Alle Browser verseucht, was tun?

christenhove · 01.09.2015, 20:42

Abend

Also wie schon im Titel beschrieben sind bei mir sowohl Mozilla, Chrome als auch Internet Explorer "verseucht". Wo genau ich mir das eingefangen habe, ist mir nicht bewusst.
Symptome: Oft, wenn ich einen beliebigen Link anklicke, öffnet sich ein neues Tab, das mir z.B. irgendein Sicherheitstool andrehen will, teilweise auch Werbung etc. Dann habe ich noch dieses nervige Sidecubes.search Tool, das irgendwie auch nicht verschwinden will und mich bei der Suche oder einem neuen Tab direkt auf diese räudige Seite führt. Ich habe probiert, alle möglichen Prozesse zu beenden und dann Ordner zu löschen, die offensichtlich befallen waren, was nicht funktioniert hat.
Vor einiger Zeit hatte ich bei Chrome ein Delta Search Tool, das ich nicht losbekommen habe. Damals hat es gereicht, den Browser zu wechseln und es zu ignorieren. Jetzt allerdings raubt es mir ab und an nahezu den letzten Nerv, bis ich darüber nachdenke, alle Kabel zu ziehen, das Ding kaputtzuschlagen und mir einfach nen neuen Computer zu kaufen. Oder Windows neu zu installieren..
Gegoogelt habe ich auch schon, da wurde etwas vorgeschlagen mit ADWCleaner.. Den hab ich mal rüber laufen lassen, kurz dachte ich es wäre weg und zack ist das nächste Tab mit Werbung auf dem Bildschirm..
Wäre cool, wenn jemand noch ein paar Tipps hätte bzw. das Problem kennt.
LG Chris

cosinus · 01.09.2015, 20:52

Hallo und

Hast du noch weitere Logs (mit Funden)? Malwarebytes und/oder andere Virenscanner, sind die mal fündig geworden?

Ich frage deswegen nach => http://www.trojaner-board.de/125889-...tml#post941520

Bitte keine neuen Virenscans machen sondern erst nur schon vorhandene Logs in CODE-Tags posten!
Relevant sind nur Logs der letzten 7 Tage bzw. seitdem das Problem besteht!

Zudem bitte auch ein Log mit Farbars Tool machen:

Scan mit Farbar's Recovery Scan Tool (FRST)

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:

FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)

Starte jetzt FRST.
Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

Lesestoff:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR oder 7Z-Archiv zu packen erschwert mir massiv die Arbeit.
Auch wenn die Logs für einen Beitrag zu groß sein sollten, bitte ich dich die Logs direkt und notfalls über mehrere Beiträge verteilt zu posten.
Um die Logfiles in eine CODE-Box zu stellen gehe so vor:

Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
Klicke auf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.

christenhove · 01.09.2015, 21:13

Okay alles klar. Danke schonmal für die schnelle Antwort!
Also die alten Log Files habe ich nicht mehr (die vom ADWCleaner)..
Habe nun mal FRST durchlaufen lassen, Achtung:

FRST.txt

FRST Logfile:

Code:

ATTFilter

Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:31-08-2015
durchgeführt von Chris (Administrator) auf CHRIS-PC (01-09-2015 21:59:03)
Gestartet von C:\Users\Chris\Downloads
Geladene Profile: Chris (Verfügbare Profile: Chris & UpdatusUser)
Platform: Windows 7 Ultimate Service Pack 1 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: Chrome)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Nitro PDF Software) C:\Program Files\Common Files\Nitro\Reader\3.0\NitroPDFReaderDriverService3x64.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
() C:\Users\Chris\AppData\Local\Nimline.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(Logitech Inc.) C:\Program Files\Logitech\GamePanel Software\LGDevAgt.exe
(Logitech Inc.) C:\Program Files\Logitech\GamePanel Software\LCD Manager\LCDMon.exe
(Logitech Inc.) C:\Program Files\Logitech\GamePanel Software\G-series Software\LGDCore.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Logitech Inc.) C:\Program Files\Logitech\GamePanel Software\Applets\LCDClock.exe
(Logitech Inc.) C:\Program Files\Logitech\GamePanel Software\LCD Manager\Applets\LCDMedia.exe
() C:\Program Files (x86)\MOUSE Editor\MouseEditor.exe
(DT Soft Ltd) C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\Brother\ControlCenter3\BrccMCtl.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\Browny02\BrYNSvc.exe
(Microsoft Corporation) C:\Program Files\Windows Media Player\WMPSideShowGadget.exe
(Dropbox, Inc.) C:\Users\Chris\AppData\Roaming\Dropbox\bin\Dropbox.exe
() C:\ProgramData\Saophase\Saophase.exe
() C:\ProgramData\Saophase\Flexphase.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_18_0_0_232.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_18_0_0_232.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe


==================== Registry (Nicht auf der Ausnahmeliste) ===========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [Launch LgDeviceAgent] => C:\Program Files\Logitech\GamePanel Software\LgDevAgt.exe [415816 2010-08-03] (Logitech Inc.)
HKLM\...\Run: [Launch LCDMon] => C:\Program Files\Logitech\GamePanel Software\LCD Manager\LCDMon.exe [2412616 2010-08-03] (Logitech Inc.)
HKLM\...\Run: [Launch LGDCore] => C:\Program Files\Logitech\GamePanel Software\G-series Software\LGDCore.exe [4725320 2010-08-03] (Logitech Inc.)
HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [1337000 2015-04-30] (Microsoft Corporation)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [170256 2015-08-13] (Apple Inc.)
HKLM-x32\...\Run: [ControlCenter3] => C:\Program Files (x86)\Brother\ControlCenter3\brctrcen.exe [114688 2008-12-24] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [BrStsMon00] => C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe [2621440 2010-02-09] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [60712 2015-05-15] (Apple Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [256896 2014-07-25] (Oracle Corporation)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2015-08-06] (Apple Inc.)
HKLM\...\Winlogon: [LegalNoticeCaption] Junge diggah was geht?!
HKLM\...\Winlogon: [LegalNoticeText] Hurensohn diggah was geht ich geb dir kack lan, muck nich rumen du!!
HKU\S-1-5-21-892971799-3770444226-59494271-1000\...\Run: [OscarEditor] => C:\Program Files (x86)\MOUSE Editor\MouseEditor.exe [2624512 2010-07-22] ()
HKU\S-1-5-21-892971799-3770444226-59494271-1000\...\Run: [] => C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
HKU\S-1-5-21-892971799-3770444226-59494271-1000\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3514176 2011-11-10] (DT Soft Ltd)
HKU\S-1-5-21-892971799-3770444226-59494271-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [30877280 2014-12-11] (Skype Technologies S.A.)
HKU\S-1-5-21-892971799-3770444226-59494271-1000\...\Run: [Dropbox Update] => C:\Users\Chris\AppData\Local\Dropbox\Update\DropboxUpdate.exe [134512 2015-06-20] (Dropbox, Inc.)
AppInit_DLLs: C:\ProgramData\Saophase\Y-find.dll => C:\ProgramData\Saophase\Y-find.dll [212992 2015-09-01] ()
AppInit_DLLs-x32: C:\ProgramData\Saophase\Lot-Top.dll => C:\ProgramData\Saophase\Lot-Top.dll [194560 2015-09-01] ()
ShellIconOverlayIdentifiers: [###MegaShellExtPending] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\Chris\AppData\Local\MEGAsync\ShellExtX64.dll Keine Datei
ShellIconOverlayIdentifiers: [###MegaShellExtSynced] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\Chris\AppData\Local\MEGAsync\ShellExtX64.dll Keine Datei
ShellIconOverlayIdentifiers: [###MegaShellExtSyncing] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\Chris\AppData\Local\MEGAsync\ShellExtX64.dll Keine Datei
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Chris\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-08-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Chris\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-08-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Chris\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-08-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Chris\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-08-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [###MegaShellExtPending] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\Chris\AppData\Local\MEGAsync\ShellExtX32.dll Keine Datei
ShellIconOverlayIdentifiers-x32: [###MegaShellExtSynced] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\Chris\AppData\Local\MEGAsync\ShellExtX32.dll Keine Datei
ShellIconOverlayIdentifiers-x32: [###MegaShellExtSyncing] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\Chris\AppData\Local\MEGAsync\ShellExtX32.dll Keine Datei
ShellIconOverlayIdentifiers-x32: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Chris\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-08-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Chris\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-08-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Chris\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-08-06] (Dropbox, Inc.)
Startup: C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2014-08-13]
ShortcutTarget: Dropbox.lnk -> C:\Users\Chris\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt..)

Winsock: Catalog5 07 C:\Windows\system32\UDDIzvw14.dll Keine Datei 
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1 192.168.2.1
Tcpip\..\Interfaces\{00BCA64A-9B25-4898-A153-6587D202BBCB}: [DhcpNameServer] 192.168.2.1 192.168.2.1
Tcpip\..\Interfaces\{2A4F243C-66B8-4E7C-B4CA-C6568F10B110}: [DhcpNameServer] 139.7.30.126 139.7.30.125
Tcpip\..\Interfaces\{2E9D61F5-C90C-4442-93F0-39579CC1D500}: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{49289D89-2BAC-49F9-97B4-2B7074A535BA}: [DhcpNameServer] 192.168.2.1 192.168.2.1
Tcpip\..\Interfaces\{501087A8-592D-40F7-821B-8BF8B6E8F58B}: [DhcpNameServer] 192.168.2.1 192.168.2.1
Tcpip\..\Interfaces\{5C119CA1-2D4B-40C7-8C83-2FCF2B6CFB83}: [DhcpNameServer] 192.168.2.1 192.168.2.1
Tcpip\..\Interfaces\{936707D0-776D-4A51-B69A-1422D3CFAE11}: [DhcpNameServer] 192.168.2.1 192.168.2.1
Tcpip\..\Interfaces\{D8516AF5-2BBC-4588-82E7-A97CD2FC915A}: [DhcpNameServer] 192.168.2.1 192.168.2.1

Internet Explorer:
==================
HKU\S-1-5-21-892971799-3770444226-59494271-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://%66%65%65%64.%73%6E%61%70%64%6F.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBUTxkij9_ByvzhEb-M2ds_L6qBDh2Fh6O4_pgTlWoSPUEpgbk0G26utLRWsKf0eq6DY-A_xS5Ig3-ri8KlAx9_YSu0aexcnLStR30DrVrRI2FnD4TRxqWjSRCnl25wbaxoLV3N-tVZXRC0jhJRVEgbU7A-8b3hEGPsHXKw
HKU\S-1-5-21-892971799-3770444226-59494271-1000\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBUTxkij9_ByvzhEb-M2ds_L6qBDh2Fh6O4_pgTlWoSPUEpgbk0G26utLRWsKf0eq6DY-A_xS5Ig3-ri8KlAx9_YSd4Vt3gCNKs2-Fj4iOnGFgSrP4n-JrHkTRJz_CI2Nc9Fczz9Uxt9OQ34ex6MOkrtKbjRcsqZMXGEw1s&q={searchTerms}
HKU\S-1-5-21-892971799-3770444226-59494271-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBUTxkij9_ByvzhEb-M2ds_L6qBDh2Fh6O4_pgTlWoSPUEpgbk0G26utLRWsKf0eq6DY-A_xS5Ig3-ri8KlAx9_YSd4Vt3gCNKs2-Fj4iOnGFgSrP4n-JrHkTRJz_CI2Nc9Fczz9Uxt9OQ34ex6MOkrtKbjRcsqZMXGEw1s&q={searchTerms}
HKU\S-1-5-21-892971799-3770444226-59494271-1000\Software\Microsoft\Internet Explorer\Main,SearchAssistant = hxxp://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBUTxkij9_ByvzhEb-M2ds_L6qBDh2Fh6O4_pgTlWoSPUEpgbk0G26utLRWsKf0eq6DY-A_xS5Ig3-ri8KlAx9_YSd4Vt3gCNKs2-Fj4iOnGFgSrP4n-JrHkTRJz_CI2Nc9Fczz9Uxt9OQ34ex6MOkrtKbjRcsqZMXGEw1s&q={searchTerms}
URLSearchHook: HKLM-x32 -> Standard = {855F3B16-6D32-4fe6-8A56-BBB695989046}
URLSearchHook: HKLM-x32 - uTorrentBar_DE Toolbar - {c840e246-6b95-475e-9bd7-caa1c7eca9f2} - C:\Program Files (x86)\uTorrentBar_DE\prxtbuTor.dll Keine Datei
SearchScopes: HKLM -> DefaultScope {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL = 
SearchScopes: HKLM-x32 -> DefaultScope {ielnksrch} URL = 
SearchScopes: HKLM-x32 -> ielnksrch URL = hxxp://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBUTxkij9_ByvzhEb-M2ds_L6qBDh2Fh6O4_pgTlWoSPUEpgbk0G26utLRWsKf0eq6DY-A_xS5Ig3-ri8KlAx9_YSd4Vt3gCNKs2-Fj4iOnGFgSrP4n-JrHkTRJz_CI2Nc9Fczz9Uxt9OQ34ex6MOkrtKbjRcsqZMXGEw1s&q={searchTerms}
SearchScopes: HKLM-x32 -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSSE
SearchScopes: HKU\S-1-5-21-892971799-3770444226-59494271-1000 -> DefaultScope {ielnksrch} URL = hxxp://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBUTxkij9_ByvzhEb-M2ds_L6qBDh2Fh6O4_pgTlWoSPUEpgbk0G26utLRWsKf0eq6DY-A_xS5Ig3-ri8KlAx9_YSd4Vt3gCNKs2-Fj4iOnGFgSrP4n-JrHkTRJz_CI2Nc9Fczz9Uxt9OQ34ex6MOkrtKbjRcsqZMXGEw1s&q={searchTerms}
SearchScopes: HKU\S-1-5-21-892971799-3770444226-59494271-1000 -> {71C42EAB-123B-4E0C-8321-BBE86E737CC1} URL = hxxps://de.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=926458&p={searchTerms}
SearchScopes: HKU\S-1-5-21-892971799-3770444226-59494271-1000 -> {ielnksrch} URL = hxxp://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBUTxkij9_ByvzhEb-M2ds_L6qBDh2Fh6O4_pgTlWoSPUEpgbk0G26utLRWsKf0eq6DY-A_xS5Ig3-ri8KlAx9_YSd4Vt3gCNKs2-Fj4iOnGFgSrP4n-JrHkTRJz_CI2Nc9Fczz9Uxt9OQ34ex6MOkrtKbjRcsqZMXGEw1s&q={searchTerms}
BHO-x32: DivX Plus Web Player HTML5 <video> -> {326E768D-4182-46FD-9C16-1449A49795F4} -> C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll [2011-05-23] (DivX, LLC)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2014-07-25] (Oracle Corporation)
BHO-x32: Skype Browser Helper -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2011-10-10] (Skype Technologies S.A.)
BHO-x32: uTorrentBar_DE Toolbar -> {c840e246-6b95-475e-9bd7-caa1c7eca9f2} -> C:\Program Files (x86)\uTorrentBar_DE\prxtbuTor.dll Keine Datei
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2014-07-25] (Oracle Corporation)
Toolbar: HKLM-x32 - uTorrentBar_DE Toolbar - {c840e246-6b95-475e-9bd7-caa1c7eca9f2} - C:\Program Files (x86)\uTorrentBar_DE\prxtbuTor.dll Keine Datei
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2011-10-10] (Skype Technologies S.A.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Technologies)

FireFox:
========
FF ProfilePath: C:\Users\Chris\AppData\Roaming\Mozilla\Firefox\Profiles\txq8f1mc.default
FF NewTab: about:blank
FF DefaultSearchEngine: findit
FF SelectedSearchEngine: Yahoo!
FF Homepage: about:home
FF Keyword.URL: hxxps://de.search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&ilc=12&type=926458&p=
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_18_0_0_232.dll [2015-08-15] ()
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll [2011-06-20] (DivX, LLC.)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_232.dll [2015-08-15] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2015-07-30] ()
FF Plugin-x32: @divx.com/DivX Browser Plugin,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll [2011-05-25] (DivX, LLC)
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll [2011-06-20] (DivX, LLC.)
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2013-07-12] (Google)
FF Plugin-x32: @java.com/DTPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll [2014-07-25] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll [2014-07-25] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin-x32: @nitropdf.com/NitroPDF -> C:\Program Files (x86)\Nitro\Reader 3\npnitromozilla.dll [2013-07-26] (Nitro PDF)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2013-01-18] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2013-01-18] (NVIDIA Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll [Keine Datei]
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.13\npGoogleUpdate3.dll [2015-09-01] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.13\npGoogleUpdate3.dll [2015-09-01] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-06-29] (Adobe Systems Inc.)
FF SearchPlugin: C:\Users\Chris\AppData\Roaming\Mozilla\Firefox\Profiles\txq8f1mc.default\searchplugins\findit.xml [2015-09-01]
FF SearchPlugin: C:\Users\Chris\AppData\Roaming\Mozilla\Firefox\Profiles\txq8f1mc.default\searchplugins\google-images.xml [2014-10-27]
FF SearchPlugin: C:\Users\Chris\AppData\Roaming\Mozilla\Firefox\Profiles\txq8f1mc.default\searchplugins\google-maps.xml [2014-10-27]
FF Extension: VKontakte.ru Downloader - C:\Users\Chris\AppData\Roaming\Mozilla\Firefox\Profiles\txq8f1mc.default\Extensions\vk@sergeykolosov.mp.xpi [2014-12-22]
FF Extension: Adblock Plus - C:\Users\Chris\AppData\Roaming\Mozilla\Firefox\Profiles\txq8f1mc.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-07-26]
FF HKLM-x32\...\Firefox\Extensions: [{23fcfd51-4958-4f00-80a3-ae97e717ed8b}] - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5
FF Extension: DivX Plus Web Player HTML5 &video& - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2011-07-20]
FF HKU\S-1-5-21-892971799-3770444226-59494271-1000\...\Firefox\Extensions: [cliqz@cliqz.com] - C:\Users\Chris\AppData\Roaming\Mozilla\Firefox\Profiles\txq8f1mc.default\extensions\cliqz@cliqz.com

Chrome: 
=======
CHR Profile: C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-08-31]
CHR Extension: (Google Docs) - C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-08-31]
CHR Extension: (Google Drive) - C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-08-31]
CHR Extension: (YouTube) - C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-08-31]
CHR Extension: (Google Search) - C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-08-31]
CHR Extension: (Google Sheets) - C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-08-31]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-08-31]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-08-31]
CHR Extension: (Gmail) - C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-08-31]
CHR HKU\S-1-5-21-892971799-3770444226-59494271-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [gaiilaahiahdejapggenmdmafpmbipje] - C:\Program Files (x86)\DealPly\DealPly.crx <nicht gefunden>
CHR HKLM-x32\...\Chrome\Extension: [epojlgbehpaeekopencdagbdamnkppci] - C:\Program Files (x86)\LyriXeeker\128.crx <nicht gefunden>

==================== Dienste (Nicht auf der Ausnahmeliste) ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77128 2015-05-29] (Apple Inc.)
R3 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [245760 2010-01-25] (Brother Industries, Ltd.) [Datei ist nicht signiert]
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [23816 2015-04-30] (Microsoft Corporation)
R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [366544 2015-04-30] (Microsoft Corporation)
R2 NitroReaderDriverReadSpool3; C:\Program Files\Common Files\Nitro\Reader\3.0\NitroPDFReaderDriverService3x64.exe [230416 2013-07-26] (Nitro PDF Software)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [75136 2011-07-07] ()
R2 Saophase; C:\ProgramData\Saophase\Saophase.exe [33792 2015-08-27] () [Datei ist nicht signiert]
S3 Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [836288 2015-03-24] (Valve Corporation) [Datei ist nicht signiert]
R2 updayeline; C:\Users\Chris\AppData\Local\Nimline.exe [52736 2015-08-27] () [Datei ist nicht signiert]
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
S2 deribego; C:\Program Files (x86)\00000000-1440686185-0000-0000-1C6F6543CAC5\knsq4CAB.tmpfs [X]
S2 jimocoso; C:\Program Files (x86)\00000000-1440686185-0000-0000-1C6F6543CAC5\jnsf83E6.tmp [X]
S2 totyseku; C:\Program Files (x86)\00000000-1440686185-0000-0000-1C6F6543CAC5\hnsq9D71.tmp [X]

