38.dll
2015-11-29 19:24 - 2015-11-29 19:24 - 01860120 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_37.dll
2015-11-29 19:24 - 2015-11-29 19:24 - 01491992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_38.dll
2015-11-29 19:24 - 2015-11-29 19:24 - 01420824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_37.dll
2015-11-29 19:24 - 2015-11-29 19:24 - 01401200 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_34.dll
2015-11-29 19:24 - 2015-11-29 19:24 - 01400176 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_33.dll
2015-11-29 19:24 - 2015-11-29 19:24 - 01374232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_36.dll
2015-11-29 19:24 - 2015-11-29 19:24 - 01358192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_35.dll
2015-11-29 19:24 - 2015-11-29 19:24 - 01124720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_34.dll
2015-11-29 19:24 - 2015-11-29 19:24 - 01123696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_33.dll
2015-11-29 19:24 - 2015-11-29 19:24 - 00540688 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_38.dll
2015-11-29 19:24 - 2015-11-29 19:24 - 00529424 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_37.dll
2015-11-29 19:24 - 2015-11-29 19:24 - 00511496 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_1.dll
2015-11-29 19:24 - 2015-11-29 19:24 - 00508264 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_36.dll
2015-11-29 19:24 - 2015-11-29 19:24 - 00508264 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_35.dll
2015-11-29 19:24 - 2015-11-29 19:24 - 00507400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_1.dll
2015-11-29 19:24 - 2015-11-29 19:24 - 00506728 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_34.dll
2015-11-29 19:24 - 2015-11-29 19:24 - 00506728 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_33.dll
2015-11-29 19:24 - 2015-11-29 19:24 - 00489480 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_0.dll
2015-11-29 19:24 - 2015-11-29 19:24 - 00479752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_0.dll
2015-11-29 19:24 - 2015-11-29 19:24 - 00469264 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10.dll
2015-11-29 19:24 - 2015-11-29 19:24 - 00467984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_38.dll
2015-11-29 19:24 - 2015-11-29 19:24 - 00462864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_37.dll
2015-11-29 19:24 - 2015-11-29 19:24 - 00444776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_36.dll
2015-11-29 19:24 - 2015-11-29 19:24 - 00444776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_35.dll
2015-11-29 19:24 - 2015-11-29 19:24 - 00443752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_34.dll
2015-11-29 19:24 - 2015-11-29 19:24 - 00443752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_33.dll
2015-11-29 19:24 - 2015-11-29 19:24 - 00440080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10.dll
2015-11-29 19:24 - 2015-11-29 19:24 - 00411656 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_10.dll
2015-11-29 19:24 - 2015-11-29 19:24 - 00411496 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_9.dll
2015-11-29 19:24 - 2015-11-29 19:24 - 00409960 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_8.dll
2015-11-29 19:24 - 2015-11-29 19:24 - 00403304 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_7.dll
2015-11-29 19:24 - 2015-11-29 19:24 - 00393576 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_6.dll
2015-11-29 19:24 - 2015-11-29 19:24 - 00390424 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_5.dll
2015-11-29 19:24 - 2015-11-29 19:24 - 00364824 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_4.dll
2015-11-29 19:24 - 2015-11-29 19:24 - 00363288 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_3.dll
2015-11-29 19:24 - 2015-11-29 19:24 - 00355536 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_0.dll
2015-11-29 19:24 - 2015-11-29 19:24 - 00354072 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_2.dll
2015-11-29 19:24 - 2015-11-29 19:24 - 00352464 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_1.dll
2015-11-29 19:24 - 2015-11-29 19:24 - 00267272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_10.dll
2015-11-29 19:24 - 2015-11-29 19:24 - 00267112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_9.dll
2015-11-29 19:24 - 2015-11-29 19:24 - 00266088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_8.dll
2015-11-29 19:24 - 2015-11-29 19:24 - 00261480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_7.dll
2015-11-29 19:24 - 2015-11-29 19:24 - 00255848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_6.dll
2015-11-29 19:24 - 2015-11-29 19:24 - 00251672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_5.dll
2015-11-29 19:24 - 2015-11-29 19:24 - 00238088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_1.dll
2015-11-29 19:24 - 2015-11-29 19:24 - 00238088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_0.dll
2015-11-29 19:24 - 2015-11-29 19:24 - 00237848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_4.dll
2015-11-29 19:24 - 2015-11-29 19:24 - 00236824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_3.dll
2015-11-29 19:24 - 2015-11-29 19:24 - 00230168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_2.dll
2015-11-29 19:24 - 2015-11-29 19:24 - 00230096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_0.dll
2015-11-29 19:24 - 2015-11-29 19:24 - 00229584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_1.dll
2015-11-29 19:24 - 2015-11-29 19:24 - 00177672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_1.dll
2015-11-29 19:24 - 2015-11-29 19:24 - 00177672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_0.dll
2015-11-29 19:24 - 2015-11-29 19:24 - 00107368 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_3.dll
2015-11-29 19:24 - 2015-11-29 19:24 - 00083736 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_2.dll
2015-11-29 19:24 - 2015-11-29 19:24 - 00083664 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_1.dll
2015-11-29 19:24 - 2015-11-29 19:24 - 00081768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xinput1_3.dll
2015-11-29 19:24 - 2015-11-29 19:24 - 00068104 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_0.dll
2015-11-29 19:24 - 2015-11-29 19:24 - 00065032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_0.dll
2015-11-29 19:24 - 2015-11-29 19:24 - 00062744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xinput1_2.dll
2015-11-29 19:24 - 2015-11-29 19:24 - 00062672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xinput1_1.dll
2015-11-29 19:24 - 2015-11-29 19:24 - 00028168 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_4.dll
2015-11-29 19:24 - 2015-11-29 19:24 - 00028168 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_3.dll
2015-11-29 19:24 - 2015-11-29 19:24 - 00025608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_4.dll
2015-11-29 19:24 - 2015-11-29 19:24 - 00025608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_3.dll
2015-11-29 19:24 - 2015-11-29 19:24 - 00021000 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_2.dll
2015-11-29 19:24 - 2015-11-29 19:24 - 00017928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_2.dll
2015-11-29 19:24 - 2015-11-29 19:24 - 00017688 _____ (Microsoft Corporation) C:\Windows\system32\x3daudio1_1.dll
2015-11-29 19:24 - 2015-11-29 19:24 - 00016592 _____ (Microsoft Corporation) C:\Windows\system32\x3daudio1_0.dll
2015-11-29 19:24 - 2015-11-29 19:24 - 00015128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\x3daudio1_1.dll
2015-11-29 19:24 - 2015-11-29 19:24 - 00014032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\x3daudio1_0.dll
2015-11-29 18:58 - 2015-11-29 20:08 - 00050168 _____ C:\Windows\system32\Drivers\fvstore.dat
2015-11-29 18:58 - 2015-11-29 18:58 - 00000000 ____D C:\VTRoot
2015-11-29 16:09 - 2015-11-29 16:09 - 00001870 _____ C:\Users\Public\Desktop\COMODO Firewall.lnk
2015-11-29 16:09 - 2015-11-29 16:09 - 00000000 ____D C:\Windows\System32\Tasks\COMODO
2015-11-29 16:08 - 2015-11-30 08:51 - 00000000 ____D C:\Program Files\COMODO
2015-11-29 16:08 - 2015-11-29 16:08 - 00000000 ____D C:\ProgramData\Shared Space
2015-11-29 16:07 - 2015-11-30 08:51 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Comodo
2015-11-29 16:07 - 2015-11-29 16:07 - 00000000 ____D C:\Users\buebi\AppData\Local\Comodo
2015-11-29 16:05 - 2015-11-29 16:09 - 00000000 ____D C:\ProgramData\Comodo
2015-11-29 15:04 - 2015-11-29 15:06 - 00000000 ____D C:\Windows\SysWOW64\directx
2015-11-29 14:59 - 2015-11-29 14:59 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2015-11-29 14:05 - 2015-11-29 14:05 - 00000146 _____ C:\Users\buebi\Desktop\NVIDIA Systemsteuerung - Verknüpfung.lnk
2015-11-29 12:03 - 2015-11-29 12:03 - 00110176 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
2015-11-29 12:03 - 2015-11-29 12:03 - 00000000 ____D C:\Program Files\Java
2015-11-29 11:53 - 2015-11-29 11:54 - 01905272 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6435900.dll
2015-11-29 11:53 - 2015-11-29 11:54 - 01564792 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6435900.dll
2015-11-29 11:40 - 2015-11-29 11:40 - 00205456 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvhda64v.sys
2015-11-29 11:40 - 2015-11-29 11:40 - 00039240 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdap64.dll
2015-11-29 10:11 - 2015-11-29 10:11 - 00000000 ____D C:\ProgramData\McAfee
2015-11-29 09:16 - 2015-11-29 09:16 - 00002063 _____ C:\Users\buebi\Desktop\Curse - Verknüpfung.lnk
2015-11-29 09:14 - 2015-11-29 09:14 - 00003118 _____ C:\Windows\System32\Tasks\{CD827ED8-44D2-49BD-9906-C99AA9595535}
2015-11-29 04:24 - 2015-11-29 12:03 - 00000000 ____D C:\Users\buebi\.oracle_jre_usage
2015-11-28 19:25 - 2015-11-28 19:25 - 00000917 _____ C:\Users\buebi\Desktop\Revo Uninstaller.lnk
2015-11-28 19:25 - 2015-11-28 19:25 - 00000000 ____D C:\Users\buebi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller
2015-11-28 19:07 - 2015-11-28 19:07 - 00000788 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2015-11-28 19:07 - 2015-11-28 19:07 - 00000788 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2015-11-28 17:06 - 2015-11-28 17:06 - 00000000 ____H C:\asc_rdflag
2015-11-28 16:47 - 2015-12-03 23:25 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-11-28 16:47 - 2015-12-01 23:56 - 00109272 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-11-28 16:47 - 2015-11-28 16:47 - 00000787 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2015-11-28 16:47 - 2015-11-28 16:47 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-11-28 16:47 - 2015-11-28 16:47 - 00000000 ____D C:\ProgramData\Malwarebytes
2015-11-28 16:47 - 2015-10-05 09:50 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-11-28 16:47 - 2015-10-05 09:50 - 00025816 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
2015-11-28 15:51 - 2015-11-30 22:43 - 00002266 _____ C:\Users\Public\Desktop\Advanced SystemCare 9.lnk
2015-11-28 15:51 - 2015-11-28 15:51 - 00003180 _____ C:\Windows\System32\Tasks\ASC9_PerformanceMonitor
2015-11-28 15:51 - 2015-11-28 15:51 - 00002868 _____ C:\Windows\System32\Tasks\ASC9_SkipUac_buebi
2015-11-28 15:51 - 2015-11-28 15:51 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced SystemCare
2015-11-28 15:51 - 2015-11-28 15:51 - 00000000 ____D C:\ProgramData\{FD6F83C0-EC70-4581-8361-C70CD1AA4B98}
2015-11-26 16:19 - 2015-12-04 00:16 - 00000000 ____D C:\FRST
2015-11-26 15:18 - 2015-11-26 15:18 - 00007307 _____ C:\Users\buebi\AppData\LocalLow\_how_recover_ayk.HTML
2015-11-26 15:18 - 2015-11-26 15:18 - 00002588 _____ C:\Users\buebi\AppData\LocalLow\_how_recover_ayk.TXT
2015-11-26 15:12 - 2015-11-26 15:12 - 00000000 _____ C:\Program Files\Common Files\_how_recover_ooy.TXT
2015-11-26 15:12 - 2015-11-26 15:12 - 00000000 _____ C:\Program Files\Common Files\_how_recover_ooy.HTML
2015-11-26 14:24 - 2015-11-26 14:24 - 00007307 _____ C:\ProgramData\_how_recover_qpk.HTML
2015-11-26 14:24 - 2015-11-26 14:24 - 00007307 _____ C:\Program Files\Common Files\_how_recover_qpk.HTML
2015-11-26 14:24 - 2015-11-26 14:24 - 00002588 _____ C:\ProgramData\_how_recover_qpk.TXT
2015-11-26 14:24 - 2015-11-26 14:24 - 00002588 _____ C:\Program Files\Common Files\_how_recover_qpk.TXT
2015-11-25 20:26 - 2015-11-25 20:26 - 00000000 _____ C:\Users\buebi\AppData\LocalLow\_how_recover_smn.TXT
2015-11-25 20:09 - 2015-11-25 20:27 - 00007307 _____ C:\Users\buebi\AppData\Roaming\_how_recover_smn.HTML
2015-11-25 20:09 - 2015-11-25 20:27 - 00007307 _____ C:\Users\buebi\AppData\Local\_how_recover_smn.HTML
2015-11-25 20:09 - 2015-11-25 20:27 - 00002588 _____ C:\Users\buebi\AppData\Roaming\_how_recover_smn.TXT
2015-11-25 20:09 - 2015-11-25 20:27 - 00002588 _____ C:\Users\buebi\AppData\Local\_how_recover_smn.TXT
2015-11-25 20:09 - 2015-11-25 20:09 - 00007307 _____ C:\Users\buebi\AppData\Local\Apps\_how_recover_smn.HTML
2015-11-25 20:09 - 2015-11-25 20:09 - 00007307 _____ C:\ProgramData\_how_recover_smn.HTML
2015-11-25 20:09 - 2015-11-25 20:09 - 00007307 _____ C:\Program Files\Common Files\_how_recover_smn.HTML
2015-11-25 20:09 - 2015-11-25 20:09 - 00002588 _____ C:\Users\buebi\AppData\Local\Apps\_how_recover_smn.TXT
2015-11-25 20:09 - 2015-11-25 20:09 - 00002588 _____ C:\ProgramData\_how_recover_smn.TXT
2015-11-25 20:09 - 2015-11-25 20:09 - 00002588 _____ C:\Program Files\Common Files\_how_recover_smn.TXT
2015-11-25 18:31 - 2015-11-25 18:44 - 00007307 _____ C:\Users\buebi\AppData\Roaming\_how_recover_dvx.HTML
2015-11-25 18:31 - 2015-11-25 18:44 - 00007307 _____ C:\Users\buebi\AppData\Local\_how_recover_dvx.HTML
2015-11-25 18:31 - 2015-11-25 18:44 - 00002588 _____ C:\Users\buebi\AppData\Roaming\_how_recover_dvx.TXT
2015-11-25 18:31 - 2015-11-25 18:44 - 00002588 _____ C:\Users\buebi\AppData\Local\_how_recover_dvx.TXT
2015-11-25 18:31 - 2015-11-25 18:31 - 00007307 _____ C:\Users\buebi\AppData\Local\Apps\_how_recover_dvx.HTML
2015-11-25 18:31 - 2015-11-25 18:31 - 00007307 _____ C:\ProgramData\_how_recover_dvx.HTML
2015-11-25 18:31 - 2015-11-25 18:31 - 00007307 _____ C:\Program Files\Common Files\_how_recover_dvx.HTML
2015-11-25 18:31 - 2015-11-25 18:31 - 00002588 _____ C:\Users\buebi\AppData\Local\Apps\_how_recover_dvx.TXT
2015-11-25 18:31 - 2015-11-25 18:31 - 00002588 _____ C:\ProgramData\_how_recover_dvx.TXT
2015-11-25 18:31 - 2015-11-25 18:31 - 00002588 _____ C:\Program Files\Common Files\_how_recover_dvx.TXT
2015-11-25 18:19 - 2015-11-25 18:19 - 00007307 _____ C:\Users\buebi\AppData\Roaming\_how_recover_oad.HTML
2015-11-25 18:19 - 2015-11-25 18:19 - 00007307 _____ C:\Users\buebi\AppData\Local\Apps\_how_recover_oad.HTML
2015-11-25 18:19 - 2015-11-25 18:19 - 00007307 _____ C:\Users\buebi\AppData\Local\_how_recover_oad.HTML
2015-11-25 18:19 - 2015-11-25 18:19 - 00007307 _____ C:\ProgramData\_how_recover_oad.HTML
2015-11-25 18:19 - 2015-11-25 18:19 - 00007307 _____ C:\Program Files\Common Files\_how_recover_oad.HTML
2015-11-25 18:19 - 2015-11-25 18:19 - 00002588 _____ C:\Users\buebi\AppData\Roaming\_how_recover_oad.TXT
2015-11-25 18:19 - 2015-11-25 18:19 - 00002588 _____ C:\Users\buebi\AppData\Local\Apps\_how_recover_oad.TXT
2015-11-25 18:19 - 2015-11-25 18:19 - 00002588 _____ C:\Users\buebi\AppData\Local\_how_recover_oad.TXT
2015-11-25 18:19 - 2015-11-25 18:19 - 00002588 _____ C:\ProgramData\_how_recover_oad.TXT
2015-11-25 18:19 - 2015-11-25 18:19 - 00002588 _____ C:\Program Files\Common Files\_how_recover_oad.TXT
2015-11-25 18:03 - 2015-11-25 18:03 - 00001086 _____ C:\Windows\system32\Tasks - Verknüpfung.lnk
2015-11-25 17:48 - 2015-11-25 17:48 - 00007307 _____ C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\_how_recover_mxh.HTML
2015-11-25 17:48 - 2015-11-25 17:48 - 00007307 _____ C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\_how_recover_mxh.HTML
2015-11-25 17:48 - 2015-11-25 17:48 - 00007307 _____ C:\Users\Default\AppData\Roaming\_how_recover_mxh.HTML
2015-11-25 17:48 - 2015-11-25 17:48 - 00007307 _____ C:\Users\Default\AppData\LocalLow\_how_recover_mxh.HTML
2015-11-25 17:48 - 2015-11-25 17:48 - 00007307 _____ C:\Users\Default\AppData\Local\_how_recover_mxh.HTML
2015-11-25 17:48 - 2015-11-25 17:48 - 00007307 _____ C:\Users\Default\AppData\_how_recover_mxh.HTML
2015-11-25 17:48 - 2015-11-25 17:48 - 00007307 _____ C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\_how_recover_mxh.HTML
2015-11-25 17:48 - 2015-11-25 17:48 - 00007307 _____ C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\_how_recover_mxh.HTML
2015-11-25 17:48 - 2015-11-25 17:48 - 00007307 _____ C:\Users\Default User\AppData\Roaming\_how_recover_mxh.HTML
2015-11-25 17:48 - 2015-11-25 17:48 - 00007307 _____ C:\Users\Default User\AppData\LocalLow\_how_recover_mxh.HTML
2015-11-25 17:48 - 2015-11-25 17:48 - 00007307 _____ C:\Users\Default User\AppData\Local\_how_recover_mxh.HTML
2015-11-25 17:48 - 2015-11-25 17:48 - 00007307 _____ C:\Users\Default User\AppData\_how_recover_mxh.HTML
2015-11-25 17:48 - 2015-11-25 17:48 - 00007307 _____ C:\Users\buebi\AppData\LocalLow\_how_recover_mxh.HTML
2015-11-25 17:48 - 2015-11-25 17:48 - 00007307 _____ C:\Users\buebi\AppData\_how_recover_mxh.HTML
2015-11-25 17:48 - 2015-11-25 17:48 - 00002588 _____ C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\_how_recover_mxh.TXT
2015-11-25 17:48 - 2015-11-25 17:48 - 00002588 _____ C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\_how_recover_mxh.TXT
2015-11-25 17:48 - 2015-11-25 17:48 - 00002588 _____ C:\Users\Default\AppData\Roaming\_how_recover_mxh.TXT
2015-11-25 17:48 - 2015-11-25 17:48 - 00002588 _____ C:\Users\Default\AppData\LocalLow\_how_recover_mxh.TXT
2015-11-25 17:48 - 2015-11-25 17:48 - 00002588 _____ C:\Users\Default\AppData\Local\_how_recover_mxh.TXT
2015-11-25 17:48 - 2015-11-25 17:48 - 00002588 _____ C:\Users\Default\AppData\_how_recover_mxh.TXT
2015-11-25 17:48 - 2015-11-25 17:48 - 00002588 _____ C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\_how_recover_mxh.TXT
2015-11-25 17:48 - 2015-11-25 17:48 - 00002588 _____ C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\_how_recover_mxh.TXT
2015-11-25 17:48 - 2015-11-25 17:48 - 00002588 _____ C:\Users\Default User\AppData\Roaming\_how_recover_mxh.TXT
2015-11-25 17:48 - 2015-11-25 17:48 - 00002588 _____ C:\Users\Default User\AppData\LocalLow\_how_recover_mxh.TXT
2015-11-25 17:48 - 2015-11-25 17:48 - 00002588 _____ C:\Users\Default User\AppData\Local\_how_recover_mxh.TXT
2015-11-25 17:48 - 2015-11-25 17:48 - 00002588 _____ C:\Users\Default User\AppData\_how_recover_mxh.TXT
2015-11-25 17:48 - 2015-11-25 17:48 - 00002588 _____ C:\Users\buebi\AppData\LocalLow\_how_recover_mxh.TXT
2015-11-25 17:48 - 2015-11-25 17:48 - 00002588 _____ C:\Users\buebi\AppData\_how_recover_mxh.TXT
2015-11-25 17:46 - 2015-11-25 17:47 - 00001251 _____ C:\Users\buebi\Desktop\taskmgr.lnk
2015-11-25 17:26 - 2015-11-25 17:48 - 00007307 _____ C:\Users\buebi\AppData\Roaming\_how_recover_mxh.HTML
2015-11-25 17:26 - 2015-11-25 17:48 - 00007307 _____ C:\Users\buebi\AppData\Local\_how_recover_mxh.HTML
2015-11-25 17:26 - 2015-11-25 17:48 - 00002588 _____ C:\Users\buebi\AppData\Roaming\_how_recover_mxh.TXT
2015-11-25 17:26 - 2015-11-25 17:48 - 00002588 _____ C:\Users\buebi\AppData\Local\_how_recover_mxh.TXT
2015-11-25 17:26 - 2015-11-25 17:26 - 00007307 _____ C:\Users\buebi\AppData\Local\Apps\_how_recover_mxh.HTML
2015-11-25 17:26 - 2015-11-25 17:26 - 00007307 _____ C:\ProgramData\_how_recover_mxh.HTML
2015-11-25 17:26 - 2015-11-25 17:26 - 00007307 _____ C:\Program Files\Common Files\_how_recover_mxh.HTML
2015-11-25 17:26 - 2015-11-25 17:26 - 00002588 _____ C:\Users\buebi\AppData\Local\Apps\_how_recover_mxh.TXT
2015-11-25 17:26 - 2015-11-25 17:26 - 00002588 _____ C:\ProgramData\_how_recover_mxh.TXT
2015-11-25 17:26 - 2015-11-25 17:26 - 00002588 _____ C:\Program Files\Common Files\_how_recover_mxh.TXT
2015-11-25 16:43 - 2015-11-25 16:43 - 00007307 _____ C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\_how_recover_ieh.HTML
2015-11-25 16:43 - 2015-11-25 16:43 - 00007307 _____ C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\_how_recover_ieh.HTML
2015-11-25 16:43 - 2015-11-25 16:43 - 00007307 _____ C:\Users\Default\AppData\Roaming\_how_recover_ieh.HTML
2015-11-25 16:43 - 2015-11-25 16:43 - 00007307 _____ C:\Users\Default\AppData\LocalLow\_how_recover_ieh.HTML
2015-11-25 16:43 - 2015-11-25 16:43 - 00007307 _____ C:\Users\Default\AppData\Local\_how_recover_ieh.HTML
2015-11-25 16:43 - 2015-11-25 16:43 - 00007307 _____ C:\Users\Default\AppData\_how_recover_ieh.HTML
2015-11-25 16:43 - 2015-11-25 16:43 - 00007307 _____ C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\_how_recover_ieh.HTML
2015-11-25 16:43 - 2015-11-25 16:43 - 00007307 _____ C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\_how_recover_ieh.HTML
2015-11-25 16:43 - 2015-11-25 16:43 - 00007307 _____ C:\Users\Default User\AppData\Roaming\_how_recover_ieh.HTML
2015-11-25 16:43 - 2015-11-25 16:43 - 00007307 _____ C:\Users\Default User\AppData\LocalLow\_how_recover_ieh.HTML
2015-11-25 16:43 - 2015-11-25 16:43 - 00007307 _____ C:\Users\Default User\AppData\Local\_how_recover_ieh.HTML
2015-11-25 16:43 - 2015-11-25 16:43 - 00007307 _____ C:\Users\Default User\AppData\_how_recover_ieh.HTML
2015-11-25 16:43 - 2015-11-25 16:43 - 00007307 _____ C:\Users\buebi\AppData\Roaming\_how_recover_ieh.HTML
2015-11-25 16:43 - 2015-11-25 16:43 - 00007307 _____ C:\Users\buebi\AppData\LocalLow\_how_recover_ieh.HTML
2015-11-25 16:43 - 2015-11-25 16:43 - 00007307 _____ C:\Users\buebi\AppData\Local\Apps\_how_recover_ieh.HTML
2015-11-25 16:43 - 2015-11-25 16:43 - 00007307 _____ C:\Users\buebi\AppData\Local\_how_recover_ieh.HTML
2015-11-25 16:43 - 2015-11-25 16:43 - 00007307 _____ C:\Users\buebi\AppData\_how_recover_ieh.HTML
2015-11-25 16:43 - 2015-11-25 16:43 - 00002588 _____ C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\_how_recover_ieh.TXT
2015-11-25 16:43 - 2015-11-25 16:43 - 00002588 _____ C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\_how_recover_ieh.TXT
2015-11-25 16:43 - 2015-11-25 16:43 - 00002588 _____ C:\Users\Default\AppData\Roaming\_how_recover_ieh.TXT
2015-11-25 16:43 - 2015-11-25 16:43 - 00002588 _____ C:\Users\Default\AppData\LocalLow\_how_recover_ieh.TXT
2015-11-25 16:43 - 2015-11-25 16:43 - 00002588 _____ C:\Users\Default\AppData\Local\_how_recover_ieh.TXT
2015-11-25 16:43 - 2015-11-25 16:43 - 00002588 _____ C:\Users\Default\AppData\_how_recover_ieh.TXT
2015-11-25 16:43 - 2015-11-25 16:43 - 00002588 _____ C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\_how_recover_ieh.TXT
2015-11-25 16:43 - 2015-11-25 16:43 - 00002588 _____ C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\_how_recover_ieh.TXT
2015-11-25 16:43 - 2015-11-25 16:43 - 00002588 _____ C:\Users\Default User\AppData\Roaming\_how_recover_ieh.TXT
2015-11-25 16:43 - 2015-11-25 16:43 - 00002588 _____ C:\Users\Default User\AppData\LocalLow\_how_recover_ieh.TXT
2015-11-25 16:43 - 2015-11-25 16:43 - 00002588 _____ C:\Users\Default User\AppData\Local\_how_recover_ieh.TXT
2015-11-25 16:43 - 2015-11-25 16:43 - 00002588 _____ C:\Users\Default User\AppData\_how_recover_ieh.TXT
2015-11-25 16:43 - 2015-11-25 16:43 - 00002588 _____ C:\Users\buebi\AppData\Roaming\_how_recover_ieh.TXT
2015-11-25 16:43 - 2015-11-25 16:43 - 00002588 _____ C:\Users\buebi\AppData\LocalLow\_how_recover_ieh.TXT
2015-11-25 16:43 - 2015-11-25 16:43 - 00002588 _____ C:\Users\buebi\AppData\Local\Apps\_how_recover_ieh.TXT
2015-11-25 16:43 - 2015-11-25 16:43 - 00002588 _____ C:\Users\buebi\AppData\Local\_how_recover_ieh.TXT
2015-11-25 16:43 - 2015-11-25 16:43 - 00002588 _____ C:\Users\buebi\AppData\_how_recover_ieh.TXT
2015-11-25 16:42 - 2015-11-25 16:43 - 00007307 _____ C:\ProgramData\_how_recover_ieh.HTML
2015-11-25 16:42 - 2015-11-25 16:43 - 00002588 _____ C:\ProgramData\_how_recover_ieh.TXT
2015-11-25 16:42 - 2015-11-25 16:42 - 00007307 _____ C:\Program Files\Common Files\_how_recover_ieh.HTML
2015-11-25 16:42 - 2015-11-25 16:42 - 00002588 _____ C:\Program Files\Common Files\_how_recover_ieh.TXT
2015-11-24 20:47 - 2015-11-24 20:47 - 00007307 _____ C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\_how_recover_xwl.HTML
2015-11-24 20:47 - 2015-11-24 20:47 - 00007307 _____ C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\_how_recover_xwl.HTML
2015-11-24 20:47 - 2015-11-24 20:47 - 00007307 _____ C:\Users\Default\AppData\Roaming\_how_recover_xwl.HTML
2015-11-24 20:47 - 2015-11-24 20:47 - 00007307 _____ C:\Users\Default\AppData\LocalLow\_how_recover_xwl.HTML
2015-11-24 20:47 - 2015-11-24 20:47 - 00007307 _____ C:\Users\Default\AppData\Local\_how_recover_xwl.HTML
2015-11-24 20:47 - 2015-11-24 20:47 - 00007307 _____ C:\Users\Default\AppData\_how_recover_xwl.HTML
2015-11-24 20:47 - 2015-11-24 20:47 - 00007307 _____ C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\_how_recover_xwl.HTML
2015-11-24 20:47 - 2015-11-24 20:47 - 00007307 _____ C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\_how_recover_xwl.HTML
2015-11-24 20:47 - 2015-11-24 20:47 - 00007307 _____ C:\Users\Default User\AppData\Roaming\_how_recover_xwl.HTML
2015-11-24 20:47 - 2015-11-24 20:47 - 00007307 _____ C:\Users\Default User\AppData\LocalLow\_how_recover_xwl.HTML
2015-11-24 20:47 - 2015-11-24 20:47 - 00007307 _____ C:\Users\Default User\AppData\Local\_how_recover_xwl.HTML
2015-11-24 20:47 - 2015-11-24 20:47 - 00007307 _____ C:\Users\Default User\AppData\_how_recover_xwl.HTML
2015-11-24 20:47 - 2015-11-24 20:47 - 00007307 _____ C:\Users\buebi\AppData\LocalLow\_how_recover_xwl.HTML
2015-11-24 20:47 - 2015-11-24 20:47 - 00007307 _____ C:\Users\buebi\AppData\_how_recover_xwl.HTML
2015-11-24 20:47 - 2015-11-24 20:47 - 00002588 _____ C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\_how_recover_xwl.TXT
2015-11-24 20:47 - 2015-11-24 20:47 - 00002588 _____ C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\_how_recover_xwl.TXT
2015-11-24 20:47 - 2015-11-24 20:47 - 00002588 _____ C:\Users\Default\AppData\Roaming\_how_recover_xwl.TXT
2015-11-24 20:47 - 2015-11-24 20:47 - 00002588 _____ C:\Users\Default\AppData\LocalLow\_how_recover_xwl.TXT
2015-11-24 20:47 - 2015-11-24 20:47 - 00002588 _____ C:\Users\Default\AppData\Local\_how_recover_xwl.TXT
2015-11-24 20:47 - 2015-11-24 20:47 - 00002588 _____ C:\Users\Default\AppData\_how_recover_xwl.TXT
2015-11-24 20:47 - 2015-11-24 20:47 - 00002588 _____ C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\_how_recover_xwl.TXT
2015-11-24 20:47 - 2015-11-24 20:47 - 00002588 _____ C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\_how_recover_xwl.TXT
2015-11-24 20:47 - 2015-11-24 20:47 - 00002588 _____ C:\Users\Default User\AppData\Roaming\_how_recover_xwl.TXT
2015-11-24 20:47 - 2015-11-24 20:47 - 00002588 _____ C:\Users\Default User\AppData\LocalLow\_how_recover_xwl.TXT
2015-11-24 20:47 - 2015-11-24 20:47 - 00002588 _____ C:\Users\Default User\AppData\Local\_how_recover_xwl.TXT
2015-11-24 20:47 - 2015-11-24 20:47 - 00002588 _____ C:\Users\Default User\AppData\_how_recover_xwl.TXT
2015-11-24 20:47 - 2015-11-24 20:47 - 00002588 _____ C:\Users\buebi\AppData\LocalLow\_how_recover_xwl.TXT
2015-11-24 20:47 - 2015-11-24 20:47 - 00002588 _____ C:\Users\buebi\AppData\_how_recover_xwl.TXT
2015-11-24 20:46 - 2015-11-24 20:47 - 00007307 _____ C:\Users\buebi\AppData\Roaming\_how_recover_xwl.HTML
2015-11-24 20:46 - 2015-11-24 20:47 - 00007307 _____ C:\Users\buebi\AppData\Local\_how_recover_xwl.HTML
2015-11-24 20:46 - 2015-11-24 20:47 - 00002588 _____ C:\Users\buebi\AppData\Roaming\_how_recover_xwl.TXT
2015-11-24 20:46 - 2015-11-24 20:47 - 00002588 _____ C:\Users\buebi\AppData\Local\_how_recover_xwl.TXT
2015-11-24 20:46 - 2015-11-24 20:46 - 00007307 _____ C:\Users\buebi\AppData\Local\Apps\_how_recover_xwl.HTML
2015-11-24 20:46 - 2015-11-24 20:46 - 00007307 _____ C:\ProgramData\_how_recover_xwl.HTML
2015-11-24 20:46 - 2015-11-24 20:46 - 00007307 _____ C:\Program Files\Common Files\_how_recover_xwl.HTML
2015-11-24 20:46 - 2015-11-24 20:46 - 00002588 _____ C:\Users\buebi\AppData\Local\Apps\_how_recover_xwl.TXT