===================== Treiber (Nicht auf der Ausnahmeliste) ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S3 bulkadi; C:\Windows\System32\DRIVERS\bulkrazer_x64.sys [25088 2011-02-09] (Windows (R) Codename Longhorn DDK provider) [Datei ist nicht signiert]
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [279616 2011-12-11] (DT Soft Ltd)
S3 ebdrv; C:\Windows\system32\DRIVERS\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
S3 HTCAND64; C:\Windows\System32\Drivers\ANDROIDUSB.sys [33736 2009-11-02] (HTC, Corporation) [Datei ist nicht signiert]
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [280376 2015-03-04] (Microsoft Corporation)
S3 Netaapl; C:\Windows\System32\DRIVERS\netaapl64.sys [22528 2011-05-10] (Apple Inc.) [Datei ist nicht signiert]
R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [124568 2015-03-04] (Microsoft Corporation)
S3 ZDCNDIS6a64; C:\Windows\system32\ZDCNDIS6a64.sys [41280 2007-11-06] (Printing Communications Assoc., Inc. (PCAUSA))
S3 ZDCNDIS6a64; C:\Windows\SysWOW64\ZDCNDIS6a64.sys [41280 2007-11-06] (Printing Communications Assoc., Inc. (PCAUSA))
S3 ZY202_VS; C:\Windows\System32\DRIVERS\WlanGZG.sys [1041920 2007-11-06] (Atheros Communications, Inc.)
S1 grjldxdn; \??\C:\Windows\system32\drivers\grjldxdn.sys [X]
S1 iixvqrdn; \??\C:\Windows\system32\drivers\iixvqrdn.sys [X]
S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X]
S3 tsusbhub; system32\drivers\tsusbhub.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2015-09-01 21:59 - 2015-09-01 21:59 - 00024156 _____ C:\Users\Chris\Downloads\FRST.txt
2015-09-01 21:58 - 2015-09-01 21:59 - 00000000 ____D C:\FRST
2015-09-01 21:57 - 2015-09-01 21:57 - 02188800 _____ (Farbar) C:\Users\Chris\Downloads\FRST64.exe
2015-09-01 20:23 - 2015-09-01 20:24 - 00000000 ____D C:\ProgramData\Saophase
2015-09-01 20:23 - 2015-09-01 20:23 - 04241742 _____ (Bycatch) C:\Program Files\Common Files\fapihsdd.exe
2015-09-01 20:04 - 2015-09-01 20:04 - 00003156 _____ C:\Windows\System32\Tasks\ibqp15zq
2015-09-01 20:04 - 2015-09-01 20:04 - 00000000 ____D C:\Program Files\Common Files\3ecvmapm
2015-09-01 19:05 - 2015-09-01 19:05 - 00000000 ____D C:\Users\Chris\Documents\Finanzen
2015-09-01 17:12 - 2015-09-01 17:12 - 04241742 _____ (Bycatch) C:\Program Files\Common Files\0pzeiztr.exe
2015-09-01 17:12 - 2015-09-01 17:12 - 00000000 ____D C:\ProgramData\Saophases
2015-09-01 16:57 - 2015-09-01 16:57 - 00003156 _____ C:\Windows\System32\Tasks\vyk1avwh
2015-09-01 16:57 - 2015-09-01 16:57 - 00000000 ____D C:\Program Files\Common Files\535fla3w
2015-09-01 15:47 - 2015-09-01 19:49 - 00000000 ____D C:\AdwCleaner
2015-09-01 15:44 - 2015-09-01 15:44 - 01654272 _____ C:\Users\Chris\Downloads\AdwCleaner_5.005.exe
2015-08-31 20:48 - 2015-08-31 20:48 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-08-31 20:47 - 2015-09-01 20:23 - 00002255 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2015-08-31 20:35 - 2015-08-31 20:35 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2015-08-31 20:32 - 2015-08-31 20:32 - 00242984 _____ C:\Users\Chris\Downloads\Firefox Setup Stub 40.0.3.exe
2015-08-28 15:27 - 2015-09-01 20:23 - 00002377 _____ C:\Windows\SysWOW64\findit.xml
2015-08-28 15:00 - 2015-09-01 19:06 - 00000000 ____D C:\Users\Chris\Documents\Studium - Bauingenieurwesen Bachelor
2015-08-28 12:11 - 2015-08-28 12:11 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FreeOTFE Explorer
2015-08-28 12:10 - 2015-08-28 12:10 - 03350512 _____ (Sarah Dean) C:\Users\Chris\Downloads\FreeOTFEExplorer_3_51.exe
2015-08-28 12:08 - 2015-08-28 12:08 - 00075752 _____ C:\Users\Chris\Downloads\FreeOTFEExplorer_3_51-55596183.exe
2015-08-28 12:02 - 2015-08-28 12:02 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TrueCrypt
2015-08-28 11:59 - 2015-08-28 12:01 - 00000000 ____D C:\Users\Chris\AppData\Roaming\TrueCrypt
2015-08-28 11:58 - 2015-08-28 12:02 - 00230840 _____ (TrueCrypt Foundation) C:\Windows\system32\Drivers\truecrypt.sys
2015-08-28 10:23 - 2015-08-28 10:23 - 00003236 _____ C:\Windows\System32\Tasks\updatedoon
2015-08-27 20:45 - 2015-08-27 20:45 - 00000000 ____D C:\Users\Chris\AppData\Local\Mega Limited
2015-08-27 20:43 - 2015-08-27 20:44 - 09980608 _____ (MEGA Limited) C:\Users\Chris\Downloads\MEGAsyncSetup.exe
2015-08-27 20:37 - 2015-08-27 20:37 - 00000000 ____D C:\Users\Chris\AppData\Roaming\TaiG
2015-08-27 20:36 - 2015-07-15 15:54 - 72369664 _____ (taig tools) C:\Users\Chris\Desktop\TaiGJBreak_EN_2430.exe
2015-08-27 19:09 - 2015-08-27 19:09 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
2015-08-27 19:09 - 2015-08-27 19:09 - 00000000 ____D C:\Program Files (x86)\QuickTime
2015-08-27 19:03 - 2015-08-27 19:03 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2015-08-27 18:59 - 2015-08-27 19:03 - 00000000 ____D C:\Program Files\iTunes
2015-08-27 18:59 - 2015-08-27 18:59 - 00000000 ____D C:\Program Files\iPod
2015-08-27 16:45 - 2015-08-27 16:45 - 00003146 _____ C:\Windows\System32\Tasks\{226C6825-5220-4BE6-BFC3-85A1EEF608A9}
2015-08-27 16:38 - 2015-08-28 10:41 - 00000000 ____D C:\ProgramData\WWinManProW
2015-08-27 16:38 - 2015-08-27 16:38 - 00000124 _____ C:\ProgramData\{262E20B8-6E20-4CEF-B1FD-D022AB1085F5}.dat
2015-08-27 16:37 - 2015-08-17 14:29 - 00000826 _____ C:\Windows\system32\Drivers\etc\hp.bak
2015-08-27 16:36 - 2015-08-27 16:36 - 00052736 _____ C:\Users\Chris\AppData\Local\Nimline.exe
2015-08-27 16:35 - 2015-08-27 16:47 - 00000000 ____D C:\ProgramData\IcyCarje
2015-08-26 18:01 - 2015-08-26 18:01 - 00000000 ____D C:\Users\Chris\Documents\Reise
2015-08-26 18:00 - 2015-09-01 18:58 - 00000000 ____D C:\Users\Chris\AppData\Roaming\Nitro PDF
2015-08-26 18:00 - 2015-08-26 18:00 - 00000000 ____D C:\Users\Chris\AppData\Roaming\Nitro
2015-08-26 18:00 - 2015-08-26 18:00 - 00000000 ____D C:\Users\Chris\AppData\Roaming\FileOpen
2015-08-26 18:00 - 2015-08-26 18:00 - 00000000 ____D C:\ProgramData\FileOpen
2015-08-26 17:55 - 2013-07-26 06:57 - 00029712 _____ (Nitro PDF Software) C:\Windows\system32\nitrolocalmon2.dll
2015-08-26 17:55 - 2013-07-26 06:57 - 00017936 _____ (Nitro PDF Software) C:\Windows\system32\nitrolocalui2.dll
2015-08-26 17:54 - 2015-08-26 17:54 - 00002499 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nitro Reader 3.lnk
2015-08-26 17:54 - 2015-08-26 17:54 - 00002003 _____ C:\Users\Public\Desktop\Nitro Reader.lnk
2015-08-26 17:54 - 2015-08-26 17:54 - 00000000 ____D C:\Program Files\Common Files\Nitro
2015-08-26 17:53 - 2015-08-26 17:53 - 00000000 ____D C:\ProgramData\Nitro
2015-08-26 17:53 - 2015-08-26 17:53 - 00000000 ____D C:\Program Files (x86)\Nitro
2015-08-26 17:51 - 2015-08-26 17:51 - 00000000 ____D C:\Users\Chris\AppData\Roaming\Downloaded Installations
2015-08-24 16:57 - 2015-08-24 17:02 - 00321112 _____ C:\Users\Chris\Downloads\Take That - These Days.mp3.sfk
2015-08-23 19:16 - 2015-08-23 19:17 - 00336640 _____ C:\Users\Chris\Downloads\Coldplay - Viva la Vida.mp3.sfk
2015-08-23 18:58 - 2015-08-23 18:58 - 00320072 _____ C:\Users\Chris\Downloads\Dropkick Murphys - The State Of Massachusetts [ OST Реактивные клоуны ].mp3.sfk
2015-08-23 18:18 - 2011-12-31 18:10 - 57522638 _____ C:\Users\Chris\Desktop\GOPR0106.MP4
2015-08-23 17:09 - 2015-08-23 17:09 - 05668016 _____ (WindSolutions) C:\Users\Chris\Downloads\Install_CopyTransControlCenter.exe
2015-08-23 17:04 - 2015-08-23 17:05 - 01260832 _____ C:\Users\Chris\Downloads\SharePod - CHIP-Installer.exe
2015-08-21 23:03 - 2015-08-21 23:08 - 00244760 _____ C:\Users\Chris\Downloads\Arctic Monkeys - Fluorescent Adolescent.mp3.sfk
2015-08-21 21:40 - 2015-08-25 15:17 - 00000000 ____D C:\Users\Chris\Desktop\Video Australien Bonu
2015-08-19 23:11 - 2015-08-11 03:20 - 25191936 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-08-19 23:11 - 2015-08-11 03:14 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-08-19 23:11 - 2015-08-11 02:33 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-08-19 23:11 - 2015-08-11 02:20 - 19871232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-08-17 19:34 - 2015-08-17 19:34 - 00000000 ____D C:\Users\Chris\AppData\Local\TuneUp Software
2015-08-17 19:29 - 2015-08-17 19:29 - 00001528 _____ C:\Users\Public\Desktop\Free YouTube to MP3 Converter.lnk
2015-08-17 19:29 - 2015-08-17 19:29 - 00001237 _____ C:\Users\Public\Desktop\DVDVideoSoft Free Studio.lnk
2015-08-17 19:29 - 2015-08-17 19:29 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft
2015-08-17 19:28 - 2015-08-17 19:29 - 00000000 ____D C:\Program Files (x86)\FreeCodecPack
2015-08-17 19:28 - 2015-08-17 19:29 - 00000000 ____D C:\Program Files (x86)\DVDVideoSoft
2015-08-17 19:21 - 2015-08-17 19:24 - 36627576 _____ (DVDVideoSoft Ltd. ) C:\Users\Chris\Downloads\FreeYouTube61ToMP3Converter.exe
2015-08-17 18:35 - 2015-08-17 18:35 - 00001003 _____ C:\Users\Chris\Desktop\TransMac.lnk
2015-08-17 18:35 - 2015-08-17 18:35 - 00000000 ____D C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TransMac
2015-08-17 18:35 - 2015-08-17 18:35 - 00000000 ____D C:\Users\Chris\AppData\Local\TransMac
2015-08-17 18:34 - 2015-08-17 18:35 - 00000000 ____D C:\Program Files (x86)\TransMac
2015-08-17 18:32 - 2015-08-17 18:32 - 01260832 _____ C:\Users\Chris\Downloads\TransMac - CHIP-Installer.exe
2015-08-17 16:27 - 2015-08-17 16:27 - 00000000 ____D C:\Users\Chris\AppData\Local\CEF
2015-08-15 14:57 - 2015-08-15 14:57 - 00000000 ____D C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2015-08-14 22:47 - 2015-07-30 15:13 - 00124624 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2015-08-14 22:47 - 2015-07-30 15:13 - 00103120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2015-08-14 22:38 - 2015-07-21 02:39 - 00389840 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-08-14 22:38 - 2015-07-21 02:12 - 00342736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-08-14 22:38 - 2015-07-16 22:54 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-08-14 22:38 - 2015-07-16 22:37 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-08-14 22:38 - 2015-07-16 22:36 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-08-14 22:38 - 2015-07-16 22:36 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-08-14 22:38 - 2015-07-16 22:36 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-08-14 22:38 - 2015-07-16 22:35 - 02885632 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-08-14 22:38 - 2015-07-16 22:35 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-08-14 22:38 - 2015-07-16 22:27 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-08-14 22:38 - 2015-07-16 22:26 - 05923328 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-08-14 22:38 - 2015-07-16 22:26 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-08-14 22:38 - 2015-07-16 22:23 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-08-14 22:38 - 2015-07-16 22:21 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-08-14 22:38 - 2015-07-16 22:21 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-08-14 22:38 - 2015-07-16 22:21 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-08-14 22:38 - 2015-07-16 22:21 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-08-14 22:38 - 2015-07-16 22:12 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-08-14 22:38 - 2015-07-16 22:08 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-08-14 22:38 - 2015-07-16 22:00 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-08-14 22:38 - 2015-07-16 21:55 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-08-14 22:38 - 2015-07-16 21:54 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-08-14 22:38 - 2015-07-16 21:51 - 00504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-08-14 22:38 - 2015-07-16 21:51 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-08-14 22:38 - 2015-07-16 21:51 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-08-14 22:38 - 2015-07-16 21:50 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-08-14 22:38 - 2015-07-16 21:50 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-08-14 22:38 - 2015-07-16 21:49 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-08-14 22:38 - 2015-07-16 21:45 - 02279424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-08-14 22:38 - 2015-07-16 21:43 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-08-14 22:38 - 2015-07-16 21:43 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-08-14 22:38 - 2015-07-16 21:41 - 00479232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-08-14 22:38 - 2015-07-16 21:39 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-08-14 22:38 - 2015-07-16 21:39 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-08-14 22:38 - 2015-07-16 21:38 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-08-14 22:38 - 2015-07-16 21:36 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-08-14 22:38 - 2015-07-16 21:35 - 00720384 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-08-14 22:38 - 2015-07-16 21:34 - 14451200 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-08-14 22:38 - 2015-07-16 21:33 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-08-14 22:38 - 2015-07-16 21:32 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-08-14 22:38 - 2015-07-16 21:29 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-08-14 22:38 - 2015-07-16 21:24 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-08-14 22:38 - 2015-07-16 21:20 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-08-14 22:38 - 2015-07-16 21:19 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-08-14 22:38 - 2015-07-16 21:17 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-08-14 22:38 - 2015-07-16 21:12 - 04520448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-08-14 22:38 - 2015-07-16 21:12 - 02427904 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-08-14 22:38 - 2015-07-16 21:10 - 12856832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-08-14 22:38 - 2015-07-16 21:06 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-08-14 22:38 - 2015-07-16 21:06 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-08-14 22:38 - 2015-07-16 21:05 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-08-14 22:38 - 2015-07-16 21:01 - 01545728 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-08-14 22:38 - 2015-07-16 20:49 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-08-14 22:38 - 2015-07-16 20:42 - 01951232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-08-14 22:38 - 2015-07-16 20:38 - 01310720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-08-14 22:38 - 2015-07-16 20:37 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-08-14 22:37 - 2015-07-28 22:09 - 00017344 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2015-08-14 22:37 - 2015-07-28 22:05 - 01116672 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-08-14 22:37 - 2015-07-28 22:05 - 00774656 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-08-14 22:37 - 2015-07-28 22:05 - 00743424 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-08-14 22:37 - 2015-07-28 22:05 - 00437760 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-08-14 22:37 - 2015-07-28 22:05 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2015-08-14 22:37 - 2015-07-28 22:05 - 00069120 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2015-08-14 22:37 - 2015-07-28 21:55 - 01148416 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-08-14 22:37 - 2015-07-15 20:15 - 05568960 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-08-14 22:37 - 2015-07-15 20:15 - 00155584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-08-14 22:37 - 2015-07-15 20:15 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-08-14 22:37 - 2015-07-15 20:15 - 00094656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mountmgr.sys
2015-08-14 22:37 - 2015-07-15 20:12 - 01730496 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-08-14 22:37 - 2015-07-15 20:11 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2015-08-14 22:37 - 2015-07-15 20:11 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2015-08-14 22:37 - 2015-07-15 20:11 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2015-08-14 22:37 - 2015-07-15 20:11 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-08-14 22:37 - 2015-07-15 20:11 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2015-08-14 22:37 - 2015-07-15 20:10 - 01743360 _____ (Microsoft Corporation) C:\Windows\system32\sysmain.dll
2015-08-14 22:37 - 2015-07-15 20:10 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-08-14 22:37 - 2015-07-15 20:10 - 01216512 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2015-08-14 22:37 - 2015-07-15 20:10 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2015-08-14 22:37 - 2015-07-15 20:10 - 00729088 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-08-14 22:37 - 2015-07-15 20:10 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-08-14 22:37 - 2015-07-15 20:10 - 00424960 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2015-08-14 22:37 - 2015-07-15 20:10 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-08-14 22:37 - 2015-07-15 20:10 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-08-14 22:37 - 2015-07-15 20:10 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-08-14 22:37 - 2015-07-15 20:10 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-08-14 22:37 - 2015-07-15 20:10 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-08-14 22:37 - 2015-07-15 20:10 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2015-08-14 22:37 - 2015-07-15 20:10 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-08-14 22:37 - 2015-07-15 20:10 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-08-14 22:37 - 2015-07-15 20:10 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2015-08-14 22:37 - 2015-07-15 20:10 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2015-08-14 22:37 - 2015-07-15 20:10 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-08-14 22:37 - 2015-07-15 20:10 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-08-14 22:37 - 2015-07-15 20:10 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-08-14 22:37 - 2015-07-15 20:10 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-08-14 22:37 - 2015-07-15 20:10 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2015-08-14 22:37 - 2015-07-15 20:10 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\msmmsp.dll
2015-08-14 22:37 - 2015-07-15 20:09 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2015-08-14 22:37 - 2015-07-15 20:09 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-08-14 22:37 - 2015-07-15 20:05 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-08-14 22:37 - 2015-07-15 20:05 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-08-14 22:37 - 2015-07-15 20:00 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-08-14 22:37 - 2015-07-15 20:00 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2015-08-14 22:37 - 2015-07-15 20:00 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-08-14 22:37 - 2015-07-15 20:00 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-08-14 22:37 - 2015-07-15 20:00 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-08-14 22:37 - 2015-07-15 20:00 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-08-14 22:37 - 2015-07-15 20:00 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-08-14 22:37 - 2015-07-15 20:00 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-08-14 22:37 - 2015-07-15 20:00 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-08-14 22:37 - 2015-07-15 20:00 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-08-14 22:37 - 2015-07-15 20:00 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-08-14 22:37 - 2015-07-15 20:00 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-08-14 22:37 - 2015-07-15 20:00 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-08-14 22:37 - 2015-07-15 20:00 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-08-14 22:37 - 2015-07-15 20:00 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-08-14 22:37 - 2015-07-15 20:00 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-08-14 22:37 - 2015-07-15 20:00 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-08-14 22:37 - 2015-07-15 20:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-08-14 22:37 - 2015-07-15 20:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-08-14 22:37 - 2015-07-15 20:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-08-14 22:37 - 2015-07-15 20:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-08-14 22:37 - 2015-07-15 20:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-08-14 22:37 - 2015-07-15 20:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-08-14 22:37 - 2015-07-15 20:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-08-14 22:37 - 2015-07-15 20:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-08-14 22:37 - 2015-07-15 20:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-08-14 22:37 - 2015-07-15 20:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-08-14 22:37 - 2015-07-15 20:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-08-14 22:37 - 2015-07-15 20:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-08-14 22:37 - 2015-07-15 20:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-08-14 22:37 - 2015-07-15 19:59 - 03989952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-08-14 22:37 - 2015-07-15 19:59 - 03934656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-08-14 22:37 - 2015-07-15 19:56 - 01311768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2015-08-14 22:37 - 2015-07-15 19:55 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-08-14 22:37 - 2015-07-15 19:55 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-08-14 22:37 - 2015-07-15 19:55 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-08-14 22:37 - 2015-07-15 19:55 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-08-14 22:37 - 2015-07-15 19:55 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-08-14 22:37 - 2015-07-15 19:54 - 00552960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-08-14 22:37 - 2015-07-15 19:54 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-08-14 22:37 - 2015-07-15 19:54 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-08-14 22:37 - 2015-07-15 19:54 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2015-08-14 22:37 - 2015-07-15 19:54 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2015-08-14 22:37 - 2015-07-15 19:54 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-08-14 22:37 - 2015-07-15 19:54 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2015-08-14 22:37 - 2015-07-15 19:53 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2015-08-14 22:37 - 2015-07-15 19:53 - 00665088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2015-08-14 22:37 - 2015-07-15 19:53 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2015-08-14 22:37 - 2015-07-15 19:53 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-08-14 22:37 - 2015-07-15 19:53 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2015-08-14 22:37 - 2015-07-15 19:53 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2015-08-14 22:37 - 2015-07-15 19:49 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2015-08-14 22:37 - 2015-07-15 19:48 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-08-14 22:37 - 2015-07-15 19:44 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-08-14 22:37 - 2015-07-15 19:44 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2015-08-14 22:37 - 2015-07-15 19:44 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2015-08-14 22:37 - 2015-07-15 19:44 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2015-08-14 22:37 - 2015-07-15 19:44 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2015-08-14 22:37 - 2015-07-15 19:44 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2015-08-14 22:37 - 2015-07-15 19:44 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2015-08-14 22:37 - 2015-07-15 19:44 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2015-08-14 22:37 - 2015-07-15 19:44 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2015-08-14 22:37 - 2015-07-15 19:44 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2015-08-14 22:37 - 2015-07-15 19:44 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2015-08-14 22:37 - 2015-07-15 19:44 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2015-08-14 22:37 - 2015-07-15 19:44 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2015-08-14 22:37 - 2015-07-15 19:44 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2015-08-14 22:37 - 2015-07-15 19:44 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2015-08-14 22:37 - 2015-07-15 19:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2015-08-14 22:37 - 2015-07-15 19:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-08-14 22:37 - 2015-07-15 19:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2015-08-14 22:37 - 2015-07-15 19:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2015-08-14 22:37 - 2015-07-15 19:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2015-08-14 22:37 - 2015-07-15 19:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2015-08-14 22:37 - 2015-07-15 19:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2015-08-14 22:37 - 2015-07-15 19:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2015-08-14 22:37 - 2015-07-15 19:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2015-08-14 22:37 - 2015-07-15 19:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2015-08-14 22:37 - 2015-07-15 19:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2015-08-14 22:37 - 2015-07-15 18:46 - 00290816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2015-08-14 22:37 - 2015-07-15 18:46 - 00159232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2015-08-14 22:37 - 2015-07-15 18:46 - 00129024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2015-08-14 22:37 - 2015-07-15 18:37 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2015-08-14 22:37 - 2015-07-15 18:37 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2015-08-14 22:37 - 2015-07-15 18:34 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2015-08-14 22:37 - 2015-07-15 18:34 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2015-08-14 22:37 - 2015-07-15 18:34 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2015-08-14 22:37 - 2015-07-15 18:34 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2015-08-14 22:36 - 2015-07-15 05:19 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\basesrv.dll
2015-08-14 22:36 - 2015-07-10 19:51 - 03722752 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2015-08-14 22:36 - 2015-07-10 19:51 - 00158720 _____ (Microsoft Corporation) C:\Windows\system32\aaclient.dll
2015-08-14 22:36 - 2015-07-10 19:51 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\tsgqec.dll
2015-08-14 22:36 - 2015-07-10 19:34 - 03221504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2015-08-14 22:36 - 2015-07-10 19:34 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tsgqec.dll
2015-08-14 22:36 - 2015-07-10 19:33 - 00131584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aaclient.dll
2015-08-14 22:30 - 2015-07-30 20:06 - 02565120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2015-08-14 22:30 - 2015-07-30 20:06 - 01648128 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2015-08-14 22:30 - 2015-07-30 20:06 - 01180160 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2015-08-14 22:30 - 2015-07-30 20:06 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2015-08-14 22:30 - 2015-07-30 20:06 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2015-08-14 22:30 - 2015-07-30 20:06 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2015-08-14 22:30 - 2015-07-30 20:06 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2015-08-14 22:30 - 2015-07-30 19:57 - 01987584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2015-08-14 22:30 - 2015-07-30 19:57 - 01251328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2015-08-14 22:30 - 2015-07-30 19:57 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2015-08-14 22:30 - 2015-07-30 19:57 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2015-08-14 22:30 - 2015-07-30 19:57 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2015-08-14 22:30 - 2015-07-30 19:55 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2015-08-14 22:30 - 2015-07-30 18:56 - 03208192 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-08-14 22:30 - 2015-07-30 18:52 - 00372736 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2015-08-14 22:30 - 2015-07-30 18:49 - 00299520 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2015-08-14 22:30 - 2015-07-15 05:19 - 02004992 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2015-08-14 22:30 - 2015-07-15 05:19 - 01887232 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2015-08-14 22:30 - 2015-07-15 05:14 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml6r.dll
2015-08-14 22:30 - 2015-07-15 05:13 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2015-08-14 22:30 - 2015-07-15 04:55 - 01390592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2015-08-14 22:30 - 2015-07-15 04:55 - 01241088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2015-08-14 22:30 - 2015-07-15 04:51 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6r.dll
2015-08-14 22:30 - 2015-07-15 04:51 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2015-08-14 22:30 - 2015-07-01 22:49 - 00260096 _____ (Microsoft Corporation) C:\Windows\system32\WebClnt.dll
2015-08-14 22:30 - 2015-07-01 22:48 - 00102912 _____ (Microsoft Corporation) C:\Windows\system32\davclnt.dll
2015-08-14 22:30 - 2015-07-01 22:30 - 00206848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WebClnt.dll
2015-08-14 22:30 - 2015-07-01 22:30 - 00082432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\davclnt.dll
2015-08-14 22:29 - 2015-07-20 20:12 - 03154944 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-08-14 22:29 - 2015-07-20 20:12 - 02606080 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-08-14 22:29 - 2015-07-20 20:12 - 00696320 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-08-14 22:29 - 2015-07-20 20:12 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-08-14 22:29 - 2015-07-20 20:12 - 00139776 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-08-14 22:29 - 2015-07-20 20:12 - 00098304 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-08-14 22:29 - 2015-07-20 20:12 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2015-08-14 22:29 - 2015-07-20 20:12 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2015-08-14 22:29 - 2015-07-20 20:12 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-08-14 22:29 - 2015-07-20 20:12 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2015-08-14 22:29 - 2015-07-20 20:12 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2015-08-14 22:29 - 2015-07-20 19:56 - 00566784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2015-08-14 22:29 - 2015-07-20 19:56 - 00173056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2015-08-14 22:29 - 2015-07-20 19:56 - 00093184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2015-08-14 22:29 - 2015-07-20 19:56 - 00034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2015-08-14 22:29 - 2015-07-20 19:56 - 00030208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2015-08-14 22:29 - 2015-07-10 19:51 - 14177280 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2015-08-14 22:29 - 2015-07-10 19:34 - 12875776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2015-08-14 22:29 - 2015-07-09 19:57 - 00193536 _____ (Microsoft Corporation) C:\Windows\system32\notepad.exe
2015-08-14 22:29 - 2015-07-09 19:57 - 00193536 _____ (Microsoft Corporation) C:\Windows\notepad.exe
2015-08-14 22:29 - 2015-07-09 19:42 - 00179712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe
2015-08-10 23:16 - 2015-06-02 02:07 - 00254976 _____ (Microsoft Corporation) C:\Windows\system32\cewmdm.dll
2015-08-10 23:16 - 2015-06-02 01:47 - 00210432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cewmdm.dll
2015-08-10 23:15 - 2015-06-17 19:47 - 00404992 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2015-08-10 23:15 - 2015-06-17 19:37 - 00312320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2015-08-10 23:11 - 2015-07-04 20:07 - 02087424 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2015-08-10 23:11 - 2015-07-04 19:48 - 01414656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll
2015-08-10 23:11 - 2015-06-15 23:50 - 00112064 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2015-08-10 23:11 - 2015-06-15 23:45 - 03242496 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2015-08-10 23:11 - 2015-06-15 23:45 - 01941504 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2015-08-10 23:11 - 2015-06-15 23:45 - 00504320 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2015-08-10 23:11 - 2015-06-15 23:45 - 00070656 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll
2015-08-10 23:11 - 2015-06-15 23:44 - 00128000 _____ (Microsoft Corporation) C:\Windows\system32\msiexec.exe
2015-08-10 23:11 - 2015-06-15 23:43 - 02364416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2015-08-10 23:11 - 2015-06-15 23:43 - 01805824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2015-08-10 23:11 - 2015-06-15 23:43 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll
2015-08-10 23:11 - 2015-06-15 23:42 - 00073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msiexec.exe
2015-08-10 23:11 - 2015-06-15 23:42 - 00025088 _____ (Microsoft Corporation) C:\Windows\system32\msimsg.dll
2015-08-10 23:11 - 2015-06-15 23:37 - 00025088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msimsg.dll
2015-08-10 23:11 - 2015-06-11 19:56 - 01112576 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2015-08-10 23:11 - 2015-06-11 19:16 - 00162816 _____ (Microsoft Corporation) C:\Windows\system32\rdpudd.dll
2015-08-10 23:11 - 2015-06-11 19:15 - 00020992 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpvideominiport.sys
2015-08-10 23:11 - 2015-04-27 21:23 - 01480192 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2015-08-10 23:11 - 2015-04-27 21:23 - 00229376 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2015-08-10 23:11 - 2015-04-27 21:23 - 00188416 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2015-08-10 23:11 - 2015-04-27 21:23 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2015-08-10 23:11 - 2015-04-27 21:05 - 00179200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2015-08-10 23:11 - 2015-04-27 21:04 - 01174528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2015-08-10 23:11 - 2015-04-27 21:04 - 00143872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2015-08-10 23:11 - 2015-04-27 21:04 - 00103936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2015-08-06 11:43 - 2015-08-06 11:43 - 00094208 _____ (Apple Inc.) C:\Windows\SysWOW64\QuickTimeVR.qtx
2015-08-06 11:43 - 2015-08-06 11:43 - 00069632 _____ (Apple Inc.) C:\Windows\SysWOW64\QuickTime.qts

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2015-09-01 21:52 - 2015-06-20 18:39 - 00001224 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-892971799-3770444226-59494271-1000UA.job
2015-09-01 21:47 - 2011-06-21 14:20 - 00001110 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-09-01 21:45 - 2009-07-14 06:45 - 00017136 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-09-01 21:45 - 2009-07-14 06:45 - 00017136 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-09-01 21:19 - 2012-05-07 13:56 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-09-01 20:23 - 2014-06-04 17:05 - 00001161 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2015-09-01 20:23 - 2014-06-04 17:05 - 00001155 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2015-09-01 20:23 - 2011-05-27 18:15 - 00001429 _____ C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2015-09-01 20:02 - 2011-05-27 18:09 - 02022294 _____ C:\Windows\WindowsUpdate.log
2015-09-01 19:56 - 2012-11-25 19:19 - 00000000 ___RD C:\Users\Chris\Dropbox
2015-09-01 19:55 - 2012-11-25 19:16 - 00000000 ____D C:\Users\Chris\AppData\Roaming\Dropbox
2015-09-01 19:54 - 2011-06-21 14:20 - 00001106 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-09-01 19:53 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-09-01 19:52 - 2011-06-02 16:02 - 00000000 ____D C:\ProgramData\NVIDIA
2015-09-01 19:52 - 2011-05-29 09:03 - 00894216 _____ C:\Windows\PFRO.log
2015-09-01 19:52 - 2009-07-14 06:51 - 00086278 _____ C:\Windows\setupact.log
2015-09-01 15:55 - 2009-07-14 06:45 - 00360464 _____ C:\Windows\system32\FNTCACHE.DAT
2015-09-01 15:51 - 2011-09-30 19:52 - 00000000 ____D C:\ProgramData\ICQ
2015-09-01 15:42 - 2011-06-21 14:20 - 00004106 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-09-01 15:42 - 2011-06-21 14:20 - 00003854 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-09-01 15:37 - 2011-06-21 14:20 - 00000000 ____D C:\Users\Chris\AppData\Local\Google
2015-09-01 15:28 - 2015-06-20 18:39 - 00001172 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-892971799-3770444226-59494271-1000Core.job
2015-09-01 15:18 - 2011-07-11 00:01 - 00000000 ____D C:\Users\Chris\AppData\Roaming\Skype
2015-08-31 20:48 - 2011-05-28 14:30 - 00089504 _____ C:\Users\Chris\AppData\Local\GDIPFONTCACHEV1.DAT
2015-08-31 20:47 - 2011-06-21 14:20 - 00000000 ____D C:\Program Files (x86)\Google
2015-08-31 20:39 - 2011-07-30 14:39 - 00032012 _____ C:\Windows\DPINST.LOG
2015-08-31 20:35 - 2015-04-25 18:45 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2015-08-30 12:54 - 2009-07-14 19:58 - 00699432 _____ C:\Windows\system32\perfh007.dat
2015-08-30 12:54 - 2009-07-14 19:58 - 00149572 _____ C:\Windows\system32\perfc007.dat
2015-08-30 12:54 - 2009-07-14 07:13 - 01620684 _____ C:\Windows\system32\PerfStringBackup.INI
2015-08-28 15:18 - 2012-10-21 19:47 - 00000000 ____D C:\Users\Chris\Documents\Schule
2015-08-28 15:17 - 2013-08-23 13:24 - 00000000 ____D C:\Users\Chris\Documents\Bewerbung
2015-08-28 15:15 - 2011-11-02 16:00 - 00000000 ____D C:\Users\Chris\Documents\Dumm
2015-08-28 15:01 - 2015-05-10 16:55 - 00000000 ____D C:\Users\Chris\Documents\Ebay iPhone 6
2015-08-27 19:09 - 2014-07-02 20:06 - 00001845 _____ C:\Users\Public\Desktop\QuickTime Player.lnk
2015-08-27 19:03 - 2014-05-20 19:41 - 00001753 _____ C:\Users\Public\Desktop\iTunes.lnk
2015-08-27 18:59 - 2011-08-23 20:07 - 00000000 ____D C:\Program Files (x86)\iTunes
2015-08-27 18:59 - 2011-06-01 21:07 - 00000000 ____D C:\Program Files\Common Files\Apple
2015-08-27 18:57 - 2015-03-31 22:47 - 00000000 ____D C:\ProgramData\E1864A66-75E3-486a-BD95-D1B7D99A84A7
2015-08-27 18:10 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\NDF
2015-08-22 18:50 - 2015-05-10 16:56 - 00000000 __SHD C:\Users\Chris\AppData\Local\EmieBrowserModeList
2015-08-22 18:50 - 2014-05-27 20:00 - 00000000 __SHD C:\Users\Chris\AppData\Local\EmieUserList
2015-08-22 18:50 - 2014-05-27 20:00 - 00000000 __SHD C:\Users\Chris\AppData\Local\EmieSiteList
2015-08-18 01:10 - 2009-07-14 07:09 - 00000000 ____D C:\Windows\System32\Tasks\WPD
2015-08-18 01:07 - 2013-01-19 18:27 - 00000000 ____D C:\ProgramData\TuneUp Software
2015-08-17 19:34 - 2013-01-19 18:27 - 00000000 ____D C:\Users\Chris\AppData\Roaming\TuneUp Software
2015-08-17 19:31 - 2011-07-19 12:30 - 00000000 ____D C:\Users\Chris\AppData\Roaming\DVDVideoSoft
2015-08-17 17:45 - 2014-11-30 21:30 - 00000000 ____D C:\Program Files (x86)\Steam
2015-08-17 16:29 - 2011-10-06 21:10 - 00000000 ____D C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2015-08-17 14:32 - 2011-11-12 14:50 - 00000000 ____D C:\Program Files (x86)\LogMeIn Hamachi
2015-08-17 14:31 - 2011-11-12 14:51 - 00000000 ____D C:\Users\Chris\AppData\Local\LogMeIn Hamachi
2015-08-17 12:52 - 2014-10-30 17:46 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2015-08-16 04:12 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\rescache
2015-08-15 14:43 - 2015-04-16 03:33 - 00000000 ____D C:\Windows\system32\appraiser
2015-08-15 14:43 - 2014-05-06 22:20 - 00000000 ___SD C:\Windows\system32\CompatTel
2015-08-15 14:20 - 2012-05-07 13:56 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-08-15 14:20 - 2012-05-07 13:55 - 00778440 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-08-15 14:20 - 2011-05-28 14:33 - 00142536 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-08-14 22:47 - 2012-05-21 07:13 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2015-08-14 22:46 - 2012-05-21 07:12 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2015-08-14 22:46 - 2012-05-21 07:12 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2015-08-14 22:44 - 2013-07-17 01:08 - 00000000 ____D C:\Windows\system32\MRT
2015-08-14 21:26 - 2015-04-06 03:01 - 00000000 ___SD C:\Windows\system32\GWX
2015-08-14 21:17 - 2015-04-06 03:01 - 00000000 ___SD C:\Windows\SysWOW64\GWX
2015-08-14 21:17 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\PolicyDefinitions
2015-08-03 12:12 - 2012-02-17 14:38 - 00033856 ____H (LogMeIn, Inc.) C:\Windows\system32\hamachi.sys

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2015-09-01 17:12 - 2015-09-01 17:12 - 4241742 _____ (Bycatch) C:\Program Files\Common Files\0pzeiztr.exe
2015-09-01 20:23 - 2015-09-01 20:23 - 4241742 _____ (Bycatch) C:\Program Files\Common Files\fapihsdd.exe
2011-07-20 16:57 - 2011-07-20 17:45 - 0008704 _____ () C:\Users\Chris\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-08-27 16:36 - 2015-08-27 16:36 - 0052736 _____ () C:\Users\Chris\AppData\Local\Nimline.exe
2015-08-27 16:36 - 2015-08-27 16:36 - 0000187 _____ () C:\Users\Chris\AppData\Local\Nimline.exe.config
2015-08-27 16:38 - 2015-08-27 16:38 - 0000124 _____ () C:\ProgramData\{262E20B8-6E20-4CEF-B1FD-D022AB1085F5}.dat

Dateien, die verschoben oder gelöscht werden sollten:
====================
C:\ProgramData\{262E20B8-6E20-4CEF-B1FD-D022AB1085F5}.dat


Einige Dateien in TEMP:
====================
C:\Users\Chris\AppData\Local\Temp\948.exe
C:\Users\Chris\AppData\Local\Temp\beeagihhee.exe
C:\Users\Chris\AppData\Local\Temp\beeahgdded.exe
C:\Users\Chris\AppData\Local\Temp\Download MS Office 2010 Full Standard Pro Plus Keys__10924_i1605573274_il1949944.exe
C:\Users\Chris\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpn7nbfi.dll
C:\Users\Chris\AppData\Local\Temp\DseShExt-x64.dll
C:\Users\Chris\AppData\Local\Temp\DseShExt-x86.dll
C:\Users\Chris\AppData\Local\Temp\nitro_reader3_64.exe
C:\Users\Chris\AppData\Local\Temp\nszACAC.exe
C:\Users\Chris\AppData\Local\Temp\SDShelEx-win32.dll
C:\Users\Chris\AppData\Local\Temp\SDShelEx-x64.dll
C:\Users\Chris\AppData\Local\Temp\Setup-Foto-Mosaik-Edda.exe
C:\Users\Chris\AppData\Local\Temp\setup.exe
C:\Users\Chris\AppData\Local\Temp\sqlite3.dll
C:\Users\Chris\AppData\Local\Temp\System.Data.SQLite.dll
C:\Users\Chris\AppData\Local\Temp\tmp1AA9.tmp.exe
C:\Users\Chris\AppData\Local\Temp\UoFCD07.exe


==================== Bamital & volsnap =================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert


LastRegBack: 2015-08-29 16:29

==================== Ende von FRST.txt ============================

--- --- ---

[/CODE]

christenhove · 01.09.2015, 21:14

Und hier noch die zweite Textdatei:

Addition.txt

Code:

ATTFilter

Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:31-08-2015
durchgeführt von Chris (2015-09-01 22:00:56)
Gestartet von C:\Users\Chris\Downloads
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-892971799-3770444226-59494271-500 - Administrator - Disabled)
Chris (S-1-5-21-892971799-3770444226-59494271-1000 - Administrator - Enabled) => C:\Users\Chris
Gast (S-1-5-21-892971799-3770444226-59494271-501 - Limited - Disabled)
UpdatusUser (S-1-5-21-892971799-3770444226-59494271-1002 - Limited - Enabled) => C:\Users\UpdatusUser

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Microsoft Security Essentials (Enabled - Up to date) {B7ECF8CD-0188-6703-DBA4-AA65C6ACFB0A}
AS: Microsoft Security Essentials (Enabled - Up to date) {0C8D1929-27B2-688D-E114-9117BD2BB1B7}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.2.0.2070 - Adobe Systems Incorporated)
Adobe Flash Player 18 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 18.0.0.232 - Adobe Systems Incorporated)
Adobe Flash Player 18 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 18.0.0.232 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.12) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.12 - Adobe Systems Incorporated)
Apple Application Support (32-Bit) (HKLM-x32\...\{7FE25256-B7C1-480D-B736-10A67A833AEA}) (Version: 3.2 - Apple Inc.)
Apple Application Support (64-Bit) (HKLM\...\{B255D495-4734-4E9B-B4F5-96702FD4A7B9}) (Version: 3.2 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{5D61F006-168C-4B8B-B7FD-F113C10AE0E4}) (Version: 8.2.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Assassins Creed IV Black Flag Digital Deluxe Edition MULTI-5 1.01 (HKLM-x32\...\Assassins Creed IV Black Flag Digital Deluxe Edition MULTI-5 1.01) (Version:  - )
AviSynth 2.5 (HKLM-x32\...\AviSynth) (Version:  - )
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Brother MFL-Pro Suite MFC-J415W (HKLM-x32\...\{FB83EAC4-E3F6-4666-B45B-44522F2344B6}) (Version: 1.0.3.0 - Brother Industries, Ltd.)
CDBurnerXP (HKLM-x32\...\{909A791A-DBB0-432F-BC0E-D0C81925E340}) (Version: 4.5.3.4746 - Canneverbe Limited)
Cliqz (HKLM-x32\...\{5A0C0737-6AFE-4DC6-A8B4-6DFE509ACD75}_is1) (Version: 0.5.22 - Cliqz.com)
Compatibility Pack für 2007 Office System (HKLM-x32\...\{90120000-0020-0407-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.45.1.0236 - DT Soft Ltd)
Diablo III (HKLM-x32\...\Diablo III) (Version:  - Blizzard Entertainment)
DivX-Setup (HKLM-x32\...\DivX Setup.divx.com) (Version: 2.5.0.15 - DivX, LLC)
Dropbox (HKU\S-1-5-21-892971799-3770444226-59494271-1000\...\Dropbox) (Version: 3.8.6 - Dropbox, Inc.)
Formelrechner (HKLM-x32\...\{69F0CEA4-43E2-4CBB-92DF-41860A40A631}) (Version: 1.00.0000 - Cornelsen Verlag)
Foto-Mosaik-Edda Standard V7.3.15179.1 (HKLM-x32\...\{A2D6ECD0-7E52-42B7-9236-DB2951436616}_is1) (Version:  - Steffen Schirmer)
Free YouTube to MP3 Converter version 3.12.61.805 (HKLM-x32\...\Free YouTube to MP3 Converter_is1) (Version: 3.12.61.805 - DVDVideoSoft Ltd.)
General Runtime Files for Nemetschek Softlock 2006 (x32 Version: 1.4.0.0 - Nemetschek) Hidden
General Runtime Files for Nemetschek Softlock 2006 64 (Version: 1.3.0.0 - Nemetschek) Hidden
GeoGebra (HKLM-x32\...\GeoGebra) (Version: 4.0.22.0 - International GeoGebra Institute)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 44.0.2403.157 - Google Inc.)
Google Earth (HKLM-x32\...\{96AD3B61-EAE2-11E2-9E72-B8AC6F98CCE3}) (Version: 7.1.1.1888 - Google)
Google Update Helper (x32 Version: 1.3.24.7 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.28.13 - Google Inc.) Hidden
Hero Editor V0.96 (HKLM-x32\...\ST6UNST #1) (Version:  - )
Hero Editor V1.03 (C:\Program Files (x86)\Hero Editor\) (HKLM-x32\...\ST6UNST #3) (Version:  - )
Hero Editor V1.03 (HKLM-x32\...\ST6UNST #2) (Version:  - )
iCloud (HKLM\...\{309768A4-A2BB-4930-A5A2-8169678C9B4C}) (Version: 4.0.6.28 - Apple Inc.)
iTunes (HKLM\...\{BFEAB774-C7DC-4032-B05A-DA5F7CB7B365}) (Version: 12.2.2.25 - Apple Inc.)
iTunes-Statistik (HKU\S-1-5-21-892971799-3770444226-59494271-1000\...\5492ddc6d80fc6d0) (Version: 1.0.0.6 - iTunes-Statistik)
Java 7 Update 67 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217021FF}) (Version: 7.0.670 - Oracle)
Java(TM) 6 Update 30 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83216022FF}) (Version: 6.0.300 - Oracle)
L&H TTS3000 Deutsch (HKLM-x32\...\LHTTSGED) (Version:  - )
Logitech GamePanel Software 2.00 (HKLM\...\{7598C430-8B00-4447-A710-0DDA0770370A}) (Version: 2.00.171 - Logitech)
Logitech GamePanel Software 3.06.109 (HKLM\...\{A1E85B9A-AFAD-4D38-AF01-6B020DD5213A}) (Version: 3.06.109 - Logitech Inc.)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{929CE49F-1CA7-4CF3-A9A1-6D757443C63F}) (Version: 1.2.0241 - Microsoft Corporation)
Microsoft Office Professional Edition 2003 (HKLM-x32\...\{90110407-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation)
Microsoft Report Viewer 2012 Runtime (HKLM-x32\...\{A047101C-A3AE-4FAD-802F-01C965079F66}) (Version: 11.1.3010.3 - Microsoft Corporation)
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.8.204.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40728.0 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2012 (x64) (HKLM\...\{99AC7F47-A4E0-4706-9C65-8948775C2652}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (HKLM\...\{B6E3757B-5E77-3915-866A-CCFC4B8D194C}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{09298F26-A95C-31E2-9D95-2C60F586F075}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Mobile Mouse Server (HKLM-x32\...\{0FBCF6E4-1F1A-4729-940F-A354CC84A770}) (Version: 2.6.5 - RPA Tech, Inc)
MorphVOX Pro (HKLM-x32\...\{058AF8C6-E4DE-4D91-9879-B72860E9F615}) (Version: 4.3.13 - Screaming Bee)
Mouse Editor (HKLM-x32\...\InstallShield_{8973F26D-3E74-481C-AF11-FDC7D0089E96}) (Version: 10.07.0002 - Ihr Firmenname)
MOUSE Editor (x32 Version: 10.07.0002 - Ihr Firmenname) Hidden
Mozilla Firefox 40.0.3 (x86 de) (HKLM-x32\...\Mozilla Firefox 40.0.3 (x86 de)) (Version: 40.0.3 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 40.0.3 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
Nemetschek SoftLock 2006 (HKLM-x32\...\{7262D0C8-41CC-4F75-8383-A6C7C61D7FC6}) (Version: 1.26.55 - Nemetschek)
Nitro Reader 3 (HKLM\...\{4756C731-B54E-451A-9AF1-86E8AB1BEBBB}) (Version: 3.5.6.5 - Nitro)
Notepad++ (HKLM-x32\...\Notepad++) (Version: 5.9.8 - )
NVIDIA 3D Vision Controller-Treiber 295.73 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 295.73 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 311.06 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 311.06 - NVIDIA Corporation)
NVIDIA Grafiktreiber 311.06 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 311.06 - NVIDIA Corporation)
NVIDIA PhysX (HKLM-x32\...\{80407BA7-7763-4395-AB98-5233F1B34E65}) (Version: 9.13.1220 - NVIDIA Corporation)
NVIDIA Update 1.11.3 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 1.11.3 - NVIDIA Corporation)
PaperPort Image Printer 64-bit (HKLM\...\{ABA4FAF1-6389-45F9-92CE-3914A4E5C471}) (Version: 1.00.0000 - Nuance Communications, Inc.)
PixelNet Software 4.14.3 (HKLM-x32\...\PixelNet Software) (Version: 4.14.3 - ORWO Net)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.990 - Even Balance, Inc.)
Q.U.B.E: Director's Cut (HKLM-x32\...\Steam App 239430) (Version:  - Toxic Games)
QuickTime 7 (HKLM-x32\...\{80CEEB1E-0A6C-45B9-A312-37A1D25FDEBC}) (Version: 7.78.80.95 - Apple Inc.)
ScanSoft PaperPort 11 (HKLM-x32\...\{02570AE0-BEE0-4A6C-BE3F-D806E9F2EA17}) (Version: 11.2.0000 - Nuance Communications, Inc.)
Skype Click to Call (HKLM-x32\...\{B6CF2967-C81E-40C0-9815-C05774FEF120}) (Version: 5.6.8442 - Skype Technologies S.A.)
Skype™ 7.0 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.0.102 - Skype Technologies S.A.)
Speedport W 101 Stick WLAN Manager (HKLM-x32\...\{C5D78EFC-A9C1-44F3-81CB-D42C5DF8EA09}) (Version: 1.00.0000 - Deutsche Telekom)
Steam (HKLM-x32\...\Steam) (Version:  - Valve Corporation)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.14 - TeamSpeak Systems GmbH)
Tunatic (HKLM-x32\...\Tunatic) (Version:  - )
Ubisoft Game Launcher (HKLM-x32\...\{888F1505-C2B3-4FDE-835D-36353EBD4754}) (Version: 1.0.0.0 - UBISOFT)
Uninstall 1.0.0.1 (HKLM-x32\...\Uninstall_is1) (Version:  - )
VC80CRTRedist - 8.0.50727.4053 (x32 Version: 1.1.0 - DivX, Inc) Hidden
Vegas Pro 10.0 (64-bit) (HKLM\...\{2E0DCF0F-7754-11E0-BFE1-0013D3D69929}) (Version: 10.0.670 - Sony)
VLC media player 1.1.10 (HKLM-x32\...\VLC media player) (Version: 1.1.10 - VideoLAN)
Winamp (HKLM-x32\...\Winamp) (Version: 5.623  - Nullsoft, Inc)
Winamp Erkennungs-Plug-in (HKU\S-1-5-21-892971799-3770444226-59494271-1000\...\Winamp Detect) (Version: 1.0.0.1 - Nullsoft, Inc)
WinRAR 4.00 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 4.00.0 - win.rar GmbH)
XBMC (HKU\S-1-5-21-892971799-3770444226-59494271-1000\...\XBMC) (Version:  - Team XBMC)

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

CustomCLSID: HKU\S-1-5-21-892971799-3770444226-59494271-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Chris\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-892971799-3770444226-59494271-1000_Classes\CLSID\{1423F872-3F7F-4E57-B621-8B1A9D49B448}\InprocServer32 -> C:\Users\Chris\AppData\Local\Google\Update\1.3.27.5\psuser_64.dll Keine Datei
CustomCLSID: HKU\S-1-5-21-892971799-3770444226-59494271-1000_Classes\CLSID\{355EC88A-02E2-4547-9DEE-F87426484BD1}\InprocServer32 -> C:\Users\Chris\AppData\Local\Google\Update\1.3.23.9\psuser_64.dll Keine Datei
CustomCLSID: HKU\S-1-5-21-892971799-3770444226-59494271-1000_Classes\CLSID\{38216570-5DB1-45F8-A344-B0C4E252B14B}\InprocServer32 -> C:\Users\Chris\AppData\Local\Google\Update\1.3.26.7\psuser_64.dll Keine Datei
CustomCLSID: HKU\S-1-5-21-892971799-3770444226-59494271-1000_Classes\CLSID\{414325d3-ac7e-40b7-93ca-5a4e9502a445}\InprocServer32 -> C:\Windows\system32\dfshim.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-892971799-3770444226-59494271-1000_Classes\CLSID\{5C8C2A98-6133-4EBA-BBCC-34D9EA01FC2E}\InprocServer32 -> C:\Users\Chris\AppData\Local\Google\Update\1.3.28.1\psuser_64.dll Keine Datei
CustomCLSID: HKU\S-1-5-21-892971799-3770444226-59494271-1000_Classes\CLSID\{d62edc7d-7266-4eea-96fe-b030999ce9c4}\InprocServer32 -> C:\Windows\system32\dfshim.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-892971799-3770444226-59494271-1000_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\Chris\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-892971799-3770444226-59494271-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Chris\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-892971799-3770444226-59494271-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Chris\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-892971799-3770444226-59494271-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Chris\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-892971799-3770444226-59494271-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Chris\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-892971799-3770444226-59494271-1000_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Chris\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-892971799-3770444226-59494271-1000_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Chris\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-892971799-3770444226-59494271-1000_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Chris\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-892971799-3770444226-59494271-1000_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Chris\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-892971799-3770444226-59494271-1000_Classes\CLSID\{FBC9D74C-AF55-4309-9FB2-C426E071637F}\InprocServer32 -> C:\Users\Chris\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-892971799-3770444226-59494271-1000_Classes\CLSID\{FE498BAB-CB4C-4F88-AC3F-3641AAAF5E9E}\InprocServer32 -> C:\Users\Chris\AppData\Local\Google\Update\1.3.24.7\psuser_64.dll Keine Datei

==================== Wiederherstellungspunkte =========================

30-08-2015 14:52:25 Geplanter Prüfpunkt
31-08-2015 20:38:48 Removed Razer Megalodon Firmware Updater.
31-08-2015 20:40:33 MorphVOX Pro wird entfernt
31-08-2015 20:41:45 Removed League of Legends
01-09-2015 15:32:41 Windows Update
01-09-2015 15:38:46 Chrome Cleanup Tool

==================== Hosts Inhalt: ===============================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2009-07-14 04:34 - 2015-08-17 14:29 - 00000826 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {0C2F5D9B-1744-469B-9CF5-947CB2136DC6} - System32\Tasks\vyk1avwh => C:\Program Files\Common Files\535fla3w\271d6xokv0ijq.exe [2015-08-18] ()
Task: {0EA62F8B-1A9C-4DDE-8AC5-45AA5001EF51} - System32\Tasks\Launch HTC Sync Loader => C:\Program Files (x86)\HTC\HTC Sync 3.0\htcUPCTLoader.exe
Task: {0F716D7C-90C8-4FC2-946D-C69C054CB61F} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-08-15] (Adobe Systems Incorporated)
Task: {390B916E-6EE0-4D53-BE31-07B4C3CDD376} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-01] (Google Inc.)
Task: {3C59FE50-AB85-4539-BDF2-C8D9FCE3ED57} - System32\Tasks\{9CFB7071-E781-4F34-A602-6A77D403CF73} => pcalua.exe -a C:\WINDOWS\st6unst.exe -c -n "C:\Program Files (x86)\ST6UNST.LOG"
Task: {41071BD4-BD07-44BF-9F96-A7455018CBE6} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-892971799-3770444226-59494271-1000Core => C:\Users\Chris\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-20] (Dropbox, Inc.)
Task: {5058F3F0-A09B-4834-885F-137F20682997} - System32\Tasks\{0D40F945-F21E-4496-8865-EB6EC27C7F76} => pcalua.exe -a C:\Users\Chris\Downloads\PlugY_The_Survival_Kit_v10.00.exe -d C:\Users\Chris\Downloads
Task: {56E869ED-43DF-4284-B787-C191820E54F9} - System32\Tasks\{66ECA84D-C527-473E-97D5-0FE035806D50} => pcalua.exe -a "C:\Program Files (x86)\Game Cam V2\uninst.exe" -d "C:\Program Files (x86)\Game Cam V2"
Task: {5B2B80D8-A4B1-42CA-96BF-0BC9D20E2CCD} - System32\Tasks\{B8D209E3-D242-4A14-A888-9EBD8690EC6C} => C:\Program Files (x86)\Skype\\Phone\Skype.exe [2014-12-11] (Skype Technologies S.A.)
Task: {80E035A9-9E98-41FE-960F-A17E8E038A47} - System32\Tasks\{886B2AE9-8DE7-4DF6-AAB6-A9AF8A715C05} => pcalua.exe -a C:\Users\Chris\Downloads\setup.exe -d "C:\Program Files (x86)\Mozilla Firefox"
Task: {88183B42-2D7C-45B4-AC30-CCDBE64FB6FD} - System32\Tasks\{BEC608BD-83AC-4B7D-8BEA-4F536481F221} => pcalua.exe -a "C:\Program Files (x86)\Diablo II\Data\Uninstall D2 SP PlugY Enhancement Mod 1.4.exe" -d "C:\Program Files (x86)\Diablo II\Data"
Task: {8825DCA6-58C4-4161-BDDB-D629DDF6DE7E} - System32\Tasks\{226C6825-5220-4BE6-BFC3-85A1EEF608A9} => pcalua.exe -a C:\Users\Chris\AppData\Roaming\oursurfing\UninstallManager.exe -c  -ptid=2sq
Task: {9CE3D10F-02A9-4B0D-AC68-4484761B83D4} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-01] (Google Inc.)
Task: {A2A336E8-6252-4B81-BB2F-10CC0617437C} - System32\Tasks\updatedoon => C:\Windows\system32\config\systemprofile\AppData\Local\Freelab [2015-08-27] ()
Task: {B1AFE5C1-DA0E-4618-BCE1-7200DC815DC6} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {B240CAF5-37A4-4D22-B65D-7A26DDAE84D8} - System32\Tasks\{092BD2BB-3FF4-4BD9-87B5-9297BAC391EA} => pcalua.exe -a C:\Users\Chris\Desktop\Portal\SteamLess_LanguageSelector_Portal.exe -d C:\Users\Chris\Desktop\Portal
Task: {B5704CD4-B2E7-4F0B-AF79-423B131BAAC8} - System32\Tasks\{EA05975D-9375-41E0-A6DB-597E2DC54E1F} => C:\Program Files (x86)\Skype\\Phone\Skype.exe [2014-12-11] (Skype Technologies S.A.)
Task: {B5FEE1F6-7A0B-4C9D-89FF-41609A813EC4} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-892971799-3770444226-59494271-1000UA => C:\Users\Chris\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-20] (Dropbox, Inc.)
Task: {BC5C6167-16EA-4501-87C4-BB0474F96BB5} - System32\Tasks\ibqp15zq => C:\Program Files\Common Files\3ecvmapm\4f1b8cnrgenzl.exe [2015-08-18] ()
Task: {CAB6600E-13DA-4B2F-B208-9A41ADA0D883} - System32\Tasks\Microsoft\Windows\Application Experience\ProgramDataUpdater => Rundll32.exe invagent.dll,RunUpdate -noappraiser
Task: {D8849B9B-8A79-4855-9875-492A3BA7361A} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-07-07] (Adobe Systems Incorporated)
Task: {D912ACDC-E440-4B8D-8CC0-DAD74F3A320F} - System32\Tasks\{6B524F1C-EA3B-4443-9958-841744D5DA7E} => pcalua.exe -a "C:\Program Files (x86)\Steam\steam.exe" -c steam://uninstall/570
Task: {FBA7F640-2789-4A37-9E3D-DC568E9550C7} - System32\Tasks\SidebarExecute => C:\Program Files (x86)\Windows Sidebar\sidebar.exe [2010-11-20] (Microsoft Corporation)
Task: {FF605BE7-3A50-4DBA-9E88-3082866259F2} - System32\Tasks\{4A8CD1CA-C958-4483-A45E-42C8BD10ED7E} => pcalua.exe -a C:\Users\Chris\Downloads\Diablo-III-8370-deDE-Installer-downloader.exe -d C:\Users\Chris\Downloads

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-892971799-3770444226-59494271-1000Core.job => C:\Users\Chris\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-892971799-3770444226-59494271-1000UA.job => C:\Users\Chris\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2012-05-14 18:46 - 2013-01-18 17:00 - 00087328 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2015-02-13 04:20 - 2015-02-13 04:20 - 00085832 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2015-05-15 16:26 - 2015-05-15 16:26 - 01346344 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2011-07-07 20:08 - 2011-07-07 20:08 - 00075136 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2011-08-21 13:09 - 2005-04-22 06:36 - 00143360 ____R () C:\Windows\system32\BrSNMP64.dll
2015-08-27 16:36 - 2015-08-27 16:36 - 00052736 _____ () C:\Users\Chris\AppData\Local\Nimline.exe
2011-05-28 19:07 - 2011-03-02 12:40 - 00164864 _____ () C:\Program Files\WinRAR\rarext.dll
2010-07-22 08:15 - 2010-07-22 08:15 - 02624512 _____ () C:\Program Files (x86)\MOUSE Editor\MouseEditor.exe
2015-08-27 10:20 - 2015-08-27 10:20 - 00033792 _____ () C:\ProgramData\Saophase\Saophase.exe
2015-09-01 20:23 - 2015-09-01 20:23 - 00150528 _____ () C:\ProgramData\Saophase\Flexphase.exe
2010-06-01 05:41 - 2010-06-01 05:41 - 00098816 _____ () C:\Program Files (x86)\MOUSE Editor\DLL\DLL_MouseDeviceManager.dll
2010-04-03 05:37 - 2010-04-03 05:37 - 00094208 _____ () C:\Program Files (x86)\MOUSE Editor\DLL\DLL_ZoomControl.dll
2010-04-03 05:37 - 2010-04-03 05:37 - 00062976 _____ () C:\Program Files (x86)\MOUSE Editor\DLL\DLL_ScrollbarControl.dll
2010-04-03 05:37 - 2010-04-03 05:37 - 00069632 _____ () C:\Program Files (x86)\MOUSE Editor\DLL\DLL_AnalyzeGesturesInRight.dll
2010-04-03 05:36 - 2010-04-03 05:36 - 00069632 _____ () C:\Program Files (x86)\MOUSE Editor\DLL\DLL_AnalyzeGesturesInOne.dll
2010-04-03 05:37 - 2010-04-03 05:37 - 00127488 _____ () C:\Program Files (x86)\MOUSE Editor\DLL\DLL_Wheel4D.dll
2010-05-07 17:05 - 2010-05-07 17:05 - 00042496 _____ () C:\Program Files (x86)\MOUSE Editor\Data\MouseEditor\Forms\OSD_Text\OSD_Text.dll
2011-08-21 13:08 - 2009-02-27 16:38 - 00139264 ____R () C:\Program Files (x86)\Brother\BrUtilities\BrLogAPI.dll
2015-09-01 19:54 - 2015-09-01 19:54 - 00071168 _____ () c:\users\chris\appdata\local\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpn7nbfi.dll
2015-03-04 23:45 - 2015-08-05 22:49 - 00012800 _____ () C:\Users\Chris\AppData\Roaming\Dropbox\bin\QtQuick.2\qtquick2plugin.dll
2015-03-04 23:45 - 2015-08-05 22:49 - 00779776 _____ () C:\Users\Chris\AppData\Roaming\Dropbox\bin\QtQuick\Controls\qtquickcontrolsplugin.dll
2015-08-10 22:27 - 2015-08-05 22:49 - 00056320 _____ () C:\Users\Chris\AppData\Roaming\Dropbox\bin\QtQuick\Layouts\qquicklayoutsplugin.dll
2015-03-04 23:45 - 2015-08-05 22:49 - 00012288 _____ () C:\Users\Chris\AppData\Roaming\Dropbox\bin\QtQuick\Window.2\windowplugin.dll
2015-09-01 20:23 - 2015-09-01 20:23 - 00194560 _____ () C:\ProgramData\Saophase\Lot-Top.dll
2015-09-01 20:23 - 2015-09-01 20:23 - 00364032 _____ () C:\ProgramData\Saophase\OpenZap.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)


==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)


==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)


==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-892971799-3770444226-59494271-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.2.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist deaktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Air Mouse.lnk => C:\Windows\pss\Air Mouse.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Speedport W 101 WLAN Manager.lnk => C:\Windows\pss\Speedport W 101 WLAN Manager.lnk.CommonStartup
MSCONFIG\startupfolder: C:^Users^Chris^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^CurseClientStartup.ccip => C:\Windows\pss\CurseClientStartup.ccip.Startup
MSCONFIG\startupfolder: C:^Users^Chris^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Dropbox.lnk => C:\Windows\pss\Dropbox.lnk.Startup
MSCONFIG\startupreg: ApplePhotoStreams => C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
MSCONFIG\startupreg: APSDaemon => "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
MSCONFIG\startupreg: DAEMON Tools Lite => "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
MSCONFIG\startupreg: DivXUpdate => "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
MSCONFIG\startupreg: Google Update => "C:\Users\Chris\AppData\Local\Google\Update\GoogleUpdate.exe" /c
MSCONFIG\startupreg: HTC Sync Loader => "C:\Program Files (x86)\HTC\HTC Sync 3.0\htcUPCTLoader.exe" -startup
MSCONFIG\startupreg: iCloudServices => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
MSCONFIG\startupreg: ICQ => "C:\Program Files (x86)\ICQ7.6\ICQ.exe" silent loginmode=4
MSCONFIG\startupreg: IndexSearch => "C:\Program Files (x86)\ScanSoft\PaperPort\IndexSearch.exe"
MSCONFIG\startupreg: iTunesHelper => "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: LogMeIn Hamachi Ui => "C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
MSCONFIG\startupreg: MobileDocuments => C:\Program Files (x86)\Common Files\Apple\Internet Services\ubd.exe
MSCONFIG\startupreg: msnmsgr => "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background
MSCONFIG\startupreg: OscarEditor => "C:\Program Files (x86)\MOUSE Editor\MouseEditor.exe" Minimum
MSCONFIG\startupreg: PaperPort PTD => "C:\Program Files (x86)\ScanSoft\PaperPort\pptd40nt.exe"
MSCONFIG\startupreg: PPort11reminder => "C:\Program Files (x86)\ScanSoft\PaperPort\Ereg\Ereg.exe" -r "C:\ProgramData\ScanSoft\PaperPort\11\Config\Ereg\Ereg.ini"
MSCONFIG\startupreg: QuickTime Task => "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
MSCONFIG\startupreg: SSBkgdUpdate => "C:\Program Files (x86)\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot
MSCONFIG\startupreg: Steam => "C:\Program Files (x86)\Steam\steam.exe" -silent
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
MSCONFIG\startupreg: uTorrent => "C:\Users\Chris\Downloads\utorrent (1).exe"  /MINIMIZED
MSCONFIG\startupreg: WinampAgent => "C:\Program Files (x86)\Winamp\winampa.exe"
MSCONFIG\startupreg: Yontoo Desktop => "C:\Users\Chris\AppData\Roaming\Yontoo\YontooDesktop.exe"