2015-11-24 20:46 - 2015-11-24 20:46 - 00002588 _____ C:\ProgramData\_how_recover_xwl.TXT
2015-11-24 20:46 - 2015-11-24 20:46 - 00002588 _____ C:\Program Files\Common Files\_how_recover_xwl.TXT
2015-11-24 20:21 - 2015-11-24 20:21 - 00007307 _____ C:\Users\buebi\AppData\LocalLow\_how_recover_pap.HTML
2015-11-24 20:21 - 2015-11-24 20:21 - 00007307 _____ C:\Users\buebi\AppData\_how_recover_pap.HTML
2015-11-24 20:21 - 2015-11-24 20:21 - 00002588 _____ C:\Users\buebi\AppData\LocalLow\_how_recover_pap.TXT
2015-11-24 20:21 - 2015-11-24 20:21 - 00002588 _____ C:\Users\buebi\AppData\_how_recover_pap.TXT
2015-11-24 20:14 - 2015-11-24 20:21 - 00007307 _____ C:\Users\buebi\AppData\Roaming\_how_recover_pap.HTML
2015-11-24 20:14 - 2015-11-24 20:21 - 00007307 _____ C:\Users\buebi\AppData\Local\_how_recover_pap.HTML
2015-11-24 20:14 - 2015-11-24 20:21 - 00002588 _____ C:\Users\buebi\AppData\Roaming\_how_recover_pap.TXT
2015-11-24 20:14 - 2015-11-24 20:21 - 00002588 _____ C:\Users\buebi\AppData\Local\_how_recover_pap.TXT
2015-11-24 20:14 - 2015-11-24 20:14 - 00007307 _____ C:\Users\buebi\AppData\Local\Apps\_how_recover_pap.HTML
2015-11-24 20:14 - 2015-11-24 20:14 - 00007307 _____ C:\ProgramData\_how_recover_pap.HTML
2015-11-24 20:14 - 2015-11-24 20:14 - 00002588 _____ C:\Users\buebi\AppData\Local\Apps\_how_recover_pap.TXT
2015-11-24 20:14 - 2015-11-24 20:14 - 00002588 _____ C:\ProgramData\_how_recover_pap.TXT
2015-11-24 20:11 - 2015-11-24 20:11 - 00007307 _____ C:\Users\buebi\AppData\Roaming\_how_recover_pcn.HTML
2015-11-24 20:11 - 2015-11-24 20:11 - 00007307 _____ C:\Users\buebi\AppData\Local\Apps\_how_recover_pcn.HTML
2015-11-24 20:11 - 2015-11-24 20:11 - 00007307 _____ C:\Users\buebi\AppData\Local\_how_recover_pcn.HTML
2015-11-24 20:11 - 2015-11-24 20:11 - 00007307 _____ C:\ProgramData\_how_recover_pcn.HTML
2015-11-24 20:11 - 2015-11-24 20:11 - 00002588 _____ C:\Users\buebi\AppData\Roaming\_how_recover_pcn.TXT
2015-11-24 20:11 - 2015-11-24 20:11 - 00002588 _____ C:\Users\buebi\AppData\Local\Apps\_how_recover_pcn.TXT
2015-11-24 20:11 - 2015-11-24 20:11 - 00002588 _____ C:\Users\buebi\AppData\Local\_how_recover_pcn.TXT
2015-11-24 20:11 - 2015-11-24 20:11 - 00002588 _____ C:\ProgramData\_how_recover_pcn.TXT
2015-11-24 20:09 - 2015-11-24 20:09 - 00007307 _____ C:\Users\buebi\AppData\Roaming\_how_recover_vnc.HTML
2015-11-24 20:09 - 2015-11-24 20:09 - 00007307 _____ C:\Users\buebi\AppData\Local\Apps\_how_recover_vnc.HTML
2015-11-24 20:09 - 2015-11-24 20:09 - 00007307 _____ C:\Users\buebi\AppData\Local\_how_recover_vnc.HTML
2015-11-24 20:09 - 2015-11-24 20:09 - 00007307 _____ C:\ProgramData\_how_recover_vnc.HTML
2015-11-24 20:09 - 2015-11-24 20:09 - 00002588 _____ C:\Users\buebi\AppData\Roaming\_how_recover_vnc.TXT
2015-11-24 20:09 - 2015-11-24 20:09 - 00002588 _____ C:\Users\buebi\AppData\Local\Apps\_how_recover_vnc.TXT
2015-11-24 20:09 - 2015-11-24 20:09 - 00002588 _____ C:\Users\buebi\AppData\Local\_how_recover_vnc.TXT
2015-11-24 20:09 - 2015-11-24 20:09 - 00002588 _____ C:\ProgramData\_how_recover_vnc.TXT
2015-11-24 19:24 - 2015-11-24 19:24 - 00007307 _____ C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\_how_recover_txi.HTML
2015-11-24 19:24 - 2015-11-24 19:24 - 00007307 _____ C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\_how_recover_txi.HTML
2015-11-24 19:24 - 2015-11-24 19:24 - 00007307 _____ C:\Users\Default\AppData\Roaming\_how_recover_txi.HTML
2015-11-24 19:24 - 2015-11-24 19:24 - 00007307 _____ C:\Users\Default\AppData\LocalLow\_how_recover_txi.HTML
2015-11-24 19:24 - 2015-11-24 19:24 - 00007307 _____ C:\Users\Default\AppData\Local\_how_recover_txi.HTML
2015-11-24 19:24 - 2015-11-24 19:24 - 00007307 _____ C:\Users\Default\AppData\_how_recover_txi.HTML
2015-11-24 19:24 - 2015-11-24 19:24 - 00007307 _____ C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\_how_recover_txi.HTML
2015-11-24 19:24 - 2015-11-24 19:24 - 00007307 _____ C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\_how_recover_txi.HTML
2015-11-24 19:24 - 2015-11-24 19:24 - 00007307 _____ C:\Users\Default User\AppData\Roaming\_how_recover_txi.HTML
2015-11-24 19:24 - 2015-11-24 19:24 - 00007307 _____ C:\Users\Default User\AppData\LocalLow\_how_recover_txi.HTML
2015-11-24 19:24 - 2015-11-24 19:24 - 00007307 _____ C:\Users\Default User\AppData\Local\_how_recover_txi.HTML
2015-11-24 19:24 - 2015-11-24 19:24 - 00007307 _____ C:\Users\Default User\AppData\_how_recover_txi.HTML
2015-11-24 19:24 - 2015-11-24 19:24 - 00007307 _____ C:\Users\buebi\AppData\_how_recover_txi.HTML
2015-11-24 19:24 - 2015-11-24 19:24 - 00002588 _____ C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\_how_recover_txi.TXT
2015-11-24 19:24 - 2015-11-24 19:24 - 00002588 _____ C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\_how_recover_txi.TXT
2015-11-24 19:24 - 2015-11-24 19:24 - 00002588 _____ C:\Users\Default\AppData\Roaming\_how_recover_txi.TXT
2015-11-24 19:24 - 2015-11-24 19:24 - 00002588 _____ C:\Users\Default\AppData\LocalLow\_how_recover_txi.TXT
2015-11-24 19:24 - 2015-11-24 19:24 - 00002588 _____ C:\Users\Default\AppData\Local\_how_recover_txi.TXT
2015-11-24 19:24 - 2015-11-24 19:24 - 00002588 _____ C:\Users\Default\AppData\_how_recover_txi.TXT
2015-11-24 19:24 - 2015-11-24 19:24 - 00002588 _____ C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\_how_recover_txi.TXT
2015-11-24 19:24 - 2015-11-24 19:24 - 00002588 _____ C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\_how_recover_txi.TXT
2015-11-24 19:24 - 2015-11-24 19:24 - 00002588 _____ C:\Users\Default User\AppData\Roaming\_how_recover_txi.TXT
2015-11-24 19:24 - 2015-11-24 19:24 - 00002588 _____ C:\Users\Default User\AppData\LocalLow\_how_recover_txi.TXT
2015-11-24 19:24 - 2015-11-24 19:24 - 00002588 _____ C:\Users\Default User\AppData\Local\_how_recover_txi.TXT
2015-11-24 19:24 - 2015-11-24 19:24 - 00002588 _____ C:\Users\Default User\AppData\_how_recover_txi.TXT
2015-11-24 19:24 - 2015-11-24 19:24 - 00002588 _____ C:\Users\buebi\AppData\_how_recover_txi.TXT
2015-11-24 19:21 - 2015-11-24 19:21 - 00007307 _____ C:\Users\buebi\AppData\LocalLow\_how_recover_txi.HTML
2015-11-24 19:21 - 2015-11-24 19:21 - 00002588 _____ C:\Users\buebi\AppData\LocalLow\_how_recover_txi.TXT
2015-11-24 19:20 - 2015-11-26 15:19 - 00000904 ____H C:\ProgramData\@system.temp
2015-11-24 19:18 - 2015-11-24 19:18 - 00000480 ____H C:\Users\buebi\AppData\Roaming\½ž’“Ó™œ‰
2015-11-24 19:17 - 2015-11-26 15:18 - 00000000 ____D C:\Users\buebi\AppData\LocalLow\{A7678D9E-37E4-4D52-A9B2-11777696009D}
2015-11-24 19:17 - 2015-11-26 15:18 - 00000000 ____D C:\Users\buebi\AppData\LocalLow\{56569604-F8FD-4B74-AFE1-A9BF4392C217}
2015-11-24 19:17 - 2015-11-24 19:24 - 00007307 _____ C:\Users\buebi\AppData\Roaming\_how_recover_txi.HTML
2015-11-24 19:17 - 2015-11-24 19:24 - 00007307 _____ C:\Users\buebi\AppData\Local\_how_recover_txi.HTML
2015-11-24 19:17 - 2015-11-24 19:24 - 00002588 _____ C:\Users\buebi\AppData\Roaming\_how_recover_txi.TXT
2015-11-24 19:17 - 2015-11-24 19:24 - 00002588 _____ C:\Users\buebi\AppData\Local\_how_recover_txi.TXT
2015-11-24 19:17 - 2015-11-24 19:17 - 00007307 _____ C:\Users\buebi\AppData\Local\Apps\_how_recover_txi.HTML
2015-11-24 19:17 - 2015-11-24 19:17 - 00007307 _____ C:\ProgramData\_how_recover_txi.HTML
2015-11-24 19:17 - 2015-11-24 19:17 - 00007307 _____ C:\Program Files\Common Files\_how_recover_txi.HTML
2015-11-24 19:17 - 2015-11-24 19:17 - 00002588 _____ C:\Users\buebi\AppData\Local\Apps\_how_recover_txi.TXT
2015-11-24 19:17 - 2015-11-24 19:17 - 00002588 _____ C:\ProgramData\_how_recover_txi.TXT
2015-11-24 19:17 - 2015-11-24 19:17 - 00002588 _____ C:\Program Files\Common Files\_how_recover_txi.TXT
2015-11-14 11:25 - 2015-11-26 15:18 - 00000000 ____D C:\Users\buebi\AppData\LocalLow\{D55E3194-1AF1-4F77-8E95-158F7A791250}
2015-11-14 11:25 - 2015-11-26 15:18 - 00000000 ____D C:\Users\buebi\AppData\LocalLow\{189F0F8A-EE01-4590-871B-397920EA8882}
2015-11-12 15:41 - 2015-11-03 18:55 - 03211264 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-11-11 15:50 - 2015-11-03 22:51 - 00342728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-11-11 15:50 - 2015-10-31 00:40 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-11-11 15:50 - 2015-10-31 00:25 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-11-11 15:50 - 2015-10-31 00:16 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-11-11 15:50 - 2015-10-31 00:12 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-11-11 15:50 - 2015-10-30 23:53 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-11-11 15:50 - 2015-10-30 23:47 - 00504832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-11-11 15:50 - 2015-10-30 23:45 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-11-11 15:50 - 2015-10-30 23:44 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-11-11 15:50 - 2015-10-30 23:32 - 00720896 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-11-11 15:50 - 2015-10-30 23:23 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-11-11 15:50 - 2015-10-30 23:19 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-11-11 15:50 - 2015-10-30 23:18 - 00279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-11-11 15:50 - 2015-10-30 23:17 - 00130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2015-11-11 15:50 - 2015-10-30 22:48 - 01311744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-11-11 15:49 - 2015-11-03 23:10 - 00390344 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-11-11 15:49 - 2015-10-31 00:46 - 25818624 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-11-11 15:49 - 2015-10-31 00:40 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-11-11 15:49 - 2015-10-31 00:25 - 02886656 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-11-11 15:49 - 2015-10-31 00:25 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-11-11 15:49 - 2015-10-31 00:25 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-11-11 15:49 - 2015-10-31 00:24 - 00585728 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-11-11 15:49 - 2015-10-31 00:24 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-11-11 15:49 - 2015-10-31 00:17 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-11-11 15:49 - 2015-10-31 00:13 - 00616960 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-11-11 15:49 - 2015-10-31 00:12 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-11-11 15:49 - 2015-10-31 00:11 - 05990912 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-11-11 15:49 - 2015-10-31 00:11 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-11-11 15:49 - 2015-10-31 00:11 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-11-11 15:49 - 2015-10-31 00:04 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-11-11 15:49 - 2015-10-31 00:01 - 00489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-11-11 15:49 - 2015-10-30 23:58 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-11-11 15:49 - 2015-10-30 23:52 - 20331520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-11-11 15:49 - 2015-10-30 23:49 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-11-11 15:49 - 2015-10-30 23:49 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-11-11 15:49 - 2015-10-30 23:46 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-11-11 15:49 - 2015-10-30 23:46 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-11-11 15:49 - 2015-10-30 23:45 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-11-11 15:49 - 2015-10-30 23:44 - 00152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2015-11-11 15:49 - 2015-10-30 23:42 - 02279936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-11-11 15:49 - 2015-10-30 23:39 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-11-11 15:49 - 2015-10-30 23:39 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-11-11 15:49 - 2015-10-30 23:37 - 00480256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-11-11 15:49 - 2015-10-30 23:36 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-11-11 15:49 - 2015-10-30 23:36 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-11-11 15:49 - 2015-10-30 23:36 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-11-11 15:49 - 2015-10-30 23:34 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2015-11-11 15:49 - 2015-10-30 23:31 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-11-11 15:49 - 2015-10-30 23:29 - 02126336 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-11-11 15:49 - 2015-10-30 23:29 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-11-11 15:49 - 2015-10-30 23:28 - 00416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-11-11 15:49 - 2015-10-30 23:22 - 14457856 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-11-11 15:49 - 2015-10-30 23:21 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-11-11 15:49 - 2015-10-30 23:17 - 02487808 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-11-11 15:49 - 2015-10-30 23:16 - 04527616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-11-11 15:49 - 2015-10-30 23:11 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2015-11-11 15:49 - 2015-10-30 23:10 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-11-11 15:49 - 2015-10-30 23:09 - 12854272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-11-11 15:49 - 2015-10-30 23:09 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-11-11 15:49 - 2015-10-30 23:09 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-11-11 15:49 - 2015-10-30 23:04 - 01547264 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-11-11 15:49 - 2015-10-30 22:53 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-11-11 15:49 - 2015-10-30 22:51 - 02011136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-11-11 15:49 - 2015-10-30 22:46 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-11-11 15:49 - 2015-10-29 18:50 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\apphelp.dll
2015-11-11 15:49 - 2015-10-29 18:50 - 00072192 _____ (Microsoft Corporation) C:\Windows\system32\aelupsvc.dll
2015-11-11 15:49 - 2015-10-29 18:50 - 00023552 _____ (Microsoft Corporation) C:\Windows\system32\sdbinst.exe
2015-11-11 15:49 - 2015-10-29 18:50 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\shimeng.dll
2015-11-11 15:49 - 2015-10-29 18:50 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shimeng.dll
2015-11-11 15:49 - 2015-10-29 18:49 - 00295936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apphelp.dll
2015-11-11 15:49 - 2015-10-29 18:49 - 00020992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sdbinst.exe
2015-11-11 15:49 - 2015-10-20 02:12 - 05570496 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-11-11 15:49 - 2015-10-20 02:12 - 00154560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-11-11 15:49 - 2015-10-20 02:12 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-11-11 15:49 - 2015-10-20 02:09 - 01730496 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-11-11 15:49 - 2015-10-20 02:06 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2015-11-11 15:49 - 2015-10-20 02:06 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2015-11-11 15:49 - 2015-10-20 02:06 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2015-11-11 15:49 - 2015-10-20 02:06 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2015-11-11 15:49 - 2015-10-20 02:05 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-11-11 15:49 - 2015-10-20 02:05 - 01216512 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2015-11-11 15:49 - 2015-10-20 02:05 - 01164800 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2015-11-11 15:49 - 2015-10-20 02:05 - 00729600 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-11-11 15:49 - 2015-10-20 02:05 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-11-11 15:49 - 2015-10-20 02:05 - 00424960 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2015-11-11 15:49 - 2015-10-20 02:05 - 00344064 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-11-11 15:49 - 2015-10-20 02:05 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-11-11 15:49 - 2015-10-20 02:05 - 00312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-11-11 15:49 - 2015-10-20 02:05 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-11-11 15:49 - 2015-10-20 02:05 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-11-11 15:49 - 2015-10-20 02:05 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-11-11 15:49 - 2015-10-20 02:05 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2015-11-11 15:49 - 2015-10-20 02:05 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-11-11 15:49 - 2015-10-20 02:05 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-11-11 15:49 - 2015-10-20 02:05 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2015-11-11 15:49 - 2015-10-20 02:05 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2015-11-11 15:49 - 2015-10-20 02:05 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-11-11 15:49 - 2015-10-20 02:05 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-11-11 15:49 - 2015-10-20 02:05 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-11-11 15:49 - 2015-10-20 02:05 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2015-11-11 15:49 - 2015-10-20 02:04 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2015-11-11 15:49 - 2015-10-20 02:04 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-11-11 15:49 - 2015-10-20 02:04 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-11-11 15:49 - 2015-10-20 02:00 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-11-11 15:49 - 2015-10-20 01:59 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-11-11 15:49 - 2015-10-20 01:53 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-11-11 15:49 - 2015-10-20 01:53 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2015-11-11 15:49 - 2015-10-20 01:53 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-11-11 15:49 - 2015-10-20 01:53 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-11-11 15:49 - 2015-10-20 01:53 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-11-11 15:49 - 2015-10-20 01:53 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-11-11 15:49 - 2015-10-20 01:53 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-11-11 15:49 - 2015-10-20 01:53 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-11-11 15:49 - 2015-10-20 01:53 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-11-11 15:49 - 2015-10-20 01:53 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-11-11 15:49 - 2015-10-20 01:53 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-11-11 15:49 - 2015-10-20 01:53 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-11-11 15:49 - 2015-10-20 01:53 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-11-11 15:49 - 2015-10-20 01:53 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-11-11 15:49 - 2015-10-20 01:53 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-11-11 15:49 - 2015-10-20 01:53 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-11-11 15:49 - 2015-10-20 01:53 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-11-11 15:49 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-11-11 15:49 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-11-11 15:49 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-11-11 15:49 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-11-11 15:49 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-11-11 15:49 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-11-11 15:49 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-11-11 15:49 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-11-11 15:49 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-11-11 15:49 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-11-11 15:49 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-11-11 15:49 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-11-11 15:49 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-11-11 15:49 - 2015-10-20 01:52 - 03991488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-11-11 15:49 - 2015-10-20 01:52 - 03935680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-11-11 15:49 - 2015-10-20 01:48 - 01311768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2015-11-11 15:49 - 2015-10-20 01:45 - 00552960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-11-11 15:49 - 2015-10-20 01:45 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-11-11 15:49 - 2015-10-20 01:45 - 00251392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-11-11 15:49 - 2015-10-20 01:45 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-11-11 15:49 - 2015-10-20 01:45 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-11-11 15:49 - 2015-10-20 01:45 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-11-11 15:49 - 2015-10-20 01:45 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-11-11 15:49 - 2015-10-20 01:45 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2015-11-11 15:49 - 2015-10-20 01:45 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2015-11-11 15:49 - 2015-10-20 01:45 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-11-11 15:49 - 2015-10-20 01:45 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-11-11 15:49 - 2015-10-20 01:45 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2015-11-11 15:49 - 2015-10-20 01:44 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2015-11-11 15:49 - 2015-10-20 01:44 - 00665088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2015-11-11 15:49 - 2015-10-20 01:44 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2015-11-11 15:49 - 2015-10-20 01:44 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-11-11 15:49 - 2015-10-20 01:44 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2015-11-11 15:49 - 2015-10-20 01:44 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2015-11-11 15:49 - 2015-10-20 01:39 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-11-11 15:49 - 2015-10-20 01:39 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2015-11-11 15:49 - 2015-10-20 01:35 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-11-11 15:49 - 2015-10-20 01:35 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2015-11-11 15:49 - 2015-10-20 01:35 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2015-11-11 15:49 - 2015-10-20 01:35 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2015-11-11 15:49 - 2015-10-20 01:35 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2015-11-11 15:49 - 2015-10-20 01:35 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2015-11-11 15:49 - 2015-10-20 01:35 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2015-11-11 15:49 - 2015-10-20 01:35 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2015-11-11 15:49 - 2015-10-20 01:35 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2015-11-11 15:49 - 2015-10-20 01:35 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2015-11-11 15:49 - 2015-10-20 01:35 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2015-11-11 15:49 - 2015-10-20 01:35 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2015-11-11 15:49 - 2015-10-20 01:35 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2015-11-11 15:49 - 2015-10-20 01:35 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2015-11-11 15:49 - 2015-10-20 01:35 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2015-11-11 15:49 - 2015-10-20 01:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2015-11-11 15:49 - 2015-10-20 01:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-11-11 15:49 - 2015-10-20 01:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2015-11-11 15:49 - 2015-10-20 01:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2015-11-11 15:49 - 2015-10-20 01:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2015-11-11 15:49 - 2015-10-20 01:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2015-11-11 15:49 - 2015-10-20 01:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2015-11-11 15:49 - 2015-10-20 01:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2015-11-11 15:49 - 2015-10-20 01:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2015-11-11 15:49 - 2015-10-20 01:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2015-11-11 15:49 - 2015-10-20 01:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2015-11-11 15:49 - 2015-10-20 00:41 - 00159232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2015-11-11 15:49 - 2015-10-20 00:40 - 00290816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2015-11-11 15:49 - 2015-10-20 00:40 - 00129024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2015-11-11 15:49 - 2015-10-20 00:29 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2015-11-11 15:49 - 2015-10-20 00:29 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2015-11-11 15:49 - 2015-10-20 00:27 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2015-11-11 15:49 - 2015-10-20 00:27 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2015-11-11 15:49 - 2015-10-20 00:27 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2015-11-11 15:49 - 2015-10-20 00:27 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2015-11-11 15:49 - 2015-10-13 17:41 - 00497664 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2015-11-11 15:49 - 2015-10-13 17:40 - 00118272 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdx.sys
2015-11-11 15:49 - 2015-10-13 05:57 - 00950720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndis.sys
2015-11-11 15:49 - 2015-10-01 19:00 - 00275456 _____ (Microsoft Corporation) C:\Windows\system32\InkEd.dll
2015-11-11 15:49 - 2015-10-01 19:00 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\jnwmon.dll
2015-11-11 15:49 - 2015-10-01 18:50 - 00216064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\InkEd.dll
2015-11-11 15:49 - 2015-09-23 14:15 - 00460776 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2015-11-11 15:49 - 2015-09-23 14:15 - 00299632 _____ (Microsoft Corporation) C:\Windows\system32\bcryptprimitives.dll
2015-11-11 15:49 - 2015-09-23 14:09 - 00251000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcryptprimitives.dll
2015-11-07 13:40 - 2015-11-07 13:40 - 03168768 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-11-07 13:40 - 2015-11-07 13:40 - 02608128 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-11-07 13:40 - 2015-11-07 13:40 - 00696320 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-11-07 13:40 - 2015-11-07 13:40 - 00566784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2015-11-07 13:40 - 2015-11-07 13:40 - 00192512 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-11-07 13:40 - 2015-11-07 13:40 - 00174080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2015-11-07 13:40 - 2015-11-07 13:40 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-11-07 13:40 - 2015-11-07 13:40 - 00098816 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-11-07 13:40 - 2015-11-07 13:40 - 00093696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2015-11-07 13:40 - 2015-11-07 13:40 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2015-11-07 13:40 - 2015-11-07 13:40 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2015-11-07 13:40 - 2015-11-07 13:40 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-11-07 13:40 - 2015-11-07 13:40 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2015-11-07 13:40 - 2015-11-07 13:40 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2015-11-07 13:40 - 2015-11-07 13:40 - 00030208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2015-11-07 13:40 - 2015-11-07 13:40 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2015-11-04 09:59 - 2015-11-25 20:09 - 00000000 ____D C:\ProgramData\Blizzard Entertainment
2015-11-04 09:58 - 2015-11-26 14:24 - 00000000 ____D C:\ProgramData\Battle.net
2015-11-04 00:06 - 2015-11-25 20:09 - 00000000 ____D C:\Users\buebi\AppData\Local\CEF
2015-11-04 00:00 - 2015-11-28 16:02 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2015-11-04 00:00 - 2015-11-04 00:00 - 00002053 _____ C:\Users\Public\Desktop\Acrobat Reader DC.lnk
2015-11-04 00:00 - 2015-11-04 00:00 - 00000000 ____D C:\Program Files (x86)\Adobe

Babock 04.12.2015 00:42
Code:
==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2015-12-04 00:00 - 2009-07-14 05:45 - 00020272 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-12-04 00:00 - 2009-07-14 05:45 - 00020272 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-12-03 23:57 - 2015-02-13 09:41 - 00000000 ____D C:\Users\buebi\AppData\Roaming\IObit
2015-12-03 23:57 - 2015-02-13 09:41 - 00000000 ____D C:\ProgramData\IObit
2015-12-03 23:53 - 2015-09-03 14:26 - 00000000 ____D C:\ProgramData\Bigfoot Networks
2015-12-03 23:53 - 2013-03-12 18:29 - 00000000 ____D C:\Users\buebi\AppData\Local\Deployment
2015-12-03 23:52 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-12-03 23:51 - 2009-07-14 06:08 - 00032640 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2015-12-03 23:16 - 2009-07-14 04:20 - 00000000 ____D C:\Windows
2015-12-03 12:57 - 2013-08-17 06:47 - 00000000 ____D C:\Users\buebi\AppData\Local\Battle.net
2015-12-03 09:39 - 2013-08-17 06:47 - 00000000 ____D C:\Program Files (x86)\Battle.net
2015-12-03 09:36 - 2015-10-26 16:47 - 00000000 ____D C:\Users\buebi\AppData\Local\Genymobile
2015-12-03 09:36 - 2013-04-11 17:10 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-12-03 09:36 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\system32\Msdtc
2015-12-03 09:28 - 2013-03-09 22:07 - 00058416 _____ C:\Users\buebi\AppData\Local\GDIPFONTCACHEV1.DAT
2015-12-03 09:28 - 2009-07-14 05:45 - 00278824 _____ C:\Windows\system32\FNTCACHE.DAT
2015-12-03 00:44 - 2013-08-16 19:24 - 00000000 ____D C:\ProgramData\Avira
2015-12-03 00:44 - 2013-08-16 19:24 - 00000000 ____D C:\Program Files (x86)\Avira
2015-12-03 00:39 - 2014-05-23 12:19 - 00000000 ____D C:\ProgramData\Package Cache
2015-12-03 00:18 - 2013-03-10 13:21 - 00000000 ____D C:\Users\buebi\AppData\Local\Apps\2.0
2015-12-03 00:14 - 2009-07-14 03:34 - 00000215 _____ C:\Windows\system.ini
2015-12-03 00:07 - 2015-08-14 07:56 - 00000000 ____D C:\ProgramData\TEMP
2015-12-02 23:35 - 2000-08-31 01:00 - 00212480 _____ (SteelWerX) C:\Windows\SWXCACLS.exe
2015-12-02 23:24 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\inf
2015-12-01 09:32 - 2014-06-28 17:54 - 00000000 ____D C:\Windows\pss
2015-11-29 20:03 - 2013-07-14 11:28 - 00007597 _____ C:\Users\buebi\AppData\Local\Resmon.ResmonCfg
2015-11-29 18:35 - 2013-06-17 18:31 - 00000000 ____D C:\ProgramData\DivX
2015-11-29 16:09 - 2011-04-12 08:43 - 01406972 _____ C:\Windows\system32\perfh007.dat
2015-11-29 16:09 - 2011-04-12 08:43 - 00533928 _____ C:\Windows\system32\perfc007.dat
2015-11-29 15:03 - 2013-08-15 16:13 - 00000000 ____D C:\Users\buebi\AppData\LocalLow\boost_interprocess
2015-11-29 14:10 - 2014-10-19 11:39 - 00000743 _____ C:\Users\Public\Desktop\World of Warcraft.lnk
2015-11-29 14:10 - 2013-03-11 19:36 - 00000930 _____ C:\Users\buebi\Desktop\Wow-64 - Verknüpfung.lnk
2015-11-29 13:53 - 2013-03-10 14:21 - 00000000 ____D C:\Program Files\Logitech Gaming Software
2015-11-29 13:52 - 2015-06-11 01:33 - 00068384 _____ (Logitech Inc.) C:\Windows\system32\Drivers\LGJoyXlCore.sys
2015-11-29 13:52 - 2015-06-11 01:33 - 00037408 _____ (Logitech Inc.) C:\Windows\system32\Drivers\LGBusEnum.sys
2015-11-29 13:52 - 2015-06-11 01:33 - 00026912 _____ (Logitech Inc.) C:\Windows\system32\Drivers\LGVirHid.sys
2015-11-29 13:52 - 2013-03-10 14:21 - 00018960 _____ (Logitech, Inc.) C:\Windows\system32\Drivers\LNonPnP.sys
2015-11-29 13:52 - 2013-03-10 14:21 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Logitech
2015-11-29 12:28 - 2013-07-26 19:14 - 00000000 ____D C:\Users\buebi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
2015-11-29 12:18 - 2015-11-03 12:42 - 00000000 ____D C:\ProgramData\NVIDIA
2015-11-29 12:17 - 2015-05-25 12:20 - 31570064 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2015-11-29 12:17 - 2015-05-25 12:20 - 30397072 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2015-11-29 12:17 - 2015-05-25 12:20 - 25375048 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2015-11-29 12:17 - 2015-05-25 12:20 - 24053576 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2015-11-29 12:17 - 2015-05-25 12:20 - 17176128 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll
2015-11-29 12:17 - 2015-05-25 12:20 - 15818528 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2015-11-29 12:17 - 2015-05-25 12:20 - 15716232 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2015-11-29 12:17 - 2015-05-25 12:20 - 14617288 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2015-11-29 12:17 - 2015-05-25 12:20 - 14006752 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2015-11-29 12:17 - 2015-05-25 12:20 - 12852784 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2015-11-29 12:17 - 2015-05-25 12:20 - 12689592 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll
2015-11-29 12:17 - 2015-05-25 12:20 - 11380728 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2015-11-29 12:17 - 2015-05-25 12:20 - 10423952 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2015-11-29 12:17 - 2015-05-25 12:20 - 03317344 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2015-11-29 12:17 - 2015-05-25 12:20 - 02935416 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2015-11-29 12:17 - 2015-05-25 12:20 - 02896528 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2015-11-29 12:17 - 2015-05-25 12:20 - 02573456 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2015-11-29 12:17 - 2015-05-25 12:20 - 01086424 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshimx.dll
2015-11-29 12:17 - 2015-05-25 12:20 - 01047368 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2015-11-29 12:17 - 2015-05-25 12:20 - 01037640 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2015-11-29 12:17 - 2015-05-25 12:20 - 00970568 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2015-11-29 12:17 - 2015-05-25 12:20 - 00962192 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2015-11-29 12:17 - 2015-05-25 12:20 - 00927440 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2015-11-29 12:17 - 2015-05-25 12:20 - 00175880 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
2015-11-29 12:17 - 2015-05-25 12:20 - 00154256 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2015-11-29 12:17 - 2015-05-25 12:20 - 00150648 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
2015-11-29 12:17 - 2015-05-25 12:20 - 00128512 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2015-11-29 12:16 - 2015-11-03 23:32 - 00938800 _____ (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
2015-11-29 12:16 - 2015-11-03 23:32 - 00112760 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll
2015-11-29 12:16 - 2015-11-03 23:32 - 00105080 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll
2015-11-29 12:16 - 2015-11-03 23:32 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2015-11-29 12:16 - 2013-03-10 14:10 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2015-11-29 12:15 - 2015-11-03 23:35 - 00000000 ____D C:\Users\buebi\AppData\Local\NVIDIA
2015-11-29 12:03 - 2015-11-03 12:40 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2015-11-29 11:56 - 2015-05-30 15:20 - 01898312 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6435286.dll
2015-11-29 11:56 - 2015-05-30 15:20 - 01557648 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6435286.dll
2015-11-29 11:54 - 2013-03-10 14:10 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2015-11-29 11:46 - 2013-11-12 17:11 - 00000000 ____D C:\Users\buebi\AppData\Local\NVIDIA Corporation
2015-11-29 11:40 - 2015-11-03 23:31 - 01572496 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdagenco6420103.dll
2015-11-29 11:24 - 2013-03-12 18:35 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-11-29 10:14 - 2015-02-13 09:42 - 00000000 ____D C:\Program Files (x86)\IObit
2015-11-29 10:11 - 2014-09-08 18:00 - 00000000 ____D C:\Users\buebi\AppData\Local\Adobe
2015-11-29 10:11 - 2014-04-23 02:17 - 00000030 _____ C:\AVScanner.ini
2015-11-29 10:11 - 2013-03-12 18:35 - 00003824 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-11-29 10:10 - 2013-03-12 18:35 - 00780488 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-11-29 10:10 - 2013-03-12 18:35 - 00142536 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-11-29 09:45 - 2015-04-24 08:09 - 00000000 ____D C:\Users\buebi\Norisbank
2015-11-29 09:45 - 2013-03-09 21:40 - 00000000 ____D C:\Users\buebi
2015-11-29 09:43 - 2013-03-09 20:47 - 00000000 ____D C:\Lokaler Datenträger
2015-11-29 09:02 - 2014-08-07 11:21 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2015-11-28 18:38 - 2015-06-20 19:30 - 00000000 ____D C:\Users\buebi\Documents\Heroes of the Storm
2015-11-28 18:38 - 2014-05-05 14:04 - 00000000 ____D C:\Users\buebi\Documents\ofen
2015-11-28 18:38 - 2014-04-21 13:15 - 00000000 ____D C:\Users\buebi\Documents\My Art
2015-11-28 18:38 - 2014-04-18 11:34 - 00000000 ____D C:\Users\buebi\Documents\NPS
2015-11-28 18:38 - 2014-04-18 11:31 - 00000000 ____D C:\Users\buebi\Documents\My NPS Files
2015-11-28 18:38 - 2013-07-27 09:42 - 00000000 ____D C:\Users\buebi\Documents\My Games
2015-11-28 18:38 - 2013-03-12 18:31 - 00000000 ____D C:\Users\buebi\Documents\My Curse
2015-11-28 18:38 - 2011-04-12 08:54 - 00000000 ___RD C:\Users\Public\Recorded TV
2015-11-28 18:38 - 2009-07-14 04:20 - 00000000 __RHD C:\Users\Public\Libraries
2015-11-28 18:37 - 2015-09-03 14:26 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bigfoot Networks
2015-11-28 18:37 - 2015-08-14 07:56 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SSDlife
2015-11-28 18:37 - 2015-04-20 10:50 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Smart Defrag 4
2015-11-28 18:37 - 2015-02-23 09:39 - 00000000 ___HD C:\Users\buebi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup-Disabled
2015-11-28 18:37 - 2015-02-23 09:30 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Glary Utilities 5
2015-11-28 18:37 - 2015-02-13 19:23 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Star Stable
2015-11-28 18:37 - 2015-02-13 09:42 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced SystemCare 8
2015-11-28 18:37 - 2014-12-26 09:24 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Gameforge Live
2015-11-28 18:37 - 2014-10-19 11:39 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\World of Warcraft
2015-11-28 18:37 - 2014-07-24 20:35 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2015-11-28 18:37 - 2014-05-01 13:18 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StarCraft II
2015-11-28 18:37 - 2014-03-14 16:18 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hearthstone
2015-11-28 18:37 - 2014-03-11 17:55 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2015-11-28 18:37 - 2013-11-04 13:45 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tukui
2015-11-28 18:37 - 2013-08-17 06:47 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battle.net
2015-11-28 18:37 - 2013-07-27 09:16 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Westwood
2015-11-28 18:37 - 2013-03-12 18:31 - 00000000 ____D C:\Users\buebi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Curse
2015-11-28 18:37 - 2013-03-10 18:24 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASUS
2015-11-28 18:37 - 2013-03-10 18:22 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Asmedia Technology
2015-11-28 18:37 - 2009-07-14 06:32 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2015-11-28 18:35 - 2015-06-21 13:04 - 00000000 ____D C:\Users\buebi\Documents\StarCraft II
2015-11-28 18:00 - 2015-02-23 09:30 - 00000334 _____ C:\Windows\Tasks\GlaryInitialize 5.job
2015-11-28 17:57 - 2015-02-23 09:30 - 00002632 _____ C:\Windows\System32\Tasks\GlaryInitialize 5
2015-11-28 17:43 - 2014-03-11 17:55 - 00002772 _____ C:\Windows\System32\Tasks\CCleanerSkipUAC
2015-11-28 17:43 - 2014-03-11 17:55 - 00000694 _____ C:\Users\Public\Desktop\CCleaner.lnk
2015-11-28 17:06 - 2015-05-04 21:59 - 66076672 _____ C:\Windows\system32\config\software.iodefrag
2015-11-28 17:06 - 2009-07-14 06:32 - 00000000 ____D C:\Windows\Performance
2015-11-28 15:51 - 2015-02-13 09:41 - 00000000 ____D C:\Users\buebi\AppData\LocalLow\IObit
2015-11-26 15:18 - 2015-11-03 12:40 - 00000000 ____D C:\Users\buebi\AppData\LocalLow\Sun
2015-11-26 15:18 - 2015-11-03 12:37 - 00000000 ____D C:\Users\buebi\AppData\LocalLow\Oracle
2015-11-26 15:18 - 2015-10-24 08:55 - 00000000 ____D C:\Users\buebi\AppData\Roaming\HearthstoneDeckTracker
2015-11-26 15:18 - 2015-08-14 08:56 - 00000000 ____D C:\Users\buebi\AppData\Roaming\LolClient
2015-11-26 15:18 - 2015-05-13 18:52 - 00000000 ____D C:\Users\buebi\AppData\LocalLow\{DD317EB4-7D95-4B43-A5FA-6A090E6A62C0}
2015-11-26 15:18 - 2015-02-23 09:30 - 00000000 ____D C:\Users\buebi\AppData\Roaming\GlarySoft
2015-11-26 15:18 - 2015-02-23 09:30 - 00000000 ____D C:\Users\buebi\AppData\Roaming\DiskDefrag
2015-11-26 15:18 - 2015-02-13 19:23 - 00000000 ____D C:\Users\buebi\AppData\LocalLow\StarStableOnline
2015-11-26 15:18 - 2015-02-13 09:42 - 00000000 ____D C:\Users\buebi\AppData\Roaming\Apple Computer
2015-11-26 15:18 - 2014-04-06 21:49 - 00000000 ____D C:\Users\buebi\AppData\LocalLow\TB
2015-11-26 15:18 - 2013-08-17 06:47 - 00000000 ____D C:\Users\buebi\AppData\Roaming\Battle.net
2015-11-26 15:18 - 2013-07-20 06:53 - 00000000 ____D C:\Users\buebi\AppData\Local\Microsoft Games
2015-11-26 15:18 - 2013-06-18 04:55 - 00000000 ____D C:\Users\buebi\AppData\Roaming\DivX
2015-11-26 15:18 - 2013-06-17 18:39 - 00000000 ____D C:\Users\buebi\AppData\LocalLow\Temp
2015-11-26 15:18 - 2013-04-04 18:46 - 00000000 ____D C:\Users\buebi\AppData\Roaming\Curse Advertising
2015-11-26 15:18 - 2013-03-12 18:36 - 00000000 ____D C:\Users\buebi\AppData\Roaming\Adobe
2015-11-26 15:18 - 2013-03-10 14:22 - 00000000 ____D C:\Users\buebi\AppData\Roaming\Leadertech
2015-11-26 15:18 - 2013-03-10 14:21 - 00000000 ____D C:\Users\buebi\AppData\Roaming\Logitech
2015-11-26 15:18 - 2013-03-10 14:21 - 00000000 ____D C:\Users\buebi\AppData\Roaming\Logishrd
2015-11-26 15:12 - 2013-08-20 14:04 - 00000000 ____D C:\NvidiaLogging
2015-11-26 15:12 - 2013-03-10 13:40 - 00000000 ____D C:\Program Files\Bigfoot Networks
2015-11-26 15:12 - 2009-07-14 04:20 - 00000000 ____D C:\Program Files\Common Files\System
2015-11-26 15:12 - 2009-07-14 04:20 - 00000000 ____D C:\Program Files\Common Files\SpeechEngines
2015-11-26 15:12 - 2009-07-14 04:20 - 00000000 ____D C:\Program Files\Common Files\Microsoft Shared
2015-11-26 14:27 - 2014-08-07 11:21 - 00000000 ____D C:\Users\buebi\AppData\Local\Mozilla
2015-11-26 14:27 - 2014-05-18 09:11 - 00000000 ____D C:\Users\buebi\AppData\Local\Microsoft Research
2015-11-26 14:27 - 2013-07-27 09:44 - 00000000 ____D C:\Users\buebi\AppData\Local\My Games
2015-11-26 14:24 - 2015-11-03 12:10 - 00000000 ____D C:\ProgramData\Adobe
2015-11-26 14:24 - 2014-07-24 20:34 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2015-11-26 14:24 - 2013-06-17 18:38 - 00000000 ____D C:\Program Files\DivX
2015-11-26 14:24 - 2013-04-11 17:09 - 00000000 ____D C:\Program Files\Google
2015-11-26 14:24 - 2013-03-10 18:24 - 00000000 ____D C:\ProgramData\ASUS OC Profiles
2015-11-26 14:24 - 2011-04-12 08:55 - 00000000 ____D C:\Program Files\Windows Journal
2015-11-26 14:24 - 2009-07-14 06:32 - 00000000 ____D C:\Program Files\Windows Sidebar
2015-11-26 14:24 - 2009-07-14 06:32 - 00000000 ____D C:\Program Files\Windows Portable Devices
2015-11-26 14:24 - 2009-07-14 06:32 - 00000000 ____D C:\Program Files\Windows Photo Viewer
2015-11-26 14:24 - 2009-07-14 06:32 - 00000000 ____D C:\Program Files\Windows Defender
2015-11-26 14:24 - 2009-07-14 06:32 - 00000000 ____D C:\Program Files\Reference Assemblies
2015-11-26 14:24 - 2009-07-14 06:32 - 00000000 ____D C:\Program Files\MSBuild
2015-11-26 14:24 - 2009-07-14 06:32 - 00000000 ____D C:\Program Files\Microsoft Games
2015-11-26 14:24 - 2009-07-14 06:32 - 00000000 ____D C:\Program Files\DVD Maker
2015-11-26 14:24 - 2009-07-14 04:20 - 00000000 ____D C:\Program Files\Windows NT
2015-11-26 14:24 - 2009-07-14 04:20 - 00000000 ____D C:\Program Files\Common Files\Services
2015-11-25 20:26 - 2015-04-01 14:24 - 00000000 ____D C:\Users\buebi\AppData\LocalLow\Avira
2015-11-25 20:26 - 2014-11-12 16:21 - 00000000 __SHD C:\Users\buebi\AppData\LocalLow\EmieBrowserModeList
2015-11-25 20:26 - 2014-11-02 17:42 - 00000000 ____D C:\Users\buebi\AppData\Local\Skype
2015-11-25 20:26 - 2014-04-12 08:34 - 00000000 __SHD C:\Users\buebi\AppData\LocalLow\EmieUserList
2015-11-25 20:26 - 2014-04-12 08:33 - 00000000 __SHD C:\Users\buebi\AppData\LocalLow\EmieSiteList
2015-11-25 20:26 - 2013-08-17 07:41 - 00000000 ____D C:\Users\buebi\AppData\LocalLow\Adobe
2015-11-25 20:26 - 2013-03-21 18:02 - 00000000 ____D C:\Users\buebi\AppData\Local\Tukui
2015-11-25 20:26 - 2013-03-09 21:40 - 00000000 ____D C:\Users\buebi\AppData\Local\VirtualStore
2015-11-25 20:09 - 2015-11-03 12:40 - 00000000 ____D C:\ProgramData\Oracle
2015-11-25 20:09 - 2015-08-14 07:56 - 00000000 ____D C:\ProgramData\Licenses
2015-11-25 20:09 - 2015-06-22 14:25 - 00000000 ____D C:\ProgramData\boost_interprocess
2015-11-25 20:09 - 2015-02-23 09:30 - 00000000 ____D C:\ProgramData\GlarySoft
2015-11-25 20:09 - 2015-02-13 09:42 - 00000000 ____D C:\ProgramData\{BAF091CA-86C4-4627-ADA1-897E2621C1B0}
2015-11-25 20:09 - 2014-12-26 09:24 - 00000000 ____D C:\Users\buebi\AppData\Local\Gameforge4d
2015-11-25 20:09 - 2014-11-12 16:21 - 00000000 __SHD C:\Users\buebi\AppData\Local\EmieBrowserModeList
2015-11-25 20:09 - 2014-08-07 11:21 - 00000000 ____D C:\ProgramData\Mozilla
2015-11-25 20:09 - 2014-04-12 08:34 - 00000000 __SHD C:\Users\buebi\AppData\Local\EmieUserList
2015-11-25 20:09 - 2014-04-12 08:34 - 00000000 __SHD C:\Users\buebi\AppData\Local\EmieSiteList
2015-11-25 20:09 - 2014-03-14 16:22 - 00000000 ____D C:\Users\buebi\AppData\Local\Blizzard
2015-11-25 20:09 - 2013-08-18 21:35 - 00000000 ____D C:\Users\buebi\AppData\Local\Chromium
2015-11-25 20:09 - 2013-08-17 06:47 - 00000000 ____D C:\Users\buebi\AppData\Local\Blizzard Entertainment
2015-11-25 20:09 - 2013-04-11 17:09 - 00000000 ____D C:\ProgramData\Google
2015-11-25 20:09 - 2013-03-10 14:21 - 00000000 ____D C:\ProgramData\LogiShrd
2015-11-25 18:37 - 2009-07-14 06:13 - 01648656 _____ C:\Windows\system32\PerfStringBackup.INI
2015-11-25 18:31 - 2015-06-02 07:01 - 00000000 ____D C:\Users\buebi\AppData\Local\GWX
2015-11-25 18:31 - 2014-08-07 11:26 - 00000000 ____D C:\Users\buebi\AppData\Local\Macromedia
2015-11-25 18:31 - 2013-04-11 17:09 - 00000000 ____D C:\Users\buebi\AppData\Local\Google
2015-11-25 18:31 - 2013-03-10 14:22 - 00000000 ____D C:\Users\buebi\AppData\Local\Logitech
2015-11-25 17:48 - 2015-11-03 12:40 - 00000000 ____D C:\Users\buebi\AppData\Roaming\Sun
2015-11-25 17:48 - 2015-08-19 17:16 - 00000000 ____D C:\Users\Default\AppData\LocalLow\IObit
2015-11-25 17:48 - 2015-08-19 17:16 - 00000000 ____D C:\Users\Default User\AppData\LocalLow\IObit
2015-11-25 17:48 - 2015-08-02 11:18 - 00000000 ____D C:\Users\buebi\AppData\Roaming\Riot Games
2015-11-25 17:48 - 2014-11-02 17:42 - 00000000 ____D C:\Users\buebi\AppData\Roaming\Skype
2015-11-25 17:48 - 2014-06-27 19:36 - 00000000 ____D C:\Users\buebi\AppData\Roaming\Mozilla
2015-11-25 17:48 - 2014-04-18 11:31 - 00000000 ____D C:\Users\buebi\AppData\Roaming\Samsung
2015-11-25 17:48 - 2013-09-23 17:02 - 00000000 ____D C:\Users\buebi\AppData\Roaming\SimulationCraft
2015-11-25 17:48 - 2013-03-12 18:36 - 00000000 ____D C:\Users\buebi\AppData\Roaming\Macromedia
2015-11-25 17:48 - 2013-03-09 21:40 - 00000000 ____D C:\Users\buebi\AppData\Roaming\Media Center Programs
2015-11-25 17:48 - 2011-04-12 08:54 - 00000000 ____D C:\Users\Default\AppData\Roaming\Media Center Programs
2015-11-25 17:48 - 2011-04-12 08:54 - 00000000 ____D C:\Users\Default User\AppData\Roaming\Media Center Programs
2015-11-24 19:24 - 2015-10-24 08:53 - 14882558 _____ C:\Users\buebi\Hearthstone.Deck.Tracker-v0.12.3.zip.ccc
2015-11-24 19:24 - 2015-09-05 12:10 - 00452782 _____ C:\Users\buebi\BMO-Satzung i. d. F. d. 6. Nachtrag.pdf.ccc
2015-11-24 19:24 - 2015-09-05 11:25 - 00263182 _____ C:\Users\buebi\Bonusformular_ffc_200_2015.pdf.ccc
2015-11-24 19:24 - 2014-05-15 22:58 - 02803982 _____ C:\Users\buebi\Desktop\Hearthstone_Screenshot_5.15.2014.23.58.50.png.ccc
2015-11-24 19:17 - 2015-10-02 18:46 - 00025998 _____ C:\Users\buebi\Abrechnung_430401338900_2015-10-01_0827.pdf.ccc
2015-11-24 19:17 - 2015-09-26 15:40 - 00139742 _____ C:\Users\buebi\11451971_5906313504_R_20150909_201508_33.26_O_1of1.pdf.ccc
2015-11-24 19:17 - 2015-09-26 15:38 - 00030158 _____ C:\Users\buebi\11451971_5906313504_EVN_20150909_201508_33.26_O_1of1.pdf.ccc
2015-11-24 19:17 - 2015-09-05 12:18 - 00195902 _____ C:\Users\buebi\Antrag auf doppelten Festzuschuss (Zahnersatz) 2015.pdf.ccc
2015-11-15 05:59 - 2013-08-04 12:52 - 00000000 ____D C:\Windows\Minidump
2015-11-14 07:06 - 2015-11-03 23:32 - 06358832 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2015-11-14 07:06 - 2015-11-03 23:32 - 02983032 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll
2015-11-14 07:06 - 2015-11-03 23:32 - 02554488 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll
2015-11-14 07:06 - 2015-11-03 23:32 - 00385144 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll
2015-11-14 07:06 - 2015-11-03 23:32 - 00062768 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll
2015-11-11 19:35 - 2013-05-27 18:03 - 01622000 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2015-11-04 00:00 - 2014-12-25 14:12 - 00003886 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2015-11-25 18:31 - 2015-11-25 18:31 - 0007307 _____ () C:\Program Files\Common Files\_how_recover_dvx.HTML
2015-11-25 18:31 - 2015-11-25 18:31 - 0002588 _____ () C:\Program Files\Common Files\_how_recover_dvx.TXT
2015-11-25 16:42 - 2015-11-25 16:42 - 0007307 _____ () C:\Program Files\Common Files\_how_recover_ieh.HTML
2015-11-25 16:42 - 2015-11-25 16:42 - 0002588 _____ () C:\Program Files\Common Files\_how_recover_ieh.TXT
2015-11-25 17:26 - 2015-11-25 17:26 - 0007307 _____ () C:\Program Files\Common Files\_how_recover_mxh.HTML
2015-11-25 17:26 - 2015-11-25 17:26 - 0002588 _____ () C:\Program Files\Common Files\_how_recover_mxh.TXT
2015-11-25 18:19 - 2015-11-25 18:19 - 0007307 _____ () C:\Program Files\Common Files\_how_recover_oad.HTML
2015-11-25 18:19 - 2015-11-25 18:19 - 0002588 _____ () C:\Program Files\Common Files\_how_recover_oad.TXT
2015-11-26 15:12 - 2015-11-26 15:12 - 0000000 _____ () C:\Program Files\Common Files\_how_recover_ooy.HTML
2015-11-26 15:12 - 2015-11-26 15:12 - 0000000 _____ () C:\Program Files\Common Files\_how_recover_ooy.TXT
2015-11-26 14:24 - 2015-11-26 14:24 - 0007307 _____ () C:\Program Files\Common Files\_how_recover_qpk.HTML
2015-11-26 14:24 - 2015-11-26 14:24 - 0002588 _____ () C:\Program Files\Common Files\_how_recover_qpk.TXT
2015-11-25 20:09 - 2015-11-25 20:09 - 0007307 _____ () C:\Program Files\Common Files\_how_recover_smn.HTML
2015-11-25 20:09 - 2015-11-25 20:09 - 0002588 _____ () C:\Program Files\Common Files\_how_recover_smn.TXT
2015-11-24 19:17 - 2015-11-24 19:17 - 0007307 _____ () C:\Program Files\Common Files\_how_recover_txi.HTML
2015-11-24 19:17 - 2015-11-24 19:17 - 0002588 _____ () C:\Program Files\Common Files\_how_recover_txi.TXT
2015-11-24 20:46 - 2015-11-24 20:46 - 0007307 _____ () C:\Program Files\Common Files\_how_recover_xwl.HTML
2015-11-24 20:46 - 2015-11-24 20:46 - 0002588 _____ () C:\Program Files\Common Files\_how_recover_xwl.TXT
2015-11-25 18:31 - 2015-11-25 18:44 - 0007307 _____ () C:\Users\buebi\AppData\Roaming\_how_recover_dvx.HTML
2015-11-25 18:31 - 2015-11-25 18:44 - 0002588 _____ () C:\Users\buebi\AppData\Roaming\_how_recover_dvx.TXT
2015-11-25 16:43 - 2015-11-25 16:43 - 0007307 _____ () C:\Users\buebi\AppData\Roaming\_how_recover_ieh.HTML
2015-11-25 16:43 - 2015-11-25 16:43 - 0002588 _____ () C:\Users\buebi\AppData\Roaming\_how_recover_ieh.TXT
2015-11-25 17:26 - 2015-11-25 17:48 - 0007307 _____ () C:\Users\buebi\AppData\Roaming\_how_recover_mxh.HTML
2015-11-25 17:26 - 2015-11-25 17:48 - 0002588 _____ () C:\Users\buebi\AppData\Roaming\_how_recover_mxh.TXT
2015-11-25 18:19 - 2015-11-25 18:19 - 0007307 _____ () C:\Users\buebi\AppData\Roaming\_how_recover_oad.HTML
2015-11-25 18:19 - 2015-11-25 18:19 - 0002588 _____ () C:\Users\buebi\AppData\Roaming\_how_recover_oad.TXT
2015-11-24 20:14 - 2015-11-24 20:21 - 0007307 _____ () C:\Users\buebi\AppData\Roaming\_how_recover_pap.HTML
2015-11-24 20:14 - 2015-11-24 20:21 - 0002588 _____ () C:\Users\buebi\AppData\Roaming\_how_recover_pap.TXT
2015-11-24 20:11 - 2015-11-24 20:11 - 0007307 _____ () C:\Users\buebi\AppData\Roaming\_how_recover_pcn.HTML
2015-11-24 20:11 - 2015-11-24 20:11 - 0002588 _____ () C:\Users\buebi\AppData\Roaming\_how_recover_pcn.TXT
2015-11-25 20:09 - 2015-11-25 20:27 - 0007307 _____ () C:\Users\buebi\AppData\Roaming\_how_recover_smn.HTML
2015-11-25 20:09 - 2015-11-25 20:27 - 0002588 _____ () C:\Users\buebi\AppData\Roaming\_how_recover_smn.TXT
2015-11-24 19:17 - 2015-11-24 19:24 - 0007307 _____ () C:\Users\buebi\AppData\Roaming\_how_recover_txi.HTML
2015-11-24 19:17 - 2015-11-24 19:24 - 0002588 _____ () C:\Users\buebi\AppData\Roaming\_how_recover_txi.TXT
2015-11-24 20:09 - 2015-11-24 20:09 - 0007307 _____ () C:\Users\buebi\AppData\Roaming\_how_recover_vnc.HTML
2015-11-24 20:09 - 2015-11-24 20:09 - 0002588 _____ () C:\Users\buebi\AppData\Roaming\_how_recover_vnc.TXT
2015-11-24 20:46 - 2015-11-24 20:47 - 0007307 _____ () C:\Users\buebi\AppData\Roaming\_how_recover_xwl.HTML
2015-11-24 20:46 - 2015-11-24 20:47 - 0002588 _____ () C:\Users\buebi\AppData\Roaming\_how_recover_xwl.TXT
2015-11-24 19:18 - 2015-11-24 19:18 - 0000480 ____H () C:\Users\buebi\AppData\Roaming\½ž’“Ó™œ‰
2013-07-14 11:28 - 2015-11-29 20:03 - 0007597 _____ () C:\Users\buebi\AppData\Local\Resmon.ResmonCfg
2015-11-25 18:31 - 2015-11-25 18:44 - 0007307 _____ () C:\Users\buebi\AppData\Local\_how_recover_dvx.HTML
2015-11-25 18:31 - 2015-11-25 18:44 - 0002588 _____ () C:\Users\buebi\AppData\Local\_how_recover_dvx.TXT
2015-11-25 16:43 - 2015-11-25 16:43 - 0007307 _____ () C:\Users\buebi\AppData\Local\_how_recover_ieh.HTML
2015-11-25 16:43 - 2015-11-25 16:43 - 0002588 _____ () C:\Users\buebi\AppData\Local\_how_recover_ieh.TXT
2015-11-25 17:26 - 2015-11-25 17:48 - 0007307 _____ () C:\Users\buebi\AppData\Local\_how_recover_mxh.HTML
2015-11-25 17:26 - 2015-11-25 17:48 - 0002588 _____ () C:\Users\buebi\AppData\Local\_how_recover_mxh.TXT
2015-11-25 18:19 - 2015-11-25 18:19 - 0007307 _____ () C:\Users\buebi\AppData\Local\_how_recover_oad.HTML
2015-11-25 18:19 - 2015-11-25 18:19 - 0002588 _____ () C:\Users\buebi\AppData\Local\_how_recover_oad.TXT
2015-11-24 20:14 - 2015-11-24 20:21 - 0007307 _____ () C:\Users\buebi\AppData\Local\_how_recover_pap.HTML
2015-11-24 20:14 - 2015-11-24 20:21 - 0002588 _____ () C:\Users\buebi\AppData\Local\_how_recover_pap.TXT
2015-11-24 20:11 - 2015-11-24 20:11 - 0007307 _____ () C:\Users\buebi\AppData\Local\_how_recover_pcn.HTML
2015-11-24 20:11 - 2015-11-24 20:11 - 0002588 _____ () C:\Users\buebi\AppData\Local\_how_recover_pcn.TXT
2015-11-25 20:09 - 2015-11-25 20:27 - 0007307 _____ () C:\Users\buebi\AppData\Local\_how_recover_smn.HTML
2015-11-25 20:09 - 2015-11-25 20:27 - 0002588 _____ () C:\Users\buebi\AppData\Local\_how_recover_smn.TXT
2015-11-24 19:17 - 2015-11-24 19:24 - 0007307 _____ () C:\Users\buebi\AppData\Local\_how_recover_txi.HTML
2015-11-24 19:17 - 2015-11-24 19:24 - 0002588 _____ () C:\Users\buebi\AppData\Local\_how_recover_txi.TXT
2015-11-24 20:09 - 2015-11-24 20:09 - 0007307 _____ () C:\Users\buebi\AppData\Local\_how_recover_vnc.HTML
2015-11-24 20:09 - 2015-11-24 20:09 - 0002588 _____ () C:\Users\buebi\AppData\Local\_how_recover_vnc.TXT
2015-11-24 20:46 - 2015-11-24 20:47 - 0007307 _____ () C:\Users\buebi\AppData\Local\_how_recover_xwl.HTML
2015-11-24 20:46 - 2015-11-24 20:47 - 0002588 _____ () C:\Users\buebi\AppData\Local\_how_recover_xwl.TXT
2015-11-24 19:20 - 2015-11-26 15:19 - 0000904 ____H () C:\ProgramData\@system.temp
2015-11-25 18:31 - 2015-11-25 18:31 - 0007307 _____ () C:\ProgramData\_how_recover_dvx.HTML
2015-11-25 18:31 - 2015-11-25 18:31 - 0002588 _____ () C:\ProgramData\_how_recover_dvx.TXT
2015-11-25 16:42 - 2015-11-25 16:43 - 0007307 _____ () C:\ProgramData\_how_recover_ieh.HTML
2015-11-25 16:42 - 2015-11-25 16:43 - 0002588 _____ () C:\ProgramData\_how_recover_ieh.TXT
2015-11-25 17:26 - 2015-11-25 17:26 - 0007307 _____ () C:\ProgramData\_how_recover_mxh.HTML
2015-11-25 17:26 - 2015-11-25 17:26 - 0002588 _____ () C:\ProgramData\_how_recover_mxh.TXT
2015-11-25 18:19 - 2015-11-25 18:19 - 0007307 _____ () C:\ProgramData\_how_recover_oad.HTML
2015-11-25 18:19 - 2015-11-25 18:19 - 0002588 _____ () C:\ProgramData\_how_recover_oad.TXT
2015-11-24 20:14 - 2015-11-24 20:14 - 0007307 _____ () C:\ProgramData\_how_recover_pap.HTML
2015-11-24 20:14 - 2015-11-24 20:14 - 0002588 _____ () C:\ProgramData\_how_recover_pap.TXT
2015-11-24 20:11 - 2015-11-24 20:11 - 0007307 _____ () C:\ProgramData\_how_recover_pcn.HTML
2015-11-24 20:11 - 2015-11-24 20:11 - 0002588 _____ () C:\ProgramData\_how_recover_pcn.TXT
2015-11-26 14:24 - 2015-11-26 14:24 - 0007307 _____ () C:\ProgramData\_how_recover_qpk.HTML
2015-11-26 14:24 - 2015-11-26 14:24 - 0002588 _____ () C:\ProgramData\_how_recover_qpk.TXT
2015-11-25 20:09 - 2015-11-25 20:09 - 0007307 _____ () C:\ProgramData\_how_recover_smn.HTML
2015-11-25 20:09 - 2015-11-25 20:09 - 0002588 _____ () C:\ProgramData\_how_recover_smn.TXT
2015-11-24 19:17 - 2015-11-24 19:17 - 0007307 _____ () C:\ProgramData\_how_recover_txi.HTML
2015-11-24 19:17 - 2015-11-24 19:17 - 0002588 _____ () C:\ProgramData\_how_recover_txi.TXT
2015-11-24 20:09 - 2015-11-24 20:09 - 0007307 _____ () C:\ProgramData\_how_recover_vnc.HTML
2015-11-24 20:09 - 2015-11-24 20:09 - 0002588 _____ () C:\ProgramData\_how_recover_vnc.TXT
2015-11-24 20:46 - 2015-11-24 20:46 - 0007307 _____ () C:\ProgramData\_how_recover_xwl.HTML
2015-11-24 20:46 - 2015-11-24 20:46 - 0002588 _____ () C:\ProgramData\_how_recover_xwl.TXT