==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [{F36E5FC8-21E3-4E3A-97A1-88C2A214CF8E}] => (Allow) C:\Program Files (x86)\StarCraft II\StarCraft II.exe
FirewallRules: [{26A49729-D09D-4CC1-B927-3B26FD308C95}] => (Allow) C:\Program Files (x86)\StarCraft II\StarCraft II.exe
FirewallRules: [TCP Query User{7409DD72-F44B-4DA1-92A8-9D7E2C4707DC}C:\program files (x86)\starcraft ii\versions\base18574\sc2.exe] => (Block) C:\program files (x86)\starcraft ii\versions\base18574\sc2.exe
FirewallRules: [UDP Query User{B937681A-2414-4356-9DB2-87B461620151}C:\program files (x86)\starcraft ii\versions\base18574\sc2.exe] => (Block) C:\program files (x86)\starcraft ii\versions\base18574\sc2.exe
FirewallRules: [{BC399083-2A6B-4A57-839D-64EF5D94FC7A}] => (Allow) C:\Program Files (x86)\StarCraft II\StarCraft II.exe
FirewallRules: [{78D697C7-992A-4C39-98E7-BCBA48433BB9}] => (Allow) C:\Program Files (x86)\StarCraft II\StarCraft II.exe
FirewallRules: [{37B72AFE-B279-43AC-BA3D-20B818A26046}] => (Allow) C:\Program Files (x86)\StarCraft II\Versions\Base15405\SC2.exe
FirewallRules: [{5F4DBBF6-6711-4B39-8D0A-1033266D8CF5}] => (Allow) C:\Program Files (x86)\StarCraft II\Versions\Base15405\SC2.exe
FirewallRules: [TCP Query User{7CA2F9D5-471B-4D30-BA65-B3602FB9A22E}C:\program files (x86)\starcraft ii\support\blizzarddownloader.exe] => (Allow) C:\program files (x86)\starcraft ii\support\blizzarddownloader.exe
FirewallRules: [UDP Query User{76B3A732-CCAF-432C-A450-C520CCED751E}C:\program files (x86)\starcraft ii\support\blizzarddownloader.exe] => (Allow) C:\program files (x86)\starcraft ii\support\blizzarddownloader.exe
FirewallRules: [TCP Query User{BF869016-25E6-4028-8C28-6B95DEBA3855}C:\program files (x86)\starcraft ii\versions\base18574\sc2.exe] => (Block) C:\program files (x86)\starcraft ii\versions\base18574\sc2.exe
FirewallRules: [UDP Query User{3DA212D4-7247-447A-AAE5-DE7353B1AE7F}C:\program files (x86)\starcraft ii\versions\base18574\sc2.exe] => (Block) C:\program files (x86)\starcraft ii\versions\base18574\sc2.exe
FirewallRules: [{901E264E-ACBE-4A2B-9A64-7A834C6BD57D}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{3D902BA3-7CD5-4D2F-A70D-9A547FA3186F}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{9959B792-AD14-4F7C-B6AB-EA2291FECA8C}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
FirewallRules: [{7D148F64-70EB-4C8F-B350-91D097667538}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
FirewallRules: [TCP Query User{40FAA529-58B2-45CA-8A73-98F9606928B9}C:\program files (x86)\google\google earth\client\googleearth.exe] => (Allow) C:\program files (x86)\google\google earth\client\googleearth.exe
FirewallRules: [UDP Query User{C4C9DCAE-6A77-4D20-BB96-E3C3A4EBCE49}C:\program files (x86)\google\google earth\client\googleearth.exe] => (Allow) C:\program files (x86)\google\google earth\client\googleearth.exe
FirewallRules: [TCP Query User{C120F0E5-113D-4B25-A66B-792CF38926AE}F:\wow\temp\wow-4.2.0.2492-enus-tools-downloader.exe] => (Allow) F:\wow\temp\wow-4.2.0.2492-enus-tools-downloader.exe
FirewallRules: [UDP Query User{7454E851-8428-4F62-B6F5-2A6AB6254334}F:\wow\temp\wow-4.2.0.2492-enus-tools-downloader.exe] => (Allow) F:\wow\temp\wow-4.2.0.2492-enus-tools-downloader.exe
FirewallRules: [TCP Query User{1BC5CAB8-1F9B-4487-8D90-915710FB7A58}F:\wow\launcher.exe] => (Allow) F:\wow\launcher.exe
FirewallRules: [UDP Query User{B76CFA43-D666-400F-9DF5-1870DDBE4DFF}F:\wow\launcher.exe] => (Allow) F:\wow\launcher.exe
FirewallRules: [TCP Query User{1FA645F7-BBE4-4CA7-AAC9-ED98A489603A}F:\wow\backgrounddownloader.exe] => (Allow) F:\wow\backgrounddownloader.exe
FirewallRules: [UDP Query User{9005CBD4-D600-4F3B-864B-CB0B0AC1D265}F:\wow\backgrounddownloader.exe] => (Allow) F:\wow\backgrounddownloader.exe
FirewallRules: [TCP Query User{11974268-4196-46F3-B7FB-86D2E9B7087B}F:\wow\launcher.patch.exe] => (Allow) F:\wow\launcher.patch.exe
FirewallRules: [UDP Query User{9A353ECF-9FCF-4FD5-BCB5-82027E77D978}F:\wow\launcher.patch.exe] => (Allow) F:\wow\launcher.patch.exe
FirewallRules: [TCP Query User{D02273C5-1D20-4C39-A08F-9FBCAA01A909}C:\program files (x86)\valve\portal 2\portal2.exe] => (Allow) C:\program files (x86)\valve\portal 2\portal2.exe
FirewallRules: [UDP Query User{7B51499E-DDDE-4433-A8F0-EED67AF6304C}C:\program files (x86)\valve\portal 2\portal2.exe] => (Allow) C:\program files (x86)\valve\portal 2\portal2.exe
FirewallRules: [TCP Query User{BB96E686-A3BE-4453-A757-D081F0920557}C:\program files\crysis 2\bin32\crysis2.exe] => (Allow) C:\program files\crysis 2\bin32\crysis2.exe
FirewallRules: [UDP Query User{D8974725-860D-46C4-A75A-DEC245B791C2}C:\program files\crysis 2\bin32\crysis2.exe] => (Allow) C:\program files\crysis 2\bin32\crysis2.exe
FirewallRules: [{314E4541-7A3A-4086-88E7-AA2839224518}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe
FirewallRules: [{4F4650D8-7547-4417-9910-74BB27CA0650}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe
FirewallRules: [{53688786-3C46-4F5A-B8F7-5EEDA4FF129E}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{D56AE64C-B105-4F81-9191-4E2216020C69}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{7EF1B100-7607-4CCF-9C6C-E12704F157BB}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{BE29DCBD-5870-4D0E-8042-F6EA67326A96}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{E27A4266-8EA8-4FFC-8F09-5EC5FFECE219}] => (Allow) C:\Program Files (x86)\Ubisoft\Assassin's Creed Brotherhood\ACBSP.exe
FirewallRules: [{9E34AAA6-5E92-4C33-86B7-3D288E6DEF6B}] => (Allow) C:\Program Files (x86)\Ubisoft\Assassin's Creed Brotherhood\ACBSP.exe
FirewallRules: [{E090BC59-1928-4549-9CD8-3F87A389BA76}] => (Allow) C:\Program Files (x86)\Ubisoft\Assassin's Creed Brotherhood\ACBMP.exe
FirewallRules: [{63867AD4-C716-4C05-BD9F-F10AF972E1A4}] => (Allow) C:\Program Files (x86)\Ubisoft\Assassin's Creed Brotherhood\ACBMP.exe
FirewallRules: [{CC70BBA0-C5B4-49F4-A581-92E4050D179B}] => (Allow) C:\Program Files (x86)\Ubisoft\Assassin's Creed Brotherhood\AssassinsCreedBrotherhood.exe
FirewallRules: [{9046F95D-0AEC-4D54-9361-290D3334D581}] => (Allow) C:\Program Files (x86)\Ubisoft\Assassin's Creed Brotherhood\AssassinsCreedBrotherhood.exe
FirewallRules: [{26A947E9-EAEB-4C54-8E3C-3563B7D00AF6}] => (Allow) C:\Program Files (x86)\Ubisoft\Assassin's Creed Brotherhood\UPlayBrowser.exe
FirewallRules: [{CC5D7155-9C15-4B85-9F2F-CE8770AE69D1}] => (Allow) C:\Program Files (x86)\Ubisoft\Assassin's Creed Brotherhood\UPlayBrowser.exe
FirewallRules: [{E2369B94-626E-4CA9-8795-D78DA92C5CDE}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [TCP Query User{EF4C8EC2-122D-4AC4-842E-A7C7A5D8CD41}C:\program files (x86)\wb games\f.e.a.r. 3\f.e.a.r. 3.exe] => (Allow) C:\program files (x86)\wb games\f.e.a.r. 3\f.e.a.r. 3.exe
FirewallRules: [UDP Query User{91C48582-17BC-4A9C-8B5B-3A0D29B0D603}C:\program files (x86)\wb games\f.e.a.r. 3\f.e.a.r. 3.exe] => (Allow) C:\program files (x86)\wb games\f.e.a.r. 3\f.e.a.r. 3.exe
FirewallRules: [TCP Query User{DA33FE69-8CF5-4DFE-823E-36A2DE264C53}C:\users\chris\desktop\spiele\wow\launcher.exe] => (Allow) C:\users\chris\desktop\spiele\wow\launcher.exe
FirewallRules: [UDP Query User{CBF3A12B-F42B-49E7-B7AA-50B4A12C7F08}C:\users\chris\desktop\spiele\wow\launcher.exe] => (Allow) C:\users\chris\desktop\spiele\wow\launcher.exe
FirewallRules: [{938350AE-F655-49C6-9482-B9BF3E9C277C}] => (Allow) C:\Users\Chris\Desktop\Spiele\Wow\Launcher.patch.exe
FirewallRules: [{D9A91121-C51E-4F4F-AAB6-7FBD1ED6070B}] => (Allow) C:\Users\Chris\Desktop\Spiele\Wow\Launcher.patch.exe
FirewallRules: [TCP Query User{61C590A5-216E-4169-9D33-3DA589CDBCDF}C:\program files (x86)\google\google earth\client\googleearth.exe] => (Allow) C:\program files (x86)\google\google earth\client\googleearth.exe
FirewallRules: [UDP Query User{8061BC8B-5531-4B29-BEDC-329B85ACCAF5}C:\program files (x86)\google\google earth\client\googleearth.exe] => (Allow) C:\program files (x86)\google\google earth\client\googleearth.exe
FirewallRules: [TCP Query User{03834865-C07F-4CB5-AA9F-00858BDEA9C9}C:\users\chris\desktop\spiele\wow\launcher.exe] => (Allow) C:\users\chris\desktop\spiele\wow\launcher.exe
FirewallRules: [UDP Query User{22D81E9B-986D-4EC2-BC2B-26C270F7F5D3}C:\users\chris\desktop\spiele\wow\launcher.exe] => (Allow) C:\users\chris\desktop\spiele\wow\launcher.exe
FirewallRules: [{C0D21B98-9860-4828-9E99-8304B9221BF9}] => (Allow) C:\Users\Chris\Desktop\Spiele\Wow\Launcher.patch.exe
FirewallRules: [{671CE738-354A-4743-8113-BD0FDAADD086}] => (Allow) C:\Users\Chris\Desktop\Spiele\Wow\Launcher.patch.exe
FirewallRules: [TCP Query User{0A9F788A-2CA3-4F45-B9AF-77BB5866D12A}C:\program files (x86)\java\jre6\bin\java.exe] => (Block) C:\program files (x86)\java\jre6\bin\java.exe
FirewallRules: [UDP Query User{A7FEF886-F873-4726-8459-1E0B6DBE3947}C:\program files (x86)\java\jre6\bin\java.exe] => (Block) C:\program files (x86)\java\jre6\bin\java.exe
FirewallRules: [TCP Query User{37C24999-6283-4560-A8E4-41ACFEFA73CE}C:\program files (x86)\java\jre6\bin\javaw.exe] => (Block) C:\program files (x86)\java\jre6\bin\javaw.exe
FirewallRules: [UDP Query User{3CF6CC9B-2C3B-43C6-A3AF-057AEF0CF1CB}C:\program files (x86)\java\jre6\bin\javaw.exe] => (Block) C:\program files (x86)\java\jre6\bin\javaw.exe
FirewallRules: [TCP Query User{D94D513D-EB70-4F8F-9839-AD699FA54B5D}C:\program files (x86)\google\google earth\plugin\geplugin.exe] => (Block) C:\program files (x86)\google\google earth\plugin\geplugin.exe
FirewallRules: [UDP Query User{911E7192-0D9E-41FD-858B-D5D7CF2DD3BB}C:\program files (x86)\google\google earth\plugin\geplugin.exe] => (Block) C:\program files (x86)\google\google earth\plugin\geplugin.exe
FirewallRules: [TCP Query User{85621204-1848-40BE-9823-6EE0738FE700}C:\users\chris\downloads\downloader_diablo2_lord_of_destruction_engb.exe] => (Block) C:\users\chris\downloads\downloader_diablo2_lord_of_destruction_engb.exe
FirewallRules: [UDP Query User{C60E3B2B-1445-4CDB-8469-17929F21AE23}C:\users\chris\downloads\downloader_diablo2_lord_of_destruction_engb.exe] => (Block) C:\users\chris\downloads\downloader_diablo2_lord_of_destruction_engb.exe
FirewallRules: [TCP Query User{3E313BE9-0BEC-4036-995B-F1563CB2760C}C:\users\chris\downloads\downloader_diablo2_lord_of_destruction_engb (1).exe] => (Allow) C:\users\chris\downloads\downloader_diablo2_lord_of_destruction_engb (1).exe
FirewallRules: [UDP Query User{DCAFD08A-1CCE-4256-A8CA-D3F85770981B}C:\users\chris\downloads\downloader_diablo2_lord_of_destruction_engb (1).exe] => (Allow) C:\users\chris\downloads\downloader_diablo2_lord_of_destruction_engb (1).exe
FirewallRules: [TCP Query User{AAD8CBD3-49F8-4B5D-B4BA-1D07734D4239}F:\diablo ii\game.exe] => (Allow) F:\diablo ii\game.exe
FirewallRules: [UDP Query User{49603AB4-3952-400D-96A9-B16984B493EC}F:\diablo ii\game.exe] => (Allow) F:\diablo ii\game.exe
FirewallRules: [TCP Query User{6EC3BE09-82A3-4715-AD60-422767E19381}C:\program files (x86)\blizzard entertainment\diablo ii\game.exe] => (Allow) C:\program files (x86)\blizzard entertainment\diablo ii\game.exe
FirewallRules: [UDP Query User{082F30DA-10EC-4325-8D2D-34911A1EA396}C:\program files (x86)\blizzard entertainment\diablo ii\game.exe] => (Allow) C:\program files (x86)\blizzard entertainment\diablo ii\game.exe
FirewallRules: [TCP Query User{F2B36FC3-AF38-4CBE-8FCC-7EED5C63C4D3}F:\diablo ii\d2multiresgame.exe] => (Allow) F:\diablo ii\d2multiresgame.exe
FirewallRules: [UDP Query User{6AA971F1-21A2-4CC9-8AEC-6D9B9035DDD3}F:\diablo ii\d2multiresgame.exe] => (Allow) F:\diablo ii\d2multiresgame.exe
FirewallRules: [{C1F60963-7551-43C1-97F4-736D47BDDA5B}] => (Allow) C:\Program Files (x86)\uTorrent\uTorrent.exe
FirewallRules: [{78E10FB4-858E-432C-9916-3D8D3BFF6EFD}] => (Allow) C:\Program Files (x86)\uTorrent\uTorrent.exe
FirewallRules: [{C3756677-7F58-4F2F-954C-5104F2B2F1B6}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{A9910008-2D7F-42B9-8628-F3DEC79D5B2D}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{B53F8C12-AD44-4931-8493-448C7F9AA0CC}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\solabuz\counter-strike source\hl2.exe
FirewallRules: [{7E05BDA2-2118-4A3D-AE78-4D3E65844963}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\solabuz\counter-strike source\hl2.exe
FirewallRules: [{3C91BBD3-18DD-495A-9493-5F49CE7DE6B6}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{8AEBDB2C-B501-4ACA-9707-9F896424BFB7}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{A7C7666E-3D49-43D3-B8D6-10238F5E13F6}] => (Allow) C:\Users\Chris\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{35B26C9E-F1B9-4B0A-A8DD-607F036AE93D}] => (Allow) C:\Users\Chris\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{3D42BE37-B189-45AF-B6CA-70E03137EDB1}] => (Allow) C:\Windows\SysWOW64\muzapp.exe
FirewallRules: [{E19CC424-B29F-41C9-900B-BE110C4AC2A5}] => (Allow) C:\Windows\SysWOW64\muzapp.exe
FirewallRules: [{900809D7-2D29-4926-87A7-E86B6EC0F350}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{9EAE2B8C-A9F3-4117-8C9B-1AC75814B634}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{DFA07BDE-6D3C-453A-A819-21B1D2D7D65A}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{667EC46F-916D-4FEA-8BD6-07E6B7C5C455}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{0029DDB8-1793-4862-9A54-C5445DACA11B}] => (Allow) C:\Program Files (x86)\Electronic Arts\Battlefield Bad Company 2\BFBC2Updater.exe
FirewallRules: [{DD2FA091-7412-4C25-BC46-EB247C08C7AD}] => (Allow) C:\Program Files (x86)\Electronic Arts\Battlefield Bad Company 2\BFBC2Updater.exe
FirewallRules: [{EBEF02CE-ACE8-42EE-85DD-6AC72C18D034}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{9A6A6F48-CE84-422B-B68D-16ED18A8D210}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{842877C3-4148-4923-9CF2-50B31149697C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\QUBE Directors Cut\Binaries\Win32\QUBEGame.exe
FirewallRules: [{22C939D2-CFE3-42F8-BB17-E3A554399849}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\QUBE Directors Cut\Binaries\Win32\QUBEGame.exe
FirewallRules: [{78A632E1-2D67-415A-8EA9-891972777BFD}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{8F9D18DF-1D2E-4484-8BA2-766420ABC95F}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{A354DBCE-818B-4C83-B198-50606AEDBD39}] => (Allow) C:\ProgramData\IcyCarje\gigoamaw.exe
FirewallRules: [{9B81C1AE-63EE-40A6-88B1-669A0F8AC0BF}] => (Allow) C:\ProgramData\IcyCarje\gigoamaw.exe
FirewallRules: [{642863C7-3312-4857-A967-E22A63558B5E}] => (Allow) C:\ProgramData\IcyCarje\gigoamaw.exe
FirewallRules: [{983EA649-AD3B-447E-85A2-2AC5EEDB704C}] => (Allow) C:\ProgramData\IcyCarje\gigoamaw.exe
FirewallRules: [{450B613A-154C-4872-B0E1-7A1079E1BF6E}] => (Allow) C:\Users\Chris\AppData\Local\Chromium\Application\chrome.exe
FirewallRules: [{30A47891-BAFC-49EC-91D9-71094D253893}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{801051E1-F85E-4964-8A4D-A813FAD0C2AD}] => (Allow) C:\Users\Chris\AppData\Local\Temp\nsnBE63.tmp\Installer-10914722.exe
FirewallRules: [{5E58F522-FEFC-4606-A0C0-BE353C6DC05F}] => (Allow) C:\Users\Chris\AppData\Local\Temp\nsnBE63.tmp\Installer-10914722.exe
FirewallRules: [{1B882DC5-08C1-41D5-B3D5-908376AC06D5}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Fehlerhafte Geräte im Gerätemanager =============


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (08/31/2015 09:06:11 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 19469

Error: (08/31/2015 09:06:11 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 19469

Error: (08/31/2015 09:06:11 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (08/31/2015 09:06:10 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 18471

Error: (08/31/2015 09:06:10 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 18471

Error: (08/31/2015 09:06:10 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (08/31/2015 09:06:09 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 17441

Error: (08/31/2015 09:06:09 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 17441

Error: (08/31/2015 09:06:09 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (08/31/2015 09:06:08 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 16443


Systemfehler:
=============
Error: (09/01/2015 07:57:11 PM) (Source: Disk) (EventID: 11) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk2\DR2 gefunden.

Error: (09/01/2015 07:56:15 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "NVIDIA Update Service Daemon" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1069

Error: (09/01/2015 07:56:15 PM) (Source: Service Control Manager) (EventID: 7038) (User: )
Description: Der Dienst "nvUpdatusService" konnte sich nicht als ".\UpdatusUser" mit dem aktuellen Kennwort aufgrund des folgenden Fehlers anmelden: 
%%1330

Vergewissern Sie sich, dass der Dienst richtig konfiguriert ist im Dienste-Snap-In in der Microsoft Management Console (MMC).

Error: (09/01/2015 07:54:15 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalStart{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)

Error: (09/01/2015 07:53:20 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Delete Exit" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2

Error: (09/01/2015 07:53:17 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Saophase" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2

Error: (09/01/2015 07:53:13 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Cool Barcode" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2

Error: (09/01/2015 07:53:13 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Bar Topology" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2

Error: (09/01/2015 07:50:23 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Apple Mobile Device Service" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%109

Error: (09/01/2015 07:50:23 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Druckwarteschlange" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1069


Microsoft Office:
=========================
Error: (08/31/2015 09:06:11 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 19469

Error: (08/31/2015 09:06:11 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 19469

Error: (08/31/2015 09:06:11 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (08/31/2015 09:06:10 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 18471

Error: (08/31/2015 09:06:10 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 18471

Error: (08/31/2015 09:06:10 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (08/31/2015 09:06:09 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 17441

Error: (08/31/2015 09:06:09 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 17441

Error: (08/31/2015 09:06:09 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (08/31/2015 09:06:08 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 16443


==================== Speicherinformationen =========================== 

Prozessor: Intel(R) Core(TM)2 Quad CPU Q9300 @ 2.50GHz
Prozentuale Nutzung des RAM: 60%
Installierter physikalischer RAM: 4094.49 MB
Verfügbarer physikalischer RAM: 1605.05 MB
Summe virtueller Speicher: 8187.19 MB
Verfügbarer virtueller Speicher: 5336.61 MB

==================== Laufwerke ================================

Drive c: () (Fixed) (Total:465.75 GB) (Free:231.94 GB) NTFS ==>[Laufwerk mit Startkomponenten (eingeholt von BCD)]
Drive d: (Volume) (Fixed) (Total:931.51 GB) (Free:790.46 GB) NTFS
Drive h: (Christenhofer) (Fixed) (Total:2794.22 GB) (Free:266.19 GB) NTFS

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 776F1B64)
Partition 1: (Active) - (Size=465.8 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (Size: 931.5 GB) (Disk ID: 14124528)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)
Attempted reading MBR returned 0 bytes.
 Could not read MBR for disk 2.

==================== Ende von Addition.txt ============================

cosinus · 02.09.2015, 09:14

Dann bitte jetzt Combofix ausführen:

Scan mit Combofix

WARNUNG an die MITLESER:
Combofix sollte ausschließlich ausgeführt werden, wenn dies von einem Teammitglied angewiesen wurde!

Downloade dir bitte Combofix vom folgenden Downloadspiegel: Link

WICHTIG: Speichere Combofix auf deinem Desktop.

Deaktiviere bitte alle deine Antivirensoftware sowie Malware/Spyware Scanner. Diese können Combofix bei der Arbeit stören. Combofix meckert auch manchmal trotzdem noch, das kannst du dann ignorieren, mir aber bitte mitteilen.

Starte die Combofix.exe und folge den Anweisungen auf dem Bildschirm.

Während Combofix läuft bitte nicht am Computer arbeiten, die Maus bewegen oder ins Combofixfenster klicken!

Wenn Combofix fertig ist, wird es ein Logfile erstellen.

Bitte poste die C:\Combofix.txt in deiner nächsten Antwort (möglichst in CODE-Tags).

Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten
Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.
starte den Rechner einfach neu. Dies sollte das Problem beheben.

christenhove · 02.09.2015, 10:25

Okay, hab ich gemacht. Komischerweise reagiert jetzt nach dem Scan das Mausrad nicht mehr. Und er hat gemeckert wegen MS Essentials, obwohl ich den Prozess beendet habe.
Hier die log.txt

Code:

ATTFilter

Combofix Logfile:

	Code: 