Dateien, die verschoben oder gelöscht werden sollten:
====================
C:\Users\buebi\JavaSetup8u65.exe


Einige Dateien in TEMP:
====================
C:\Users\buebi\AppData\Local\Temp\avgnt.exe
C:\Users\buebi\AppData\Local\Temp\ib7nrpiq.dll
C:\Users\buebi\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap =================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert


LastRegBack: 2015-11-29 16:38

==================== Ende von FRST.txt ============================
so da isses^^ hab Adwarecleaner 2 mal laufen lassen hab beim ersten mal die Optionen falsch gesetzt hoffe das war nicht schlimm.
Gruß Heinz

schrauber 04.12.2015 16:37

ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schließe das Fenster von ESET.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset


Downloade Dir bitte SecurityCheck und:

  • Speichere es auf dem Desktop.
  • Starte SecurityCheck.exe und folge den Anweisungen in der DOS-Box.
  • Wenn der Scan beendet wurde sollte sich ein Textdokument (checkup.txt) öffnen.
Poste den Inhalt bitte hier.

und ein frisches FRST log bitte. Noch Probleme? :)

Babock 05.12.2015 18:44
huhu hab nun mehrfach versucht ESET durchlaufen zu lassen, leider läuft es nur bis ca. 75% oder etwa 90 min. dann friert es ein springt nach einer Weile auf 100 % und stürzt ab. (keine Rückmeldung) Firewall und Virenscanner sind auswas mach ich falsch?
Gruß Heinz

schrauber 06.12.2015 22:09
ESET weg lassen, dafür:

Lade Dir bitte von hier Emsisoft Emergency Kit Download Emsisoft Emergency Kit herunter.
  • Bitte installiere das Programm in den vorgegebenen Pfad.
  • Starte das Programm durch Doppelklick der Desktopverknüpfung.
  • Das EEK ist nach dem Laden der Malwaresignaturen für den Scan bereit.
  • Folge nun bitte der bebilderten Bildanleitung zu Emergency Kit, entferne alle Funde und poste am Ende des Scans bzw. der Bereinigung das Log.


Babock 07.12.2015 16:47
Code:
Emsisoft Emergency Kit - Version 10.0
Letztes Update: 07.12.2015 16:13:24
Benutzerkonto: buebi-PC\buebi

Scan-Einstellungen:

Scan-Methode: Eigener Scan
Objekte: Rootkits, Speicher, Traces, C:\, D:\

PUPs-Erkennung: An
Archiv-Scan: An
ADS Scan: An
Dateitypen-Filter: Aus
Erweitertes Caching: An
Direkter Festplattenzugriff: Aus

Scan-Beginn:        07.12.2015 16:19:59
C:\FRST\Quarantine\C\Users\buebi\AppData\Roaming\fhhkg-a.exe.xBAD        Gefunden: Gen:Variant.Kazy.773493 (B)
C:\Users\buebi\AppData\LocalLow\{56569604-F8FD-4B74-AFE1-A9BF4392C217}\TMPF7BC.tmp        Gefunden: Gen:Variant.Kazy.773493 (B)
C:\Users\buebi\AppData\LocalLow\{D55E3194-1AF1-4F77-8E95-158F7A791250}\TMP7DDB.tmp        Gefunden: Trojan.Generic.15274188 (B)
C:\Users\buebi\AppData\LocalLow\{A7678D9E-37E4-4D52-A9B2-11777696009D}\TMPF6C1.tmp        Gefunden: Gen:Variant.Zusy.171587 (B)
C:\Users\buebi\AppData\LocalLow\{189F0F8A-EE01-4590-871B-397920EA8882}\TMP7C83.tmp        Gefunden: Gen:Variant.Symmi.58700 (B)

Gescannt:        481911
Gefunden        5

Scan-Ende:        07.12.2015 16:33:06
Scan-Zeit:        0:13:07

C:\Users\buebi\AppData\LocalLow\{189F0F8A-EE01-4590-871B-397920EA8882}\TMP7C83.tmp        Quarantäne Gen:Variant.Symmi.58700 (B)
C:\Users\buebi\AppData\LocalLow\{A7678D9E-37E4-4D52-A9B2-11777696009D}\TMPF6C1.tmp        Quarantäne Gen:Variant.Zusy.171587 (B)
C:\Users\buebi\AppData\LocalLow\{D55E3194-1AF1-4F77-8E95-158F7A791250}\TMP7DDB.tmp        Quarantäne Trojan.Generic.15274188 (B)
C:\Users\buebi\AppData\LocalLow\{56569604-F8FD-4B74-AFE1-A9BF4392C217}\TMPF7BC.tmp        Quarantäne Gen:Variant.Kazy.773493 (B)
C:\FRST\Quarantine\C\Users\buebi\AppData\Roaming\fhhkg-a.exe.xBAD        Quarantäne Gen:Variant.Kazy.773493 (B)

Quarantäne        5
Code:
Results of screen317's Security Check version 1.013 --- 11/28/15 
 Windows 7 Service Pack 1 x64 (UAC is disabled!) 
 Internet Explorer 11 
``````````````Antivirus/Firewall Check:``````````````
Avira Antivirus 
 Antivirus up to date!  (On Access scanning disabled!)
`````````Anti-malware/Other Utilities Check:`````````
 Java 8 Update 65 
 Java version 32-bit out of Date!
 Adobe Flash Player 19.0.0.245 
````````Process Check: objlist.exe by Laurent```````` 
 Avira Antivir avgnt.exe
 Avira Antivir avguard.exe
 Comodo Firewall cmdagent.exe
 Avira Antivirus sched.exe 
 Avira Antivirus avshadow.exe 
`````````````````System Health check`````````````````
 Total Fragmentation on Drive C: 
````````````````````End of Log``````````````````````
Code:
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:05-12-2015
durchgeführt von buebi (Administrator) auf BUEBI-PC (07-12-2015 16:44:13)
Gestartet von C:\Users\buebi\Downloads
Geladene Profile: buebi (Verfügbare Profile: buebi)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser nicht gefunden!)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(IObit) C:\Program Files (x86)\IObit\Advanced SystemCare\ASCService.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avguard.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.02\AsSysCtrlService.exe
() D:\Program Files\Bigfoot Networks\Killer Network Manager\BFNService.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cavwp.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avshadow.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\CisTray.exe
(IObit) C:\Program Files (x86)\IObit\Advanced SystemCare\Monitor.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\LCore.exe
(IObit) C:\Program Files (x86)\IObit\Advanced SystemCare\ASCTray.exe
(Piriform Ltd) D:\Program Files\CCleaner\CCleaner64.exe
() D:\Program Files\Bigfoot Networks\Killer Network Manager\KillerNetManager.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\Turbo Key\TurboKey.exe
(Curse) C:\Users\buebi\AppData\Local\Apps\2.0\WOVMGXV9.YP8\10H1B70A.62A\curs..tion_9e9e83ddf3ed3ead_0005.0001_fb8944c2684f5b6c\CurseClient.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avgnt.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDRSS.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDClock.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDMedia.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDPOP3.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDCountdown.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cis.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Mozilla Corporation) D:\Program Files\Mozilla Firefox\firefox.exe
(Farbar) C:\Users\buebi\Downloads\FRST64(3).exe


==================== Registry (Nicht auf der Ausnahmeliste) ===========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [Launch LCore] => C:\Program Files\Logitech Gaming Software\LCore.exe [15033976 2015-11-29] (Logitech Inc.)
HKLM\...\Run: [COMODO Internet Security] => C:\Program Files\COMODO\COMODO Internet Security\cistray.exe [1426136 2015-04-01] (COMODO)
HKLM-x32\...\Run: [Turbo Key] => C:\Program Files (x86)\ASUS\Turbo Key\TurboKey.exe [1874432 2009-11-24] (ASUSTeK Computer Inc.)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1067736 2015-10-28] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [597040 2015-11-29] (Oracle Corporation)
HKLM-x32\...\Run: [Avira SystrayStartTrigger] => C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe [66320 2015-12-03] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\Antivirus\avgnt.exe [803200 2015-12-03] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [Avira System Speedup User Starter] => C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.Core.Common.Starter.exe [14408 2015-12-03] (Avira Operations GmbH & Co. KG)
HKU\S-1-5-21-1771663753-3355759307-1885394415-1000\...\Run: [Advanced SystemCare 9] => C:\Program Files (x86)\IObit\Advanced SystemCare\ASCTray.exe [2010912 2015-11-17] (IObit)
HKU\S-1-5-21-1771663753-3355759307-1885394415-1000\...\Run: [GUDelayStartup] => D:\Program Files (x86)\Glary Utilities 5\StartupManager.exe [37152 2015-02-12] (Glarysoft Ltd)
HKU\S-1-5-21-1771663753-3355759307-1885394415-1000\...\Run: [CCleaner Monitoring] => D:\Program Files\CCleaner\CCleaner64.exe [8591272 2015-11-16] (Piriform Ltd)
HKU\S-1-5-18\...\RunOnce: [SpUninstallDeleteDir] => rmdir /s /q "\SearchProtect"
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bigfoot Networks Killer Network Manager.lnk [2015-09-03]
ShortcutTarget: Bigfoot Networks Killer Network Manager.lnk -> D:\Program Files\Bigfoot Networks\Killer Network Manager\KillerNetManager.exe ()
Startup: C:\Users\buebi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\CurseClientStartup.ccip [2015-11-29] ()
BootExecute: autocheck autochk * 

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Winsock: Catalog9 01 C:\Windows\SysWOW64\BfLLR.dll [174592 2013-10-09] (Bigfoot Networks, Inc.)
Winsock: Catalog9 02 C:\Windows\SysWOW64\BfLLR.dll [174592 2013-10-09] (Bigfoot Networks, Inc.)
Winsock: Catalog9 03 C:\Windows\SysWOW64\BfLLR.dll [174592 2013-10-09] (Bigfoot Networks, Inc.)
Winsock: Catalog9 04 C:\Windows\SysWOW64\BfLLR.dll [174592 2013-10-09] (Bigfoot Networks, Inc.)
Winsock: Catalog9 15 C:\Windows\SysWOW64\BfLLR.dll [174592 2013-10-09] (Bigfoot Networks, Inc.)
Winsock: Catalog9-x64 01 C:\Windows\system32\BfLLR.dll [189952 2013-10-09] (Bigfoot Networks, Inc.)
Winsock: Catalog9-x64 02 C:\Windows\system32\BfLLR.dll [189952 2013-10-09] (Bigfoot Networks, Inc.)
Winsock: Catalog9-x64 03 C:\Windows\system32\BfLLR.dll [189952 2013-10-09] (Bigfoot Networks, Inc.)
Winsock: Catalog9-x64 04 C:\Windows\system32\BfLLR.dll [189952 2013-10-09] (Bigfoot Networks, Inc.)
Winsock: Catalog9-x64 15 C:\Windows\system32\BfLLR.dll [189952 2013-10-09] (Bigfoot Networks, Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{4A67349A-00D0-4C9E-B689-69B4EF2FAF4F}: [NameServer] 156.154.70.25,156.154.71.25
Tcpip\..\Interfaces\{4A67349A-00D0-4C9E-B689-69B4EF2FAF4F}: [DhcpNameServer] 192.168.178.1

Internet Explorer:
==================
HKU\S-1-5-21-1771663753-3355759307-1885394415-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Beschränkung <======= ACHTUNG
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-1771663753-3355759307-1885394415-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-1771663753-3355759307-1885394415-1000\Software\Microsoft\Internet Explorer\Main,Start Page = about:Tabs
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-1771663753-3355759307-1885394415-1000 -> {085A28F2-59A0-49F0-8AAC-B6C52B414F0C} URL = hxxps://de.search.yahoo.com/search?p={searchTerms}&fr=yset_ie_syc_oracle&type=orcl_default
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_66\bin\ssv.dll [2015-11-29] (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_66\bin\jp2ssv.dll [2015-11-29] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_65\bin\ssv.dll [2015-11-03] (Oracle Corporation)
BHO-x32: AviraBrowserSafety.BrowserSafety -> {c3c77255-42c0-499f-b664-6e981a0b1647} -> C:\Windows\SysWOW64\mscoree.dll [2010-11-21] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_65\bin\jp2ssv.dll [2015-11-03] (Oracle Corporation)
Toolbar: HKLM - Kein Name - {2318C2B1-4965-11d4-9B18-009027A5CD4F} -  Keine Datei
Toolbar: HKLM-x32 - Kein Name - {2318C2B1-4965-11d4-9B18-009027A5CD4F} -  Keine Datei
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Handler-x32: abs - {E00957BD-D0E1-4eb9-A025-7743FDC8B27B} - C:\Windows\SysWOW64\mscoree.dll [2010-11-21] (Microsoft Corporation)

FireFox:
========
FF ProfilePath: C:\Users\buebi\AppData\Roaming\Mozilla\Firefox\Profiles\w33kqme1.default
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_19_0_0_245.dll [2015-11-29] ()
FF Plugin: @java.com/DTPlugin,version=11.66.2 -> C:\Program Files\Java\jre1.8.0_66\bin\dtplugin\npDeployJava1.dll [2015-11-29] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.66.2 -> C:\Program Files\Java\jre1.8.0_66\bin\plugin2\npjp2.dll [2015-11-29] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_19_0_0_245.dll [2015-11-29] ()
FF Plugin-x32: @java.com/DTPlugin,version=11.65.2 -> C:\Program Files (x86)\Java\jre1.8.0_65\bin\dtplugin\npDeployJava1.dll [2015-11-03] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.65.2 -> C:\Program Files (x86)\Java\jre1.8.0_65\bin\plugin2\npjp2.dll [2015-11-03] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-09-30] (Adobe Systems Inc.)
FF user.js: detected! => C:\Users\buebi\AppData\Roaming\Mozilla\Firefox\Profiles\w33kqme1.default\user.js [2015-12-06]
FF SearchPlugin: C:\Users\buebi\AppData\Roaming\Mozilla\Firefox\Profiles\w33kqme1.default\searchplugins\yahoo-ysp.xml [2015-11-03]
FF SearchPlugin: C:\Users\buebi\AppData\Roaming\Mozilla\Firefox\Profiles\w33kqme1.default\searchplugins\_how_recover_ieh.HTML [2015-11-25]
FF SearchPlugin: C:\Users\buebi\AppData\Roaming\Mozilla\Firefox\Profiles\w33kqme1.default\searchplugins\_how_recover_ieh.TXT [2015-11-25]
FF SearchPlugin: C:\Users\buebi\AppData\Roaming\Mozilla\Firefox\Profiles\w33kqme1.default\searchplugins\_how_recover_mxh.HTML [2015-11-25]
FF SearchPlugin: C:\Users\buebi\AppData\Roaming\Mozilla\Firefox\Profiles\w33kqme1.default\searchplugins\_how_recover_mxh.TXT [2015-11-25]
FF SearchPlugin: C:\Users\buebi\AppData\Roaming\Mozilla\Firefox\Profiles\w33kqme1.default\searchplugins\_how_recover_pap.HTML [2015-11-24]
FF SearchPlugin: C:\Users\buebi\AppData\Roaming\Mozilla\Firefox\Profiles\w33kqme1.default\searchplugins\_how_recover_pap.TXT [2015-11-24]
FF SearchPlugin: C:\Users\buebi\AppData\Roaming\Mozilla\Firefox\Profiles\w33kqme1.default\searchplugins\_how_recover_txi.HTML [2015-11-24]
FF SearchPlugin: C:\Users\buebi\AppData\Roaming\Mozilla\Firefox\Profiles\w33kqme1.default\searchplugins\_how_recover_txi.TXT [2015-11-24]
FF SearchPlugin: C:\Users\buebi\AppData\Roaming\Mozilla\Firefox\Profiles\w33kqme1.default\searchplugins\_how_recover_xwl.HTML [2015-11-24]
FF SearchPlugin: C:\Users\buebi\AppData\Roaming\Mozilla\Firefox\Profiles\w33kqme1.default\searchplugins\_how_recover_xwl.TXT [2015-11-24]
FF Extension: Avira Browser Safety - C:\Users\buebi\AppData\Roaming\Mozilla\Firefox\Profiles\w33kqme1.default\Extensions\abs@avira.com [2015-12-03] [ist nicht signiert]
FF Extension: Avira SafeSearch - C:\Users\buebi\AppData\Roaming\Mozilla\Firefox\Profiles\w33kqme1.default\Extensions\safesearch@avira.com.xpi [2015-11-30] [ist nicht signiert]
FF Extension: Adblock Plus - C:\Users\buebi\AppData\Roaming\Mozilla\Firefox\Profiles\w33kqme1.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-11-28]
StartMenuInternet: FIREFOX.EXE - D:\Program Files\Mozilla Firefox\firefox.exe

Chrome:
=======
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\40.0.2214.115\PepperFlash\pepflashplayer.dll => Keine Datei
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\40.0.2214.115\ppGoogleNaClPluginChrome.dll => Keine Datei
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\40.0.2214.115\pdf.dll => Keine Datei
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll => Keine Datei
CHR Plugin: (NVIDIA 3D Vision) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll => Keine Datei
CHR Plugin: (NVIDIA 3D VISION) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll => Keine Datei
CHR Profile: C:\Users\buebi\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Avira SearchFree Toolbar plus Web Protection) - C:\Users\buebi\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-11-25]
CHR Extension: (Google Drive) - C:\Users\buebi\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-11-25]
CHR Extension: (YouTube) - C:\Users\buebi\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-11-25]
CHR Extension: (Google-Suche) - C:\Users\buebi\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-11-25]
CHR Extension: (Avira SearchFree Toolbar plus Web Protection) - C:\Users\buebi\AppData\Local\Google\Chrome\User Data\Default\Extensions\eglgfnfolcgijipffhlhbbnefdcbjbml [2015-11-25]
CHR Extension: (Google Wallet) - C:\Users\buebi\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-11-25]
CHR Extension: (Google Mail) - C:\Users\buebi\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-11-25]
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-1771663753-3355759307-1885394415-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [fkkcgfbgohboipdhliafmacjnhjbhmim] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx

==================== Dienste (Nicht auf der Ausnahmeliste) ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 AdvancedSystemCareService9; C:\Program Files (x86)\IObit\Advanced SystemCare\ASCService.exe [827680 2015-11-04] (IObit)
S2 AntiVirMailService; C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe [948392 2015-12-03] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\Antivirus\sched.exe [466408 2015-12-03] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\Antivirus\avguard.exe [466408 2015-12-03] (Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe [1418560 2015-12-03] (Avira Operations GmbH & Co. KG)
R2 AsSysCtrlService; C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.02\AsSysCtrlService.exe [90112 2009-08-19] (ASUSTeK Computer Inc.) [Datei ist nicht signiert]
R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [250648 2015-12-03] (Avira Operations GmbH & Co. KG)
R2 Bigfoot Networks Killer Service; D:\Program Files\Bigfoot Networks\Killer Network Manager\BFNService.exe [494080 2013-10-09] () [Datei ist nicht signiert]
R2 CmdAgent; C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [5540424 2015-04-01] (COMODO)
S3 cmdvirth; C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe [2265816 2015-04-01] (COMODO)
S2 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2934048 2015-11-10] (IObit)
R2 LogiRegistryService; C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe [193144 2015-11-29] (Logitech Inc.)
S2 MBAMService; D:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1135416 2015-10-05] (Malwarebytes)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)

===================== Treiber (Nicht auf der Ausnahmeliste) ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R0 amdide64; C:\Windows\System32\DRIVERS\amdide64.sys [11944 2015-02-13] (Advanced Micro Devices Inc.)
U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [13440 2009-08-04] ()
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [162072 2015-12-03] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [140448 2015-12-03] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2015-12-03] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\System32\DRIVERS\avnetflt.sys [75472 2015-12-03] (Avira Operations GmbH & Co. KG)
R3 BfEdge7x64; C:\Windows\System32\DRIVERS\Edge7x64.sys [31336 2013-10-09] (Bigfoot Networks, Inc.)
R3 BFN7x64; C:\Windows\System32\DRIVERS\Xeno7x64.sys [157288 2013-10-09] (Bigfoot Networks, Inc.)
R1 cmderd; C:\Windows\System32\DRIVERS\cmderd.sys [20696 2015-04-01] (COMODO)
R1 cmdGuard; C:\Windows\System32\DRIVERS\cmdguard.sys [797280 2015-04-01] (COMODO)
R1 cmdHlp; C:\Windows\System32\DRIVERS\cmdhlp.sys [45880 2015-04-01] (COMODO)
S3 DrvAgent64; C:\Windows\SysWOW64\Drivers\DrvAgent64.SYS [13824 2015-02-07] (Phoenix Technologies) [Datei ist nicht signiert]
S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
R1 GUBootStartup; C:\Windows\System32\drivers\GUBootStartup.sys [20160 2015-02-23] (Glarysoft Ltd)
R1 inspect; C:\Windows\System32\DRIVERS\inspect.sys [104608 2015-04-01] (COMODO)
R2 LGCoreTemp; C:\Program Files\Logitech Gaming Software\Drivers\LgCoreTemp\lgcoretemp.sys [14184 2015-06-21] (Logitech)
R3 LGJoyXlCore; C:\Windows\System32\drivers\LGJoyXlCore.sys [68384 2015-11-29] (Logitech Inc.)
R3 LGSHidFilt; C:\Windows\System32\DRIVERS\LGSHidFilt.Sys [64280 2013-05-30] (Logitech Inc.)
R3 LGSUsbFilt; C:\Windows\System32\DRIVERS\LGSUsbFilt.Sys [41752 2013-05-30] (Logitech Inc.)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-10-05] (Malwarebytes)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-10-05] (Malwarebytes Corporation)
R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [15416 2009-07-17] ()
R0 SmartDefragDriver; C:\Windows\System32\Drivers\SmartDefragDriver.sys [21184 2014-06-04] (IObit)
S1 VBoxNetAdp; C:\Windows\System32\DRIVERS\VBoxNetAdp6.sys [117768 2015-09-08] (Oracle Corporation)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S4 nvvad_WaveExtensible; system32\drivers\nvvad64v.sys [X]

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2015-12-07 16:43 - 2015-12-07 16:43 - 02369024 _____ (Farbar) C:\Users\buebi\Downloads\FRST64(3).exe
2015-12-07 16:36 - 2015-12-07 16:36 - 00852771 _____ C:\Users\buebi\Downloads\SecurityCheck.exe
2015-12-07 16:06 - 2015-12-07 16:06 - 00000749 _____ C:\Users\buebi\Desktop\Start Emsisoft Emergency Kit.lnk
2015-12-07 16:05 - 2015-12-07 16:08 - 00000000 ____D C:\EEK
2015-12-07 16:02 - 2015-12-07 16:04 - 170644584 _____ C:\Users\buebi\Downloads\EmsisoftEmergencyKit.exe
2015-12-07 15:57 - 2015-12-07 15:57 - 67407872 _____ C:\Windows\system32\config\software.iodefrag.bak
2015-12-07 15:57 - 2015-12-07 15:57 - 44236800 _____ C:\Windows\system32\config\components.iodefrag.bak
2015-12-07 15:57 - 2015-12-07 15:57 - 00278528 _____ C:\Windows\system32\config\default.iodefrag.bak
2015-12-07 15:57 - 2015-12-07 15:57 - 00024576 _____ C:\Windows\system32\config\security.iodefrag.bak
2015-12-07 15:57 - 2015-12-07 15:57 - 00024576 _____ C:\Windows\system32\config\sam.iodefrag.bak
2015-12-07 15:57 - 2015-12-07 15:57 - 00000000 ____H C:\asc_rdflag
2015-12-07 04:28 - 2015-12-07 04:28 - 00000910 _____ C:\Users\buebi\Desktop\checkup1.txt
2015-12-06 20:14 - 2015-12-06 20:14 - 00000910 _____ C:\Users\buebi\Desktop\checkup.txt
2015-12-06 14:40 - 2015-12-06 14:40 - 03170304 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-12-06 14:40 - 2015-12-06 14:40 - 02609152 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-12-06 14:40 - 2015-12-06 14:40 - 00709632 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-12-06 14:40 - 2015-12-06 14:40 - 00573440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2015-12-06 14:40 - 2015-12-06 14:40 - 00419928 _____ C:\Windows\SysWOW64\locale.nls
2015-12-06 14:40 - 2015-12-06 14:40 - 00419928 _____ C:\Windows\system32\locale.nls
2015-12-06 14:40 - 2015-12-06 14:40 - 00192512 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-12-06 14:40 - 2015-12-06 14:40 - 00174080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2015-12-06 14:40 - 2015-12-06 14:40 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-12-06 14:40 - 2015-12-06 14:40 - 00098816 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-12-06 14:40 - 2015-12-06 14:40 - 00093696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2015-12-06 14:40 - 2015-12-06 14:40 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2015-12-06 14:40 - 2015-12-06 14:40 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nlsbres.dll
2015-12-06 14:40 - 2015-12-06 14:40 - 00069120 _____ (Microsoft Corporation) C:\Windows\system32\nlsbres.dll
2015-12-06 14:40 - 2015-12-06 14:40 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2015-12-06 14:40 - 2015-12-06 14:40 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-12-06 14:40 - 2015-12-06 14:40 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2015-12-06 14:40 - 2015-12-06 14:40 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2015-12-06 14:40 - 2015-12-06 14:40 - 00030208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2015-12-06 14:40 - 2015-12-06 14:40 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2015-12-06 14:40 - 2015-12-06 14:40 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDAZE.DLL
2015-12-06 14:40 - 2015-12-06 14:40 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\kbdgeoqw.dll
2015-12-06 14:40 - 2015-12-06 14:40 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDAZEL.DLL
2015-12-06 14:40 - 2015-12-06 14:40 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDAZE.DLL
2015-12-06 14:40 - 2015-12-06 14:40 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kbdgeoqw.dll
2015-12-06 14:40 - 2015-12-06 14:40 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDAZEL.DLL
2015-12-05 19:35 - 2015-12-05 19:35 - 00852771 _____ C:\Users\buebi\Desktop\SecurityCheck.exe
2015-12-05 15:03 - 2015-12-05 15:03 - 02870984 _____ (ESET) C:\Users\buebi\Desktop\esetsmartinstaller_deu(1).exe
2015-12-04 23:02 - 2015-12-04 23:02 - 02870984 _____ (ESET) C:\Users\buebi\Downloads\esetsmartinstaller_deu.exe
2015-12-04 23:02 - 2015-12-04 23:02 - 00000000 ____D C:\Program Files (x86)\ESET
2015-12-04 00:16 - 2015-12-05 18:52 - 00000000 ____D C:\ProgramData\ProductData
2015-12-04 00:16 - 2015-12-04 10:22 - 00000000 ____D C:\Users\buebi\AppData\Roaming\ProductData
2015-12-04 00:16 - 2015-12-04 00:16 - 00132824 _____ C:\Users\buebi\Desktop\FRST.txt
2015-12-04 00:15 - 2015-12-04 00:15 - 02350080 _____ (Farbar) C:\Users\buebi\Downloads\FRST64(1).exe
2015-12-04 00:12 - 2015-12-04 00:12 - 02350080 _____ (Farbar) C:\Users\buebi\Downloads\FRST64(2).exe
2015-12-04 00:05 - 2015-12-04 00:06 - 00002638 _____ C:\Users\buebi\Desktop\JRT.txt
2015-12-03 23:56 - 2015-12-03 23:56 - 01599336 _____ (Malwarebytes) C:\Users\buebi\Downloads\JRT.exe
2015-12-03 23:54 - 2015-12-03 23:54 - 00003076 _____ C:\Users\buebi\Desktop\AdwCleaner[C2].txt
2015-12-03 23:46 - 2015-12-03 23:46 - 00013309 _____ C:\Users\buebi\Desktop\AdwCleaner[C1].txt
2015-12-03 23:45 - 2015-12-03 23:45 - 00000000 ____D C:\Users\buebi\Desktop\ADWCleaner
2015-12-03 23:40 - 2015-12-03 23:51 - 00000000 ____D C:\AdwCleaner
2015-12-03 23:38 - 2015-12-03 23:38 - 01736704 _____ C:\Users\buebi\Desktop\AdwCleaner_5.023.exe
2015-12-03 23:33 - 2015-12-03 23:33 - 00001208 _____ C:\Users\buebi\Desktop\MBAM.txt
2015-12-03 00:45 - 2015-12-03 00:45 - 00000000 ____D C:\Users\buebi\AppData\Roaming\Avira
2015-12-03 00:44 - 2015-12-03 00:45 - 00000000 ____D C:\Users\Public\Speedup Sessions
2015-12-03 00:44 - 2015-12-03 00:44 - 00001149 _____ C:\Users\Public\Desktop\Avira System Speedup.lnk
2015-12-03 00:44 - 2015-12-03 00:44 - 00000795 _____ C:\Windows\SysWOW64\InstallUtil.InstallLog
2015-12-03 00:43 - 2015-12-03 00:43 - 00162072 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2015-12-03 00:43 - 2015-12-03 00:43 - 00140448 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2015-12-03 00:43 - 2015-12-03 00:43 - 00075472 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avnetflt.sys
2015-12-03 00:43 - 2015-12-03 00:43 - 00028600 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avkmgr.sys
2015-12-03 00:39 - 2015-12-03 00:44 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2015-12-03 00:39 - 2015-12-03 00:39 - 04588512 _____ (Avira Operations GmbH & Co. KG) C:\Users\buebi\Downloads\avira_de_av_565f812334096__ws.exe
2015-12-03 00:39 - 2015-12-03 00:39 - 00001220 _____ C:\Users\Public\Desktop\Avira Launcher.lnk
2015-12-03 00:18 - 2015-12-03 00:18 - 00033677 _____ C:\ComboFix.txt
2015-12-02 23:36 - 2015-12-02 23:35 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2015-12-02 23:36 - 2015-12-02 23:35 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2015-12-02 23:36 - 2015-12-02 23:35 - 00256000 _____ C:\Windows\PEV.exe
2015-12-02 23:36 - 2015-12-02 23:35 - 00208896 _____ C:\Windows\MBR.exe
2015-12-02 23:36 - 2015-12-02 23:35 - 00098816 _____ C:\Windows\sed.exe
2015-12-02 23:36 - 2015-12-02 23:35 - 00080412 _____ C:\Windows\grep.exe
2015-12-02 23:36 - 2015-12-02 23:35 - 00068096 _____ C:\Windows\zip.exe
2015-12-02 23:36 - 2015-12-02 23:35 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2015-12-02 23:21 - 2015-12-02 23:21 - 05639299 ____R (Swearware) C:\Users\buebi\Desktop\ComboFix.exe
2015-12-02 23:19 - 2015-12-02 23:19 - 00159410 _____ C:\Users\buebi\Documents\cc_20151202_231938.reg
2015-12-02 23:10 - 2015-12-03 00:18 - 00000000 ____D C:\Qoobox
2015-12-02 23:09 - 2015-12-03 00:15 - 00000000 ____D C:\Windows\erdnt
2015-12-01 23:30 - 2015-12-01 23:35 - 00401658 _____ C:\TDSSKiller.3.1.0.7_01.12.2015_23.30.22_log.txt
2015-12-01 23:30 - 2015-12-01 23:30 - 04398264 _____ (Kaspersky Lab ZAO) C:\Users\buebi\Downloads\tdsskiller.exe
2015-12-01 23:13 - 2015-12-02 00:09 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2015-12-01 23:11 - 2015-12-01 23:12 - 16563352 _____ (Malwarebytes Corp.) C:\Users\buebi\Downloads\mbar-1.09.3.1001.exe
2015-11-30 09:38 - 2015-12-07 16:44 - 00021202 _____ C:\Users\buebi\Downloads\FRST.txt
2015-11-30 09:38 - 2015-11-30 10:05 - 00059889 _____ C:\Users\buebi\Downloads\Addition.txt
2015-11-30 09:37 - 2015-11-30 09:37 - 02350080 _____ (Farbar) C:\Users\buebi\Downloads\FRST64.exe
2015-11-29 20:07 - 2015-11-29 20:07 - 00002968 _____ C:\Windows\System32\Tasks\{A02B08A9-ABEB-4CAE-A526-CD638BD063A5}
2015-11-29 20:06 - 2015-11-29 20:06 - 00002968 _____ C:\Windows\System32\Tasks\{A492109E-110B-4220-B9D7-05ACA2BAA0C8}
2015-11-29 20:05 - 2015-11-29 20:05 - 00000000 ____D C:\Users\buebi\AppData\Local\ElevatedDiagnostics
2015-11-29 20:04 - 2015-11-29 20:04 - 00002980 _____ C:\Windows\System32\Tasks\{5697353D-EC7C-46EA-841C-CFCB920996B4}
2015-11-29 19:25 - 2015-11-29 19:25 - 05631312 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_40.dll
2015-11-29 19:25 - 2015-11-29 19:25 - 05554512 _____ (Microsoft Corporation) C:\Windows\system32\d3dcsx_42.dll
2015-11-29 19:25 - 2015-11-29 19:25 - 05501792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dcsx_42.dll
2015-11-29 19:25 - 2015-11-29 19:25 - 05425496 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_41.dll
2015-11-29 19:25 - 2015-11-29 19:25 - 04992520 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_39.dll
2015-11-29 19:25 - 2015-11-29 19:25 - 04379984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_40.dll
2015-11-29 19:25 - 2015-11-29 19:25 - 04178264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_41.dll
2015-11-29 19:25 - 2015-11-29 19:25 - 02605920 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_40.dll
2015-11-29 19:25 - 2015-11-29 19:25 - 02582888 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_42.dll
2015-11-29 19:25 - 2015-11-29 19:25 - 02526056 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_43.dll
2015-11-29 19:25 - 2015-11-29 19:25 - 02475352 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_42.dll
2015-11-29 19:25 - 2015-11-29 19:25 - 02430312 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_41.dll
2015-11-29 19:25 - 2015-11-29 19:25 - 02106216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_43.dll
2015-11-29 19:25 - 2015-11-29 19:25 - 02036576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_40.dll
2015-11-29 19:25 - 2015-11-29 19:25 - 01974616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_42.dll
2015-11-29 19:25 - 2015-11-29 19:25 - 01942552 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_39.dll
2015-11-29 19:25 - 2015-11-29 19:25 - 01907552 _____ (Microsoft Corporation) C:\Windows\system32\d3dcsx_43.dll
2015-11-29 19:25 - 2015-11-29 19:25 - 01892184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_42.dll
2015-11-29 19:25 - 2015-11-29 19:25 - 01868128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dcsx_43.dll
2015-11-29 19:25 - 2015-11-29 19:25 - 01846632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_41.dll
2015-11-29 19:25 - 2015-11-29 19:25 - 00540688 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_39.dll
2015-11-29 19:25 - 2015-11-29 19:25 - 00530776 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_6.dll
2015-11-29 19:25 - 2015-11-29 19:25 - 00528216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_6.dll
2015-11-29 19:25 - 2015-11-29 19:25 - 00527192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_7.dll
2015-11-29 19:25 - 2015-11-29 19:25 - 00523088 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_42.dll
2015-11-29 19:25 - 2015-11-29 19:25 - 00521560 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_4.dll
2015-11-29 19:25 - 2015-11-29 19:25 - 00520544 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_41.dll
2015-11-29 19:25 - 2015-11-29 19:25 - 00519000 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_40.dll
2015-11-29 19:25 - 2015-11-29 19:25 - 00518488 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_7.dll
2015-11-29 19:25 - 2015-11-29 19:25 - 00518480 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_3.dll
2015-11-29 19:25 - 2015-11-29 19:25 - 00517960 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_5.dll
2015-11-29 19:25 - 2015-11-29 19:25 - 00517448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_4.dll
2015-11-29 19:25 - 2015-11-29 19:25 - 00515416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_5.dll
2015-11-29 19:25 - 2015-11-29 19:25 - 00514384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_3.dll
2015-11-29 19:25 - 2015-11-29 19:25 - 00513544 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_2.dll
2015-11-29 19:25 - 2015-11-29 19:25 - 00509448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_2.dll
2015-11-29 19:25 - 2015-11-29 19:25 - 00453456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_42.dll
2015-11-29 19:25 - 2015-11-29 19:25 - 00453456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_41.dll
2015-11-29 19:25 - 2015-11-29 19:25 - 00452440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_40.dll
2015-11-29 19:25 - 2015-11-29 19:25 - 00285024 _____ (Microsoft Corporation) C:\Windows\system32\d3dx11_42.dll
2015-11-29 19:25 - 2015-11-29 19:25 - 00239960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_7.dll
2015-11-29 19:25 - 2015-11-29 19:25 - 00238936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_6.dll
2015-11-29 19:25 - 2015-11-29 19:25 - 00238936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_5.dll
2015-11-29 19:25 - 2015-11-29 19:25 - 00238088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_2.dll
2015-11-29 19:25 - 2015-11-29 19:25 - 00235856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_3.dll
2015-11-29 19:25 - 2015-11-29 19:25 - 00235352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_4.dll
2015-11-29 19:25 - 2015-11-29 19:25 - 00235344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx11_42.dll
2015-11-29 19:25 - 2015-11-29 19:25 - 00177672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_2.dll
2015-11-29 19:25 - 2015-11-29 19:25 - 00176984 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_7.dll
2015-11-29 19:25 - 2015-11-29 19:25 - 00176984 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_6.dll
2015-11-29 19:25 - 2015-11-29 19:25 - 00176968 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_5.dll
2015-11-29 19:25 - 2015-11-29 19:25 - 00175440 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_3.dll
2015-11-29 19:25 - 2015-11-29 19:25 - 00174936 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_4.dll
2015-11-29 19:25 - 2015-11-29 19:25 - 00078680 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_4.dll
2015-11-29 19:25 - 2015-11-29 19:25 - 00077656 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_5.dll
2015-11-29 19:25 - 2015-11-29 19:25 - 00074576 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_2.dll
2015-11-29 19:25 - 2015-11-29 19:25 - 00074072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_5.dll
2015-11-29 19:25 - 2015-11-29 19:25 - 00074072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_4.dll
2015-11-29 19:25 - 2015-11-29 19:25 - 00073544 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_3.dll