 ATTFilter

  
	ComboFix 15-09-01.01 - Chris 02.09.2015  10:54:53.1.4 - x64
Microsoft Windows 7 Ultimate   6.1.7601.1.1252.49.1031.18.4094.1678 [GMT 2:00]
ausgeführt von:: c:\users\Chris\Downloads\ComboFix.exe
AV: Microsoft Security Essentials *Enabled/Updated* {B7ECF8CD-0188-6703-DBA4-AA65C6ACFB0A}
SP: Microsoft Security Essentials *Enabled/Updated* {0C8D1929-27B2-688D-E114-9117BD2BB1B7}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((   Weitere Löschungen   ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
C:\Install.exe
c:\programdata\374311380
c:\users\Chris\AppData\Local\Nimline.exe
c:\windows\IsUn0407.exe
c:\windows\msdownld.tmp
.
.
(((((((((((((((((((((((((((((((((((((((   Treiber/Dienste   )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Service_updayeline
.
.
(((((((((((((((((((((((   Dateien erstellt von 2015-08-02 bis 2015-09-02  ))))))))))))))))))))))))))))))
.
.
2015-09-02 09:11 . 2015-09-02 09:11	75888	----a-w-	c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{3BF1481B-455C-4053-9883-1F8C75FBB593}\offreg.904.dll
2015-09-01 19:58 . 2015-09-01 20:01	--------	d-----w-	C:\FRST
2015-09-01 18:23 . 2015-09-02 09:10	--------	d-----w-	c:\programdata\Saophase
2015-09-01 18:23 . 2015-09-01 18:23	4241742	----a-w-	c:\program files\Common Files\fapihsdd.exe
2015-09-01 18:04 . 2015-09-01 18:04	--------	d-----w-	c:\program files\Common Files\3ecvmapm
2015-09-01 15:12 . 2015-09-01 15:12	4241742	----a-w-	c:\program files\Common Files\0pzeiztr.exe
2015-09-01 14:57 . 2015-09-01 14:57	--------	d-----w-	c:\program files\Common Files\535fla3w
2015-09-01 13:47 . 2015-09-01 17:49	--------	d-----w-	C:\AdwCleaner
2015-09-01 13:33 . 2015-07-31 09:21	11745192	----a-w-	c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{3BF1481B-455C-4053-9883-1F8C75FBB593}\mpengine.dll
2015-08-30 10:57 . 2015-07-02 14:42	1190000	----a-w-	c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{205C9CC8-CD53-444C-92D2-9FD108CF7AAE}\gapaengine.dll
2015-08-30 10:49 . 2015-07-31 09:21	11745192	----a-w-	c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2015-08-28 09:59 . 2015-08-28 10:01	--------	d-----w-	c:\users\Chris\AppData\Roaming\TrueCrypt
2015-08-28 09:58 . 2015-08-28 10:02	230840	----a-w-	c:\windows\system32\drivers\truecrypt.sys
2015-08-27 18:45 . 2015-08-27 18:45	--------	d-----w-	c:\users\Chris\AppData\Local\Mega Limited
2015-08-27 18:37 . 2015-08-27 18:37	--------	d-----w-	c:\users\Chris\AppData\Roaming\TaiG
2015-08-27 17:10 . 2015-08-27 17:09	159744	----a-w-	c:\program files\Internet Explorer\Plugins\npqtplugin5.dll
2015-08-27 17:10 . 2015-08-27 17:09	159744	----a-w-	c:\program files\Internet Explorer\Plugins\npqtplugin4.dll
2015-08-27 17:10 . 2015-08-27 17:09	159744	----a-w-	c:\program files\Internet Explorer\Plugins\npqtplugin3.dll
2015-08-27 17:10 . 2015-08-27 17:09	159744	----a-w-	c:\program files\Internet Explorer\Plugins\npqtplugin2.dll
2015-08-27 17:10 . 2015-08-27 17:09	159744	----a-w-	c:\program files\Internet Explorer\Plugins\npqtplugin.dll
2015-08-27 17:09 . 2015-08-27 17:09	--------	d-----w-	c:\program files (x86)\QuickTime
2015-08-27 16:59 . 2015-08-27 16:59	--------	d-----w-	c:\program files\iPod
2015-08-27 16:59 . 2015-08-27 17:03	--------	d-----w-	c:\program files\iTunes
2015-08-27 16:10 . 2015-08-27 16:10	--------	d-----w-	c:\users\Chris\AppData\Local\ElevatedDiagnostics
2015-08-27 14:38 . 2015-08-28 08:41	--------	d-----w-	c:\programdata\WWinManProW
2015-08-27 14:35 . 2015-08-27 14:47	--------	d-----w-	c:\programdata\IcyCarje
2015-08-26 16:00 . 2015-09-01 20:54	--------	d-----w-	c:\users\Chris\AppData\Roaming\Nitro PDF
2015-08-26 16:00 . 2015-08-26 16:00	--------	d-----w-	c:\users\Chris\AppData\Roaming\Nitro
2015-08-26 16:00 . 2015-08-26 16:00	--------	d-----w-	c:\users\Chris\AppData\Roaming\FileOpen
2015-08-26 16:00 . 2015-08-26 16:00	--------	d-----w-	c:\programdata\FileOpen
2015-08-26 15:55 . 2013-07-26 04:57	29712	----a-w-	c:\windows\system32\nitrolocalmon2.dll
2015-08-26 15:55 . 2013-07-26 04:57	17936	----a-w-	c:\windows\system32\nitrolocalui2.dll
2015-08-26 15:54 . 2015-08-26 15:54	--------	d-----w-	c:\program files\Common Files\Nitro
2015-08-26 15:53 . 2015-08-26 15:53	--------	d-----w-	c:\program files (x86)\Nitro
2015-08-26 15:53 . 2015-08-26 15:53	--------	d-----w-	c:\program files (x86)\Common Files\Nitro
2015-08-26 15:53 . 2015-08-26 15:53	--------	d-----w-	c:\programdata\Nitro
2015-08-26 15:51 . 2015-08-26 15:51	--------	d-----w-	c:\users\Chris\AppData\Roaming\Downloaded Installations
2015-08-19 21:11 . 2015-08-11 01:20	25191936	----a-w-	c:\windows\system32\mshtml.dll
2015-08-19 21:11 . 2015-08-11 01:14	2724864	----a-w-	c:\windows\system32\mshtml.tlb
2015-08-19 21:11 . 2015-08-11 00:33	2724864	----a-w-	c:\windows\SysWow64\mshtml.tlb
2015-08-17 17:34 . 2015-08-17 17:34	--------	d-----w-	c:\users\Chris\AppData\Local\TuneUp Software
2015-08-17 17:28 . 2015-08-17 17:29	--------	d-----w-	c:\program files (x86)\FreeCodecPack
2015-08-17 17:28 . 2015-08-17 17:29	--------	d-----w-	c:\program files (x86)\DVDVideoSoft
2015-08-17 17:28 . 2015-08-17 17:29	--------	d-----w-	c:\program files (x86)\Common Files\DVDVideoSoft
2015-08-17 16:35 . 2015-08-17 16:35	--------	d-----w-	c:\users\Chris\AppData\Local\TransMac
2015-08-17 16:34 . 2015-08-17 16:35	--------	d-----w-	c:\program files (x86)\TransMac
2015-08-17 14:27 . 2015-08-17 14:27	--------	d-----w-	c:\users\Chris\AppData\Local\CEF
2015-08-14 20:47 . 2015-07-30 13:13	103120	----a-w-	c:\windows\SysWow64\PresentationCFFRasterizerNative_v0300.dll
2015-08-14 20:47 . 2015-07-30 13:13	124624	----a-w-	c:\windows\system32\PresentationCFFRasterizerNative_v0300.dll
2015-08-14 20:37 . 2015-07-28 20:05	774656	----a-w-	c:\windows\system32\invagent.dll
2015-08-14 20:36 . 2015-07-10 17:51	3722752	----a-w-	c:\windows\system32\mstscax.dll
2015-08-14 20:36 . 2015-07-10 17:34	3221504	----a-w-	c:\windows\SysWow64\mstscax.dll
2015-08-14 20:36 . 2015-07-10 17:51	44032	----a-w-	c:\windows\system32\tsgqec.dll
2015-08-14 20:36 . 2015-07-10 17:51	158720	----a-w-	c:\windows\system32\aaclient.dll
2015-08-14 20:36 . 2015-07-10 17:34	36864	----a-w-	c:\windows\SysWow64\tsgqec.dll
2015-08-14 20:36 . 2015-07-10 17:33	131584	----a-w-	c:\windows\SysWow64\aaclient.dll
2015-08-14 20:36 . 2015-07-15 03:19	52736	----a-w-	c:\windows\system32\basesrv.dll
2015-08-14 20:29 . 2015-07-09 17:57	193536	----a-w-	c:\windows\system32\notepad.exe
2015-08-10 21:16 . 2015-06-02 00:07	254976	----a-w-	c:\windows\system32\cewmdm.dll
2015-08-10 21:16 . 2015-06-01 23:47	210432	----a-w-	c:\windows\SysWow64\cewmdm.dll
2015-08-10 21:15 . 2015-06-17 17:47	404992	----a-w-	c:\windows\system32\gdi32.dll
2015-08-10 21:15 . 2015-06-17 17:37	312320	----a-w-	c:\windows\SysWow64\gdi32.dll
2015-08-06 09:43 . 2015-08-06 09:43	94208	----a-w-	c:\windows\SysWow64\QuickTimeVR.qtx
2015-08-06 09:43 . 2015-08-06 09:43	69632	----a-w-	c:\windows\SysWow64\QuickTime.qts
.
.
.
((((((((((((((((((((((((((((((((((((   Find3M Bericht   ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2015-08-15 12:20 . 2012-05-07 11:55	778440	----a-w-	c:\windows\SysWow64\FlashPlayerApp.exe
2015-08-15 12:20 . 2011-05-28 12:33	142536	----a-w-	c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2015-08-03 10:12 . 2012-02-17 12:38	33856	---ha-w-	c:\windows\system32\hamachi.sys
2015-07-28 08:59 . 2011-07-20 08:27	132483416	----a-w-	c:\windows\system32\MRT.exe
2015-07-15 17:54 . 2015-08-14 20:37	44032	----a-w-	c:\windows\apppatch\acwow64.dll
2015-07-05 10:08 . 2011-05-28 12:44	300704	------w-	c:\windows\system32\MpSigStub.exe
2015-07-02 14:42 . 2011-08-11 14:16	1190000	----a-w-	c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\NISBackup\gapaengine.dll
2015-06-10 21:08 . 2015-06-10 21:08	6112072	----a-w-	c:\windows\system32\usbaaplrc.dll
2015-06-10 21:08 . 2015-06-10 21:08	54784	----a-w-	c:\windows\system32\drivers\usbaapl64.sys
.
.
((((((((((((((((((((((((((((   Autostartpunkte der Registrierung   ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. 
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2015-08-05 22:53	189464	----a-w-	c:\users\Chris\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2015-08-05 22:53	189464	----a-w-	c:\users\Chris\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2015-08-05 22:53	189464	----a-w-	c:\users\Chris\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"OscarEditor"="c:\program files (x86)\MOUSE Editor\MouseEditor.exe" [2010-07-22 2624512]
"DAEMON Tools Lite"="c:\program files (x86)\DAEMON Tools Lite\DTLite.exe" [2011-11-10 3514176]
"Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2014-12-11 30877280]
"Dropbox Update"="c:\users\Chris\AppData\Local\Dropbox\Update\DropboxUpdate.exe" [2015-06-20 134512]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"ControlCenter3"="c:\program files (x86)\Brother\ControlCenter3\brctrcen.exe" [2008-12-24 114688]
"BrStsMon00"="c:\program files (x86)\Browny02\Brother\BrStMonW.exe" [2010-02-09 2621440]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2015-05-15 60712]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2014-07-25 256896]
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2015-08-06 421888]
.
c:\users\Chris\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Dropbox.lnk - c:\users\Chris\AppData\Roaming\Dropbox\bin\Dropbox.exe /systemstartup [2015-6-20 39179912]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
"AppInit_DLLs"=c:\programdata\Saophase\Lot-Top.dll
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
R1 grjldxdn;grjldxdn;c:\windows\system32\drivers\grjldxdn.sys;c:\windows\SYSNATIVE\drivers\grjldxdn.sys [x]
R1 iixvqrdn;iixvqrdn;c:\windows\system32\drivers\iixvqrdn.sys;c:\windows\SYSNATIVE\drivers\iixvqrdn.sys [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 deribego;Bar Topology;c:\program files (x86)\00000000-1440686185-0000-0000-1C6F6543CAC5\knsq4CAB.tmpfs;c:\program files (x86)\00000000-1440686185-0000-0000-1C6F6543CAC5\knsq4CAB.tmpfs [x]
R2 jimocoso;Cool Barcode;c:\program files (x86)\00000000-1440686185-0000-0000-1C6F6543CAC5\jnsf83E6.tmp;c:\program files (x86)\00000000-1440686185-0000-0000-1C6F6543CAC5\jnsf83E6.tmp [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R2 totyseku;Delete Exit;c:\program files (x86)\00000000-1440686185-0000-0000-1C6F6543CAC5\hnsq9D71.tmp;c:\program files (x86)\00000000-1440686185-0000-0000-1C6F6543CAC5\hnsq9D71.tmp [x]
R3 BrYNSvc;BrYNSvc;c:\program files (x86)\Browny02\BrYNSvc.exe;c:\program files (x86)\Browny02\BrYNSvc.exe [x]
R3 bulkadi;Razer Megalodon DFU;c:\windows\system32\DRIVERS\bulkrazer_x64.sys;c:\windows\SYSNATIVE\DRIVERS\bulkrazer_x64.sys [x]
R3 HTCAND64;HTC Device Driver;c:\windows\system32\Drivers\ANDROIDUSB.sys;c:\windows\SYSNATIVE\Drivers\ANDROIDUSB.sys [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 LGVirHid;Logitech Gamepanel Virtual HID Device Driver;c:\windows\system32\drivers\LGVirHid.sys;c:\windows\SYSNATIVE\drivers\LGVirHid.sys [x]
R3 Netaapl;Apple Mobile Device Ethernet Service;c:\windows\system32\DRIVERS\netaapl64.sys;c:\windows\SYSNATIVE\DRIVERS\netaapl64.sys [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys;c:\windows\SYSNATIVE\drivers\synth3dvsc.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys;c:\windows\SYSNATIVE\drivers\tsusbhub.sys [x]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys;c:\windows\SYSNATIVE\Drivers\usbaapl64.sys [x]
R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys;c:\windows\SYSNATIVE\drivers\rdvgkmd.sys [x]
R3 ZDCNDIS6a64;ZDCNDIS Protocol Driver;c:\windows\system32\ZDCNDIS6a64.sys;c:\windows\SYSNATIVE\ZDCNDIS6a64.sys [x]
R3 ZY202_VS;Deutsche Telekom 802.11g 1211 Driver;c:\windows\system32\DRIVERS\WlanGZG.sys;c:\windows\SYSNATIVE\DRIVERS\WlanGZG.sys [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys;c:\windows\SYSNATIVE\DRIVERS\dtsoftbus01.sys [x]
S2 Apple Mobile Device Service;Apple Mobile Device Service;c:\program files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe;c:\program files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [x]
S2 DiagTrack;Diagnostics Tracking Service;c:\windows\System32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x]
S2 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys;c:\windows\SYSNATIVE\DRIVERS\NisDrvWFP.sys [x]
S2 NitroReaderDriverReadSpool3;NitroPDFReaderDriverCreatorReadSpool3;c:\program files\Common Files\Nitro\Reader\3.0\NitroPDFReaderDriverService3x64.exe;c:\program files\Common Files\Nitro\Reader\3.0\NitroPDFReaderDriverService3x64.exe [x]
S2 Saophase;Saophase;c:\programdata\Saophase\Saophase.exe;c:\programdata\Saophase\Saophase.exe [x]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [x]
S3 LGBusEnum;Logitech GamePanel Virtual Bus Enumerator Driver;c:\windows\system32\drivers\LGBusEnum.sys;c:\windows\SYSNATIVE\drivers\LGBusEnum.sys [x]
S3 NisSrv;Microsoft-Netzwerkinspektion;c:\program files\Microsoft Security Client\NisSrv.exe;c:\program files\Microsoft Security Client\NisSrv.exe [x]
S3 RTL8167;Realtek 8167 NT-Treiber;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
S3 ScreamBAudioSvc;ScreamBee Audio;c:\windows\system32\drivers\ScreamingBAudio64.sys;c:\windows\SYSNATIVE\drivers\ScreamingBAudio64.sys [x]
.
.
--- Andere Dienste/Treiber im Speicher ---
.
*NewlyCreated* - WS2IFSL
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2015-08-31 18:47	993608	----a-w-	c:\program files (x86)\Google\Chrome\Application\44.0.2403.157\Installer\chrmstp.exe
.
Inhalt des "geplante Tasks" Ordners
.
2015-09-02 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-05-07 12:20]
.
2015-09-02 c:\windows\Tasks\DropboxUpdateTaskUserS-1-5-21-892971799-3770444226-59494271-1000Core.job
- c:\users\Chris\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-20 16:38]
.
2015-09-02 c:\windows\Tasks\DropboxUpdateTaskUserS-1-5-21-892971799-3770444226-59494271-1000UA.job
- c:\users\Chris\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-20 16:38]
.
2015-09-02 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-06-21 13:39]
.
2015-09-02 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-06-21 13:39]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2015-08-05 22:53	226328	----a-w-	c:\users\Chris\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2015-08-05 22:53	226328	----a-w-	c:\users\Chris\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2015-08-05 22:53	226328	----a-w-	c:\users\Chris\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2015-08-05 22:53	226328	----a-w-	c:\users\Chris\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Launch LgDeviceAgent"="c:\program files\Logitech\GamePanel Software\LgDevAgt.exe" [2010-08-03 415816]
"Launch LCDMon"="c:\program files\Logitech\GamePanel Software\LCD Manager\LCDMon.exe" [2010-08-03 2412616]
"Launch LGDCore"="c:\program files\Logitech\GamePanel Software\G-series Software\LGDCore.exe" [2010-08-03 4725320]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2015-04-29 1337000]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2015-08-13 170256]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=c:\programdata\Saophase\Y-find.dll
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://%66%65%65%64.%73%6E%61%70%64%6F.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBUTxkij9_ByvzhEb-M2ds_L6qBDh2Fh6O4_pgTlWoSPUEpgbk0G26utLRWsKf0eq6DY-A_xS5Ig3-ri8KlAx9_YSu0aexcnLStR30DrVrRI2FnD4TRxqWjSRCnl25wbaxoLV3N-tVZXRC0jhJRVEgbU7A-8b3hEGPsHXKw
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: Free YouTube Download - c:\users\Chris\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubedownload.htm
IE: Nach Microsoft &Excel exportieren - c:\progra~2\MICROS~3\OFFICE11\EXCEL.EXE/3000
TCP: DhcpNameServer = 192.168.2.1 192.168.2.1
FF - ProfilePath - c:\users\Chris\AppData\Roaming\Mozilla\Firefox\Profiles\txq8f1mc.default\
FF - prefs.js: browser.search.selectedEngine - Yahoo!
FF - prefs.js: browser.startup.homepage - about:home
FF - prefs.js: keyword.URL - hxxps://de.search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&ilc=12&type=926458&p=
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
BHO-{c840e246-6b95-475e-9bd7-caa1c7eca9f2} - c:\program files (x86)\uTorrentBar_DE\prxtbuTor.dll
Toolbar-{c840e246-6b95-475e-9bd7-caa1c7eca9f2} - c:\program files (x86)\uTorrentBar_DE\prxtbuTor.dll
Toolbar-10 - (no file)
ShellIconOverlayIdentifiers-{056D528D-CE28-4194-9BA3-BA2E9197FF8C} - c:\users\Chris\AppData\Local\MEGAsync\ShellExtX32.dll
ShellIconOverlayIdentifiers-{05B38830-F4E9-4329-978B-1DD28605D202} - c:\users\Chris\AppData\Local\MEGAsync\ShellExtX32.dll
ShellIconOverlayIdentifiers-{0596C850-7BDD-4C9D-AFDF-873BE6890637} - c:\users\Chris\AppData\Local\MEGAsync\ShellExtX32.dll
HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
Toolbar-10 - (no file)
ShellIconOverlayIdentifiers-{056D528D-CE28-4194-9BA3-BA2E9197FF8C} - c:\users\Chris\AppData\Local\MEGAsync\ShellExtX64.dll
ShellIconOverlayIdentifiers-{05B38830-F4E9-4329-978B-1DD28605D202} - c:\users\Chris\AppData\Local\MEGAsync\ShellExtX64.dll
ShellIconOverlayIdentifiers-{0596C850-7BDD-4C9D-AFDF-873BE6890637} - c:\users\Chris\AppData\Local\MEGAsync\ShellExtX64.dll
AddRemove-Assassins Creed IV Black Flag Digital Deluxe Edition MULTI-5 1.01 - c:\program files (x86)\Assassins Creed IV Black Flag Digital Deluxe Edition\Uninstall.exe
AddRemove-Uninstall_is1 - c:\program files (x86)\Common Files\DVDVideoSoft\unins000.exe
AddRemove-{5A0C0737-6AFE-4DC6-A8B4-6DFE509ACD75}_is1 - c:\users\Chris\AppData\Roaming\Mozilla\Firefox\Profiles\txq8f1mc.default\extensions\cliqz@cliqz.com\unins000.exe
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\deribego]
"ImagePath"="c:\program files (x86)\00000000-1440686185-0000-0000-1C6F6543CAC5\knsq4CAB.tmpfs"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\jimocoso]
"ImagePath"="c:\program files (x86)\00000000-1440686185-0000-0000-1C6F6543CAC5\jnsf83E6.tmp"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\totyseku]
"ImagePath"="c:\program files (x86)\00000000-1440686185-0000-0000-1C6F6543CAC5\hnsq9D71.tmp"
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_USERS\S-1-5-21-892971799-3770444226-59494271-1000\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{45A212A7-85D3-5F2B-A48C-57CD2293BAA7}*]
"papbhnipfchlfeebcjahlkgmmfedleoe"=hex:6a,61,67,6e,67,64,65,68,6f,67,62,6f,6a,
   62,67,63,69,6e,70,63,00,00
"oajbnppnfolejehhegjdcinhkigook"=hex:6a,61,64,6e,6d,62,70,61,70,67,61,61,65,6b,
   6a,65,70,66,68,6f,00,00
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_18_0_0_232_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_18_0_0_232_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_18_0_0_232_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_18_0_0_232_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_18_0_0_232.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.18"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_18_0_0_232.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_18_0_0_232.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_18_0_0_232.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Weitere laufende Prozesse ------------------------
.
c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\windows\SysWOW64\PnkBstrA.exe
c:\program files (x86)\Windows Media Player\wmplayer.exe
.
**************************************************************************
.
Zeit der Fertigstellung: 2015-09-02  11:19:22 - PC wurde neu gestartet
ComboFix-quarantined-files.txt  2015-09-02 09:19
.
Vor Suchlauf: 12 Verzeichnis(se), 242.216.509.440 Bytes frei
Nach Suchlauf: 19 Verzeichnis(se), 242.996.219.904 Bytes frei
.
- - End Of File - - 08F769315EC26B2FDDBC35AB1D96690F
         
 --- --- ---
A36C5E4F47E84449FF07ED3517B43A31

cosinus · 02.09.2015, 10:31

Adware/Junkware/Toolbars entfernen

1. Schritt: Malwarebytes

Downloade Dir bitte

Malwarebytes Anti-Malware

Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
Starte Malwarebytes' Anti-Malware (MBAM).
Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.

(alte Versionen von adwCleaner und falls vorhanden JRT vorher löschen, danach neu runterladen auf den Desktop!)

2. Schritt: adwCleaner

Downloade Dir bitte

AdwCleaner auf deinen Desktop.

Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
Starte die AdwCleaner.exe mit einem Doppelklick.
Stimme den Nutzungsbedingungen zu.
Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
- "Tracing" Schlüssel löschen
- Winsock Einstellungen zurücksetzen
- Proxy Einstellungen zurücksetzen
- Internet Explorer Richtlinien zurücksetzen
- Chrome Richtlinien zurücksetzen
- Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

3. Schritt: JRT - Junkware Removal Tool

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
Drücke eine beliebige Taste, um das Tool zu starten.
Je nach System kann der Scan eine Weile dauern.
Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.

4. Schritt: Frisches Log mit FRST

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:

FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)

Starte jetzt FRST.
Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

christenhove · 02.09.2015, 14:09

Okay, nochmals danke.
Die Datei Junkware Removal Tool ist offensichtlich offline...

Aber hier die anderen Logs:

mbam.txt

Code:

ATTFilter

 Malwarebytes Anti-Malware 
www.malwarebytes.org

Suchlaufdatum: 02.09.2015
Suchlaufzeit: 12:15
Protokolldatei: mbam.txt
Administrator: Ja

Version: 2.1.8.1057
Malware-Datenbank: v2015.09.02.03
Rootkit-Datenbank: v2015.08.16.01
Lizenz: Testversion
Malware-Schutz: Aktiviert
Schutz vor bösartigen Websites: Aktiviert
Selbstschutz: Deaktiviert

Betriebssystem: Windows 7 Service Pack 1
CPU: x64
Dateisystem: NTFS
Benutzer: Chris

Suchlauftyp: Bedrohungssuchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 453402
Abgelaufene Zeit: 42 Min., 11 Sek.

Speicher: Aktiviert
Start: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristik: Aktiviert
PUP: Aktiviert
PUM: Aktiviert

Prozesse: 1
PUP.Optional.Linkury, C:\ProgramData\Saophase\Saophase.exe, 1732, Löschen bei Neustart, [ec2faf7c1b70b77f47aae4b4b3518a76]

Module: 1
PUP.Optional.Linkury, C:\ProgramData\Saophase\Lot-Top.dll, Löschen bei Neustart, [4ccf30fb6e1d59ddd402b05dfa09ec14], 

Registrierungsschlüssel: 23
PUP.Optional.uTorrentBar, HKLM\SOFTWARE\WOW6432NODE\uTorrentBar_DE, In Quarantäne, [9982fe2d6328e452ede9d9dedd27d927], 
PUP.Optional.Lyrics, HKLM\SOFTWARE\WOW6432NODE\GOOGLE\CHROME\EXTENSIONS\epojlgbehpaeekopencdagbdamnkppci, In Quarantäne, [ea31e54617742511674feeabe321af51], 
PUP.Optional.ConduitTB.Gen, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{515564C8-63B3-4742-91B5-B504CFD3FDF2}, In Quarantäne, [9d7e2ffc1c6f39fd0707e3a0e51f718f], 
PUP.Optional.Bandoo, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{6F36BCC0-9946-4985-AC84-1944D285A500}, In Quarantäne, [e833ab8092f91b1bcb1f3b3f41c3c53b], 
PUP.Optional.Linkury.ShrtCln, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\IELNKSRCH, In Quarantäne, [c15a0526acdf60d670efb9b8ad57db25], 
PUP.Optional.MultiPlug, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\DERIBEGO, In Quarantäne, [cc4f9299e4a76fc742b3b9e6b351af51], 
PUP.Optional.MultiPlug, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\JIMOCOSO, In Quarantäne, [ff1ce645dab13afcb73ee3bc739116ea], 
PUP.Optional.MultiPlug, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\TOTYSEKU, In Quarantäne, [9982d556216a9a9c1ed7aef140c41de3], 
PUP.Optional.Linkury, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SAOPHASE, In Quarantäne, [ec2faf7c1b70b77f47aae4b4b3518a76], 
PUP.Optional.SuperOptimizer, HKU\S-1-5-19\SOFTWARE\APPDATALOW\{1146AC44-2F03-4431-B4FD-889BC837521F}, In Quarantäne, [3cdfd5562b607abcb40f4a68b05446ba], 
PUP.Optional.SuperOptimizer, HKU\S-1-5-20\SOFTWARE\APPDATALOW\{1146AC44-2F03-4431-B4FD-889BC837521F}, In Quarantäne, [4fcc5ad1ef9cad898241fbb7996b728e], 
PUP.Optional.uTorrentBar, HKU\S-1-5-21-892971799-3770444226-59494271-1000\SOFTWARE\APPDATALOW\SOFTWARE\uTorrentBar_DE, In Quarantäne, [dc3f44e7c3c81c1a8d47496ee420ff01], 
PUP.Optional.DealPly, HKU\S-1-5-21-892971799-3770444226-59494271-1000\SOFTWARE\GOOGLE\CHROME\EXTENSIONS\gaiilaahiahdejapggenmdmafpmbipje, In Quarantäne, [f12a92998cffe35363106d1b2adae51b], 
PUP.Optional.Linkury.ShrtCln, HKU\S-1-5-21-892971799-3770444226-59494271-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{IELNKSRCH}, In Quarantäne, [fc1f08231c6f2313e3be56cbde25867a], 
PUP.Optional.Spigot, HKU\S-1-5-21-892971799-3770444226-59494271-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{71C42EAB-123B-4E0C-8321-BBE86E737CC1}, In Quarantäne, [ff1c8e9df5969c9a18fe525f58ac4cb4], 
PUP.Optional.OutBrowse, HKU\S-1-5-21-892971799-3770444226-59494271-1000\SOFTWARE\OB, In Quarantäne, [ae6d0d1e8704b284da50475c38cc41bf], 
PUP.Optional.DealPly, HKU\S-1-5-21-892971799-3770444226-59494271-1000\SOFTWARE\WOW6432NODE\GOOGLE\CHROME\EXTENSIONS\gaiilaahiahdejapggenmdmafpmbipje, In Quarantäne, [74a781aa07843ff7fa79f593be4629d7], 
PUP.Optional.DataMngr, HKU\S-1-5-21-892971799-3770444226-59494271-1001\SOFTWARE\Datamngr, In Quarantäne, [28f382a9a1eadc5a57c791f753b10bf5], 
PUP.Optional.SerachQU, HKU\S-1-5-21-892971799-3770444226-59494271-1001\SOFTWARE\APPDATALOW\SOFTWARE\searchqutoolbar, In Quarantäne, [4ccff9322269a2946c0ff0bd13f151af], 
PUP.Optional.uTorrentBar, HKU\S-1-5-21-892971799-3770444226-59494271-1001\SOFTWARE\APPDATALOW\SOFTWARE\uTorrentBar_DE, In Quarantäne, [eb30dc4ff09bcb6b4b89ffb8f212857b], 
PUP.Optional.DataMngr, HKU\S-1-5-21-892971799-3770444226-59494271-1002\SOFTWARE\Datamngr, In Quarantäne, [d843ce5de5a600362ef099ef20e44ab6], 
PUP.Optional.SerachQU, HKU\S-1-5-21-892971799-3770444226-59494271-1002\SOFTWARE\APPDATALOW\SOFTWARE\searchqutoolbar, In Quarantäne, [56c5d85397f460d6e09b733acc3812ee], 
PUP.Optional.uTorrentBar, HKU\S-1-5-21-892971799-3770444226-59494271-1002\SOFTWARE\APPDATALOW\SOFTWARE\uTorrentBar_DE, In Quarantäne, [1efd5dced6b53bfb647017a0f70d54ac], 