2015-11-29 19:25 - 2015-11-29 19:25 - 00072200 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_1.dll
2015-11-29 19:25 - 2015-11-29 19:25 - 00070992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_2.dll
2015-11-29 19:25 - 2015-11-29 19:25 - 00069464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_3.dll
2015-11-29 19:25 - 2015-11-29 19:25 - 00068616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_1.dll
2015-11-29 19:25 - 2015-11-29 19:25 - 00025936 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_5.dll
2015-11-29 19:25 - 2015-11-29 19:25 - 00024920 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_7.dll
2015-11-29 19:25 - 2015-11-29 19:25 - 00024920 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_6.dll
2015-11-29 19:25 - 2015-11-29 19:25 - 00023376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_5.dll
2015-11-29 19:25 - 2015-11-29 19:25 - 00022360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_7.dll
2015-11-29 19:25 - 2015-11-29 19:25 - 00022360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_6.dll
2015-11-29 19:24 - 2015-11-29 19:24 - 05081608 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_36.dll
2015-11-29 19:24 - 2015-11-29 19:24 - 05073256 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_35.dll
2015-11-29 19:24 - 2015-11-29 19:24 - 04991496 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_38.dll
2015-11-29 19:24 - 2015-11-29 19:24 - 04910088 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_37.dll
2015-11-29 19:24 - 2015-11-29 19:24 - 04496232 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_34.dll
2015-11-29 19:24 - 2015-11-29 19:24 - 04494184 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_33.dll
2015-11-29 19:24 - 2015-11-29 19:24 - 04398360 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_32.dll
2015-11-29 19:24 - 2015-11-29 19:24 - 03977496 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_31.dll
2015-11-29 19:24 - 2015-11-29 19:24 - 03927248 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_30.dll
2015-11-29 19:24 - 2015-11-29 19:24 - 03850760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_38.dll
2015-11-29 19:24 - 2015-11-29 19:24 - 03830992 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_29.dll
2015-11-29 19:24 - 2015-11-29 19:24 - 03823312 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_25.dll
2015-11-29 19:24 - 2015-11-29 19:24 - 03815120 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_28.dll
2015-11-29 19:24 - 2015-11-29 19:24 - 03807440 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_27.dll
2015-11-29 19:24 - 2015-11-29 19:24 - 03786760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_37.dll
2015-11-29 19:24 - 2015-11-29 19:24 - 03767504 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_26.dll
2015-11-29 19:24 - 2015-11-29 19:24 - 03734536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_36.dll
2015-11-29 19:24 - 2015-11-29 19:24 - 03727720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_35.dll
2015-11-29 19:24 - 2015-11-29 19:24 - 03544272 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_24.dll
2015-11-29 19:24 - 2015-11-29 19:24 - 03497832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_34.dll
2015-11-29 19:24 - 2015-11-29 19:24 - 03495784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_33.dll
2015-11-29 19:24 - 2015-11-29 19:24 - 03426072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_32.dll
2015-11-29 19:24 - 2015-11-29 19:24 - 02414360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_31.dll
2015-11-29 19:24 - 2015-11-29 19:24 - 02388176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_30.dll
2015-11-29 19:24 - 2015-11-29 19:24 - 02337488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_25.dll
2015-11-29 19:24 - 2015-11-29 19:24 - 02332368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_29.dll
2015-11-29 19:24 - 2015-11-29 19:24 - 02323664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_28.dll
2015-11-29 19:24 - 2015-11-29 19:24 - 02319568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_27.dll
2015-11-29 19:24 - 2015-11-29 19:24 - 02297552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_26.dll
2015-11-29 19:24 - 2015-11-29 19:24 - 02222800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_24.dll
2015-11-29 19:24 - 2015-11-29 19:24 - 02006552 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_36.dll
2015-11-29 19:24 - 2015-11-29 19:24 - 01985904 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_35.dll
2015-11-29 19:24 - 2015-11-29 19:24 - 01941528 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_38.dll
2015-11-29 19:24 - 2015-11-29 19:24 - 01860120 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_37.dll
2015-11-29 19:24 - 2015-11-29 19:24 - 01491992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_38.dll
2015-11-29 19:24 - 2015-11-29 19:24 - 01420824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_37.dll
2015-11-29 19:24 - 2015-11-29 19:24 - 01401200 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_34.dll
2015-11-29 19:24 - 2015-11-29 19:24 - 01400176 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_33.dll
2015-11-29 19:24 - 2015-11-29 19:24 - 01374232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_36.dll
2015-11-29 19:24 - 2015-11-29 19:24 - 01358192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_35.dll
2015-11-29 19:24 - 2015-11-29 19:24 - 01124720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_34.dll
2015-11-29 19:24 - 2015-11-29 19:24 - 01123696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_33.dll
2015-11-29 19:24 - 2015-11-29 19:24 - 00540688 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_38.dll
2015-11-29 19:24 - 2015-11-29 19:24 - 00529424 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_37.dll
2015-11-29 19:24 - 2015-11-29 19:24 - 00511496 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_1.dll
2015-11-29 19:24 - 2015-11-29 19:24 - 00508264 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_36.dll
2015-11-29 19:24 - 2015-11-29 19:24 - 00508264 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_35.dll
2015-11-29 19:24 - 2015-11-29 19:24 - 00507400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_1.dll
2015-11-29 19:24 - 2015-11-29 19:24 - 00506728 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_34.dll
2015-11-29 19:24 - 2015-11-29 19:24 - 00506728 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_33.dll
2015-11-29 19:24 - 2015-11-29 19:24 - 00489480 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_0.dll
2015-11-29 19:24 - 2015-11-29 19:24 - 00479752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_0.dll
2015-11-29 19:24 - 2015-11-29 19:24 - 00469264 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10.dll
2015-11-29 19:24 - 2015-11-29 19:24 - 00467984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_38.dll
2015-11-29 19:24 - 2015-11-29 19:24 - 00462864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_37.dll
2015-11-29 19:24 - 2015-11-29 19:24 - 00444776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_36.dll
2015-11-29 19:24 - 2015-11-29 19:24 - 00444776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_35.dll
2015-11-29 19:24 - 2015-11-29 19:24 - 00443752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_34.dll
2015-11-29 19:24 - 2015-11-29 19:24 - 00443752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_33.dll
2015-11-29 19:24 - 2015-11-29 19:24 - 00440080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10.dll
2015-11-29 19:24 - 2015-11-29 19:24 - 00411656 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_10.dll
2015-11-29 19:24 - 2015-11-29 19:24 - 00411496 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_9.dll
2015-11-29 19:24 - 2015-11-29 19:24 - 00409960 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_8.dll
2015-11-29 19:24 - 2015-11-29 19:24 - 00403304 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_7.dll
2015-11-29 19:24 - 2015-11-29 19:24 - 00393576 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_6.dll
2015-11-29 19:24 - 2015-11-29 19:24 - 00390424 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_5.dll
2015-11-29 19:24 - 2015-11-29 19:24 - 00364824 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_4.dll
2015-11-29 19:24 - 2015-11-29 19:24 - 00363288 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_3.dll
2015-11-29 19:24 - 2015-11-29 19:24 - 00355536 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_0.dll
2015-11-29 19:24 - 2015-11-29 19:24 - 00354072 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_2.dll
2015-11-29 19:24 - 2015-11-29 19:24 - 00352464 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_1.dll
2015-11-29 19:24 - 2015-11-29 19:24 - 00267272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_10.dll
2015-11-29 19:24 - 2015-11-29 19:24 - 00267112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_9.dll
2015-11-29 19:24 - 2015-11-29 19:24 - 00266088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_8.dll
2015-11-29 19:24 - 2015-11-29 19:24 - 00261480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_7.dll
2015-11-29 19:24 - 2015-11-29 19:24 - 00255848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_6.dll
2015-11-29 19:24 - 2015-11-29 19:24 - 00251672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_5.dll
2015-11-29 19:24 - 2015-11-29 19:24 - 00238088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_1.dll
2015-11-29 19:24 - 2015-11-29 19:24 - 00238088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_0.dll
2015-11-29 19:24 - 2015-11-29 19:24 - 00237848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_4.dll
2015-11-29 19:24 - 2015-11-29 19:24 - 00236824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_3.dll
2015-11-29 19:24 - 2015-11-29 19:24 - 00230168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_2.dll
2015-11-29 19:24 - 2015-11-29 19:24 - 00230096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_0.dll
2015-11-29 19:24 - 2015-11-29 19:24 - 00229584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_1.dll
2015-11-29 19:24 - 2015-11-29 19:24 - 00177672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_1.dll
2015-11-29 19:24 - 2015-11-29 19:24 - 00177672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_0.dll
2015-11-29 19:24 - 2015-11-29 19:24 - 00107368 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_3.dll
2015-11-29 19:24 - 2015-11-29 19:24 - 00083736 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_2.dll
2015-11-29 19:24 - 2015-11-29 19:24 - 00083664 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_1.dll
2015-11-29 19:24 - 2015-11-29 19:24 - 00081768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xinput1_3.dll
2015-11-29 19:24 - 2015-11-29 19:24 - 00068104 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_0.dll
2015-11-29 19:24 - 2015-11-29 19:24 - 00065032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_0.dll
2015-11-29 19:24 - 2015-11-29 19:24 - 00062744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xinput1_2.dll
2015-11-29 19:24 - 2015-11-29 19:24 - 00062672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xinput1_1.dll
2015-11-29 19:24 - 2015-11-29 19:24 - 00028168 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_4.dll
2015-11-29 19:24 - 2015-11-29 19:24 - 00028168 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_3.dll
2015-11-29 19:24 - 2015-11-29 19:24 - 00025608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_4.dll
2015-11-29 19:24 - 2015-11-29 19:24 - 00025608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_3.dll
2015-11-29 19:24 - 2015-11-29 19:24 - 00021000 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_2.dll
2015-11-29 19:24 - 2015-11-29 19:24 - 00017928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_2.dll
2015-11-29 19:24 - 2015-11-29 19:24 - 00017688 _____ (Microsoft Corporation) C:\Windows\system32\x3daudio1_1.dll
2015-11-29 19:24 - 2015-11-29 19:24 - 00016592 _____ (Microsoft Corporation) C:\Windows\system32\x3daudio1_0.dll
2015-11-29 19:24 - 2015-11-29 19:24 - 00015128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\x3daudio1_1.dll
2015-11-29 19:24 - 2015-11-29 19:24 - 00014032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\x3daudio1_0.dll
2015-11-29 18:58 - 2015-11-29 20:08 - 00050168 _____ C:\Windows\system32\Drivers\fvstore.dat
2015-11-29 18:58 - 2015-11-29 18:58 - 00000000 ____D C:\VTRoot
2015-11-29 16:09 - 2015-11-29 16:09 - 00001870 _____ C:\Users\Public\Desktop\COMODO Firewall.lnk
2015-11-29 16:09 - 2015-11-29 16:09 - 00000000 ____D C:\Windows\System32\Tasks\COMODO
2015-11-29 16:08 - 2015-11-30 08:51 - 00000000 ____D C:\Program Files\COMODO
2015-11-29 16:08 - 2015-11-29 16:08 - 00000000 ____D C:\ProgramData\Shared Space
2015-11-29 16:07 - 2015-11-30 08:51 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Comodo
2015-11-29 16:07 - 2015-11-29 16:07 - 00000000 ____D C:\Users\buebi\AppData\Local\Comodo
2015-11-29 16:05 - 2015-11-29 16:09 - 00000000 ____D C:\ProgramData\Comodo
2015-11-29 15:04 - 2015-11-29 15:06 - 00000000 ____D C:\Windows\SysWOW64\directx
2015-11-29 14:59 - 2015-11-29 14:59 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2015-11-29 14:05 - 2015-11-29 14:05 - 00000146 _____ C:\Users\buebi\Desktop\NVIDIA Systemsteuerung - Verknüpfung.lnk
2015-11-29 12:03 - 2015-11-29 12:03 - 00110176 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
2015-11-29 12:03 - 2015-11-29 12:03 - 00000000 ____D C:\Program Files\Java
2015-11-29 11:53 - 2015-11-29 11:54 - 01905272 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6435900.dll
2015-11-29 11:53 - 2015-11-29 11:54 - 01564792 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6435900.dll
2015-11-29 11:40 - 2015-11-29 11:40 - 00205456 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvhda64v.sys
2015-11-29 11:40 - 2015-11-29 11:40 - 00039240 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdap64.dll
2015-11-29 10:11 - 2015-11-29 10:11 - 00000000 ____D C:\ProgramData\McAfee
2015-11-29 09:16 - 2015-11-29 09:16 - 00002063 _____ C:\Users\buebi\Desktop\Curse - Verknüpfung.lnk
2015-11-29 09:14 - 2015-11-29 09:14 - 00003118 _____ C:\Windows\System32\Tasks\{CD827ED8-44D2-49BD-9906-C99AA9595535}
2015-11-29 04:24 - 2015-11-29 12:03 - 00000000 ____D C:\Users\buebi\.oracle_jre_usage
2015-11-28 19:25 - 2015-11-28 19:25 - 00000917 _____ C:\Users\buebi\Desktop\Revo Uninstaller.lnk
2015-11-28 19:25 - 2015-11-28 19:25 - 00000000 ____D C:\Users\buebi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller
2015-11-28 19:07 - 2015-11-28 19:07 - 00000788 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2015-11-28 19:07 - 2015-11-28 19:07 - 00000788 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2015-11-28 16:47 - 2015-12-03 23:25 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-11-28 16:47 - 2015-12-01 23:56 - 00109272 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-11-28 16:47 - 2015-11-28 16:47 - 00000787 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2015-11-28 16:47 - 2015-11-28 16:47 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-11-28 16:47 - 2015-11-28 16:47 - 00000000 ____D C:\ProgramData\Malwarebytes
2015-11-28 16:47 - 2015-10-05 09:50 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-11-28 16:47 - 2015-10-05 09:50 - 00025816 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
2015-11-28 15:51 - 2015-12-06 14:40 - 00002266 _____ C:\Users\Public\Desktop\Advanced SystemCare 9.lnk
2015-11-28 15:51 - 2015-11-28 15:51 - 00003180 _____ C:\Windows\System32\Tasks\ASC9_PerformanceMonitor
2015-11-28 15:51 - 2015-11-28 15:51 - 00002868 _____ C:\Windows\System32\Tasks\ASC9_SkipUac_buebi
2015-11-28 15:51 - 2015-11-28 15:51 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced SystemCare
2015-11-28 15:51 - 2015-11-28 15:51 - 00000000 ____D C:\ProgramData\{FD6F83C0-EC70-4581-8361-C70CD1AA4B98}
2015-11-26 16:19 - 2015-12-07 16:44 - 00000000 ____D C:\FRST
2015-11-26 15:18 - 2015-11-26 15:18 - 00007307 _____ C:\Users\buebi\AppData\LocalLow\_how_recover_ayk.HTML
2015-11-26 15:18 - 2015-11-26 15:18 - 00002588 _____ C:\Users\buebi\AppData\LocalLow\_how_recover_ayk.TXT
2015-11-26 15:12 - 2015-11-26 15:12 - 00000000 _____ C:\Program Files\Common Files\_how_recover_ooy.TXT
2015-11-26 15:12 - 2015-11-26 15:12 - 00000000 _____ C:\Program Files\Common Files\_how_recover_ooy.HTML
2015-11-26 14:24 - 2015-11-26 14:24 - 00007307 _____ C:\ProgramData\_how_recover_qpk.HTML
2015-11-26 14:24 - 2015-11-26 14:24 - 00007307 _____ C:\Program Files\Common Files\_how_recover_qpk.HTML
2015-11-26 14:24 - 2015-11-26 14:24 - 00002588 _____ C:\ProgramData\_how_recover_qpk.TXT
2015-11-26 14:24 - 2015-11-26 14:24 - 00002588 _____ C:\Program Files\Common Files\_how_recover_qpk.TXT
2015-11-25 20:26 - 2015-11-25 20:26 - 00000000 _____ C:\Users\buebi\AppData\LocalLow\_how_recover_smn.TXT
2015-11-25 20:09 - 2015-11-25 20:27 - 00007307 _____ C:\Users\buebi\AppData\Roaming\_how_recover_smn.HTML
2015-11-25 20:09 - 2015-11-25 20:27 - 00007307 _____ C:\Users\buebi\AppData\Local\_how_recover_smn.HTML
2015-11-25 20:09 - 2015-11-25 20:27 - 00002588 _____ C:\Users\buebi\AppData\Roaming\_how_recover_smn.TXT
2015-11-25 20:09 - 2015-11-25 20:27 - 00002588 _____ C:\Users\buebi\AppData\Local\_how_recover_smn.TXT
2015-11-25 20:09 - 2015-11-25 20:09 - 00007307 _____ C:\Users\buebi\AppData\Local\Apps\_how_recover_smn.HTML
2015-11-25 20:09 - 2015-11-25 20:09 - 00007307 _____ C:\ProgramData\_how_recover_smn.HTML
2015-11-25 20:09 - 2015-11-25 20:09 - 00007307 _____ C:\Program Files\Common Files\_how_recover_smn.HTML
2015-11-25 20:09 - 2015-11-25 20:09 - 00002588 _____ C:\Users\buebi\AppData\Local\Apps\_how_recover_smn.TXT
2015-11-25 20:09 - 2015-11-25 20:09 - 00002588 _____ C:\ProgramData\_how_recover_smn.TXT
2015-11-25 20:09 - 2015-11-25 20:09 - 00002588 _____ C:\Program Files\Common Files\_how_recover_smn.TXT
2015-11-25 18:31 - 2015-11-25 18:44 - 00007307 _____ C:\Users\buebi\AppData\Roaming\_how_recover_dvx.HTML
2015-11-25 18:31 - 2015-11-25 18:44 - 00007307 _____ C:\Users\buebi\AppData\Local\_how_recover_dvx.HTML
2015-11-25 18:31 - 2015-11-25 18:44 - 00002588 _____ C:\Users\buebi\AppData\Roaming\_how_recover_dvx.TXT
2015-11-25 18:31 - 2015-11-25 18:44 - 00002588 _____ C:\Users\buebi\AppData\Local\_how_recover_dvx.TXT
2015-11-25 18:31 - 2015-11-25 18:31 - 00007307 _____ C:\Users\buebi\AppData\Local\Apps\_how_recover_dvx.HTML
2015-11-25 18:31 - 2015-11-25 18:31 - 00007307 _____ C:\ProgramData\_how_recover_dvx.HTML
2015-11-25 18:31 - 2015-11-25 18:31 - 00007307 _____ C:\Program Files\Common Files\_how_recover_dvx.HTML
2015-11-25 18:31 - 2015-11-25 18:31 - 00002588 _____ C:\Users\buebi\AppData\Local\Apps\_how_recover_dvx.TXT
2015-11-25 18:31 - 2015-11-25 18:31 - 00002588 _____ C:\ProgramData\_how_recover_dvx.TXT
2015-11-25 18:31 - 2015-11-25 18:31 - 00002588 _____ C:\Program Files\Common Files\_how_recover_dvx.TXT
2015-11-25 18:19 - 2015-11-25 18:19 - 00007307 _____ C:\Users\buebi\AppData\Roaming\_how_recover_oad.HTML
2015-11-25 18:19 - 2015-11-25 18:19 - 00007307 _____ C:\Users\buebi\AppData\Local\Apps\_how_recover_oad.HTML
2015-11-25 18:19 - 2015-11-25 18:19 - 00007307 _____ C:\Users\buebi\AppData\Local\_how_recover_oad.HTML
2015-11-25 18:19 - 2015-11-25 18:19 - 00007307 _____ C:\ProgramData\_how_recover_oad.HTML
2015-11-25 18:19 - 2015-11-25 18:19 - 00007307 _____ C:\Program Files\Common Files\_how_recover_oad.HTML
2015-11-25 18:19 - 2015-11-25 18:19 - 00002588 _____ C:\Users\buebi\AppData\Roaming\_how_recover_oad.TXT
2015-11-25 18:19 - 2015-11-25 18:19 - 00002588 _____ C:\Users\buebi\AppData\Local\Apps\_how_recover_oad.TXT
2015-11-25 18:19 - 2015-11-25 18:19 - 00002588 _____ C:\Users\buebi\AppData\Local\_how_recover_oad.TXT
2015-11-25 18:19 - 2015-11-25 18:19 - 00002588 _____ C:\ProgramData\_how_recover_oad.TXT
2015-11-25 18:19 - 2015-11-25 18:19 - 00002588 _____ C:\Program Files\Common Files\_how_recover_oad.TXT
2015-11-25 18:03 - 2015-11-25 18:03 - 00001086 _____ C:\Windows\system32\Tasks - Verknüpfung.lnk
2015-11-25 17:48 - 2015-11-25 17:48 - 00007307 _____ C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\_how_recover_mxh.HTML
2015-11-25 17:48 - 2015-11-25 17:48 - 00007307 _____ C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\_how_recover_mxh.HTML
2015-11-25 17:48 - 2015-11-25 17:48 - 00007307 _____ C:\Users\Default\AppData\Roaming\_how_recover_mxh.HTML
2015-11-25 17:48 - 2015-11-25 17:48 - 00007307 _____ C:\Users\Default\AppData\LocalLow\_how_recover_mxh.HTML
2015-11-25 17:48 - 2015-11-25 17:48 - 00007307 _____ C:\Users\Default\AppData\Local\_how_recover_mxh.HTML
2015-11-25 17:48 - 2015-11-25 17:48 - 00007307 _____ C:\Users\Default\AppData\_how_recover_mxh.HTML
2015-11-25 17:48 - 2015-11-25 17:48 - 00007307 _____ C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\_how_recover_mxh.HTML
2015-11-25 17:48 - 2015-11-25 17:48 - 00007307 _____ C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\_how_recover_mxh.HTML
2015-11-25 17:48 - 2015-11-25 17:48 - 00007307 _____ C:\Users\Default User\AppData\Roaming\_how_recover_mxh.HTML
2015-11-25 17:48 - 2015-11-25 17:48 - 00007307 _____ C:\Users\Default User\AppData\LocalLow\_how_recover_mxh.HTML
2015-11-25 17:48 - 2015-11-25 17:48 - 00007307 _____ C:\Users\Default User\AppData\Local\_how_recover_mxh.HTML
2015-11-25 17:48 - 2015-11-25 17:48 - 00007307 _____ C:\Users\Default User\AppData\_how_recover_mxh.HTML
2015-11-25 17:48 - 2015-11-25 17:48 - 00007307 _____ C:\Users\buebi\AppData\LocalLow\_how_recover_mxh.HTML
2015-11-25 17:48 - 2015-11-25 17:48 - 00007307 _____ C:\Users\buebi\AppData\_how_recover_mxh.HTML
2015-11-25 17:48 - 2015-11-25 17:48 - 00002588 _____ C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\_how_recover_mxh.TXT
2015-11-25 17:48 - 2015-11-25 17:48 - 00002588 _____ C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\_how_recover_mxh.TXT
2015-11-25 17:48 - 2015-11-25 17:48 - 00002588 _____ C:\Users\Default\AppData\Roaming\_how_recover_mxh.TXT
2015-11-25 17:48 - 2015-11-25 17:48 - 00002588 _____ C:\Users\Default\AppData\LocalLow\_how_recover_mxh.TXT
2015-11-25 17:48 - 2015-11-25 17:48 - 00002588 _____ C:\Users\Default\AppData\Local\_how_recover_mxh.TXT
2015-11-25 17:48 - 2015-11-25 17:48 - 00002588 _____ C:\Users\Default\AppData\_how_recover_mxh.TXT
2015-11-25 17:48 - 2015-11-25 17:48 - 00002588 _____ C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\_how_recover_mxh.TXT
2015-11-25 17:48 - 2015-11-25 17:48 - 00002588 _____ C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\_how_recover_mxh.TXT
2015-11-25 17:48 - 2015-11-25 17:48 - 00002588 _____ C:\Users\Default User\AppData\Roaming\_how_recover_mxh.TXT
2015-11-25 17:48 - 2015-11-25 17:48 - 00002588 _____ C:\Users\Default User\AppData\LocalLow\_how_recover_mxh.TXT
2015-11-25 17:48 - 2015-11-25 17:48 - 00002588 _____ C:\Users\Default User\AppData\Local\_how_recover_mxh.TXT
2015-11-25 17:48 - 2015-11-25 17:48 - 00002588 _____ C:\Users\Default User\AppData\_how_recover_mxh.TXT
2015-11-25 17:48 - 2015-11-25 17:48 - 00002588 _____ C:\Users\buebi\AppData\LocalLow\_how_recover_mxh.TXT
2015-11-25 17:48 - 2015-11-25 17:48 - 00002588 _____ C:\Users\buebi\AppData\_how_recover_mxh.TXT
2015-11-25 17:46 - 2015-11-25 17:47 - 00001251 _____ C:\Users\buebi\Desktop\taskmgr.lnk
2015-11-25 17:26 - 2015-11-25 17:48 - 00007307 _____ C:\Users\buebi\AppData\Roaming\_how_recover_mxh.HTML
2015-11-25 17:26 - 2015-11-25 17:48 - 00007307 _____ C:\Users\buebi\AppData\Local\_how_recover_mxh.HTML
2015-11-25 17:26 - 2015-11-25 17:48 - 00002588 _____ C:\Users\buebi\AppData\Roaming\_how_recover_mxh.TXT
2015-11-25 17:26 - 2015-11-25 17:48 - 00002588 _____ C:\Users\buebi\AppData\Local\_how_recover_mxh.TXT
2015-11-25 17:26 - 2015-11-25 17:26 - 00007307 _____ C:\Users\buebi\AppData\Local\Apps\_how_recover_mxh.HTML
2015-11-25 17:26 - 2015-11-25 17:26 - 00007307 _____ C:\ProgramData\_how_recover_mxh.HTML
2015-11-25 17:26 - 2015-11-25 17:26 - 00007307 _____ C:\Program Files\Common Files\_how_recover_mxh.HTML
2015-11-25 17:26 - 2015-11-25 17:26 - 00002588 _____ C:\Users\buebi\AppData\Local\Apps\_how_recover_mxh.TXT
2015-11-25 17:26 - 2015-11-25 17:26 - 00002588 _____ C:\ProgramData\_how_recover_mxh.TXT
2015-11-25 17:26 - 2015-11-25 17:26 - 00002588 _____ C:\Program Files\Common Files\_how_recover_mxh.TXT
2015-11-25 16:43 - 2015-11-25 16:43 - 00007307 _____ C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\_how_recover_ieh.HTML
2015-11-25 16:43 - 2015-11-25 16:43 - 00007307 _____ C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\_how_recover_ieh.HTML
2015-11-25 16:43 - 2015-11-25 16:43 - 00007307 _____ C:\Users\Default\AppData\Roaming\_how_recover_ieh.HTML
2015-11-25 16:43 - 2015-11-25 16:43 - 00007307 _____ C:\Users\Default\AppData\LocalLow\_how_recover_ieh.HTML
2015-11-25 16:43 - 2015-11-25 16:43 - 00007307 _____ C:\Users\Default\AppData\Local\_how_recover_ieh.HTML
2015-11-25 16:43 - 2015-11-25 16:43 - 00007307 _____ C:\Users\Default\AppData\_how_recover_ieh.HTML
2015-11-25 16:43 - 2015-11-25 16:43 - 00007307 _____ C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\_how_recover_ieh.HTML
2015-11-25 16:43 - 2015-11-25 16:43 - 00007307 _____ C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\_how_recover_ieh.HTML
2015-11-25 16:43 - 2015-11-25 16:43 - 00007307 _____ C:\Users\Default User\AppData\Roaming\_how_recover_ieh.HTML
2015-11-25 16:43 - 2015-11-25 16:43 - 00007307 _____ C:\Users\Default User\AppData\LocalLow\_how_recover_ieh.HTML
2015-11-25 16:43 - 2015-11-25 16:43 - 00007307 _____ C:\Users\Default User\AppData\Local\_how_recover_ieh.HTML
2015-11-25 16:43 - 2015-11-25 16:43 - 00007307 _____ C:\Users\Default User\AppData\_how_recover_ieh.HTML
2015-11-25 16:43 - 2015-11-25 16:43 - 00007307 _____ C:\Users\buebi\AppData\Roaming\_how_recover_ieh.HTML
2015-11-25 16:43 - 2015-11-25 16:43 - 00007307 _____ C:\Users\buebi\AppData\LocalLow\_how_recover_ieh.HTML
2015-11-25 16:43 - 2015-11-25 16:43 - 00007307 _____ C:\Users\buebi\AppData\Local\Apps\_how_recover_ieh.HTML
2015-11-25 16:43 - 2015-11-25 16:43 - 00007307 _____ C:\Users\buebi\AppData\Local\_how_recover_ieh.HTML
2015-11-25 16:43 - 2015-11-25 16:43 - 00007307 _____ C:\Users\buebi\AppData\_how_recover_ieh.HTML
2015-11-25 16:43 - 2015-11-25 16:43 - 00002588 _____ C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\_how_recover_ieh.TXT
2015-11-25 16:43 - 2015-11-25 16:43 - 00002588 _____ C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\_how_recover_ieh.TXT
2015-11-25 16:43 - 2015-11-25 16:43 - 00002588 _____ C:\Users\Default\AppData\Roaming\_how_recover_ieh.TXT
2015-11-25 16:43 - 2015-11-25 16:43 - 00002588 _____ C:\Users\Default\AppData\LocalLow\_how_recover_ieh.TXT
2015-11-25 16:43 - 2015-11-25 16:43 - 00002588 _____ C:\Users\Default\AppData\Local\_how_recover_ieh.TXT
2015-11-25 16:43 - 2015-11-25 16:43 - 00002588 _____ C:\Users\Default\AppData\_how_recover_ieh.TXT
2015-11-25 16:43 - 2015-11-25 16:43 - 00002588 _____ C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\_how_recover_ieh.TXT
2015-11-25 16:43 - 2015-11-25 16:43 - 00002588 _____ C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\_how_recover_ieh.TXT
2015-11-25 16:43 - 2015-11-25 16:43 - 00002588 _____ C:\Users\Default User\AppData\Roaming\_how_recover_ieh.TXT
2015-11-25 16:43 - 2015-11-25 16:43 - 00002588 _____ C:\Users\Default User\AppData\LocalLow\_how_recover_ieh.TXT
2015-11-25 16:43 - 2015-11-25 16:43 - 00002588 _____ C:\Users\Default User\AppData\Local\_how_recover_ieh.TXT
2015-11-25 16:43 - 2015-11-25 16:43 - 00002588 _____ C:\Users\Default User\AppData\_how_recover_ieh.TXT
2015-11-25 16:43 - 2015-11-25 16:43 - 00002588 _____ C:\Users\buebi\AppData\Roaming\_how_recover_ieh.TXT
2015-11-25 16:43 - 2015-11-25 16:43 - 00002588 _____ C:\Users\buebi\AppData\LocalLow\_how_recover_ieh.TXT
2015-11-25 16:43 - 2015-11-25 16:43 - 00002588 _____ C:\Users\buebi\AppData\Local\Apps\_how_recover_ieh.TXT
2015-11-25 16:43 - 2015-11-25 16:43 - 00002588 _____ C:\Users\buebi\AppData\Local\_how_recover_ieh.TXT
2015-11-25 16:43 - 2015-11-25 16:43 - 00002588 _____ C:\Users\buebi\AppData\_how_recover_ieh.TXT
2015-11-25 16:42 - 2015-11-25 16:43 - 00007307 _____ C:\ProgramData\_how_recover_ieh.HTML
2015-11-25 16:42 - 2015-11-25 16:43 - 00002588 _____ C:\ProgramData\_how_recover_ieh.TXT
2015-11-25 16:42 - 2015-11-25 16:42 - 00007307 _____ C:\Program Files\Common Files\_how_recover_ieh.HTML
2015-11-25 16:42 - 2015-11-25 16:42 - 00002588 _____ C:\Program Files\Common Files\_how_recover_ieh.TXT
2015-11-24 20:47 - 2015-11-24 20:47 - 00007307 _____ C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\_how_recover_xwl.HTML
2015-11-24 20:47 - 2015-11-24 20:47 - 00007307 _____ C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\_how_recover_xwl.HTML
2015-11-24 20:47 - 2015-11-24 20:47 - 00007307 _____ C:\Users\Default\AppData\Roaming\_how_recover_xwl.HTML
2015-11-24 20:47 - 2015-11-24 20:47 - 00007307 _____ C:\Users\Default\AppData\LocalLow\_how_recover_xwl.HTML
2015-11-24 20:47 - 2015-11-24 20:47 - 00007307 _____ C:\Users\Default\AppData\Local\_how_recover_xwl.HTML
2015-11-24 20:47 - 2015-11-24 20:47 - 00007307 _____ C:\Users\Default\AppData\_how_recover_xwl.HTML
2015-11-24 20:47 - 2015-11-24 20:47 - 00007307 _____ C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\_how_recover_xwl.HTML
2015-11-24 20:47 - 2015-11-24 20:47 - 00007307 _____ C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\_how_recover_xwl.HTML
2015-11-24 20:47 - 2015-11-24 20:47 - 00007307 _____ C:\Users\Default User\AppData\Roaming\_how_recover_xwl.HTML
2015-11-24 20:47 - 2015-11-24 20:47 - 00007307 _____ C:\Users\Default User\AppData\LocalLow\_how_recover_xwl.HTML
2015-11-24 20:47 - 2015-11-24 20:47 - 00007307 _____ C:\Users\Default User\AppData\Local\_how_recover_xwl.HTML
2015-11-24 20:47 - 2015-11-24 20:47 - 00007307 _____ C:\Users\Default User\AppData\_how_recover_xwl.HTML
2015-11-24 20:47 - 2015-11-24 20:47 - 00007307 _____ C:\Users\buebi\AppData\LocalLow\_how_recover_xwl.HTML
2015-11-24 20:47 - 2015-11-24 20:47 - 00007307 _____ C:\Users\buebi\AppData\_how_recover_xwl.HTML
2015-11-24 20:47 - 2015-11-24 20:47 - 00002588 _____ C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\_how_recover_xwl.TXT
2015-11-24 20:47 - 2015-11-24 20:47 - 00002588 _____ C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\_how_recover_xwl.TXT
2015-11-24 20:47 - 2015-11-24 20:47 - 00002588 _____ C:\Users\Default\AppData\Roaming\_how_recover_xwl.TXT
2015-11-24 20:47 - 2015-11-24 20:47 - 00002588 _____ C:\Users\Default\AppData\LocalLow\_how_recover_xwl.TXT
2015-11-24 20:47 - 2015-11-24 20:47 - 00002588 _____ C:\Users\Default\AppData\Local\_how_recover_xwl.TXT
2015-11-24 20:47 - 2015-11-24 20:47 - 00002588 _____ C:\Users\Default\AppData\_how_recover_xwl.TXT
2015-11-24 20:47 - 2015-11-24 20:47 - 00002588 _____ C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\_how_recover_xwl.TXT
2015-11-24 20:47 - 2015-11-24 20:47 - 00002588 _____ C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\_how_recover_xwl.TXT
2015-11-24 20:47 - 2015-11-24 20:47 - 00002588 _____ C:\Users\Default User\AppData\Roaming\_how_recover_xwl.TXT
2015-11-24 20:47 - 2015-11-24 20:47 - 00002588 _____ C:\Users\Default User\AppData\LocalLow\_how_recover_xwl.TXT
2015-11-24 20:47 - 2015-11-24 20:47 - 00002588 _____ C:\Users\Default User\AppData\Local\_how_recover_xwl.TXT
2015-11-24 20:47 - 2015-11-24 20:47 - 00002588 _____ C:\Users\Default User\AppData\_how_recover_xwl.TXT