Registrierungswerte: 22
PUP.Optional.ConduitTB.Gen, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{515564C8-63B3-4742-91B5-B504CFD3FDF2}|AppPath, C:\Users\Chris\AppData\Local\Conduit\CT2851647, In Quarantäne, [9d7e2ffc1c6f39fd0707e3a0e51f718f]
PUP.Optional.Bandoo, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{6F36BCC0-9946-4985-AC84-1944D285A500}|AppPath, C:\PROGRA~2\SEARCH~1\Datamngr\ToolBar, In Quarantäne, [e833ab8092f91b1bcb1f3b3f41c3c53b]
PUP.Optional.Linkury.ShrtCln, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\ielnksrch|DisplayName, Search the web, In Quarantäne, [c15a0526acdf60d670efb9b8ad57db25]
PUP.Optional.Linkury.ShrtCln, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\ielnksrch|URL, hxxp://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBUTxkij9_ByvzhEb-M2ds_L6qBDh2Fh6O4_pgTlWoSPUEpgbk0G26utLRWsKf0eq6DY-A_xS5Ig3-ri8KlAx9_YSd4Vt3gCNKs2-Fj4iOnGFgSrP4n-JrHkTRJz_CI2Nc9Fczz9Uxt9OQ34ex6MOkrtKbjRcsqZMXGEw1s&q={searchTerms}, In Quarantäne, [ba61e5464d3e49ed6bf5ee83f50f27d9]
PUP.Optional.Linkury.ShrtCln, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCHURL|Default, hxxp://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBUTxkij9_ByvzhEb-M2ds_L6qBDh2Fh6O4_pgTlWoSPUEpgbk0G26utLRWsKf0eq6DY-A_xS5Ig3-ri8KlAx9_YSd4Vt3gCNKs2-Fj4iOnGFgSrP4n-JrHkTRJz_CI2Nc9Fczz9Uxt9OQ34ex6MOkrtKbjRcsqZMXGEw1s&q={searchTerms}, In Quarantäne, [3fdc17143f4cde58ca976f02976dcb35]
PUP.Optional.MultiPlug, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\deribego|ImagePath, C:\Program Files (x86)\00000000-1440686185-0000-0000-1C6F6543CAC5\knsq4CAB.tmpfs, In Quarantäne, [cc4f9299e4a76fc742b3b9e6b351af51]
PUP.Optional.MultiPlug, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\jimocoso|ImagePath, C:\Program Files (x86)\00000000-1440686185-0000-0000-1C6F6543CAC5\jnsf83E6.tmp, In Quarantäne, [ff1ce645dab13afcb73ee3bc739116ea]
PUP.Optional.MultiPlug, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\totyseku|ImagePath, C:\Program Files (x86)\00000000-1440686185-0000-0000-1C6F6543CAC5\hnsq9D71.tmp, In Quarantäne, [9982d556216a9a9c1ed7aef140c41de3]
PUP.Optional.Linkury, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SAOPHASE|ImagePath, C:\ProgramData\Saophase\Saophase.exe, In Quarantäne, [ec2faf7c1b70b77f47aae4b4b3518a76]
PUP.Optional.Linkury, HKU\S-1-5-21-892971799-3770444226-59494271-1000\ENVIRONMENT|SNP, hxxp://%66%65%65%64.%73%6E%61%70%64%6F.%63%6F%6D?publisher=APSFRec&co=DE&userid=18fd708b-8f3a-ae52-590b-0e48cb0ad3d4&searchtype=sc&installDate=01.09.2015&barcodeid=50045888&channelid=888, In Quarantäne, [d8433fec414a49edb1197b1db54fda26]
PUP.Optional.Linkury, HKU\S-1-5-21-892971799-3770444226-59494271-1000\ENVIRONMENT|SNF, C:\ProgramData\Saophases\snp.sc, In Quarantäne, [76a5f437038859ddf1d8d3c5de26768a]
PUP.Optional.Linkury.ShrtCln, HKU\S-1-5-21-892971799-3770444226-59494271-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{ielnksrch}|DisplayName, Search the web, In Quarantäne, [fc1f08231c6f2313e3be56cbde25867a]
PUP.Optional.Spigot, HKU\S-1-5-21-892971799-3770444226-59494271-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{71C42EAB-123B-4E0C-8321-BBE86E737CC1}|URL, https://de.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=926458&p={searchTerms}, In Quarantäne, [ff1c8e9df5969c9a18fe525f58ac4cb4]
PUP.Optional.Linkury.ShrtCln, HKU\S-1-5-21-892971799-3770444226-59494271-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{ielnksrch}|URL, hxxp://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBUTxkij9_ByvzhEb-M2ds_L6qBDh2Fh6O4_pgTlWoSPUEpgbk0G26utLRWsKf0eq6DY-A_xS5Ig3-ri8KlAx9_YSd4Vt3gCNKs2-Fj4iOnGFgSrP4n-JrHkTRJz_CI2Nc9Fczz9Uxt9OQ34ex6MOkrtKbjRcsqZMXGEw1s&q={searchTerms}, In Quarantäne, [d4473eed5536ab8b095477faee16857b]
PUP.Optional.Linkury.ShrtCln, HKU\S-1-5-21-892971799-3770444226-59494271-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHURL|Default, hxxp://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBUTxkij9_ByvzhEb-M2ds_L6qBDh2Fh6O4_pgTlWoSPUEpgbk0G26utLRWsKf0eq6DY-A_xS5Ig3-ri8KlAx9_YSd4Vt3gCNKs2-Fj4iOnGFgSrP4n-JrHkTRJz_CI2Nc9Fczz9Uxt9OQ34ex6MOkrtKbjRcsqZMXGEw1s&q={searchTerms}, In Quarantäne, [5fbc9d8ef695b87edb83e1900bf9dd23]
PUP.Optional.OutBrowse, HKU\S-1-5-21-892971799-3770444226-59494271-1000\SOFTWARE\OB|monitype6, 8/27/15 16:35:52, In Quarantäne, [ae6d0d1e8704b284da50475c38cc41bf]
PUP.Optional.OutBrowse, HKU\S-1-5-21-892971799-3770444226-59494271-1000\SOFTWARE\OB|monitype12, 8/27/15 16:35:52, In Quarantäne, [20fb0328216aa19565c5c7dc6d97f50b]
PUP.Optional.OutBrowse, HKU\S-1-5-21-892971799-3770444226-59494271-1000\SOFTWARE\OB|monitype20, 8/27/15 16:36:35, In Quarantäne, [ab7057d47813c96d65c51e85b64e6c94]
PUP.Optional.OutBrowse, HKU\S-1-5-21-892971799-3770444226-59494271-1000\SOFTWARE\OB|monitype24, 8/27/15 16:36:35, In Quarantäne, [73a8e34822693402bb6fe8bb8f75e020]
PUP.Optional.OutBrowse, HKU\S-1-5-21-892971799-3770444226-59494271-1000\SOFTWARE\OB|monitype27, 8/27/15 16:36:35, In Quarantäne, [27f458d34e3dd3633eec6d3618eccd33]
PUP.Optional.OutBrowse, HKU\S-1-5-21-892971799-3770444226-59494271-1000\SOFTWARE\OB|monitype41, 8/27/15 16:36:35, In Quarantäne, [0a11f833b1dad561b971e1c23acaaa56]
PUP.Optional.OutBrowse, HKU\S-1-5-21-892971799-3770444226-59494271-1000\SOFTWARE\OB|monitype42, 8/27/15 16:36:35, In Quarantäne, [7aa1ae7d078446f0ae7cedb6d430bb45]

Registrierungsdaten: 5
PUP.Optional.Linkury, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINDOWS|AppInit_DLLs, C:\ProgramData\Saophase\Lot-Top.dll, Gut: (), Schlecht: (C:\ProgramData\Saophase\Lot-Top.dll),Ersetzt,[4ccf30fb6e1d59ddd402b05dfa09ec14]
PUP.Optional.Linkury.ShrtCln, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES|DefaultScope, {ielnksrch}, Gut: ({0633EE93-D776-472f-A0FF-E1416B8B2E3A}), Schlecht: ({ielnksrch}),Ersetzt,[d54686a59fecb38330db164925e03fc1]
PUP.Optional.Linkury.ShrtCln, HKU\S-1-5-21-892971799-3770444226-59494271-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Start Page, hxxp://%66%65%65%64.%73%6E%61%70%64%6F.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBUTxkij9_ByvzhEb-M2ds_L6qBDh2Fh6O4_pgTlWoSPUEpgbk0G26utLRWsKf0eq6DY-A_xS5Ig3-ri8KlAx9_YSu0aexcnLStR30DrVrRI2FnD4TRxqWjSRCnl25wbaxoLV3N-tVZXRC0jhJRVEgbU7A-8b3hEGPsHXKw, Gut: (www.google.com), Schlecht: (hxxp://%66%65%65%64.%73%6E%61%70%64%6F.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBUTxkij9_ByvzhEb-M2ds_L6qBDh2Fh6O4_pgTlWoSPUEpgbk0G26utLRWsKf0eq6DY-A_xS5Ig3-ri8KlAx9_YSu0aexcnLStR30DrVrRI2FnD4TRxqWjSRCnl25wbaxoLV3N-tVZXRC0jhJRVEgbU7A-8b3hEGPsHXKw),Ersetzt,[140717145833eb4b37cf0a55f51032ce]
PUP.Optional.Linkury.ShrtCln, HKU\S-1-5-21-892971799-3770444226-59494271-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCH|Default_Search_URL, hxxp://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBUTxkij9_ByvzhEb-M2ds_L6qBDh2Fh6O4_pgTlWoSPUEpgbk0G26utLRWsKf0eq6DY-A_xS5Ig3-ri8KlAx9_YSd4Vt3gCNKs2-Fj4iOnGFgSrP4n-JrHkTRJz_CI2Nc9Fczz9Uxt9OQ34ex6MOkrtKbjRcsqZMXGEw1s&q={searchTerms}, Gut: (www.google.com), Schlecht: (hxxp://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBUTxkij9_ByvzhEb-M2ds_L6qBDh2Fh6O4_pgTlWoSPUEpgbk0G26utLRWsKf0eq6DY-A_xS5Ig3-ri8KlAx9_YSd4Vt3gCNKs2-Fj4iOnGFgSrP4n-JrHkTRJz_CI2Nc9Fczz9Uxt9OQ34ex6MOkrtKbjRcsqZMXGEw1s&q={searchTerms}),Ersetzt,[b665d05b4645ad8944c36df29b6a59a7]
PUP.Optional.Linkury.ShrtCln, HKU\S-1-5-21-892971799-3770444226-59494271-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES|DefaultScope, {ielnksrch}, Gut: ({0633EE93-D776-472f-A0FF-E1416B8B2E3A}), Schlecht: ({ielnksrch}),Ersetzt,[1a012902c2c904328f798cd31ce98d73]

Ordner: 7
PUP.Optional.DataMngr, C:\Users\Chris\AppData\LocalLow\DataMngr, In Quarantäne, [8e8dca61692271c50d530500ec1742be], 
PUP.Optional.Linkury, C:\ProgramData\Saophase, Löschen bei Neustart, [4ccf30fb6e1d59ddd402b05dfa09ec14], 
PUP.Optional.Linkury, C:\ProgramData\Saophase\ondemand, In Quarantäne, [4ccf30fb6e1d59ddd402b05dfa09ec14], 
PUP.Optional.Linkury, C:\ProgramData\Saophases, In Quarantäne, [1704e546eaa1043291468489976c847c], 
PUP.Optional.PennyBee, C:\ProgramData\IcyCarje, In Quarantäne, [c556f6355338bc7ae411d63dc93afb05], 
PUP.Optional.ProtectWindowsManager, C:\ProgramData\WWinManProW, In Quarantäne, [011aa9821f6c3006393f918452b14fb1], 
PUP.Optional.ProtectWindowsManager, C:\ProgramData\WWinManProW\update, In Quarantäne, [011aa9821f6c3006393f918452b14fb1], 

Dateien: 44
Adware.PennyBee, C:\ProgramData\IcyCarje\gigo3maw.dll, In Quarantäne, [45d6919a098287af6b7e32873ec3669a], 
Adware.PennyBee, C:\ProgramData\IcyCarje\gigo6maw.dll, In Quarantäne, [41da0e1de6a51e189256ae0b1de4d62a], 
PUP.Optional.Proinstall, C:\Users\Chris\Downloads\FreeOTFEExplorer_3_51-55596183.exe, In Quarantäne, [9685d754b7d449ed1995fc89c0413cc4], 
PUP.Optional.SofTonic, C:\Users\Chris\Downloads\SoftonicDownloader_fuer_mws-reader.exe, In Quarantäne, [ad6e6fbccdbecb6b82f10ac704fda957], 
Trojan.Agent.MSIL, C:\Windows\System32\config\systemprofile\AppData\Local\Freelab, In Quarantäne, [39e238f3c7c46dc933738640fb06c63a], 
PUP.Optional.Linkury.ShrtCln, C:\Users\Chris\AppData\Roaming\Mozilla\Firefox\Profiles\txq8f1mc.default\searchplugins\findit.xml, In Quarantäne, [9685bf6c553610267f3c4f24788c758b], 
PUP.Optional.Linkury.Gen, C:\Windows\SysWOW64\findit.xml, In Quarantäne, [70aba883454677bf04f823759470c63a], 
PUP.Optional.SearchQu, C:\Users\Chris\AppData\Roaming\Mozilla\Extensions\{1FD91A9C-410C-4090-BBCC-55D3450EF433}, In Quarantäne, [30eb101b79124aecb0552d7f709404fc], 
PUP.Optional.SideCubes, C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_search.sidecubes.com_0.localstorage, In Quarantäne, [a57667c4d9b2ed49cab8b2fcf31105fb], 
PUP.Optional.SideCubes, C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_search.sidecubes.com_0.localstorage-journal, In Quarantäne, [0714e942aeddbc7a9ee4f0bec73d16ea], 
PUP.Optional.Linkury, C:\ProgramData\Saophase\Saophase.exe, Löschen bei Neustart, [ec2faf7c1b70b77f47aae4b4b3518a76], 
PUP.Optional.DataMngr, C:\Users\Chris\AppData\LocalLow\DataMngr\{7CA1F051-A4FB-4143-B263-02B41E571EED}, In Quarantäne, [8e8dca61692271c50d530500ec1742be], 
PUP.Optional.Linkury, C:\ProgramData\Saophase\AnZap.bin, In Quarantäne, [4ccf30fb6e1d59ddd402b05dfa09ec14], 
PUP.Optional.Linkury, C:\ProgramData\Saophase\conf.config, In Quarantäne, [4ccf30fb6e1d59ddd402b05dfa09ec14], 
PUP.Optional.Linkury, C:\ProgramData\Saophase\Config.xml, In Quarantäne, [4ccf30fb6e1d59ddd402b05dfa09ec14], 
PUP.Optional.Linkury, C:\ProgramData\Saophase\Flexphase.exe, In Quarantäne, [4ccf30fb6e1d59ddd402b05dfa09ec14], 
PUP.Optional.Linkury, C:\ProgramData\Saophase\Flexphase.exe.config, In Quarantäne, [4ccf30fb6e1d59ddd402b05dfa09ec14], 
PUP.Optional.Linkury, C:\ProgramData\Saophase\Lot-Top.dll, Löschen bei Neustart, [4ccf30fb6e1d59ddd402b05dfa09ec14], 
PUP.Optional.Linkury, C:\ProgramData\Saophase\Medsing.dll, In Quarantäne, [4ccf30fb6e1d59ddd402b05dfa09ec14], 
PUP.Optional.Linkury, C:\ProgramData\Saophase\OpenZap.dll, In Quarantäne, [4ccf30fb6e1d59ddd402b05dfa09ec14], 
PUP.Optional.Linkury, C:\ProgramData\Saophase\PrxCfg.xml, In Quarantäne, [4ccf30fb6e1d59ddd402b05dfa09ec14], 
PUP.Optional.Linkury, C:\ProgramData\Saophase\q0vpqeil.cp4.reg, In Quarantäne, [4ccf30fb6e1d59ddd402b05dfa09ec14], 
PUP.Optional.Linkury, C:\ProgramData\Saophase\Salttech.exe, In Quarantäne, [4ccf30fb6e1d59ddd402b05dfa09ec14], 
PUP.Optional.Linkury, C:\ProgramData\Saophase\Salttech.exe.config, In Quarantäne, [4ccf30fb6e1d59ddd402b05dfa09ec14], 
PUP.Optional.Linkury, C:\ProgramData\Saophase\Saophase.dll, Löschen bei Neustart, [4ccf30fb6e1d59ddd402b05dfa09ec14], 
PUP.Optional.Linkury, C:\ProgramData\Saophase\Saophase.exe.config, In Quarantäne, [4ccf30fb6e1d59ddd402b05dfa09ec14], 
PUP.Optional.Linkury, C:\ProgramData\Saophase\Silvertough.bin, In Quarantäne, [4ccf30fb6e1d59ddd402b05dfa09ec14], 
PUP.Optional.Linkury, C:\ProgramData\Saophase\Softtom.exe, In Quarantäne, [4ccf30fb6e1d59ddd402b05dfa09ec14], 
PUP.Optional.Linkury, C:\ProgramData\Saophase\Softtom.exe.config, In Quarantäne, [4ccf30fb6e1d59ddd402b05dfa09ec14], 
PUP.Optional.Linkury, C:\ProgramData\Saophase\Temp-Fax.bin, In Quarantäne, [4ccf30fb6e1d59ddd402b05dfa09ec14], 
PUP.Optional.Linkury, C:\ProgramData\Saophase\uninstall.exe, In Quarantäne, [4ccf30fb6e1d59ddd402b05dfa09ec14], 
PUP.Optional.Linkury, C:\ProgramData\Saophase\Via-Fax.exe, In Quarantäne, [4ccf30fb6e1d59ddd402b05dfa09ec14], 
PUP.Optional.Linkury, C:\ProgramData\Saophase\Via-Fax.exe.config, In Quarantäne, [4ccf30fb6e1d59ddd402b05dfa09ec14], 
PUP.Optional.Linkury, C:\ProgramData\Saophase\YearLam.dll, In Quarantäne, [4ccf30fb6e1d59ddd402b05dfa09ec14], 
PUP.Optional.Linkury, C:\ProgramData\Saophase\Zaamlex.bin, In Quarantäne, [4ccf30fb6e1d59ddd402b05dfa09ec14], 
PUP.Optional.Linkury, C:\ProgramData\Saophases\ff.HP, In Quarantäne, [1704e546eaa1043291468489976c847c], 
PUP.Optional.Linkury, C:\ProgramData\Saophases\ff.NT, In Quarantäne, [1704e546eaa1043291468489976c847c], 
PUP.Optional.Linkury, C:\ProgramData\Saophases\snp.sc, In Quarantäne, [1704e546eaa1043291468489976c847c], 
PUP.Optional.PennyBee, C:\ProgramData\IcyCarje\gigo3maw.dll, In Quarantäne, [c556f6355338bc7ae411d63dc93afb05], 
PUP.Optional.PennyBee, C:\ProgramData\IcyCarje\gigo6maw.dll, In Quarantäne, [c556f6355338bc7ae411d63dc93afb05], 
PUP.Optional.ProtectWindowsManager, C:\ProgramData\WWinManProW\updateconf, In Quarantäne, [011aa9821f6c3006393f918452b14fb1], 
PUP.Optional.Spigot, C:\Users\Chris\AppData\Roaming\Mozilla\Firefox\Profiles\txq8f1mc.default\prefs.js, Gut: (), Schlecht: (user_pref("keyword.URL", "https://de.search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&ilc=12&type=926458&p=");), Ersetzt,[60bb2ffcfb903df99ac1bfd951b4966a]
PUP.Optional.DefaultProtectedSearch, C:\Users\Chris\AppData\Roaming\Mozilla\Firefox\Profiles\txq8f1mc.default\prefs.js, Gut: (), Schlecht: (defsearchp@gmail.com), Ersetzt,[77a482a91e6d62d461ce643a0ef78878]
PUP.Optional.DeskCut, C:\Users\Chris\AppData\Roaming\Mozilla\Firefox\Profiles\txq8f1mc.default\prefs.js, Gut: (), Schlecht: (deskCutv2@gmail.com), Ersetzt,[1dfec06bb2d9f343b08026783bcac53b]

Physische Sektoren: 0
(keine bösartigen Elemente erkannt)


(end)

adwcleaner.txt

AdwCleaner Logfile:

Code:

ATTFilter

# AdwCleaner v5.005 - Bericht erstellt am 02/09/2015 um 14:53:56
# Aktualisiert am 31/08/2015 von Xplode
# Datenbank : 2015-08-31.2 [Server]
# Betriebssystem : Windows 7 Ultimate Service Pack 1 (x64)
# Benutzername : Chris - CHRIS-PC
# Gestartet von : C:\Users\Chris\Downloads\AdwCleaner_5.005.exe
# Option : Löschen
# Unterstützung : hxxp://toolslib.net/forum

***** [ Dienste ] *****


***** [ Ordner ] *****


***** [ Dateien ] *****


***** [ Verknüpfungen ] *****


***** [ Geplante Tasks ] *****


***** [ Registrierungsdatenbank ] *****

[-] Daten Wiederhergestellt : [x64] HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs]

***** [ Internetbrowser ] *****


*************************

:: Proxy Einstellungen zurückgesetzt
:: Winsock Einstellungen zurückgesetzt
:: Internet Explorer Richtlinien gelöscht
:: Chrome Richtlinien gelöscht

########## EOF - C:\AdwCleaner\AdwCleaner[C3].txt - [898 Bytes] ##########

--- --- ---

[/CODE]

FRST.txt

FRST Logfile:

Code:

ATTFilter

Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:31-08-2015
durchgeführt von Chris (Administrator) auf CHRIS-PC (02-09-2015 15:06:13)
Gestartet von C:\Users\Chris\Downloads
Geladene Profile: Chris (Verfügbare Profile: Chris & UpdatusUser)
Platform: Windows 7 Ultimate Service Pack 1 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: Chrome)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe
(Nitro PDF Software) C:\Program Files\Common Files\Nitro\Reader\3.0\NitroPDFReaderDriverService3x64.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe
(Logitech Inc.) C:\Program Files\Logitech\GamePanel Software\LGDevAgt.exe
(Logitech Inc.) C:\Program Files\Logitech\GamePanel Software\LCD Manager\LCDMon.exe
(Logitech Inc.) C:\Program Files\Logitech\GamePanel Software\G-series Software\LGDCore.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Logitech Inc.) C:\Program Files\Logitech\GamePanel Software\LCD Manager\Applets\LCDMedia.exe
(Logitech Inc.) C:\Program Files\Logitech\GamePanel Software\LCD Manager\Applets\LCDClock.exe
() C:\Program Files (x86)\MOUSE Editor\MouseEditor.exe
(DT Soft Ltd) C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\Brother\ControlCenter3\BrccMCtl.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Dropbox, Inc.) C:\Users\Chris\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\Browny02\BrYNSvc.exe
(Microsoft Corporation) C:\Program Files\Windows Media Player\WMPSideShowGadget.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe


==================== Registry (Nicht auf der Ausnahmeliste) ===========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [Launch LgDeviceAgent] => C:\Program Files\Logitech\GamePanel Software\LgDevAgt.exe [415816 2010-08-03] (Logitech Inc.)
HKLM\...\Run: [Launch LCDMon] => C:\Program Files\Logitech\GamePanel Software\LCD Manager\LCDMon.exe [2412616 2010-08-03] (Logitech Inc.)
HKLM\...\Run: [Launch LGDCore] => C:\Program Files\Logitech\GamePanel Software\G-series Software\LGDCore.exe [4725320 2010-08-03] (Logitech Inc.)
HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [1337000 2015-04-30] (Microsoft Corporation)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [170256 2015-08-13] (Apple Inc.)
HKLM-x32\...\Run: [ControlCenter3] => C:\Program Files (x86)\Brother\ControlCenter3\brctrcen.exe [114688 2008-12-24] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [BrStsMon00] => C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe [2621440 2010-02-09] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [60712 2015-05-15] (Apple Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [256896 2014-07-25] (Oracle Corporation)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2015-08-06] (Apple Inc.)
HKLM\...\Winlogon: [LegalNoticeText] Hurensohn diggah was geht ich geb dir kack lan, muck nich rumen du!!
HKU\S-1-5-21-892971799-3770444226-59494271-1000\...\Run: [OscarEditor] => C:\Program Files (x86)\MOUSE Editor\MouseEditor.exe [2624512 2010-07-22] ()
HKU\S-1-5-21-892971799-3770444226-59494271-1000\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3514176 2011-11-10] (DT Soft Ltd)
HKU\S-1-5-21-892971799-3770444226-59494271-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [30877280 2014-12-11] (Skype Technologies S.A.)
HKU\S-1-5-21-892971799-3770444226-59494271-1000\...\Run: [Dropbox Update] => C:\Users\Chris\AppData\Local\Dropbox\Update\DropboxUpdate.exe [134512 2015-06-20] (Dropbox, Inc.)
AppInit_DLLs: C:\ProgramData\Saophase\Y-find.dll => Keine Datei
ShellIconOverlayIdentifiers: [###MegaShellExtPending] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} =>  Keine Datei
ShellIconOverlayIdentifiers: [###MegaShellExtSynced] -> {05B38830-F4E9-4329-978B-1DD28605D202} =>  Keine Datei
ShellIconOverlayIdentifiers: [###MegaShellExtSyncing] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} =>  Keine Datei
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Chris\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-08-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Chris\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-08-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Chris\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-08-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Chris\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-08-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Chris\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-08-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Chris\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-08-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Chris\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-08-06] (Dropbox, Inc.)
Startup: C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2014-08-13]
ShortcutTarget: Dropbox.lnk -> C:\Users\Chris\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt..)

Winsock: Catalog5 07 C:\Windows\system32\UDDIzvw14.dll Keine Datei 
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1 192.168.2.1
Tcpip\..\Interfaces\{00BCA64A-9B25-4898-A153-6587D202BBCB}: [DhcpNameServer] 192.168.2.1 192.168.2.1
Tcpip\..\Interfaces\{2A4F243C-66B8-4E7C-B4CA-C6568F10B110}: [DhcpNameServer] 139.7.30.126 139.7.30.125
Tcpip\..\Interfaces\{2E9D61F5-C90C-4442-93F0-39579CC1D500}: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{49289D89-2BAC-49F9-97B4-2B7074A535BA}: [DhcpNameServer] 192.168.2.1 192.168.2.1
Tcpip\..\Interfaces\{501087A8-592D-40F7-821B-8BF8B6E8F58B}: [DhcpNameServer] 192.168.2.1 192.168.2.1
Tcpip\..\Interfaces\{5C119CA1-2D4B-40C7-8C83-2FCF2B6CFB83}: [DhcpNameServer] 192.168.2.1 192.168.2.1
Tcpip\..\Interfaces\{936707D0-776D-4A51-B69A-1422D3CFAE11}: [DhcpNameServer] 192.168.2.1 192.168.2.1
Tcpip\..\Interfaces\{D8516AF5-2BBC-4588-82E7-A97CD2FC915A}: [DhcpNameServer] 192.168.2.1 192.168.2.1

Internet Explorer:
==================
HKU\S-1-5-21-892971799-3770444226-59494271-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Richtlinienbeschränkung <======= ACHTUNG
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-892971799-3770444226-59494271-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
URLSearchHook: HKLM-x32 -> Standard = {855F3B16-6D32-4fe6-8A56-BBB695989046}
URLSearchHook: HKLM-x32 - uTorrentBar_DE Toolbar - {c840e246-6b95-475e-9bd7-caa1c7eca9f2} - C:\Program Files (x86)\uTorrentBar_DE\prxtbuTor.dll Keine Datei
SearchScopes: HKLM -> DefaultScope {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL = 
SearchScopes: HKLM-x32 -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSSE
BHO-x32: DivX Plus Web Player HTML5 <video> -> {326E768D-4182-46FD-9C16-1449A49795F4} -> C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll [2011-05-23] (DivX, LLC)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2014-07-25] (Oracle Corporation)
BHO-x32: Skype Browser Helper -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2011-10-10] (Skype Technologies S.A.)
BHO-x32: uTorrentBar_DE Toolbar -> {c840e246-6b95-475e-9bd7-caa1c7eca9f2} -> C:\Program Files (x86)\uTorrentBar_DE\prxtbuTor.dll Keine Datei
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2014-07-25] (Oracle Corporation)
Toolbar: HKLM-x32 - uTorrentBar_DE Toolbar - {c840e246-6b95-475e-9bd7-caa1c7eca9f2} - C:\Program Files (x86)\uTorrentBar_DE\prxtbuTor.dll Keine Datei
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2011-10-10] (Skype Technologies S.A.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Technologies)

FireFox:
========
FF ProfilePath: C:\Users\Chris\AppData\Roaming\Mozilla\Firefox\Profiles\txq8f1mc.default
FF NewTab: about:blank
FF SelectedSearchEngine: Yahoo!
FF Homepage: about:home
FF Keyword.URL: hxxps://de.search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&ilc=12&type=926458&p=
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_18_0_0_232.dll [2015-08-15] ()
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll [2011-06-20] (DivX, LLC.)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_232.dll [2015-08-15] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2015-07-30] ()
FF Plugin-x32: @divx.com/DivX Browser Plugin,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll [2011-05-25] (DivX, LLC)
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll [2011-06-20] (DivX, LLC.)
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2013-07-12] (Google)
FF Plugin-x32: @java.com/DTPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll [2014-07-25] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll [2014-07-25] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin-x32: @nitropdf.com/NitroPDF -> C:\Program Files (x86)\Nitro\Reader 3\npnitromozilla.dll [2013-07-26] (Nitro PDF)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2013-01-18] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2013-01-18] (NVIDIA Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll [Keine Datei]
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.13\npGoogleUpdate3.dll [2015-09-01] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.13\npGoogleUpdate3.dll [2015-09-01] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-06-29] (Adobe Systems Inc.)
FF SearchPlugin: C:\Users\Chris\AppData\Roaming\Mozilla\Firefox\Profiles\txq8f1mc.default\searchplugins\google-images.xml [2014-10-27]
FF SearchPlugin: C:\Users\Chris\AppData\Roaming\Mozilla\Firefox\Profiles\txq8f1mc.default\searchplugins\google-maps.xml [2014-10-27]
FF Extension: VKontakte.ru Downloader - C:\Users\Chris\AppData\Roaming\Mozilla\Firefox\Profiles\txq8f1mc.default\Extensions\vk@sergeykolosov.mp.xpi [2014-12-22]
FF Extension: Adblock Plus - C:\Users\Chris\AppData\Roaming\Mozilla\Firefox\Profiles\txq8f1mc.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-07-26]
FF HKLM-x32\...\Firefox\Extensions: [{23fcfd51-4958-4f00-80a3-ae97e717ed8b}] - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5
FF Extension: DivX Plus Web Player HTML5 &video& - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2011-07-20]
FF HKU\S-1-5-21-892971799-3770444226-59494271-1000\...\Firefox\Extensions: [cliqz@cliqz.com] - C:\Users\Chris\AppData\Roaming\Mozilla\Firefox\Profiles\txq8f1mc.default\extensions\cliqz@cliqz.com

Chrome: 
=======
CHR Profile: C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-08-31]
CHR Extension: (Google Docs) - C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-08-31]
CHR Extension: (Google Drive) - C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-08-31]
CHR Extension: (YouTube) - C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-08-31]
CHR Extension: (Google Search) - C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-08-31]
CHR Extension: (Google Sheets) - C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-08-31]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-08-31]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-08-31]
CHR Extension: (Gmail) - C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-08-31]

==================== Dienste (Nicht auf der Ausnahmeliste) ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77128 2015-05-29] (Apple Inc.)
R3 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [245760 2010-01-25] (Brother Industries, Ltd.) [Datei ist nicht signiert]
R2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1871160 2015-06-18] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1133880 2015-06-18] (Malwarebytes Corporation)
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [23816 2015-04-30] (Microsoft Corporation)
R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [366544 2015-04-30] (Microsoft Corporation)
R2 NitroReaderDriverReadSpool3; C:\Program Files\Common Files\Nitro\Reader\3.0\NitroPDFReaderDriverService3x64.exe [230416 2013-07-26] (Nitro PDF Software)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [75136 2011-07-07] ()
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)

===================== Treiber (Nicht auf der Ausnahmeliste) ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S3 bulkadi; C:\Windows\System32\DRIVERS\bulkrazer_x64.sys [25088 2011-02-09] (Windows (R) Codename Longhorn DDK provider) [Datei ist nicht signiert]
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [279616 2011-12-11] (DT Soft Ltd)
S3 ebdrv; C:\Windows\system32\DRIVERS\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
S3 HTCAND64; C:\Windows\System32\Drivers\ANDROIDUSB.sys [33736 2009-11-02] (HTC, Corporation) [Datei ist nicht signiert]
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-06-18] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [113880 2015-09-02] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-06-18] (Malwarebytes Corporation)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [280376 2015-03-04] (Microsoft Corporation)
S3 Netaapl; C:\Windows\System32\DRIVERS\netaapl64.sys [22528 2011-05-10] (Apple Inc.) [Datei ist nicht signiert]
R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [124568 2015-03-04] (Microsoft Corporation)
S3 ZDCNDIS6a64; C:\Windows\system32\ZDCNDIS6a64.sys [41280 2007-11-06] (Printing Communications Assoc., Inc. (PCAUSA))
S3 ZDCNDIS6a64; C:\Windows\SysWOW64\ZDCNDIS6a64.sys [41280 2007-11-06] (Printing Communications Assoc., Inc. (PCAUSA))
S3 ZY202_VS; C:\Windows\System32\DRIVERS\WlanGZG.sys [1041920 2007-11-06] (Atheros Communications, Inc.)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S1 grjldxdn; \??\C:\Windows\system32\drivers\grjldxdn.sys [X]
S1 iixvqrdn; \??\C:\Windows\system32\drivers\iixvqrdn.sys [X]
S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X]
S3 tsusbhub; system32\drivers\tsusbhub.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2015-09-02 14:57 - 2015-09-02 14:57 - 00000980 _____ C:\Users\Chris\Desktop\AdwCleaner[C3].txt
2015-09-02 14:50 - 2015-09-02 14:50 - 00019115 _____ C:\Users\Chris\Desktop\mbam.txt
2015-09-02 12:14 - 2015-09-02 14:56 - 00113880 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-09-02 12:14 - 2015-09-02 13:02 - 00001092 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2015-09-02 12:14 - 2015-09-02 12:14 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2015-09-02 12:13 - 2015-09-02 12:14 - 00000000 ____D C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2015-09-02 12:13 - 2015-09-02 12:13 - 00000000 ____D C:\ProgramData\Malwarebytes
2015-09-02 12:13 - 2015-06-18 08:41 - 00109272 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-09-02 12:13 - 2015-06-18 08:41 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-09-02 12:13 - 2015-06-18 08:41 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2015-09-02 12:02 - 2015-09-02 12:03 - 24345872 _____ (Malwarebytes Corporation ) C:\Users\Chris\Downloads\mbam-setup-2.1.8.1057.exe
2015-09-02 11:19 - 2015-09-02 11:19 - 00027687 _____ C:\ComboFix.txt
2015-09-02 10:52 - 2011-06-26 08:45 - 00256000 _____ C:\Windows\PEV.exe
2015-09-02 10:52 - 2010-11-07 19:20 - 00208896 _____ C:\Windows\MBR.exe
2015-09-02 10:52 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2015-09-02 10:52 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2015-09-02 10:52 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2015-09-02 10:52 - 2000-08-31 02:00 - 00098816 _____ C:\Windows\sed.exe
2015-09-02 10:52 - 2000-08-31 02:00 - 00080412 _____ C:\Windows\grep.exe
2015-09-02 10:52 - 2000-08-31 02:00 - 00068096 _____ C:\Windows\zip.exe
2015-09-02 10:51 - 2015-09-02 11:19 - 00000000 ____D C:\Qoobox
2015-09-02 10:50 - 2015-09-02 11:17 - 00000000 ____D C:\Windows\erdnt
2015-09-02 10:46 - 2015-09-02 10:47 - 05635829 ____R (Swearware) C:\Users\Chris\Downloads\ComboFix.exe
2015-09-02 07:31 - 2015-09-02 10:01 - 459881413 _____ C:\Users\Chris\Downloads\o13vl64x.part2.rar
2015-09-01 22:40 - 2015-09-01 22:55 - 00000000 ____D C:\Users\Chris\Desktop\JDownloader
2015-09-01 22:37 - 2015-09-01 22:37 - 00000964 _____ C:\Users\Chris\Downloads\9c91f7707abdae49a8348b6e8170fc0b.dlc
2015-09-01 22:33 - 2015-09-02 14:35 - 524288000 _____ C:\Users\Chris\Downloads\o13vl64x.part1.rar
2015-09-01 22:00 - 2015-09-01 22:01 - 00054108 _____ C:\Users\Chris\Downloads\Addition.txt
2015-09-01 21:59 - 2015-09-02 15:06 - 00020496 _____ C:\Users\Chris\Downloads\FRST.txt
2015-09-01 21:58 - 2015-09-02 15:06 - 00000000 ____D C:\FRST
2015-09-01 21:57 - 2015-09-01 21:57 - 02188800 _____ (Farbar) C:\Users\Chris\Downloads\FRST64.exe
2015-09-01 20:23 - 2015-09-01 20:23 - 04241742 _____ (Bycatch) C:\Program Files\Common Files\fapihsdd.exe
2015-09-01 20:04 - 2015-09-01 20:04 - 00003156 _____ C:\Windows\System32\Tasks\ibqp15zq
2015-09-01 20:04 - 2015-09-01 20:04 - 00000000 ____D C:\Program Files\Common Files\3ecvmapm
2015-09-01 19:05 - 2015-09-01 19:05 - 00000000 ____D C:\Users\Chris\Documents\Finanzen
2015-09-01 17:12 - 2015-09-01 17:12 - 04241742 _____ (Bycatch) C:\Program Files\Common Files\0pzeiztr.exe
2015-09-01 16:57 - 2015-09-01 16:57 - 00003156 _____ C:\Windows\System32\Tasks\vyk1avwh
2015-09-01 16:57 - 2015-09-01 16:57 - 00000000 ____D C:\Program Files\Common Files\535fla3w
2015-09-01 15:47 - 2015-09-02 14:53 - 00000000 ____D C:\AdwCleaner
2015-09-01 15:44 - 2015-09-01 15:44 - 01654272 _____ C:\Users\Chris\Downloads\AdwCleaner_5.005.exe
2015-08-31 20:48 - 2015-08-31 20:48 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-08-31 20:47 - 2015-09-02 13:02 - 00002237 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2015-08-31 20:35 - 2015-08-31 20:35 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2015-08-31 20:32 - 2015-08-31 20:32 - 00242984 _____ C:\Users\Chris\Downloads\Firefox Setup Stub 40.0.3.exe
2015-08-28 15:00 - 2015-09-02 08:33 - 00000000 ____D C:\Users\Chris\Documents\Studium - Bauingenieurwesen Bachelor
2015-08-28 12:11 - 2015-08-28 12:11 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FreeOTFE Explorer
2015-08-28 12:10 - 2015-08-28 12:10 - 03350512 _____ (Sarah Dean) C:\Users\Chris\Downloads\FreeOTFEExplorer_3_51.exe
2015-08-28 12:02 - 2015-08-28 12:02 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TrueCrypt
2015-08-28 11:59 - 2015-08-28 12:01 - 00000000 ____D C:\Users\Chris\AppData\Roaming\TrueCrypt
2015-08-28 11:58 - 2015-08-28 12:02 - 00230840 _____ (TrueCrypt Foundation) C:\Windows\system32\Drivers\truecrypt.sys
2015-08-28 10:23 - 2015-08-28 10:23 - 00003236 _____ C:\Windows\System32\Tasks\updatedoon
2015-08-27 20:45 - 2015-08-27 20:45 - 00000000 ____D C:\Users\Chris\AppData\Local\Mega Limited
2015-08-27 20:43 - 2015-08-27 20:44 - 09980608 _____ (MEGA Limited) C:\Users\Chris\Downloads\MEGAsyncSetup.exe
2015-08-27 20:37 - 2015-08-27 20:37 - 00000000 ____D C:\Users\Chris\AppData\Roaming\TaiG
2015-08-27 20:36 - 2015-07-15 15:54 - 72369664 _____ (taig tools) C:\Users\Chris\Desktop\TaiGJBreak_EN_2430.exe
2015-08-27 19:09 - 2015-08-27 19:09 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
2015-08-27 19:09 - 2015-08-27 19:09 - 00000000 ____D C:\Program Files (x86)\QuickTime
2015-08-27 19:03 - 2015-08-27 19:03 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2015-08-27 18:59 - 2015-08-27 19:03 - 00000000 ____D C:\Program Files\iTunes
2015-08-27 18:59 - 2015-08-27 18:59 - 00000000 ____D C:\Program Files\iPod
2015-08-27 16:45 - 2015-08-27 16:45 - 00003146 _____ C:\Windows\System32\Tasks\{226C6825-5220-4BE6-BFC3-85A1EEF608A9}
2015-08-27 16:38 - 2015-08-27 16:38 - 00000124 _____ C:\ProgramData\{262E20B8-6E20-4CEF-B1FD-D022AB1085F5}.dat
2015-08-27 16:37 - 2015-08-17 14:29 - 00000826 _____ C:\Windows\system32\Drivers\etc\hp.bak
2015-08-26 18:01 - 2015-08-26 18:01 - 00000000 ____D C:\Users\Chris\Documents\Reise
2015-08-26 18:00 - 2015-09-01 22:54 - 00000000 ____D C:\Users\Chris\AppData\Roaming\Nitro PDF
2015-08-26 18:00 - 2015-08-26 18:00 - 00000000 ____D C:\Users\Chris\AppData\Roaming\Nitro
2015-08-26 18:00 - 2015-08-26 18:00 - 00000000 ____D C:\Users\Chris\AppData\Roaming\FileOpen
2015-08-26 18:00 - 2015-08-26 18:00 - 00000000 ____D C:\ProgramData\FileOpen
2015-08-26 17:55 - 2013-07-26 06:57 - 00029712 _____ (Nitro PDF Software) C:\Windows\system32\nitrolocalmon2.dll
2015-08-26 17:55 - 2013-07-26 06:57 - 00017936 _____ (Nitro PDF Software) C:\Windows\system32\nitrolocalui2.dll
2015-08-26 17:54 - 2015-09-02 13:02 - 00002499 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nitro Reader 3.lnk
2015-08-26 17:54 - 2015-09-02 13:02 - 00001997 _____ C:\Users\Public\Desktop\Nitro Reader.lnk
2015-08-26 17:54 - 2015-08-26 17:54 - 00000000 ____D C:\Program Files\Common Files\Nitro
2015-08-26 17:53 - 2015-08-26 17:53 - 00000000 ____D C:\ProgramData\Nitro
2015-08-26 17:53 - 2015-08-26 17:53 - 00000000 ____D C:\Program Files (x86)\Nitro
2015-08-26 17:51 - 2015-08-26 17:51 - 00000000 ____D C:\Users\Chris\AppData\Roaming\Downloaded Installations
2015-08-24 16:57 - 2015-08-24 17:02 - 00321112 _____ C:\Users\Chris\Downloads\Take That - These Days.mp3.sfk
2015-08-23 19:16 - 2015-08-23 19:17 - 00336640 _____ C:\Users\Chris\Downloads\Coldplay - Viva la Vida.mp3.sfk
2015-08-23 18:58 - 2015-08-23 18:58 - 00320072 _____ C:\Users\Chris\Downloads\Dropkick Murphys - The State Of Massachusetts [ OST Реактивные клоуны ].mp3.sfk
2015-08-23 18:18 - 2011-12-31 18:10 - 57522638 _____ C:\Users\Chris\Desktop\GOPR0106.MP4
2015-08-23 17:09 - 2015-08-23 17:09 - 05668016 _____ (WindSolutions) C:\Users\Chris\Downloads\Install_CopyTransControlCenter.exe
2015-08-23 17:04 - 2015-08-23 17:05 - 01260832 _____ C:\Users\Chris\Downloads\SharePod - CHIP-Installer.exe
2015-08-21 23:03 - 2015-08-21 23:08 - 00244760 _____ C:\Users\Chris\Downloads\Arctic Monkeys - Fluorescent Adolescent.mp3.sfk
2015-08-21 21:40 - 2015-08-25 15:17 - 00000000 ____D C:\Users\Chris\Desktop\Video Australien Bonu
2015-08-19 23:11 - 2015-08-11 03:20 - 25191936 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-08-19 23:11 - 2015-08-11 03:14 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-08-19 23:11 - 2015-08-11 02:33 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-08-19 23:11 - 2015-08-11 02:20 - 19871232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-08-17 19:34 - 2015-08-17 19:34 - 00000000 ____D C:\Users\Chris\AppData\Local\TuneUp Software
2015-08-17 19:29 - 2015-09-02 13:02 - 00001522 _____ C:\Users\Public\Desktop\Free YouTube to MP3 Converter.lnk
2015-08-17 19:29 - 2015-09-02 13:02 - 00001231 _____ C:\Users\Public\Desktop\DVDVideoSoft Free Studio.lnk
2015-08-17 19:29 - 2015-08-17 19:29 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft
2015-08-17 19:28 - 2015-08-17 19:29 - 00000000 ____D C:\Program Files (x86)\FreeCodecPack
2015-08-17 19:28 - 2015-08-17 19:29 - 00000000 ____D C:\Program Files (x86)\DVDVideoSoft
2015-08-17 19:21 - 2015-08-17 19:24 - 36627576 _____ (DVDVideoSoft Ltd. ) C:\Users\Chris\Downloads\FreeYouTube61ToMP3Converter.exe
2015-08-17 18:35 - 2015-09-02 13:00 - 00001003 _____ C:\Users\Chris\Desktop\TransMac.lnk
2015-08-17 18:35 - 2015-08-17 18:35 - 00000000 ____D C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TransMac
2015-08-17 18:35 - 2015-08-17 18:35 - 00000000 ____D C:\Users\Chris\AppData\Local\TransMac
2015-08-17 18:34 - 2015-08-17 18:35 - 00000000 ____D C:\Program Files (x86)\TransMac
2015-08-17 18:32 - 2015-08-17 18:32 - 01260832 _____ C:\Users\Chris\Downloads\TransMac - CHIP-Installer.exe
2015-08-17 16:27 - 2015-08-17 16:27 - 00000000 ____D C:\Users\Chris\AppData\Local\CEF
2015-08-15 14:57 - 2015-08-15 14:57 - 00000000 ____D C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2015-08-14 22:47 - 2015-07-30 15:13 - 00124624 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2015-08-14 22:47 - 2015-07-30 15:13 - 00103120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2015-08-14 22:38 - 2015-07-21 02:39 - 00389840 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-08-14 22:38 - 2015-07-21 02:12 - 00342736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-08-14 22:38 - 2015-07-16 22:54 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-08-14 22:38 - 2015-07-16 22:37 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-08-14 22:38 - 2015-07-16 22:36 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-08-14 22:38 - 2015-07-16 22:36 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-08-14 22:38 - 2015-07-16 22:36 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-08-14 22:38 - 2015-07-16 22:35 - 02885632 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-08-14 22:38 - 2015-07-16 22:35 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-08-14 22:38 - 2015-07-16 22:27 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-08-14 22:38 - 2015-07-16 22:26 - 05923328 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-08-14 22:38 - 2015-07-16 22:26 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-08-14 22:38 - 2015-07-16 22:23 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-08-14 22:38 - 2015-07-16 22:21 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-08-14 22:38 - 2015-07-16 22:21 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-08-14 22:38 - 2015-07-16 22:21 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-08-14 22:38 - 2015-07-16 22:21 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-08-14 22:38 - 2015-07-16 22:12 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-08-14 22:38 - 2015-07-16 22:08 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-08-14 22:38 - 2015-07-16 22:00 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-08-14 22:38 - 2015-07-16 21:55 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-08-14 22:38 - 2015-07-16 21:54 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-08-14 22:38 - 2015-07-16 21:51 - 00504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-08-14 22:38 - 2015-07-16 21:51 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-08-14 22:38 - 2015-07-16 21:51 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-08-14 22:38 - 2015-07-16 21:50 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-08-14 22:38 - 2015-07-16 21:50 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-08-14 22:38 - 2015-07-16 21:49 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-08-14 22:38 - 2015-07-16 21:45 - 02279424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-08-14 22:38 - 2015-07-16 21:43 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-08-14 22:38 - 2015-07-16 21:43 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-08-14 22:38 - 2015-07-16 21:41 - 00479232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-08-14 22:38 - 2015-07-16 21:39 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-08-14 22:38 - 2015-07-16 21:39 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-08-14 22:38 - 2015-07-16 21:38 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-08-14 22:38 - 2015-07-16 21:36 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-08-14 22:38 - 2015-07-16 21:35 - 00720384 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-08-14 22:38 - 2015-07-16 21:34 - 14451200 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-08-14 22:38 - 2015-07-16 21:33 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-08-14 22:38 - 2015-07-16 21:32 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-08-14 22:38 - 2015-07-16 21:29 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-08-14 22:38 - 2015-07-16 21:24 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-08-14 22:38 - 2015-07-16 21:20 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-08-14 22:38 - 2015-07-16 21:19 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-08-14 22:38 - 2015-07-16 21:17 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-08-14 22:38 - 2015-07-16 21:12 - 04520448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-08-14 22:38 - 2015-07-16 21:12 - 02427904 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-08-14 22:38 - 2015-07-16 21:10 - 12856832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-08-14 22:38 - 2015-07-16 21:06 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-08-14 22:38 - 2015-07-16 21:06 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-08-14 22:38 - 2015-07-16 21:05 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-08-14 22:38 - 2015-07-16 21:01 - 01545728 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-08-14 22:38 - 2015-07-16 20:49 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-08-14 22:38 - 2015-07-16 20:42 - 01951232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-08-14 22:38 - 2015-07-16 20:38 - 01310720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-08-14 22:38 - 2015-07-16 20:37 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-08-14 22:37 - 2015-07-28 22:09 - 00017344 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2015-08-14 22:37 - 2015-07-28 22:05 - 01116672 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-08-14 22:37 - 2015-07-28 22:05 - 00774656 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-08-14 22:37 - 2015-07-28 22:05 - 00743424 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-08-14 22:37 - 2015-07-28 22:05 - 00437760 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-08-14 22:37 - 2015-07-28 22:05 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2015-08-14 22:37 - 2015-07-28 22:05 - 00069120 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2015-08-14 22:37 - 2015-07-28 21:55 - 01148416 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-08-14 22:37 - 2015-07-15 20:15 - 05568960 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-08-14 22:37 - 2015-07-15 20:15 - 00155584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-08-14 22:37 - 2015-07-15 20:15 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-08-14 22:37 - 2015-07-15 20:15 - 00094656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mountmgr.sys
2015-08-14 22:37 - 2015-07-15 20:12 - 01730496 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-08-14 22:37 - 2015-07-15 20:11 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2015-08-14 22:37 - 2015-07-15 20:11 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2015-08-14 22:37 - 2015-07-15 20:11 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2015-08-14 22:37 - 2015-07-15 20:11 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-08-14 22:37 - 2015-07-15 20:11 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2015-08-14 22:37 - 2015-07-15 20:10 - 01743360 _____ (Microsoft Corporation) C:\Windows\system32\sysmain.dll
2015-08-14 22:37 - 2015-07-15 20:10 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-08-14 22:37 - 2015-07-15 20:10 - 01216512 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2015-08-14 22:37 - 2015-07-15 20:10 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2015-08-14 22:37 - 2015-07-15 20:10 - 00729088 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-08-14 22:37 - 2015-07-15 20:10 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-08-14 22:37 - 2015-07-15 20:10 - 00424960 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2015-08-14 22:37 - 2015-07-15 20:10 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-08-14 22:37 - 2015-07-15 20:10 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-08-14 22:37 - 2015-07-15 20:10 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-08-14 22:37 - 2015-07-15 20:10 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-08-14 22:37 - 2015-07-15 20:10 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-08-14 22:37 - 2015-07-15 20:10 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2015-08-14 22:37 - 2015-07-15 20:10 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-08-14 22:37 - 2015-07-15 20:10 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-08-14 22:37 - 2015-07-15 20:10 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2015-08-14 22:37 - 2015-07-15 20:10 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2015-08-14 22:37 - 2015-07-15 20:10 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-08-14 22:37 - 2015-07-15 20:10 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-08-14 22:37 - 2015-07-15 20:10 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-08-14 22:37 - 2015-07-15 20:10 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-08-14 22:37 - 2015-07-15 20:10 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2015-08-14 22:37 - 2015-07-15 20:10 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\msmmsp.dll
2015-08-14 22:37 - 2015-07-15 20:09 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2015-08-14 22:37 - 2015-07-15 20:09 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-08-14 22:37 - 2015-07-15 20:05 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-08-14 22:37 - 2015-07-15 20:05 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-08-14 22:37 - 2015-07-15 20:00 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-08-14 22:37 - 2015-07-15 20:00 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2015-08-14 22:37 - 2015-07-15 20:00 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-08-14 22:37 - 2015-07-15 20:00 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-08-14 22:37 - 2015-07-15 20:00 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-08-14 22:37 - 2015-07-15 20:00 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-08-14 22:37 - 2015-07-15 20:00 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-08-14 22:37 - 2015-07-15 20:00 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-08-14 22:37 - 2015-07-15 20:00 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-08-14 22:37 - 2015-07-15 20:00 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-08-14 22:37 - 2015-07-15 20:00 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-08-14 22:37 - 2015-07-15 20:00 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-08-14 22:37 - 2015-07-15 20:00 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-08-14 22:37 - 2015-07-15 20:00 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-08-14 22:37 - 2015-07-15 20:00 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-08-14 22:37 - 2015-07-15 20:00 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-08-14 22:37 - 2015-07-15 20:00 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-08-14 22:37 - 2015-07-15 20:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-08-14 22:37 - 2015-07-15 20:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-08-14 22:37 - 2015-07-15 20:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-08-14 22:37 - 2015-07-15 20:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-08-14 22:37 - 2015-07-15 20:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-08-14 22:37 - 2015-07-15 20:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-08-14 22:37 - 2015-07-15 20:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-08-14 22:37 - 2015-07-15 20:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-08-14 22:37 - 2015-07-15 20:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-08-14 22:37 - 2015-07-15 20:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-08-14 22:37 - 2015-07-15 20:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-08-14 22:37 - 2015-07-15 20:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-08-14 22:37 - 2015-07-15 20:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-08-14 22:37 - 2015-07-15 19:59 - 03989952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-08-14 22:37 - 2015-07-15 19:59 - 03934656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-08-14 22:37 - 2015-07-15 19:56 - 01311768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2015-08-14 22:37 - 2015-07-15 19:55 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-08-14 22:37 - 2015-07-15 19:55 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-08-14 22:37 - 2015-07-15 19:55 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-08-14 22:37 - 2015-07-15 19:55 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-08-14 22:37 - 2015-07-15 19:55 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-08-14 22:37 - 2015-07-15 19:54 - 00552960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-08-14 22:37 - 2015-07-15 19:54 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-08-14 22:37 - 2015-07-15 19:54 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-08-14 22:37 - 2015-07-15 19:54 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2015-08-14 22:37 - 2015-07-15 19:54 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2015-08-14 22:37 - 2015-07-15 19:54 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-08-14 22:37 - 2015-07-15 19:54 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2015-08-14 22:37 - 2015-07-15 19:53 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2015-08-14 22:37 - 2015-07-15 19:53 - 00665088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2015-08-14 22:37 - 2015-07-15 19:53 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2015-08-14 22:37 - 2015-07-15 19:53 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-08-14 22:37 - 2015-07-15 19:53 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2015-08-14 22:37 - 2015-07-15 19:53 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2015-08-14 22:37 - 2015-07-15 19:49 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2015-08-14 22:37 - 2015-07-15 19:48 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-08-14 22:37 - 2015-07-15 19:44 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-08-14 22:37 - 2015-07-15 19:44 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2015-08-14 22:37 - 2015-07-15 19:44 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2015-08-14 22:37 - 2015-07-15 19:44 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2015-08-14 22:37 - 2015-07-15 19:44 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2015-08-14 22:37 - 2015-07-15 19:44 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2015-08-14 22:37 - 2015-07-15 19:44 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2015-08-14 22:37 - 2015-07-15 19:44 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2015-08-14 22:37 - 2015-07-15 19:44 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2015-08-14 22:37 - 2015-07-15 19:44 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2015-08-14 22:37 - 2015-07-15 19:44 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2015-08-14 22:37 - 2015-07-15 19:44 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2015-08-14 22:37 - 2015-07-15 19:44 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2015-08-14 22:37 - 2015-07-15 19:44 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2015-08-14 22:37 - 2015-07-15 19:44 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2015-08-14 22:37 - 2015-07-15 19:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2015-08-14 22:37 - 2015-07-15 19:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-08-14 22:37 - 2015-07-15 19:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2015-08-14 22:37 - 2015-07-15 19:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2015-08-14 22:37 - 2015-07-15 19:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2015-08-14 22:37 - 2015-07-15 19:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2015-08-14 22:37 - 2015-07-15 19:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2015-08-14 22:37 - 2015-07-15 19:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2015-08-14 22:37 - 2015-07-15 19:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2015-08-14 22:37 - 2015-07-15 19:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2015-08-14 22:37 - 2015-07-15 19:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2015-08-14 22:37 - 2015-07-15 18:46 - 00290816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2015-08-14 22:37 - 2015-07-15 18:46 - 00159232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2015-08-14 22:37 - 2015-07-15 18:46 - 00129024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2015-08-14 22:37 - 2015-07-15 18:37 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2015-08-14 22:37 - 2015-07-15 18:37 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2015-08-14 22:37 - 2015-07-15 18:34 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2015-08-14 22:37 - 2015-07-15 18:34 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2015-08-14 22:37 - 2015-07-15 18:34 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2015-08-14 22:37 - 2015-07-15 18:34 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2015-08-14 22:36 - 2015-07-15 05:19 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\basesrv.dll
2015-08-14 22:36 - 2015-07-10 19:51 - 03722752 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2015-08-14 22:36 - 2015-07-10 19:51 - 00158720 _____ (Microsoft Corporation) C:\Windows\system32\aaclient.dll
2015-08-14 22:36 - 2015-07-10 19:51 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\tsgqec.dll
2015-08-14 22:36 - 2015-07-10 19:34 - 03221504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2015-08-14 22:36 - 2015-07-10 19:34 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tsgqec.dll
2015-08-14 22:36 - 2015-07-10 19:33 - 00131584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aaclient.dll
2015-08-14 22:30 - 2015-07-30 20:06 - 02565120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2015-08-14 22:30 - 2015-07-30 20:06 - 01648128 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2015-08-14 22:30 - 2015-07-30 20:06 - 01180160 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2015-08-14 22:30 - 2015-07-30 20:06 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2015-08-14 22:30 - 2015-07-30 20:06 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2015-08-14 22:30 - 2015-07-30 20:06 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2015-08-14 22:30 - 2015-07-30 20:06 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2015-08-14 22:30 - 2015-07-30 19:57 - 01987584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2015-08-14 22:30 - 2015-07-30 19:57 - 01251328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2015-08-14 22:30 - 2015-07-30 19:57 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2015-08-14 22:30 - 2015-07-30 19:57 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2015-08-14 22:30 - 2015-07-30 19:57 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2015-08-14 22:30 - 2015-07-30 19:55 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2015-08-14 22:30 - 2015-07-30 18:56 - 03208192 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-08-14 22:30 - 2015-07-30 18:52 - 00372736 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2015-08-14 22:30 - 2015-07-30 18:49 - 00299520 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2015-08-14 22:30 - 2015-07-15 05:19 - 02004992 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2015-08-14 22:30 - 2015-07-15 05:19 - 01887232 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2015-08-14 22:30 - 2015-07-15 05:14 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml6r.dll
2015-08-14 22:30 - 2015-07-15 05:13 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2015-08-14 22:30 - 2015-07-15 04:55 - 01390592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2015-08-14 22:30 - 2015-07-15 04:55 - 01241088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2015-08-14 22:30 - 2015-07-15 04:51 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6r.dll
2015-08-14 22:30 - 2015-07-15 04:51 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2015-08-14 22:30 - 2015-07-01 22:49 - 00260096 _____ (Microsoft Corporation) C:\Windows\system32\WebClnt.dll
2015-08-14 22:30 - 2015-07-01 22:48 - 00102912 _____ (Microsoft Corporation) C:\Windows\system32\davclnt.dll
2015-08-14 22:30 - 2015-07-01 22:30 - 00206848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WebClnt.dll
2015-08-14 22:30 - 2015-07-01 22:30 - 00082432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\davclnt.dll
2015-08-14 22:29 - 2015-07-20 20:12 - 03154944 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-08-14 22:29 - 2015-07-20 20:12 - 02606080 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-08-14 22:29 - 2015-07-20 20:12 - 00696320 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-08-14 22:29 - 2015-07-20 20:12 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-08-14 22:29 - 2015-07-20 20:12 - 00139776 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-08-14 22:29 - 2015-07-20 20:12 - 00098304 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-08-14 22:29 - 2015-07-20 20:12 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2015-08-14 22:29 - 2015-07-20 20:12 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2015-08-14 22:29 - 2015-07-20 20:12 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-08-14 22:29 - 2015-07-20 20:12 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2015-08-14 22:29 - 2015-07-20 20:12 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2015-08-14 22:29 - 2015-07-20 19:56 - 00566784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2015-08-14 22:29 - 2015-07-20 19:56 - 00173056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2015-08-14 22:29 - 2015-07-20 19:56 - 00093184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2015-08-14 22:29 - 2015-07-20 19:56 - 00034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2015-08-14 22:29 - 2015-07-20 19:56 - 00030208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2015-08-14 22:29 - 2015-07-10 19:51 - 14177280 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2015-08-14 22:29 - 2015-07-10 19:34 - 12875776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2015-08-14 22:29 - 2015-07-09 19:57 - 00193536 _____ (Microsoft Corporation) C:\Windows\system32\notepad.exe
2015-08-14 22:29 - 2015-07-09 19:57 - 00193536 _____ (Microsoft Corporation) C:\Windows\notepad.exe
2015-08-14 22:29 - 2015-07-09 19:42 - 00179712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe
2015-08-10 23:16 - 2015-06-02 02:07 - 00254976 _____ (Microsoft Corporation) C:\Windows\system32\cewmdm.dll
2015-08-10 23:16 - 2015-06-02 01:47 - 00210432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cewmdm.dll
2015-08-10 23:15 - 2015-06-17 19:47 - 00404992 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2015-08-10 23:15 - 2015-06-17 19:37 - 00312320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2015-08-10 23:11 - 2015-07-04 20:07 - 02087424 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2015-08-10 23:11 - 2015-07-04 19:48 - 01414656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll
2015-08-10 23:11 - 2015-06-15 23:50 - 00112064 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2015-08-10 23:11 - 2015-06-15 23:45 - 03242496 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2015-08-10 23:11 - 2015-06-15 23:45 - 01941504 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2015-08-10 23:11 - 2015-06-15 23:45 - 00504320 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2015-08-10 23:11 - 2015-06-15 23:45 - 00070656 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll
2015-08-10 23:11 - 2015-06-15 23:44 - 00128000 _____ (Microsoft Corporation) C:\Windows\system32\msiexec.exe
2015-08-10 23:11 - 2015-06-15 23:43 - 02364416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2015-08-10 23:11 - 2015-06-15 23:43 - 01805824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2015-08-10 23:11 - 2015-06-15 23:43 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll
2015-08-10 23:11 - 2015-06-15 23:42 - 00073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msiexec.exe
2015-08-10 23:11 - 2015-06-15 23:42 - 00025088 _____ (Microsoft Corporation) C:\Windows\system32\msimsg.dll
2015-08-10 23:11 - 2015-06-15 23:37 - 00025088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msimsg.dll
2015-08-10 23:11 - 2015-06-11 19:56 - 01112576 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2015-08-10 23:11 - 2015-06-11 19:16 - 00162816 _____ (Microsoft Corporation) C:\Windows\system32\rdpudd.dll
2015-08-10 23:11 - 2015-06-11 19:15 - 00020992 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpvideominiport.sys
2015-08-10 23:11 - 2015-04-27 21:23 - 01480192 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2015-08-10 23:11 - 2015-04-27 21:23 - 00229376 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2015-08-10 23:11 - 2015-04-27 21:23 - 00188416 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2015-08-10 23:11 - 2015-04-27 21:23 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2015-08-10 23:11 - 2015-04-27 21:05 - 00179200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2015-08-10 23:11 - 2015-04-27 21:04 - 01174528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2015-08-10 23:11 - 2015-04-27 21:04 - 00143872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2015-08-10 23:11 - 2015-04-27 21:04 - 00103936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2015-08-06 11:43 - 2015-08-06 11:43 - 00094208 _____ (Apple Inc.) C:\Windows\SysWOW64\QuickTimeVR.qtx
2015-08-06 11:43 - 2015-08-06 11:43 - 00069632 _____ (Apple Inc.) C:\Windows\SysWOW64\QuickTime.qts