2015-11-24 20:47 - 2015-11-24 20:47 - 00002588 _____ C:\Users\buebi\AppData\LocalLow\_how_recover_xwl.TXT
2015-11-24 20:47 - 2015-11-24 20:47 - 00002588 _____ C:\Users\buebi\AppData\_how_recover_xwl.TXT
2015-11-24 20:46 - 2015-11-24 20:47 - 00007307 _____ C:\Users\buebi\AppData\Roaming\_how_recover_xwl.HTML
2015-11-24 20:46 - 2015-11-24 20:47 - 00007307 _____ C:\Users\buebi\AppData\Local\_how_recover_xwl.HTML
2015-11-24 20:46 - 2015-11-24 20:47 - 00002588 _____ C:\Users\buebi\AppData\Roaming\_how_recover_xwl.TXT
2015-11-24 20:46 - 2015-11-24 20:47 - 00002588 _____ C:\Users\buebi\AppData\Local\_how_recover_xwl.TXT
2015-11-24 20:46 - 2015-11-24 20:46 - 00007307 _____ C:\Users\buebi\AppData\Local\Apps\_how_recover_xwl.HTML
2015-11-24 20:46 - 2015-11-24 20:46 - 00007307 _____ C:\ProgramData\_how_recover_xwl.HTML
2015-11-24 20:46 - 2015-11-24 20:46 - 00007307 _____ C:\Program Files\Common Files\_how_recover_xwl.HTML
2015-11-24 20:46 - 2015-11-24 20:46 - 00002588 _____ C:\Users\buebi\AppData\Local\Apps\_how_recover_xwl.TXT
2015-11-24 20:46 - 2015-11-24 20:46 - 00002588 _____ C:\ProgramData\_how_recover_xwl.TXT
2015-11-24 20:46 - 2015-11-24 20:46 - 00002588 _____ C:\Program Files\Common Files\_how_recover_xwl.TXT
2015-11-24 20:21 - 2015-11-24 20:21 - 00007307 _____ C:\Users\buebi\AppData\LocalLow\_how_recover_pap.HTML
2015-11-24 20:21 - 2015-11-24 20:21 - 00007307 _____ C:\Users\buebi\AppData\_how_recover_pap.HTML
2015-11-24 20:21 - 2015-11-24 20:21 - 00002588 _____ C:\Users\buebi\AppData\LocalLow\_how_recover_pap.TXT
2015-11-24 20:21 - 2015-11-24 20:21 - 00002588 _____ C:\Users\buebi\AppData\_how_recover_pap.TXT
2015-11-24 20:14 - 2015-11-24 20:21 - 00007307 _____ C:\Users\buebi\AppData\Roaming\_how_recover_pap.HTML
2015-11-24 20:14 - 2015-11-24 20:21 - 00007307 _____ C:\Users\buebi\AppData\Local\_how_recover_pap.HTML
2015-11-24 20:14 - 2015-11-24 20:21 - 00002588 _____ C:\Users\buebi\AppData\Roaming\_how_recover_pap.TXT
2015-11-24 20:14 - 2015-11-24 20:21 - 00002588 _____ C:\Users\buebi\AppData\Local\_how_recover_pap.TXT
2015-11-24 20:14 - 2015-11-24 20:14 - 00007307 _____ C:\Users\buebi\AppData\Local\Apps\_how_recover_pap.HTML
2015-11-24 20:14 - 2015-11-24 20:14 - 00007307 _____ C:\ProgramData\_how_recover_pap.HTML
2015-11-24 20:14 - 2015-11-24 20:14 - 00002588 _____ C:\Users\buebi\AppData\Local\Apps\_how_recover_pap.TXT
2015-11-24 20:14 - 2015-11-24 20:14 - 00002588 _____ C:\ProgramData\_how_recover_pap.TXT
2015-11-24 20:11 - 2015-11-24 20:11 - 00007307 _____ C:\Users\buebi\AppData\Roaming\_how_recover_pcn.HTML
2015-11-24 20:11 - 2015-11-24 20:11 - 00007307 _____ C:\Users\buebi\AppData\Local\Apps\_how_recover_pcn.HTML
2015-11-24 20:11 - 2015-11-24 20:11 - 00007307 _____ C:\Users\buebi\AppData\Local\_how_recover_pcn.HTML
2015-11-24 20:11 - 2015-11-24 20:11 - 00007307 _____ C:\ProgramData\_how_recover_pcn.HTML
2015-11-24 20:11 - 2015-11-24 20:11 - 00002588 _____ C:\Users\buebi\AppData\Roaming\_how_recover_pcn.TXT
2015-11-24 20:11 - 2015-11-24 20:11 - 00002588 _____ C:\Users\buebi\AppData\Local\Apps\_how_recover_pcn.TXT
2015-11-24 20:11 - 2015-11-24 20:11 - 00002588 _____ C:\Users\buebi\AppData\Local\_how_recover_pcn.TXT
2015-11-24 20:11 - 2015-11-24 20:11 - 00002588 _____ C:\ProgramData\_how_recover_pcn.TXT
2015-11-24 20:09 - 2015-11-24 20:09 - 00007307 _____ C:\Users\buebi\AppData\Roaming\_how_recover_vnc.HTML
2015-11-24 20:09 - 2015-11-24 20:09 - 00007307 _____ C:\Users\buebi\AppData\Local\Apps\_how_recover_vnc.HTML
2015-11-24 20:09 - 2015-11-24 20:09 - 00007307 _____ C:\Users\buebi\AppData\Local\_how_recover_vnc.HTML
2015-11-24 20:09 - 2015-11-24 20:09 - 00007307 _____ C:\ProgramData\_how_recover_vnc.HTML
2015-11-24 20:09 - 2015-11-24 20:09 - 00002588 _____ C:\Users\buebi\AppData\Roaming\_how_recover_vnc.TXT
2015-11-24 20:09 - 2015-11-24 20:09 - 00002588 _____ C:\Users\buebi\AppData\Local\Apps\_how_recover_vnc.TXT
2015-11-24 20:09 - 2015-11-24 20:09 - 00002588 _____ C:\Users\buebi\AppData\Local\_how_recover_vnc.TXT
2015-11-24 20:09 - 2015-11-24 20:09 - 00002588 _____ C:\ProgramData\_how_recover_vnc.TXT
2015-11-24 19:24 - 2015-11-24 19:24 - 00007307 _____ C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\_how_recover_txi.HTML
2015-11-24 19:24 - 2015-11-24 19:24 - 00007307 _____ C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\_how_recover_txi.HTML
2015-11-24 19:24 - 2015-11-24 19:24 - 00007307 _____ C:\Users\Default\AppData\Roaming\_how_recover_txi.HTML
2015-11-24 19:24 - 2015-11-24 19:24 - 00007307 _____ C:\Users\Default\AppData\LocalLow\_how_recover_txi.HTML
2015-11-24 19:24 - 2015-11-24 19:24 - 00007307 _____ C:\Users\Default\AppData\Local\_how_recover_txi.HTML
2015-11-24 19:24 - 2015-11-24 19:24 - 00007307 _____ C:\Users\Default\AppData\_how_recover_txi.HTML
2015-11-24 19:24 - 2015-11-24 19:24 - 00007307 _____ C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\_how_recover_txi.HTML
2015-11-24 19:24 - 2015-11-24 19:24 - 00007307 _____ C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\_how_recover_txi.HTML
2015-11-24 19:24 - 2015-11-24 19:24 - 00007307 _____ C:\Users\Default User\AppData\Roaming\_how_recover_txi.HTML
2015-11-24 19:24 - 2015-11-24 19:24 - 00007307 _____ C:\Users\Default User\AppData\LocalLow\_how_recover_txi.HTML
2015-11-24 19:24 - 2015-11-24 19:24 - 00007307 _____ C:\Users\Default User\AppData\Local\_how_recover_txi.HTML
2015-11-24 19:24 - 2015-11-24 19:24 - 00007307 _____ C:\Users\Default User\AppData\_how_recover_txi.HTML
2015-11-24 19:24 - 2015-11-24 19:24 - 00007307 _____ C:\Users\buebi\AppData\_how_recover_txi.HTML
2015-11-24 19:24 - 2015-11-24 19:24 - 00002588 _____ C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\_how_recover_txi.TXT
2015-11-24 19:24 - 2015-11-24 19:24 - 00002588 _____ C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\_how_recover_txi.TXT
2015-11-24 19:24 - 2015-11-24 19:24 - 00002588 _____ C:\Users\Default\AppData\Roaming\_how_recover_txi.TXT
2015-11-24 19:24 - 2015-11-24 19:24 - 00002588 _____ C:\Users\Default\AppData\LocalLow\_how_recover_txi.TXT
2015-11-24 19:24 - 2015-11-24 19:24 - 00002588 _____ C:\Users\Default\AppData\Local\_how_recover_txi.TXT
2015-11-24 19:24 - 2015-11-24 19:24 - 00002588 _____ C:\Users\Default\AppData\_how_recover_txi.TXT
2015-11-24 19:24 - 2015-11-24 19:24 - 00002588 _____ C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\_how_recover_txi.TXT
2015-11-24 19:24 - 2015-11-24 19:24 - 00002588 _____ C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\_how_recover_txi.TXT
2015-11-24 19:24 - 2015-11-24 19:24 - 00002588 _____ C:\Users\Default User\AppData\Roaming\_how_recover_txi.TXT
2015-11-24 19:24 - 2015-11-24 19:24 - 00002588 _____ C:\Users\Default User\AppData\LocalLow\_how_recover_txi.TXT
2015-11-24 19:24 - 2015-11-24 19:24 - 00002588 _____ C:\Users\Default User\AppData\Local\_how_recover_txi.TXT
2015-11-24 19:24 - 2015-11-24 19:24 - 00002588 _____ C:\Users\Default User\AppData\_how_recover_txi.TXT
2015-11-24 19:24 - 2015-11-24 19:24 - 00002588 _____ C:\Users\buebi\AppData\_how_recover_txi.TXT
2015-11-24 19:21 - 2015-11-24 19:21 - 00007307 _____ C:\Users\buebi\AppData\LocalLow\_how_recover_txi.HTML
2015-11-24 19:21 - 2015-11-24 19:21 - 00002588 _____ C:\Users\buebi\AppData\LocalLow\_how_recover_txi.TXT
2015-11-24 19:20 - 2015-11-26 15:19 - 00000904 ____H C:\ProgramData\@system.temp
2015-11-24 19:18 - 2015-11-24 19:18 - 00000480 ____H C:\Users\buebi\AppData\Roaming\½ž’“Ó™œ‰
2015-11-24 19:17 - 2015-12-07 16:34 - 00000000 ____D C:\Users\buebi\AppData\LocalLow\{A7678D9E-37E4-4D52-A9B2-11777696009D}
2015-11-24 19:17 - 2015-12-07 16:34 - 00000000 ____D C:\Users\buebi\AppData\LocalLow\{56569604-F8FD-4B74-AFE1-A9BF4392C217}
2015-11-24 19:17 - 2015-11-24 19:24 - 00007307 _____ C:\Users\buebi\AppData\Roaming\_how_recover_txi.HTML
2015-11-24 19:17 - 2015-11-24 19:24 - 00007307 _____ C:\Users\buebi\AppData\Local\_how_recover_txi.HTML
2015-11-24 19:17 - 2015-11-24 19:24 - 00002588 _____ C:\Users\buebi\AppData\Roaming\_how_recover_txi.TXT
2015-11-24 19:17 - 2015-11-24 19:24 - 00002588 _____ C:\Users\buebi\AppData\Local\_how_recover_txi.TXT
2015-11-24 19:17 - 2015-11-24 19:17 - 00007307 _____ C:\Users\buebi\AppData\Local\Apps\_how_recover_txi.HTML
2015-11-24 19:17 - 2015-11-24 19:17 - 00007307 _____ C:\ProgramData\_how_recover_txi.HTML
2015-11-24 19:17 - 2015-11-24 19:17 - 00007307 _____ C:\Program Files\Common Files\_how_recover_txi.HTML
2015-11-24 19:17 - 2015-11-24 19:17 - 00002588 _____ C:\Users\buebi\AppData\Local\Apps\_how_recover_txi.TXT
2015-11-24 19:17 - 2015-11-24 19:17 - 00002588 _____ C:\ProgramData\_how_recover_txi.TXT
2015-11-24 19:17 - 2015-11-24 19:17 - 00002588 _____ C:\Program Files\Common Files\_how_recover_txi.TXT
2015-11-14 11:25 - 2015-12-07 16:34 - 00000000 ____D C:\Users\buebi\AppData\LocalLow\{D55E3194-1AF1-4F77-8E95-158F7A791250}
2015-11-14 11:25 - 2015-12-07 16:34 - 00000000 ____D C:\Users\buebi\AppData\LocalLow\{189F0F8A-EE01-4590-871B-397920EA8882}
2015-11-12 15:41 - 2015-11-03 18:55 - 03211264 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-11-11 15:50 - 2015-11-03 22:51 - 00342728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-11-11 15:50 - 2015-10-31 00:40 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-11-11 15:50 - 2015-10-31 00:25 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-11-11 15:50 - 2015-10-31 00:16 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-11-11 15:50 - 2015-10-31 00:12 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-11-11 15:50 - 2015-10-30 23:53 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-11-11 15:50 - 2015-10-30 23:47 - 00504832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-11-11 15:50 - 2015-10-30 23:45 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-11-11 15:50 - 2015-10-30 23:44 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-11-11 15:50 - 2015-10-30 23:32 - 00720896 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-11-11 15:50 - 2015-10-30 23:23 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-11-11 15:50 - 2015-10-30 23:19 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-11-11 15:50 - 2015-10-30 23:18 - 00279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-11-11 15:50 - 2015-10-30 23:17 - 00130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2015-11-11 15:50 - 2015-10-30 22:48 - 01311744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-11-11 15:49 - 2015-11-03 23:10 - 00390344 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-11-11 15:49 - 2015-10-31 00:46 - 25818624 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-11-11 15:49 - 2015-10-31 00:40 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-11-11 15:49 - 2015-10-31 00:25 - 02886656 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-11-11 15:49 - 2015-10-31 00:25 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-11-11 15:49 - 2015-10-31 00:25 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-11-11 15:49 - 2015-10-31 00:24 - 00585728 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-11-11 15:49 - 2015-10-31 00:24 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-11-11 15:49 - 2015-10-31 00:17 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-11-11 15:49 - 2015-10-31 00:13 - 00616960 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-11-11 15:49 - 2015-10-31 00:12 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-11-11 15:49 - 2015-10-31 00:11 - 05990912 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-11-11 15:49 - 2015-10-31 00:11 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-11-11 15:49 - 2015-10-31 00:11 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-11-11 15:49 - 2015-10-31 00:04 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-11-11 15:49 - 2015-10-31 00:01 - 00489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-11-11 15:49 - 2015-10-30 23:58 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-11-11 15:49 - 2015-10-30 23:52 - 20331520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-11-11 15:49 - 2015-10-30 23:49 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-11-11 15:49 - 2015-10-30 23:49 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-11-11 15:49 - 2015-10-30 23:46 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-11-11 15:49 - 2015-10-30 23:46 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-11-11 15:49 - 2015-10-30 23:45 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-11-11 15:49 - 2015-10-30 23:44 - 00152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2015-11-11 15:49 - 2015-10-30 23:42 - 02279936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-11-11 15:49 - 2015-10-30 23:39 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-11-11 15:49 - 2015-10-30 23:39 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-11-11 15:49 - 2015-10-30 23:37 - 00480256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-11-11 15:49 - 2015-10-30 23:36 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-11-11 15:49 - 2015-10-30 23:36 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-11-11 15:49 - 2015-10-30 23:36 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-11-11 15:49 - 2015-10-30 23:34 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2015-11-11 15:49 - 2015-10-30 23:31 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-11-11 15:49 - 2015-10-30 23:29 - 02126336 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-11-11 15:49 - 2015-10-30 23:29 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-11-11 15:49 - 2015-10-30 23:28 - 00416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-11-11 15:49 - 2015-10-30 23:22 - 14457856 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-11-11 15:49 - 2015-10-30 23:21 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-11-11 15:49 - 2015-10-30 23:17 - 02487808 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-11-11 15:49 - 2015-10-30 23:16 - 04527616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-11-11 15:49 - 2015-10-30 23:11 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2015-11-11 15:49 - 2015-10-30 23:10 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-11-11 15:49 - 2015-10-30 23:09 - 12854272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-11-11 15:49 - 2015-10-30 23:09 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-11-11 15:49 - 2015-10-30 23:09 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-11-11 15:49 - 2015-10-30 23:04 - 01547264 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-11-11 15:49 - 2015-10-30 22:53 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-11-11 15:49 - 2015-10-30 22:51 - 02011136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-11-11 15:49 - 2015-10-30 22:46 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-11-11 15:49 - 2015-10-29 18:50 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\apphelp.dll
2015-11-11 15:49 - 2015-10-29 18:50 - 00072192 _____ (Microsoft Corporation) C:\Windows\system32\aelupsvc.dll
2015-11-11 15:49 - 2015-10-29 18:50 - 00023552 _____ (Microsoft Corporation) C:\Windows\system32\sdbinst.exe
2015-11-11 15:49 - 2015-10-29 18:50 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\shimeng.dll
2015-11-11 15:49 - 2015-10-29 18:50 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shimeng.dll
2015-11-11 15:49 - 2015-10-29 18:49 - 00295936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apphelp.dll
2015-11-11 15:49 - 2015-10-29 18:49 - 00020992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sdbinst.exe
2015-11-11 15:49 - 2015-10-20 02:12 - 05570496 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-11-11 15:49 - 2015-10-20 02:12 - 00154560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-11-11 15:49 - 2015-10-20 02:12 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-11-11 15:49 - 2015-10-20 02:09 - 01730496 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-11-11 15:49 - 2015-10-20 02:06 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2015-11-11 15:49 - 2015-10-20 02:06 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2015-11-11 15:49 - 2015-10-20 02:06 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2015-11-11 15:49 - 2015-10-20 02:06 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2015-11-11 15:49 - 2015-10-20 02:05 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-11-11 15:49 - 2015-10-20 02:05 - 01216512 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2015-11-11 15:49 - 2015-10-20 02:05 - 01164800 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2015-11-11 15:49 - 2015-10-20 02:05 - 00729600 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-11-11 15:49 - 2015-10-20 02:05 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-11-11 15:49 - 2015-10-20 02:05 - 00424960 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2015-11-11 15:49 - 2015-10-20 02:05 - 00344064 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-11-11 15:49 - 2015-10-20 02:05 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-11-11 15:49 - 2015-10-20 02:05 - 00312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-11-11 15:49 - 2015-10-20 02:05 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-11-11 15:49 - 2015-10-20 02:05 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-11-11 15:49 - 2015-10-20 02:05 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-11-11 15:49 - 2015-10-20 02:05 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2015-11-11 15:49 - 2015-10-20 02:05 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-11-11 15:49 - 2015-10-20 02:05 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-11-11 15:49 - 2015-10-20 02:05 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2015-11-11 15:49 - 2015-10-20 02:05 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2015-11-11 15:49 - 2015-10-20 02:05 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-11-11 15:49 - 2015-10-20 02:05 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-11-11 15:49 - 2015-10-20 02:05 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-11-11 15:49 - 2015-10-20 02:05 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2015-11-11 15:49 - 2015-10-20 02:04 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2015-11-11 15:49 - 2015-10-20 02:04 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-11-11 15:49 - 2015-10-20 02:04 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-11-11 15:49 - 2015-10-20 02:00 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-11-11 15:49 - 2015-10-20 01:59 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-11-11 15:49 - 2015-10-20 01:53 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-11-11 15:49 - 2015-10-20 01:53 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2015-11-11 15:49 - 2015-10-20 01:53 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-11-11 15:49 - 2015-10-20 01:53 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-11-11 15:49 - 2015-10-20 01:53 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-11-11 15:49 - 2015-10-20 01:53 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-11-11 15:49 - 2015-10-20 01:53 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-11-11 15:49 - 2015-10-20 01:53 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-11-11 15:49 - 2015-10-20 01:53 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-11-11 15:49 - 2015-10-20 01:53 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-11-11 15:49 - 2015-10-20 01:53 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-11-11 15:49 - 2015-10-20 01:53 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-11-11 15:49 - 2015-10-20 01:53 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-11-11 15:49 - 2015-10-20 01:53 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-11-11 15:49 - 2015-10-20 01:53 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-11-11 15:49 - 2015-10-20 01:53 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-11-11 15:49 - 2015-10-20 01:53 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-11-11 15:49 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-11-11 15:49 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-11-11 15:49 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-11-11 15:49 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-11-11 15:49 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-11-11 15:49 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-11-11 15:49 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-11-11 15:49 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-11-11 15:49 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-11-11 15:49 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-11-11 15:49 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-11-11 15:49 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-11-11 15:49 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-11-11 15:49 - 2015-10-20 01:52 - 03991488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-11-11 15:49 - 2015-10-20 01:52 - 03935680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-11-11 15:49 - 2015-10-20 01:48 - 01311768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2015-11-11 15:49 - 2015-10-20 01:45 - 00552960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-11-11 15:49 - 2015-10-20 01:45 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-11-11 15:49 - 2015-10-20 01:45 - 00251392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-11-11 15:49 - 2015-10-20 01:45 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-11-11 15:49 - 2015-10-20 01:45 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-11-11 15:49 - 2015-10-20 01:45 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-11-11 15:49 - 2015-10-20 01:45 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-11-11 15:49 - 2015-10-20 01:45 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2015-11-11 15:49 - 2015-10-20 01:45 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2015-11-11 15:49 - 2015-10-20 01:45 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-11-11 15:49 - 2015-10-20 01:45 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-11-11 15:49 - 2015-10-20 01:45 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2015-11-11 15:49 - 2015-10-20 01:44 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2015-11-11 15:49 - 2015-10-20 01:44 - 00665088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2015-11-11 15:49 - 2015-10-20 01:44 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2015-11-11 15:49 - 2015-10-20 01:44 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-11-11 15:49 - 2015-10-20 01:44 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2015-11-11 15:49 - 2015-10-20 01:44 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2015-11-11 15:49 - 2015-10-20 01:39 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-11-11 15:49 - 2015-10-20 01:39 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2015-11-11 15:49 - 2015-10-20 01:35 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-11-11 15:49 - 2015-10-20 01:35 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2015-11-11 15:49 - 2015-10-20 01:35 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2015-11-11 15:49 - 2015-10-20 01:35 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2015-11-11 15:49 - 2015-10-20 01:35 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2015-11-11 15:49 - 2015-10-20 01:35 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2015-11-11 15:49 - 2015-10-20 01:35 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2015-11-11 15:49 - 2015-10-20 01:35 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2015-11-11 15:49 - 2015-10-20 01:35 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2015-11-11 15:49 - 2015-10-20 01:35 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2015-11-11 15:49 - 2015-10-20 01:35 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2015-11-11 15:49 - 2015-10-20 01:35 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2015-11-11 15:49 - 2015-10-20 01:35 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2015-11-11 15:49 - 2015-10-20 01:35 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2015-11-11 15:49 - 2015-10-20 01:35 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2015-11-11 15:49 - 2015-10-20 01:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2015-11-11 15:49 - 2015-10-20 01:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-11-11 15:49 - 2015-10-20 01:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2015-11-11 15:49 - 2015-10-20 01:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2015-11-11 15:49 - 2015-10-20 01:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2015-11-11 15:49 - 2015-10-20 01:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2015-11-11 15:49 - 2015-10-20 01:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2015-11-11 15:49 - 2015-10-20 01:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2015-11-11 15:49 - 2015-10-20 01:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2015-11-11 15:49 - 2015-10-20 01:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2015-11-11 15:49 - 2015-10-20 01:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2015-11-11 15:49 - 2015-10-20 00:41 - 00159232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2015-11-11 15:49 - 2015-10-20 00:40 - 00290816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2015-11-11 15:49 - 2015-10-20 00:40 - 00129024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2015-11-11 15:49 - 2015-10-20 00:29 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2015-11-11 15:49 - 2015-10-20 00:29 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2015-11-11 15:49 - 2015-10-20 00:27 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2015-11-11 15:49 - 2015-10-20 00:27 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2015-11-11 15:49 - 2015-10-20 00:27 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2015-11-11 15:49 - 2015-10-20 00:27 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2015-11-11 15:49 - 2015-10-13 17:41 - 00497664 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2015-11-11 15:49 - 2015-10-13 17:40 - 00118272 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdx.sys
2015-11-11 15:49 - 2015-10-13 05:57 - 00950720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndis.sys
2015-11-11 15:49 - 2015-10-01 19:00 - 00275456 _____ (Microsoft Corporation) C:\Windows\system32\InkEd.dll
2015-11-11 15:49 - 2015-10-01 19:00 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\jnwmon.dll
2015-11-11 15:49 - 2015-10-01 18:50 - 00216064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\InkEd.dll
2015-11-11 15:49 - 2015-09-23 14:15 - 00460776 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2015-11-11 15:49 - 2015-09-23 14:15 - 00299632 _____ (Microsoft Corporation) C:\Windows\system32\bcryptprimitives.dll
2015-11-11 15:49 - 2015-09-23 14:09 - 00251000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcryptprimitives.dll

Babock 07.12.2015 16:49
Code:
==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2015-12-07 16:13 - 2009-07-14 05:45 - 00020272 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-12-07 16:13 - 2009-07-14 05:45 - 00020272 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-12-07 16:00 - 2013-03-12 18:29 - 00000000 ____D C:\Users\buebi\AppData\Local\Deployment
2015-12-07 15:59 - 2015-09-03 14:26 - 00000000 ____D C:\ProgramData\Bigfoot Networks
2015-12-07 15:58 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-12-07 15:58 - 2009-07-14 04:20 - 00000000 ____D C:\Windows
2015-12-07 15:57 - 2015-05-04 21:59 - 67407872 _____ C:\Windows\system32\config\software.iodefrag
2015-12-07 04:27 - 2013-08-17 06:47 - 00000000 ____D C:\Users\buebi\AppData\Local\Battle.net
2015-12-06 14:47 - 2013-08-17 06:47 - 00000000 ____D C:\Program Files (x86)\Battle.net
2015-12-06 14:39 - 2015-08-14 07:56 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SSDlife
2015-12-06 14:31 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\inf
2015-12-03 23:57 - 2015-02-13 09:41 - 00000000 ____D C:\Users\buebi\AppData\Roaming\IObit
2015-12-03 23:57 - 2015-02-13 09:41 - 00000000 ____D C:\ProgramData\IObit
2015-12-03 23:51 - 2009-07-14 06:08 - 00032640 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2015-12-03 09:36 - 2015-10-26 16:47 - 00000000 ____D C:\Users\buebi\AppData\Local\Genymobile
2015-12-03 09:36 - 2013-04-11 17:10 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-12-03 09:36 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\system32\Msdtc
2015-12-03 09:28 - 2013-03-09 22:07 - 00058416 _____ C:\Users\buebi\AppData\Local\GDIPFONTCACHEV1.DAT
2015-12-03 09:28 - 2009-07-14 05:45 - 00278824 _____ C:\Windows\system32\FNTCACHE.DAT
2015-12-03 00:44 - 2013-08-16 19:24 - 00000000 ____D C:\ProgramData\Avira
2015-12-03 00:44 - 2013-08-16 19:24 - 00000000 ____D C:\Program Files (x86)\Avira
2015-12-03 00:39 - 2014-05-23 12:19 - 00000000 ____D C:\ProgramData\Package Cache
2015-12-03 00:18 - 2013-03-10 13:21 - 00000000 ____D C:\Users\buebi\AppData\Local\Apps\2.0
2015-12-03 00:14 - 2009-07-14 03:34 - 00000215 _____ C:\Windows\system.ini
2015-12-03 00:07 - 2015-08-14 07:56 - 00000000 ____D C:\ProgramData\TEMP
2015-12-02 23:35 - 2000-08-31 01:00 - 00212480 _____ (SteelWerX) C:\Windows\SWXCACLS.exe
2015-12-01 09:32 - 2014-06-28 17:54 - 00000000 ____D C:\Windows\pss
2015-11-29 20:03 - 2013-07-14 11:28 - 00007597 _____ C:\Users\buebi\AppData\Local\Resmon.ResmonCfg
2015-11-29 18:35 - 2013-06-17 18:31 - 00000000 ____D C:\ProgramData\DivX
2015-11-29 16:09 - 2011-04-12 08:43 - 01406972 _____ C:\Windows\system32\perfh007.dat
2015-11-29 16:09 - 2011-04-12 08:43 - 00533928 _____ C:\Windows\system32\perfc007.dat
2015-11-29 15:03 - 2013-08-15 16:13 - 00000000 ____D C:\Users\buebi\AppData\LocalLow\boost_interprocess
2015-11-29 14:10 - 2014-10-19 11:39 - 00000743 _____ C:\Users\Public\Desktop\World of Warcraft.lnk
2015-11-29 14:10 - 2013-03-11 19:36 - 00000930 _____ C:\Users\buebi\Desktop\Wow-64 - Verknüpfung.lnk
2015-11-29 13:53 - 2013-03-10 14:21 - 00000000 ____D C:\Program Files\Logitech Gaming Software
2015-11-29 13:52 - 2015-06-11 01:33 - 00068384 _____ (Logitech Inc.) C:\Windows\system32\Drivers\LGJoyXlCore.sys
2015-11-29 13:52 - 2015-06-11 01:33 - 00037408 _____ (Logitech Inc.) C:\Windows\system32\Drivers\LGBusEnum.sys
2015-11-29 13:52 - 2015-06-11 01:33 - 00026912 _____ (Logitech Inc.) C:\Windows\system32\Drivers\LGVirHid.sys
2015-11-29 13:52 - 2013-03-10 14:21 - 00018960 _____ (Logitech, Inc.) C:\Windows\system32\Drivers\LNonPnP.sys
2015-11-29 13:52 - 2013-03-10 14:21 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Logitech
2015-11-29 12:28 - 2013-07-26 19:14 - 00000000 ____D C:\Users\buebi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
2015-11-29 12:18 - 2015-11-03 12:42 - 00000000 ____D C:\ProgramData\NVIDIA
2015-11-29 12:17 - 2015-05-25 12:20 - 31570064 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2015-11-29 12:17 - 2015-05-25 12:20 - 30397072 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2015-11-29 12:17 - 2015-05-25 12:20 - 25375048 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2015-11-29 12:17 - 2015-05-25 12:20 - 24053576 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2015-11-29 12:17 - 2015-05-25 12:20 - 17176128 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll
2015-11-29 12:17 - 2015-05-25 12:20 - 15818528 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2015-11-29 12:17 - 2015-05-25 12:20 - 15716232 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2015-11-29 12:17 - 2015-05-25 12:20 - 14617288 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2015-11-29 12:17 - 2015-05-25 12:20 - 14006752 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2015-11-29 12:17 - 2015-05-25 12:20 - 12852784 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2015-11-29 12:17 - 2015-05-25 12:20 - 12689592 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll
2015-11-29 12:17 - 2015-05-25 12:20 - 11380728 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2015-11-29 12:17 - 2015-05-25 12:20 - 10423952 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2015-11-29 12:17 - 2015-05-25 12:20 - 03317344 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2015-11-29 12:17 - 2015-05-25 12:20 - 02935416 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2015-11-29 12:17 - 2015-05-25 12:20 - 02896528 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2015-11-29 12:17 - 2015-05-25 12:20 - 02573456 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2015-11-29 12:17 - 2015-05-25 12:20 - 01086424 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshimx.dll
2015-11-29 12:17 - 2015-05-25 12:20 - 01047368 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2015-11-29 12:17 - 2015-05-25 12:20 - 01037640 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2015-11-29 12:17 - 2015-05-25 12:20 - 00970568 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2015-11-29 12:17 - 2015-05-25 12:20 - 00962192 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2015-11-29 12:17 - 2015-05-25 12:20 - 00927440 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2015-11-29 12:17 - 2015-05-25 12:20 - 00175880 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
2015-11-29 12:17 - 2015-05-25 12:20 - 00154256 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2015-11-29 12:17 - 2015-05-25 12:20 - 00150648 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
2015-11-29 12:17 - 2015-05-25 12:20 - 00128512 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2015-11-29 12:16 - 2015-11-03 23:32 - 00938800 _____ (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
2015-11-29 12:16 - 2015-11-03 23:32 - 00112760 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll
2015-11-29 12:16 - 2015-11-03 23:32 - 00105080 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll
2015-11-29 12:16 - 2015-11-03 23:32 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2015-11-29 12:16 - 2013-03-10 14:10 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2015-11-29 12:15 - 2015-11-03 23:35 - 00000000 ____D C:\Users\buebi\AppData\Local\NVIDIA
2015-11-29 12:03 - 2015-11-03 12:40 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2015-11-29 11:56 - 2015-05-30 15:20 - 01898312 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6435286.dll
2015-11-29 11:56 - 2015-05-30 15:20 - 01557648 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6435286.dll
2015-11-29 11:54 - 2013-03-10 14:10 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2015-11-29 11:46 - 2013-11-12 17:11 - 00000000 ____D C:\Users\buebi\AppData\Local\NVIDIA Corporation
2015-11-29 11:40 - 2015-11-03 23:31 - 01572496 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdagenco6420103.dll
2015-11-29 11:24 - 2013-03-12 18:35 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-11-29 10:14 - 2015-02-13 09:42 - 00000000 ____D C:\Program Files (x86)\IObit
2015-11-29 10:11 - 2014-09-08 18:00 - 00000000 ____D C:\Users\buebi\AppData\Local\Adobe
2015-11-29 10:11 - 2014-04-23 02:17 - 00000030 _____ C:\AVScanner.ini
2015-11-29 10:11 - 2013-03-12 18:35 - 00003824 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-11-29 10:10 - 2013-03-12 18:35 - 00780488 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-11-29 10:10 - 2013-03-12 18:35 - 00142536 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-11-29 09:45 - 2015-04-24 08:09 - 00000000 ____D C:\Users\buebi\Norisbank
2015-11-29 09:45 - 2013-03-09 21:40 - 00000000 ____D C:\Users\buebi
2015-11-29 09:43 - 2013-03-09 20:47 - 00000000 ____D C:\Lokaler Datenträger
2015-11-29 09:02 - 2014-08-07 11:21 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2015-11-28 18:38 - 2015-06-20 19:30 - 00000000 ____D C:\Users\buebi\Documents\Heroes of the Storm
2015-11-28 18:38 - 2014-05-05 14:04 - 00000000 ____D C:\Users\buebi\Documents\ofen
2015-11-28 18:38 - 2014-04-21 13:15 - 00000000 ____D C:\Users\buebi\Documents\My Art
2015-11-28 18:38 - 2014-04-18 11:34 - 00000000 ____D C:\Users\buebi\Documents\NPS
2015-11-28 18:38 - 2014-04-18 11:31 - 00000000 ____D C:\Users\buebi\Documents\My NPS Files
2015-11-28 18:38 - 2013-07-27 09:42 - 00000000 ____D C:\Users\buebi\Documents\My Games
2015-11-28 18:38 - 2013-03-12 18:31 - 00000000 ____D C:\Users\buebi\Documents\My Curse
2015-11-28 18:38 - 2011-04-12 08:54 - 00000000 ___RD C:\Users\Public\Recorded TV
2015-11-28 18:38 - 2009-07-14 04:20 - 00000000 __RHD C:\Users\Public\Libraries
2015-11-28 18:37 - 2015-09-03 14:26 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bigfoot Networks
2015-11-28 18:37 - 2015-04-20 10:50 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Smart Defrag 4
2015-11-28 18:37 - 2015-02-23 09:39 - 00000000 ___HD C:\Users\buebi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup-Disabled
2015-11-28 18:37 - 2015-02-23 09:30 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Glary Utilities 5
2015-11-28 18:37 - 2015-02-13 19:23 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Star Stable
2015-11-28 18:37 - 2015-02-13 09:42 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced SystemCare 8
2015-11-28 18:37 - 2014-12-26 09:24 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Gameforge Live
2015-11-28 18:37 - 2014-10-19 11:39 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\World of Warcraft
2015-11-28 18:37 - 2014-07-24 20:35 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2015-11-28 18:37 - 2014-05-01 13:18 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StarCraft II
2015-11-28 18:37 - 2014-03-14 16:18 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hearthstone
2015-11-28 18:37 - 2014-03-11 17:55 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2015-11-28 18:37 - 2013-11-04 13:45 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tukui
2015-11-28 18:37 - 2013-08-17 06:47 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battle.net
2015-11-28 18:37 - 2013-07-27 09:16 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Westwood
2015-11-28 18:37 - 2013-03-12 18:31 - 00000000 ____D C:\Users\buebi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Curse
2015-11-28 18:37 - 2013-03-10 18:24 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASUS
2015-11-28 18:37 - 2013-03-10 18:22 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Asmedia Technology
2015-11-28 18:37 - 2009-07-14 06:32 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2015-11-28 18:35 - 2015-06-21 13:04 - 00000000 ____D C:\Users\buebi\Documents\StarCraft II
2015-11-28 18:00 - 2015-02-23 09:30 - 00000334 _____ C:\Windows\Tasks\GlaryInitialize 5.job
2015-11-28 17:57 - 2015-02-23 09:30 - 00002632 _____ C:\Windows\System32\Tasks\GlaryInitialize 5
2015-11-28 17:43 - 2014-03-11 17:55 - 00002772 _____ C:\Windows\System32\Tasks\CCleanerSkipUAC
2015-11-28 17:43 - 2014-03-11 17:55 - 00000694 _____ C:\Users\Public\Desktop\CCleaner.lnk
2015-11-28 17:06 - 2009-07-14 06:32 - 00000000 ____D C:\Windows\Performance
2015-11-28 16:02 - 2015-11-04 00:00 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2015-11-28 15:51 - 2015-02-13 09:41 - 00000000 ____D C:\Users\buebi\AppData\LocalLow\IObit
2015-11-26 15:18 - 2015-11-03 12:40 - 00000000 ____D C:\Users\buebi\AppData\LocalLow\Sun
2015-11-26 15:18 - 2015-11-03 12:37 - 00000000 ____D C:\Users\buebi\AppData\LocalLow\Oracle
2015-11-26 15:18 - 2015-10-24 08:55 - 00000000 ____D C:\Users\buebi\AppData\Roaming\HearthstoneDeckTracker
2015-11-26 15:18 - 2015-08-14 08:56 - 00000000 ____D C:\Users\buebi\AppData\Roaming\LolClient
2015-11-26 15:18 - 2015-05-13 18:52 - 00000000 ____D C:\Users\buebi\AppData\LocalLow\{DD317EB4-7D95-4B43-A5FA-6A090E6A62C0}
2015-11-26 15:18 - 2015-02-23 09:30 - 00000000 ____D C:\Users\buebi\AppData\Roaming\GlarySoft
2015-11-26 15:18 - 2015-02-23 09:30 - 00000000 ____D C:\Users\buebi\AppData\Roaming\DiskDefrag
2015-11-26 15:18 - 2015-02-13 19:23 - 00000000 ____D C:\Users\buebi\AppData\LocalLow\StarStableOnline
2015-11-26 15:18 - 2015-02-13 09:42 - 00000000 ____D C:\Users\buebi\AppData\Roaming\Apple Computer
2015-11-26 15:18 - 2014-04-06 21:49 - 00000000 ____D C:\Users\buebi\AppData\LocalLow\TB
2015-11-26 15:18 - 2013-08-17 06:47 - 00000000 ____D C:\Users\buebi\AppData\Roaming\Battle.net
2015-11-26 15:18 - 2013-07-20 06:53 - 00000000 ____D C:\Users\buebi\AppData\Local\Microsoft Games
2015-11-26 15:18 - 2013-06-18 04:55 - 00000000 ____D C:\Users\buebi\AppData\Roaming\DivX
2015-11-26 15:18 - 2013-06-17 18:39 - 00000000 ____D C:\Users\buebi\AppData\LocalLow\Temp
2015-11-26 15:18 - 2013-04-04 18:46 - 00000000 ____D C:\Users\buebi\AppData\Roaming\Curse Advertising
2015-11-26 15:18 - 2013-03-12 18:36 - 00000000 ____D C:\Users\buebi\AppData\Roaming\Adobe
2015-11-26 15:18 - 2013-03-10 14:22 - 00000000 ____D C:\Users\buebi\AppData\Roaming\Leadertech
2015-11-26 15:18 - 2013-03-10 14:21 - 00000000 ____D C:\Users\buebi\AppData\Roaming\Logitech
2015-11-26 15:18 - 2013-03-10 14:21 - 00000000 ____D C:\Users\buebi\AppData\Roaming\Logishrd
2015-11-26 15:12 - 2013-08-20 14:04 - 00000000 ____D C:\NvidiaLogging
2015-11-26 15:12 - 2013-03-10 13:40 - 00000000 ____D C:\Program Files\Bigfoot Networks
2015-11-26 15:12 - 2009-07-14 04:20 - 00000000 ____D C:\Program Files\Common Files\System
2015-11-26 15:12 - 2009-07-14 04:20 - 00000000 ____D C:\Program Files\Common Files\SpeechEngines
2015-11-26 15:12 - 2009-07-14 04:20 - 00000000 ____D C:\Program Files\Common Files\Microsoft Shared
2015-11-26 14:27 - 2014-08-07 11:21 - 00000000 ____D C:\Users\buebi\AppData\Local\Mozilla
2015-11-26 14:27 - 2014-05-18 09:11 - 00000000 ____D C:\Users\buebi\AppData\Local\Microsoft Research
2015-11-26 14:27 - 2013-07-27 09:44 - 00000000 ____D C:\Users\buebi\AppData\Local\My Games
2015-11-26 14:24 - 2015-11-04 09:58 - 00000000 ____D C:\ProgramData\Battle.net
2015-11-26 14:24 - 2015-11-03 12:10 - 00000000 ____D C:\ProgramData\Adobe
2015-11-26 14:24 - 2014-07-24 20:34 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2015-11-26 14:24 - 2013-06-17 18:38 - 00000000 ____D C:\Program Files\DivX
2015-11-26 14:24 - 2013-04-11 17:09 - 00000000 ____D C:\Program Files\Google
2015-11-26 14:24 - 2013-03-10 18:24 - 00000000 ____D C:\ProgramData\ASUS OC Profiles
2015-11-26 14:24 - 2011-04-12 08:55 - 00000000 ____D C:\Program Files\Windows Journal
2015-11-26 14:24 - 2009-07-14 06:32 - 00000000 ____D C:\Program Files\Windows Sidebar
2015-11-26 14:24 - 2009-07-14 06:32 - 00000000 ____D C:\Program Files\Windows Portable Devices
2015-11-26 14:24 - 2009-07-14 06:32 - 00000000 ____D C:\Program Files\Windows Photo Viewer
2015-11-26 14:24 - 2009-07-14 06:32 - 00000000 ____D C:\Program Files\Windows Defender
2015-11-26 14:24 - 2009-07-14 06:32 - 00000000 ____D C:\Program Files\Reference Assemblies
2015-11-26 14:24 - 2009-07-14 06:32 - 00000000 ____D C:\Program Files\MSBuild
2015-11-26 14:24 - 2009-07-14 06:32 - 00000000 ____D C:\Program Files\Microsoft Games
2015-11-26 14:24 - 2009-07-14 06:32 - 00000000 ____D C:\Program Files\DVD Maker
2015-11-26 14:24 - 2009-07-14 04:20 - 00000000 ____D C:\Program Files\Windows NT
2015-11-26 14:24 - 2009-07-14 04:20 - 00000000 ____D C:\Program Files\Common Files\Services
2015-11-25 20:26 - 2015-04-01 14:24 - 00000000 ____D C:\Users\buebi\AppData\LocalLow\Avira
2015-11-25 20:26 - 2014-11-12 16:21 - 00000000 __SHD C:\Users\buebi\AppData\LocalLow\EmieBrowserModeList
2015-11-25 20:26 - 2014-11-02 17:42 - 00000000 ____D C:\Users\buebi\AppData\Local\Skype
2015-11-25 20:26 - 2014-04-12 08:34 - 00000000 __SHD C:\Users\buebi\AppData\LocalLow\EmieUserList
2015-11-25 20:26 - 2014-04-12 08:33 - 00000000 __SHD C:\Users\buebi\AppData\LocalLow\EmieSiteList
2015-11-25 20:26 - 2013-08-17 07:41 - 00000000 ____D C:\Users\buebi\AppData\LocalLow\Adobe
2015-11-25 20:26 - 2013-03-21 18:02 - 00000000 ____D C:\Users\buebi\AppData\Local\Tukui
2015-11-25 20:26 - 2013-03-09 21:40 - 00000000 ____D C:\Users\buebi\AppData\Local\VirtualStore
2015-11-25 20:09 - 2015-11-04 09:59 - 00000000 ____D C:\ProgramData\Blizzard Entertainment
2015-11-25 20:09 - 2015-11-04 00:06 - 00000000 ____D C:\Users\buebi\AppData\Local\CEF
2015-11-25 20:09 - 2015-11-03 12:40 - 00000000 ____D C:\ProgramData\Oracle
2015-11-25 20:09 - 2015-08-14 07:56 - 00000000 ____D C:\ProgramData\Licenses
2015-11-25 20:09 - 2015-06-22 14:25 - 00000000 ____D C:\ProgramData\boost_interprocess
2015-11-25 20:09 - 2015-02-23 09:30 - 00000000 ____D C:\ProgramData\GlarySoft
2015-11-25 20:09 - 2015-02-13 09:42 - 00000000 ____D C:\ProgramData\{BAF091CA-86C4-4627-ADA1-897E2621C1B0}
2015-11-25 20:09 - 2014-12-26 09:24 - 00000000 ____D C:\Users\buebi\AppData\Local\Gameforge4d
2015-11-25 20:09 - 2014-11-12 16:21 - 00000000 __SHD C:\Users\buebi\AppData\Local\EmieBrowserModeList
2015-11-25 20:09 - 2014-08-07 11:21 - 00000000 ____D C:\ProgramData\Mozilla
2015-11-25 20:09 - 2014-04-12 08:34 - 00000000 __SHD C:\Users\buebi\AppData\Local\EmieUserList
2015-11-25 20:09 - 2014-04-12 08:34 - 00000000 __SHD C:\Users\buebi\AppData\Local\EmieSiteList
2015-11-25 20:09 - 2014-03-14 16:22 - 00000000 ____D C:\Users\buebi\AppData\Local\Blizzard
2015-11-25 20:09 - 2013-08-18 21:35 - 00000000 ____D C:\Users\buebi\AppData\Local\Chromium
2015-11-25 20:09 - 2013-08-17 06:47 - 00000000 ____D C:\Users\buebi\AppData\Local\Blizzard Entertainment
2015-11-25 20:09 - 2013-04-11 17:09 - 00000000 ____D C:\ProgramData\Google
2015-11-25 20:09 - 2013-03-10 14:21 - 00000000 ____D C:\ProgramData\LogiShrd
2015-11-25 18:37 - 2009-07-14 06:13 - 01648656 _____ C:\Windows\system32\PerfStringBackup.INI
2015-11-25 18:31 - 2015-06-02 07:01 - 00000000 ____D C:\Users\buebi\AppData\Local\GWX
2015-11-25 18:31 - 2014-08-07 11:26 - 00000000 ____D C:\Users\buebi\AppData\Local\Macromedia
2015-11-25 18:31 - 2013-04-11 17:09 - 00000000 ____D C:\Users\buebi\AppData\Local\Google
2015-11-25 18:31 - 2013-03-10 14:22 - 00000000 ____D C:\Users\buebi\AppData\Local\Logitech
2015-11-25 17:48 - 2015-11-03 12:40 - 00000000 ____D C:\Users\buebi\AppData\Roaming\Sun
2015-11-25 17:48 - 2015-08-19 17:16 - 00000000 ____D C:\Users\Default\AppData\LocalLow\IObit
2015-11-25 17:48 - 2015-08-19 17:16 - 00000000 ____D C:\Users\Default User\AppData\LocalLow\IObit
2015-11-25 17:48 - 2015-08-02 11:18 - 00000000 ____D C:\Users\buebi\AppData\Roaming\Riot Games
2015-11-25 17:48 - 2014-11-02 17:42 - 00000000 ____D C:\Users\buebi\AppData\Roaming\Skype
2015-11-25 17:48 - 2014-06-27 19:36 - 00000000 ____D C:\Users\buebi\AppData\Roaming\Mozilla
2015-11-25 17:48 - 2014-04-18 11:31 - 00000000 ____D C:\Users\buebi\AppData\Roaming\Samsung
2015-11-25 17:48 - 2013-09-23 17:02 - 00000000 ____D C:\Users\buebi\AppData\Roaming\SimulationCraft
2015-11-25 17:48 - 2013-03-12 18:36 - 00000000 ____D C:\Users\buebi\AppData\Roaming\Macromedia
2015-11-25 17:48 - 2013-03-09 21:40 - 00000000 ____D C:\Users\buebi\AppData\Roaming\Media Center Programs
2015-11-25 17:48 - 2011-04-12 08:54 - 00000000 ____D C:\Users\Default\AppData\Roaming\Media Center Programs
2015-11-25 17:48 - 2011-04-12 08:54 - 00000000 ____D C:\Users\Default User\AppData\Roaming\Media Center Programs
2015-11-24 19:24 - 2015-10-24 08:53 - 14882558 _____ C:\Users\buebi\Hearthstone.Deck.Tracker-v0.12.3.zip.ccc
2015-11-24 19:24 - 2015-09-05 12:10 - 00452782 _____ C:\Users\buebi\BMO-Satzung i. d. F. d. 6. Nachtrag.pdf.ccc
2015-11-24 19:24 - 2015-09-05 11:25 - 00263182 _____ C:\Users\buebi\Bonusformular_ffc_200_2015.pdf.ccc
2015-11-24 19:24 - 2014-05-15 22:58 - 02803982 _____ C:\Users\buebi\Desktop\Hearthstone_Screenshot_5.15.2014.23.58.50.png.ccc
2015-11-24 19:17 - 2015-10-02 18:46 - 00025998 _____ C:\Users\buebi\Abrechnung_430401338900_2015-10-01_0827.pdf.ccc
2015-11-24 19:17 - 2015-09-26 15:40 - 00139742 _____ C:\Users\buebi\11451971_5906313504_R_20150909_201508_33.26_O_1of1.pdf.ccc
2015-11-24 19:17 - 2015-09-26 15:38 - 00030158 _____ C:\Users\buebi\11451971_5906313504_EVN_20150909_201508_33.26_O_1of1.pdf.ccc
2015-11-24 19:17 - 2015-09-05 12:18 - 00195902 _____ C:\Users\buebi\Antrag auf doppelten Festzuschuss (Zahnersatz) 2015.pdf.ccc
2015-11-15 05:59 - 2013-08-04 12:52 - 00000000 ____D C:\Windows\Minidump
2015-11-14 07:06 - 2015-11-03 23:32 - 06358832 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2015-11-14 07:06 - 2015-11-03 23:32 - 02983032 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll
2015-11-14 07:06 - 2015-11-03 23:32 - 02554488 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll
2015-11-14 07:06 - 2015-11-03 23:32 - 00385144 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll
2015-11-14 07:06 - 2015-11-03 23:32 - 00062768 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll
2015-11-11 19:35 - 2013-05-27 18:03 - 01622000 _____ C:\Windows\SysWOW64\PerfStringBackup.INI

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2015-11-25 18:31 - 2015-11-25 18:31 - 0007307 _____ () C:\Program Files\Common Files\_how_recover_dvx.HTML
2015-11-25 18:31 - 2015-11-25 18:31 - 0002588 _____ () C:\Program Files\Common Files\_how_recover_dvx.TXT
2015-11-25 16:42 - 2015-11-25 16:42 - 0007307 _____ () C:\Program Files\Common Files\_how_recover_ieh.HTML
2015-11-25 16:42 - 2015-11-25 16:42 - 0002588 _____ () C:\Program Files\Common Files\_how_recover_ieh.TXT
2015-11-25 17:26 - 2015-11-25 17:26 - 0007307 _____ () C:\Program Files\Common Files\_how_recover_mxh.HTML
2015-11-25 17:26 - 2015-11-25 17:26 - 0002588 _____ () C:\Program Files\Common Files\_how_recover_mxh.TXT
2015-11-25 18:19 - 2015-11-25 18:19 - 0007307 _____ () C:\Program Files\Common Files\_how_recover_oad.HTML
2015-11-25 18:19 - 2015-11-25 18:19 - 0002588 _____ () C:\Program Files\Common Files\_how_recover_oad.TXT
2015-11-26 15:12 - 2015-11-26 15:12 - 0000000 _____ () C:\Program Files\Common Files\_how_recover_ooy.HTML
2015-11-26 15:12 - 2015-11-26 15:12 - 0000000 _____ () C:\Program Files\Common Files\_how_recover_ooy.TXT
2015-11-26 14:24 - 2015-11-26 14:24 - 0007307 _____ () C:\Program Files\Common Files\_how_recover_qpk.HTML
2015-11-26 14:24 - 2015-11-26 14:24 - 0002588 _____ () C:\Program Files\Common Files\_how_recover_qpk.TXT
2015-11-25 20:09 - 2015-11-25 20:09 - 0007307 _____ () C:\Program Files\Common Files\_how_recover_smn.HTML
2015-11-25 20:09 - 2015-11-25 20:09 - 0002588 _____ () C:\Program Files\Common Files\_how_recover_smn.TXT
2015-11-24 19:17 - 2015-11-24 19:17 - 0007307 _____ () C:\Program Files\Common Files\_how_recover_txi.HTML
2015-11-24 19:17 - 2015-11-24 19:17 - 0002588 _____ () C:\Program Files\Common Files\_how_recover_txi.TXT
2015-11-24 20:46 - 2015-11-24 20:46 - 0007307 _____ () C:\Program Files\Common Files\_how_recover_xwl.HTML
2015-11-24 20:46 - 2015-11-24 20:46 - 0002588 _____ () C:\Program Files\Common Files\_how_recover_xwl.TXT
2015-11-25 18:31 - 2015-11-25 18:44 - 0007307 _____ () C:\Users\buebi\AppData\Roaming\_how_recover_dvx.HTML
2015-11-25 18:31 - 2015-11-25 18:44 - 0002588 _____ () C:\Users\buebi\AppData\Roaming\_how_recover_dvx.TXT
2015-11-25 16:43 - 2015-11-25 16:43 - 0007307 _____ () C:\Users\buebi\AppData\Roaming\_how_recover_ieh.HTML
2015-11-25 16:43 - 2015-11-25 16:43 - 0002588 _____ () C:\Users\buebi\AppData\Roaming\_how_recover_ieh.TXT
2015-11-25 17:26 - 2015-11-25 17:48 - 0007307 _____ () C:\Users\buebi\AppData\Roaming\_how_recover_mxh.HTML
2015-11-25 17:26 - 2015-11-25 17:48 - 0002588 _____ () C:\Users\buebi\AppData\Roaming\_how_recover_mxh.TXT
2015-11-25 18:19 - 2015-11-25 18:19 - 0007307 _____ () C:\Users\buebi\AppData\Roaming\_how_recover_oad.HTML
2015-11-25 18:19 - 2015-11-25 18:19 - 0002588 _____ () C:\Users\buebi\AppData\Roaming\_how_recover_oad.TXT
2015-11-24 20:14 - 2015-11-24 20:21 - 0007307 _____ () C:\Users\buebi\AppData\Roaming\_how_recover_pap.HTML
2015-11-24 20:14 - 2015-11-24 20:21 - 0002588 _____ () C:\Users\buebi\AppData\Roaming\_how_recover_pap.TXT
2015-11-24 20:11 - 2015-11-24 20:11 - 0007307 _____ () C:\Users\buebi\AppData\Roaming\_how_recover_pcn.HTML
2015-11-24 20:11 - 2015-11-24 20:11 - 0002588 _____ () C:\Users\buebi\AppData\Roaming\_how_recover_pcn.TXT
2015-11-25 20:09 - 2015-11-25 20:27 - 0007307 _____ () C:\Users\buebi\AppData\Roaming\_how_recover_smn.HTML
2015-11-25 20:09 - 2015-11-25 20:27 - 0002588 _____ () C:\Users\buebi\AppData\Roaming\_how_recover_smn.TXT
2015-11-24 19:17 - 2015-11-24 19:24 - 0007307 _____ () C:\Users\buebi\AppData\Roaming\_how_recover_txi.HTML
2015-11-24 19:17 - 2015-11-24 19:24 - 0002588 _____ () C:\Users\buebi\AppData\Roaming\_how_recover_txi.TXT
2015-11-24 20:09 - 2015-11-24 20:09 - 0007307 _____ () C:\Users\buebi\AppData\Roaming\_how_recover_vnc.HTML
2015-11-24 20:09 - 2015-11-24 20:09 - 0002588 _____ () C:\Users\buebi\AppData\Roaming\_how_recover_vnc.TXT
2015-11-24 20:46 - 2015-11-24 20:47 - 0007307 _____ () C:\Users\buebi\AppData\Roaming\_how_recover_xwl.HTML
2015-11-24 20:46 - 2015-11-24 20:47 - 0002588 _____ () C:\Users\buebi\AppData\Roaming\_how_recover_xwl.TXT
2015-11-24 19:18 - 2015-11-24 19:18 - 0000480 ____H () C:\Users\buebi\AppData\Roaming\½ž’“Ó™œ‰
2013-07-14 11:28 - 2015-11-29 20:03 - 0007597 _____ () C:\Users\buebi\AppData\Local\Resmon.ResmonCfg
2015-11-25 18:31 - 2015-11-25 18:44 - 0007307 _____ () C:\Users\buebi\AppData\Local\_how_recover_dvx.HTML
2015-11-25 18:31 - 2015-11-25 18:44 - 0002588 _____ () C:\Users\buebi\AppData\Local\_how_recover_dvx.TXT
2015-11-25 16:43 - 2015-11-25 16:43 - 0007307 _____ () C:\Users\buebi\AppData\Local\_how_recover_ieh.HTML
2015-11-25 16:43 - 2015-11-25 16:43 - 0002588 _____ () C:\Users\buebi\AppData\Local\_how_recover_ieh.TXT
2015-11-25 17:26 - 2015-11-25 17:48 - 0007307 _____ () C:\Users\buebi\AppData\Local\_how_recover_mxh.HTML
2015-11-25 17:26 - 2015-11-25 17:48 - 0002588 _____ () C:\Users\buebi\AppData\Local\_how_recover_mxh.TXT
2015-11-25 18:19 - 2015-11-25 18:19 - 0007307 _____ () C:\Users\buebi\AppData\Local\_how_recover_oad.HTML
2015-11-25 18:19 - 2015-11-25 18:19 - 0002588 _____ () C:\Users\buebi\AppData\Local\_how_recover_oad.TXT
2015-11-24 20:14 - 2015-11-24 20:21 - 0007307 _____ () C:\Users\buebi\AppData\Local\_how_recover_pap.HTML
2015-11-24 20:14 - 2015-11-24 20:21 - 0002588 _____ () C:\Users\buebi\AppData\Local\_how_recover_pap.TXT
2015-11-24 20:11 - 2015-11-24 20:11 - 0007307 _____ () C:\Users\buebi\AppData\Local\_how_recover_pcn.HTML
2015-11-24 20:11 - 2015-11-24 20:11 - 0002588 _____ () C:\Users\buebi\AppData\Local\_how_recover_pcn.TXT
2015-11-25 20:09 - 2015-11-25 20:27 - 0007307 _____ () C:\Users\buebi\AppData\Local\_how_recover_smn.HTML
2015-11-25 20:09 - 2015-11-25 20:27 - 0002588 _____ () C:\Users\buebi\AppData\Local\_how_recover_smn.TXT
2015-11-24 19:17 - 2015-11-24 19:24 - 0007307 _____ () C:\Users\buebi\AppData\Local\_how_recover_txi.HTML
2015-11-24 19:17 - 2015-11-24 19:24 - 0002588 _____ () C:\Users\buebi\AppData\Local\_how_recover_txi.TXT
2015-11-24 20:09 - 2015-11-24 20:09 - 0007307 _____ () C:\Users\buebi\AppData\Local\_how_recover_vnc.HTML
2015-11-24 20:09 - 2015-11-24 20:09 - 0002588 _____ () C:\Users\buebi\AppData\Local\_how_recover_vnc.TXT
2015-11-24 20:46 - 2015-11-24 20:47 - 0007307 _____ () C:\Users\buebi\AppData\Local\_how_recover_xwl.HTML
2015-11-24 20:46 - 2015-11-24 20:47 - 0002588 _____ () C:\Users\buebi\AppData\Local\_how_recover_xwl.TXT
2015-11-24 19:20 - 2015-11-26 15:19 - 0000904 ____H () C:\ProgramData\@system.temp
2015-11-25 18:31 - 2015-11-25 18:31 - 0007307 _____ () C:\ProgramData\_how_recover_dvx.HTML
2015-11-25 18:31 - 2015-11-25 18:31 - 0002588 _____ () C:\ProgramData\_how_recover_dvx.TXT
2015-11-25 16:42 - 2015-11-25 16:43 - 0007307 _____ () C:\ProgramData\_how_recover_ieh.HTML
2015-11-25 16:42 - 2015-11-25 16:43 - 0002588 _____ () C:\ProgramData\_how_recover_ieh.TXT
2015-11-25 17:26 - 2015-11-25 17:26 - 0007307 _____ () C:\ProgramData\_how_recover_mxh.HTML
2015-11-25 17:26 - 2015-11-25 17:26 - 0002588 _____ () C:\ProgramData\_how_recover_mxh.TXT
2015-11-25 18:19 - 2015-11-25 18:19 - 0007307 _____ () C:\ProgramData\_how_recover_oad.HTML
2015-11-25 18:19 - 2015-11-25 18:19 - 0002588 _____ () C:\ProgramData\_how_recover_oad.TXT
2015-11-24 20:14 - 2015-11-24 20:14 - 0007307 _____ () C:\ProgramData\_how_recover_pap.HTML
2015-11-24 20:14 - 2015-11-24 20:14 - 0002588 _____ () C:\ProgramData\_how_recover_pap.TXT
2015-11-24 20:11 - 2015-11-24 20:11 - 0007307 _____ () C:\ProgramData\_how_recover_pcn.HTML
2015-11-24 20:11 - 2015-11-24 20:11 - 0002588 _____ () C:\ProgramData\_how_recover_pcn.TXT
2015-11-26 14:24 - 2015-11-26 14:24 - 0007307 _____ () C:\ProgramData\_how_recover_qpk.HTML
2015-11-26 14:24 - 2015-11-26 14:24 - 0002588 _____ () C:\ProgramData\_how_recover_qpk.TXT
2015-11-25 20:09 - 2015-11-25 20:09 - 0007307 _____ () C:\ProgramData\_how_recover_smn.HTML
2015-11-25 20:09 - 2015-11-25 20:09 - 0002588 _____ () C:\ProgramData\_how_recover_smn.TXT
2015-11-24 19:17 - 2015-11-24 19:17 - 0007307 _____ () C:\ProgramData\_how_recover_txi.HTML
2015-11-24 19:17 - 2015-11-24 19:17 - 0002588 _____ () C:\ProgramData\_how_recover_txi.TXT
2015-11-24 20:09 - 2015-11-24 20:09 - 0007307 _____ () C:\ProgramData\_how_recover_vnc.HTML
2015-11-24 20:09 - 2015-11-24 20:09 - 0002588 _____ () C:\ProgramData\_how_recover_vnc.TXT
2015-11-24 20:46 - 2015-11-24 20:46 - 0007307 _____ () C:\ProgramData\_how_recover_xwl.HTML
2015-11-24 20:46 - 2015-11-24 20:46 - 0002588 _____ () C:\ProgramData\_how_recover_xwl.TXT

Dateien, die verschoben oder gelöscht werden sollten:
====================
C:\Users\buebi\JavaSetup8u65.exe


Einige Dateien in TEMP:
====================
C:\Users\buebi\AppData\Local\Temp\avgnt.exe
C:\Users\buebi\AppData\Local\Temp\qzrx_rlq.dll
C:\Users\buebi\AppData\Local\Temp\wngh5yuw.dll


==================== Bamital & volsnap =================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert


LastRegBack: 2015-12-07 04:04

==================== Ende von FRST.txt ============================
So da sind die Logs
Danke und Gruß
Heinz

schrauber 08.12.2015 20:08
Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument

Code:
HKU\S-1-5-18\...\RunOnce: [SpUninstallDeleteDir] => rmdir /s /q "\SearchProtect"
Emptytemp:

Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
  • Starte nun FRST erneut und klicke den Entfernen Button.
  • Das Tool erstellt eine Fixlog.txt.
  • Poste mir deren Inhalt.





Cleanup:
(Die Reihenfolge ist hier entscheidend)

Falls Defogger verwendet wurde: Erneut starten und auf Re-enable klicken.

Falls Combofix verwendet wurde:
http://deeprybka.trojaner-board.de/b.../combofix2.pngCombofix deinstallieren .
  • Wichtig: Bitte Antivirus-Programm, evtl. vorhandenes Skript-Blocking und Anti-Malware Programme deaktivieren.
  • Drücke bitte die http://deeprybka.trojaner-board.de/b...ne/revo/w7.png + R Taste und schreibe Combofix /Uninstall in das Ausführen-Fenster.
  • Klicke auf OK.
    Damit wird Combofix komplett entfernt und der Cache der Systemwiederherstellung geleert.
  • Nun die eben deaktivierten Programme wieder aktivieren.

Alle Logs gepostet? Dann lade Dir bitte http://filepony.de/icon/tiny/delfix.pngDelFix herunter.
  • Schließe alle offenen Programme.
  • Starte die delfix.exe mit einem Doppelklick.
  • Setze vor jede Funktion ein Häkchen.
  • Klicke auf Start.

Hinweis: DelFix entfernt u.a. alle verwendeten Programme, die Quarantäne unserer Scanner, den Java-Cache und löscht sich abschließend selbst.
Starte Deinen Rechner abschließend neu. Sollten jetzt noch Programme aus unserer Bereinigung übrig sein, kannst Du diese bedenkenlos löschen.

Wenn Du möchtest, kannst Du hier sagen, ob Du mit mir und meiner Hilfe zufrieden warst...:dankeschoen:und/oder das Forum mit einer kleinen Spende http://www.trojaner-board.de/extra/spende.png unterstützen. :applaus:

http://deeprybka.trojaner-board.de/b...ast/schild.pngAbsicherung:
Beim Betriebsystem Windows die automatischen Updates aktivieren. Auch die sicherheitsrelevante Software sollte immer nur in der aktuellsten Version vorliegen:

Browser
Java
 Flash-Player
PDF-Reader

Sicherheitslücken in deren alten Versionen werden dazu ausgenutzt, um beim einfachen Besuch einer manipulierten Website per "Drive-by" Malware zu installieren.
Ich empfehle z.B. die Verwendung von Mozilla Firefox statt des Internet Explorers. Zudem lassen sich mit dem Firefox auch PDF-Dokumente öffnen.

Aktiviere eine Firewall. Die in Windows integrierte genügt im Normalfall völlig.

Verwende ein Antivirusprogramm mit Echtzeitscanner und stets aktueller Signaturendatenbank.
Meine Empfehlung:
http://filepony.de/icon/emsisoft_anti_malware.png
Emsisoft

Zusätzlich kannst Du Deinen PC regelmäßig mit Malwarebytes Anti-Malware und ESET scannen.

Optional:
http://filepony.de/icon/noscript.png NoScript verhindert das Ausführen von aktiven Inhalten (Java, JavaScript, Flash,...) für sämtliche Websites. Man kann aber nach dem Prinzip einer Whitelist festlegen, auf welchen Seiten Scripts erlaubt werden sollen.
http://filepony.de/icon/malwarebytes_anti_exploit.pngMalwarebytes Anti Exploit: Schützt die Anwendungen des Computers vor der Ausnutzung bekannter Schwachstellen.


Lade Software von einem sauberen Portal wie http://filepony.de/images/microbanner.gif.
Wähle beim Installieren von Software immer die benutzerdefinierte Option und entferne den Haken bei allen optional angebotenen Toolbars oder sonstigen, fürs Programm, irrelevanten Ergänzungen.
Um Adware wieder los zu werden, empfiehlt sich zunächst die Deinstallation sowie die anschließende Resteentfernung mit Adwarecleaner .


Abschließend noch ein paar grundsätzliche Bemerkungen:
Ändere regelmäßig Deine wichtigen Online-Passwörter und erstelle regelmäßig Backups Deiner wichtigen Dateien oder des Systems.
Der Nutzen von Registry-Cleanern, Optimizern usw. zur Performancesteigerung ist umstritten. Ich empfehle deshalb, die Finger von der Registry zu lassen und lieber die windowseigene Datenträgerbereinigung zu verwenden.

Babock 09.12.2015 19:14
Code:
Entferungsergebnis von Farbar Recovery Scan Tool (x64) Version:05-12-2015
durchgeführt von buebi (2015-12-09 18:33:06) Run:1
Gestartet von C:\Users\buebi\Downloads
Geladene Profile: buebi (Verfügbare Profile: buebi)
Start-Modus: Normal
==============================================

fixlist Inhalt:
*****************
HKU\S-1-5-18\...\RunOnce: [SpUninstallDeleteDir] => rmdir /s /q "\SearchProtect"
Emptytemp:
*****************

HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\RunOnce\\SpUninstallDeleteDir => Wert erfolgreich entfernt
EmptyTemp: => 99.7 MB temporäre Dateien entfernt.


Das System musste neu gestartet werden.

==== Ende von Fixlog 18:33:36 ====
So alles erledigt. Eine Frage noch gibt es eine möglichkeit meine Textdateien wieder herzustellen?
Danke und Gruß
Heinz

cosinus 10.12.2015 14:30
Entschlüsseln kann man da nix. Das geht nur mit dem private key, den wenn überhaupt noch die Erpresser haben. Oder auch nicht.

Nicht nur deswegen macht man von den wichtigsten Daten regelmäßig Backups auf externe unabhängige Laufwerke.


Alle Zeitangaben in WEZ +1. Es ist jetzt 15:48 Uhr.
Seite 2 von 2 1 2
100 Beiträge dieses Themas auf einer Seite anzeigen

Copyright ©2000-2025, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132