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2015-09-02 15:05 - 2009-07-14 06:45 - 00017136 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-09-02 15:05 - 2009-07-14 06:45 - 00017136 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-09-02 14:58 - 2012-11-25 19:19 - 00000000 ___RD C:\Users\Chris\Dropbox
2015-09-02 14:58 - 2012-11-25 19:16 - 00000000 ____D C:\Users\Chris\AppData\Roaming\Dropbox
2015-09-02 14:56 - 2011-06-21 14:20 - 00001106 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-09-02 14:55 - 2011-06-02 16:02 - 00000000 ____D C:\ProgramData\NVIDIA
2015-09-02 14:55 - 2011-05-29 09:03 - 00908920 _____ C:\Windows\PFRO.log
2015-09-02 14:55 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-09-02 14:55 - 2009-07-14 06:51 - 00086446 _____ C:\Windows\setupact.log
2015-09-02 14:54 - 2011-05-27 18:09 - 02081736 _____ C:\Windows\WindowsUpdate.log
2015-09-02 14:52 - 2015-06-20 18:39 - 00001224 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-892971799-3770444226-59494271-1000UA.job
2015-09-02 14:47 - 2011-06-21 14:20 - 00001110 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-09-02 14:38 - 2009-07-14 19:58 - 00699432 _____ C:\Windows\system32\perfh007.dat
2015-09-02 14:38 - 2009-07-14 19:58 - 00149572 _____ C:\Windows\system32\perfc007.dat
2015-09-02 14:38 - 2009-07-14 07:13 - 01620684 _____ C:\Windows\system32\PerfStringBackup.INI
2015-09-02 14:19 - 2012-05-07 13:56 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-09-02 13:02 - 2015-07-10 08:11 - 00001073 _____ C:\Users\Public\Desktop\Rapid-Mosaic.lnk
2015-09-02 13:02 - 2014-11-30 21:30 - 00000953 _____ C:\Users\Public\Desktop\Steam.lnk
2015-09-02 13:02 - 2014-11-07 17:28 - 00001607 _____ C:\Users\Public\Desktop\League of Legends.lnk
2015-09-02 13:02 - 2014-10-30 17:46 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2015-09-02 13:02 - 2014-10-30 17:46 - 00002013 _____ C:\Users\Public\Desktop\Adobe Reader XI.lnk
2015-09-02 13:02 - 2014-07-02 20:06 - 00001839 _____ C:\Users\Public\Desktop\QuickTime Player.lnk
2015-09-02 13:02 - 2014-06-04 17:05 - 00001155 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2015-09-02 13:02 - 2014-06-04 17:05 - 00001137 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2015-09-02 13:02 - 2014-05-27 20:02 - 00001813 _____ C:\Users\Public\Desktop\CDBurnerXP.lnk
2015-09-02 13:02 - 2014-05-20 19:41 - 00001747 _____ C:\Users\Public\Desktop\iTunes.lnk
2015-09-02 13:02 - 2014-04-12 23:22 - 00001005 _____ C:\Users\Public\Desktop\TeamSpeak 3 Client.lnk
2015-09-02 13:02 - 2011-06-01 21:07 - 00002519 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
2015-09-02 13:02 - 2011-05-28 14:43 - 00002117 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Security Essentials.lnk
2015-09-02 13:02 - 2011-05-27 18:10 - 00001345 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk
2015-09-02 13:02 - 2011-05-27 18:10 - 00001326 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk
2015-09-02 13:02 - 2009-07-14 06:57 - 00001523 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2015-09-02 13:02 - 2009-07-14 06:57 - 00001304 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sidebar.lnk
2015-09-02 13:02 - 2009-07-14 06:57 - 00001246 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XPS Viewer.lnk
2015-09-02 13:02 - 2009-07-14 06:54 - 00001210 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Fax and Scan.lnk
2015-09-02 13:01 - 2011-12-18 12:07 - 00000945 _____ C:\ProgramData\Microsoft\Windows\Start Menu\µTorrent.lnk
2015-09-02 13:01 - 2011-11-09 12:08 - 00001304 _____ C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Diablo II SP Enhancement Mod v1.4 + PlugY v10.00.lnk
2015-09-02 13:01 - 2011-05-27 18:15 - 00001417 _____ C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2015-09-02 13:01 - 2009-07-14 07:32 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2015-09-02 13:01 - 2009-07-14 07:01 - 00001218 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Default Programs.lnk
2015-09-02 13:01 - 2009-07-14 06:49 - 00001246 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Windows Update.lnk
2015-09-02 13:00 - 2013-07-31 20:09 - 00001535 _____ C:\Users\Chris\Desktop\Diablo III.lnk
2015-09-02 13:00 - 2011-08-12 19:28 - 00001823 _____ C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Start Menu\Tunatic.lnk
2015-09-02 13:00 - 2011-07-05 20:31 - 00000000 ____D C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
2015-09-02 13:00 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\tracing
2015-09-02 11:19 - 2009-07-14 05:20 - 00000000 __RHD C:\Users\Default
2015-09-02 11:10 - 2009-07-14 04:34 - 00000215 _____ C:\Windows\system.ini
2015-09-02 11:08 - 2009-07-14 04:34 - 90963968 _____ C:\Windows\system32\config\SOFTWARE.bak
2015-09-02 11:08 - 2009-07-14 04:34 - 19660800 _____ C:\Windows\system32\config\SYSTEM.bak
2015-09-02 11:08 - 2009-07-14 04:34 - 00524288 _____ C:\Windows\system32\config\DEFAULT.bak
2015-09-02 11:08 - 2009-07-14 04:34 - 00262144 _____ C:\Windows\system32\config\SECURITY.bak
2015-09-02 11:08 - 2009-07-14 04:34 - 00262144 _____ C:\Windows\system32\config\SAM.bak
2015-09-02 11:07 - 2009-07-14 04:34 - 68157440 _____ C:\Windows\system32\config\COMPONENTS.bak
2015-09-02 07:52 - 2015-06-20 18:39 - 00001172 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-892971799-3770444226-59494271-1000Core.job
2015-09-01 15:55 - 2009-07-14 06:45 - 00360464 _____ C:\Windows\system32\FNTCACHE.DAT
2015-09-01 15:51 - 2011-09-30 19:52 - 00000000 ____D C:\ProgramData\ICQ
2015-09-01 15:42 - 2011-06-21 14:20 - 00004106 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-09-01 15:42 - 2011-06-21 14:20 - 00003854 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-09-01 15:37 - 2011-06-21 14:20 - 00000000 ____D C:\Users\Chris\AppData\Local\Google
2015-09-01 15:18 - 2011-07-11 00:01 - 00000000 ____D C:\Users\Chris\AppData\Roaming\Skype
2015-08-31 20:48 - 2011-05-28 14:30 - 00089504 _____ C:\Users\Chris\AppData\Local\GDIPFONTCACHEV1.DAT
2015-08-31 20:47 - 2011-06-21 14:20 - 00000000 ____D C:\Program Files (x86)\Google
2015-08-31 20:39 - 2011-07-30 14:39 - 00032012 _____ C:\Windows\DPINST.LOG
2015-08-31 20:35 - 2015-04-25 18:45 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2015-08-28 15:18 - 2012-10-21 19:47 - 00000000 ____D C:\Users\Chris\Documents\Schule
2015-08-28 15:17 - 2013-08-23 13:24 - 00000000 ____D C:\Users\Chris\Documents\Bewerbung
2015-08-28 15:15 - 2011-11-02 16:00 - 00000000 ____D C:\Users\Chris\Documents\Dumm
2015-08-28 15:01 - 2015-05-10 16:55 - 00000000 ____D C:\Users\Chris\Documents\Ebay iPhone 6
2015-08-27 18:59 - 2011-08-23 20:07 - 00000000 ____D C:\Program Files (x86)\iTunes
2015-08-27 18:59 - 2011-06-01 21:07 - 00000000 ____D C:\Program Files\Common Files\Apple
2015-08-27 18:57 - 2015-03-31 22:47 - 00000000 ____D C:\ProgramData\E1864A66-75E3-486a-BD95-D1B7D99A84A7
2015-08-27 18:10 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\NDF
2015-08-22 18:50 - 2015-05-10 16:56 - 00000000 __SHD C:\Users\Chris\AppData\Local\EmieBrowserModeList
2015-08-22 18:50 - 2014-05-27 20:00 - 00000000 __SHD C:\Users\Chris\AppData\Local\EmieUserList
2015-08-22 18:50 - 2014-05-27 20:00 - 00000000 __SHD C:\Users\Chris\AppData\Local\EmieSiteList
2015-08-18 01:10 - 2009-07-14 07:09 - 00000000 ____D C:\Windows\System32\Tasks\WPD
2015-08-18 01:07 - 2013-01-19 18:27 - 00000000 ____D C:\ProgramData\TuneUp Software
2015-08-17 19:34 - 2013-01-19 18:27 - 00000000 ____D C:\Users\Chris\AppData\Roaming\TuneUp Software
2015-08-17 19:31 - 2011-07-19 12:30 - 00000000 ____D C:\Users\Chris\AppData\Roaming\DVDVideoSoft
2015-08-17 17:45 - 2014-11-30 21:30 - 00000000 ____D C:\Program Files (x86)\Steam
2015-08-17 16:29 - 2011-10-06 21:10 - 00000000 ____D C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2015-08-17 14:32 - 2011-11-12 14:50 - 00000000 ____D C:\Program Files (x86)\LogMeIn Hamachi
2015-08-17 14:31 - 2011-11-12 14:51 - 00000000 ____D C:\Users\Chris\AppData\Local\LogMeIn Hamachi
2015-08-16 04:12 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\rescache
2015-08-15 14:43 - 2015-04-16 03:33 - 00000000 ____D C:\Windows\system32\appraiser
2015-08-15 14:43 - 2014-05-06 22:20 - 00000000 ___SD C:\Windows\system32\CompatTel
2015-08-15 14:20 - 2012-05-07 13:56 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-08-15 14:20 - 2012-05-07 13:55 - 00778440 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-08-15 14:20 - 2011-05-28 14:33 - 00142536 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-08-14 22:47 - 2012-05-21 07:13 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2015-08-14 22:46 - 2012-05-21 07:12 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2015-08-14 22:46 - 2012-05-21 07:12 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2015-08-14 22:44 - 2013-07-17 01:08 - 00000000 ____D C:\Windows\system32\MRT
2015-08-14 21:26 - 2015-04-06 03:01 - 00000000 ___SD C:\Windows\system32\GWX
2015-08-14 21:17 - 2015-04-06 03:01 - 00000000 ___SD C:\Windows\SysWOW64\GWX
2015-08-14 21:17 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\PolicyDefinitions
2015-08-03 12:12 - 2012-02-17 14:38 - 00033856 ____H (LogMeIn, Inc.) C:\Windows\system32\hamachi.sys

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2015-09-01 17:12 - 2015-09-01 17:12 - 4241742 _____ (Bycatch) C:\Program Files\Common Files\0pzeiztr.exe
2015-09-01 20:23 - 2015-09-01 20:23 - 4241742 _____ (Bycatch) C:\Program Files\Common Files\fapihsdd.exe
2011-07-20 16:57 - 2011-07-20 17:45 - 0008704 _____ () C:\Users\Chris\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-08-27 16:36 - 2015-08-27 16:36 - 0000187 _____ () C:\Users\Chris\AppData\Local\Nimline.exe.config
2015-08-27 16:38 - 2015-08-27 16:38 - 0000124 _____ () C:\ProgramData\{262E20B8-6E20-4CEF-B1FD-D022AB1085F5}.dat

Dateien, die verschoben oder gelöscht werden sollten:
====================
C:\ProgramData\{262E20B8-6E20-4CEF-B1FD-D022AB1085F5}.dat


Einige Dateien in TEMP:
====================
C:\Users\Chris\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpuhzdz5.dll
C:\Users\Chris\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap =================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert


LastRegBack: 2015-09-01 23:29

==================== Ende von FRST.txt ============================

--- --- ---

[/CODE]

cosinus · 02.09.2015, 16:22

Von BC müsstest es runterladen können, hat bei mir eben geklappt => Downloading Junkware Removal Tool

christenhove · 05.09.2015, 20:05

Also hat geklappt.
Ich denke, dass ich die Plagegeister los bin. Vielen Dank in jedem Fall!
LG Chris

cosinus · 05.09.2015, 20:09

Log bitte posten. Und wir sind hier noch noch ganz fertig, es fehlt noch etwas Nachkontrolle.

christenhove · 07.09.2015, 22:55

Alles klar!
Hier das vom JRT :

Code:

ATTFilter

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 7.6.0 (08.31.2015:1)
OS: Windows 7 Ultimate x64
Ran by Chris on 02.09.2015 at 17:43:33,37
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Tasks

Successfully deleted: [Task] C:\Windows\system32\tasks\updatedoon



~~~ Registry Values

Successfully deleted: [Registry Value] HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\\{c840e246-6b95-475e-9bd7-caa1c7eca9f2}



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{c840e246-6b95-475e-9bd7-caa1c7eca9f2}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Policies\Microsoft\Internet Explorer
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{c840e246-6b95-475e-9bd7-caa1c7eca9f2}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\Browser Helper Objects\{c840e246-6b95-475e-9bd7-caa1c7eca9f2}



~~~ Files

Successfully deleted: [File] C:\ProgramData\{262E20B8-6E20-4CEF-B1FD-D022AB1085F5}.dat



~~~ Folders

Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{000A163D-A8E6-4F90-961E-B755487E14F8}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{006290AE-3F38-4263-AB93-72BF7E1C3F93}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{0143F681-9AD8-4110-993E-973F57D84072}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{017EEE17-57C8-4A41-A2C8-4B7252CCD62B}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{01A9F340-68AD-44C2-8F87-01E5D3125347}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{01CECFC1-C124-454A-BA58-577C7B16A390}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{01D0F522-0C39-4856-9EBA-8ECE81AE444C}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{021467AF-D8E6-4DB7-B55E-A3C9734EAF44}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{02A74E2F-0207-482E-B5F6-F292EEC72E52}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{02B785F0-6F94-494D-80D4-7AFAEAA9766E}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{02BB38B4-B125-4CA3-A243-81AA160CB6D5}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{02D4F8BB-2AF3-470B-942C-C33C2195F59F}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{02E75CFF-C133-47D0-B355-C22515452363}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{03B50364-D858-46D4-8478-E71F4423BAF7}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{03DC6C3F-23B1-4D4E-B9A9-0B4C768E0E1F}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{047F44F1-29F5-444F-93AF-BBCD11BCB7D4}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{0492D241-D5EB-4E6E-B9E0-DA5917FF3889}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{04C5C39A-A543-4680-88FA-B880840715F6}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{051B6390-AC14-4E33-A7AA-46C6C86B3469}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{051C2CB3-5606-4DAF-8259-607194C212D5}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{0566BB29-E16D-4906-BF0B-49F5A08DD6C0}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{05BA28EA-FE55-4857-B809-011A1359F53A}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{069EE5C3-B013-4603-9C62-5C5E90C94885}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{07439B68-F83B-4A48-9062-A62CA256EACB}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{07C50D28-9842-4443-9C86-D8241F59A45E}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{07DB9320-B410-412F-869B-84FDAD493C97}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{085DFFAF-B3F2-4A96-BDC9-99F0E98EE3CA}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{086BB3C3-A525-40FF-A7CA-F12B6F8EF69B}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{0894F153-A0DE-4F2B-BD03-1D3D2E97A8FB}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{08AE72B5-4847-47A9-9E52-02F6AEE284F4}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{08E9F295-C133-4399-AD7C-76F9EA5BCA57}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{0907944F-4B85-4028-9F26-A15DDC5EF85C}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{09937E71-24CF-44EC-A933-390AF1AF340F}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{09C9DAD8-5C88-42CA-AE47-8E7FA832C97A}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{0A225CA8-9246-4AAC-8FE5-4EB5F8C62C9C}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{0A8D4937-1A3E-4C4A-A1D3-F193D20D0C76}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{0AB64F68-FECD-4ECC-B2DE-F27829AF8D07}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{0B03A4DC-F32F-4EF3-8FBA-CD4A4ECEC36B}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{0B394E45-EF40-4532-99EF-699754D61EF9}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{0B7FB2ED-2E6E-402B-9F4D-54E86AC2CA0E}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{0C878DC5-FAA9-4678-82A9-1160DD4C758A}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{0CF857D7-8D17-48B6-BD63-668B46A9BC55}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{0D85EE66-6224-4D95-A70A-A297053D0ECC}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{0E1C79BB-D76C-4349-B0B1-5362F0D74EFE}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{0E53B7A2-E571-47DE-8787-641223F3FDCF}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{0E5C0657-6332-4482-A603-61ABDC9E4887}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{0F134F34-3576-4A5D-BA9F-74BB18A2A8A7}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{0F4CFB30-F28D-4214-9FD5-6278B854519E}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{0F50426A-CC7D-41A5-86CF-FFE1D6E4D4EA}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{0F777355-13EF-4C12-A717-D67797642BA3}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{102A4F76-6DDF-4399-A910-053070756CAD}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{104156BF-05EB-4FF2-8864-9EA9EA66BF99}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{11292041-28B5-4FBF-920C-01E3F8A5DECA}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{11CA54CC-E065-41C8-91E4-DF5BE8D2DF96}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{11D76AE6-FBBE-4A9F-B1D1-1AE23D9F01A2}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{11E66F20-572D-4374-ABD3-056EC62B0B70}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{123AB450-FD09-428A-9DA0-C3E689A58115}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{12500DDE-5E32-43DC-B376-2625F8FC528B}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{12B0C3F8-FB96-46EE-9F88-962216074CDB}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{12B774C9-03FD-4FC8-801A-B38DEDBA6DC3}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{13834933-DCDB-4F73-A336-9E784CAABDFF}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{13F060A7-32AD-4467-A0B7-5BC26D40E06B}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{141722F3-8BF4-4FF9-A8BC-34A2C81248E0}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{14257C62-DE1E-4BB9-8444-6F9C40238674}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{1448C80C-2386-4910-8280-64F8B00E3DAF}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{15415B53-7B12-4CD9-A0D9-8045E7550F46}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{15756247-B5DF-4CC6-B803-480C5EC0186D}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{158E1E35-2723-47FE-8E8F-D6F791260F07}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{1605FFA8-D481-4C20-913C-F8CD788F81CE}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{160ADE90-0074-4F2A-98C5-0B67E15AC6B9}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{161C24F0-E876-420C-86A8-DD7DA5A31119}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{1629DBD4-3426-42B6-A336-1B1B618BC33F}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{16397455-45AC-474F-B092-D4DF348ECE1A}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{164C14FF-BEF8-495B-9F2F-E7AECBE19526}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{1677674B-41B8-466B-9BAA-45EC87B56277}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{16C92AC8-F8ED-479A-9463-6457CE81FE37}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{16D56BBE-F250-4219-94B3-C3FB0CAE1C5B}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{16D6297A-D1A0-4BE1-B5A6-56C2EDE9529D}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{172481B6-A2C8-4A7E-B80F-D5524BEC9EF2}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{177E0680-4483-42F5-A533-8E42C8580F4C}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{18ADECDD-3B93-4D93-BAE2-EE9C6FD60F96}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{18C27BF3-51C0-4D02-95D1-36BEA4E5ECF4}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{18CEEA1B-3D81-4CA4-9225-EC5CEE9E6AC5}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{18E6806C-C709-45A3-8ADE-2E6D7AAA2BE8}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{19089B54-2369-41B2-AF1F-36EB90F2FADA}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{19445461-F9A8-4122-8F38-D03FCE4B43A7}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{19594114-5B5E-4CE8-9B27-839FC904D228}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{199F33A7-3D7C-444D-A6B8-9A8A4CD1E29B}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{19EBFFBC-C8B5-4497-A7E3-B47D0A12D053}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{1A0E372F-0E3F-4F06-871B-F0C84E94F446}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{1A33515F-75B6-48CF-A2B4-092D827E0431}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{1A6095FA-C77E-438B-9DCA-9A930F885B4A}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{1A88DCEF-7F6C-449F-9859-5DD08CE7A0C6}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{1AC1DC02-2F06-4333-853C-E7EE87198853}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{1B0CFDC2-F6B5-460B-B5EF-B706E0A5F8A6}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{1B290A5C-8F0F-4C4A-A1C9-3383EB1871BC}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{1C1898CC-9F16-4592-B5BB-0C26BFAFB220}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{1C3D6CD3-A3E2-4AF1-9FAD-3B3D48B380E1}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{1C6A3A6B-A769-4FFD-96D2-9C3766C34BAA}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{1CAC5F17-8366-4210-9CE9-562BE08483AC}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{1D18A004-24EC-42A1-A716-CD9A3FA7FBFA}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{1D29DBFA-0A9B-4760-BE9A-799F088D79B4}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{1D488A9A-BDA1-4E5F-8FF5-427356E94F8E}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{1DDD341F-0B2B-41BD-BC6A-15EE4AF5B8B7}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{1E49D638-0A14-4EF0-BE9B-BF23B24584EC}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{1E9DD809-D39F-4508-90BC-89D018B84713}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{1EA538AE-1CD9-4096-8980-B6B55B497776}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{1F0BB787-AA4E-4F47-A3E9-CF63E1B7D104}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{1F0DE7B7-A678-4A57-9631-2B39CB834056}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{1F7C9AC2-15DE-4031-8378-CEB77C1DACF0}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{1FCAC2DC-300E-4D0A-989D-403FFAD5313B}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{1FDF1689-9BBB-478C-8B99-49183A3066DC}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{1FF7F412-BE2D-4346-9368-2C9AE6519545}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{201E46F0-1AA6-4494-8CE0-C03F17860722}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{205A21CA-7730-441E-99B1-0CC0A81EC843}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{20650EA3-52DC-46FA-8F7B-C3E0CD37F893}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{207073D6-95FE-4FC9-ADBF-293F5759DE17}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{207DF804-C703-4A81-98FA-D33372DAAF5A}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{20EF72B5-57E5-4806-A17B-476FAB0BAF73}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{20F79B95-C61B-4CCC-BC07-4C5F16853C44}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{21D527FF-2C48-4E37-A3A0-9B511E03A525}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{21DB38F8-2D72-446B-9E13-6834E5ABFFA5}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{21E0A7A8-F0EE-4E05-9A94-EB9FA972CFAF}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{21F0C977-0A2B-4969-9E13-E40C1255BE89}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{2209950F-3B9D-4347-AC3B-21A4003D482B}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{2223FE01-0A93-484D-9B39-D6360478C288}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{2232ED0E-0592-4904-BF8E-185C68179036}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{22778A30-958F-4D6E-BC37-89ED3CF794B8}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{22F4DC70-6AE4-4499-A557-EB6303033523}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{231EF84C-701C-4D08-A3DF-ADBEFDE8C762}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{23A6DB5C-99E5-4C5A-A7E5-D010CDD01856}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{23B12D12-05E4-4520-AC90-48801BC3F9AE}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{23CEAD54-E999-4663-B395-1C3978CFDD83}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{23E95A84-00EC-4158-B75D-982C3DE43185}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{243668BC-C18D-4730-A8DB-B09C481C6929}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{245C49B3-3F65-4A6A-9021-C8AD1CD862AF}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{249605D7-6A3D-41D1-8577-007FEF342704}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{24D35E1D-0055-4310-924C-4597500E37B0}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{251EFF16-6607-46C0-8E35-928526A42494}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{25A80DF2-E94C-4665-A9CD-9A1BB9DA2732}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{25BF2E24-3B8D-41C1-9974-87FDFFAAF7BB}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{26442ECD-3D3F-4054-8E73-418285C7EB8A}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{265A7A8B-1947-468C-A771-1A061A00E009}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{269CAE1A-9CE8-4D5B-B710-5F800F2B4F33}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{26A29FE2-496D-4FA9-8B66-A8F81F91F518}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{26BF95DB-FE80-4AFD-BB96-3DB7F04CF6A6}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{26F86906-DED6-438F-AE2E-031703D7DB00}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{27099490-6619-4530-AA2A-9ED791257A54}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{271540F9-2E4B-48BB-A226-676CCAEFD89D}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{27525840-43A4-45F7-9EF1-16F8472462F8}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{27A04935-D5DA-492B-97F0-1BC3EC589D13}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{27C5413F-F5CB-4B88-A804-4D8BFE861C3E}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{28F77BDE-27D2-406E-86FB-6ADBBEFC91FD}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{29482CBC-E4BD-423E-8736-24FABBDC1151}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{294BA407-E60E-4A95-9424-67693781F49B}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{29537BA7-EA98-4D0A-ADC3-8779279BDA67}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{29E9B51A-4867-4ABF-A35E-4641188DAFEA}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{29EE8A82-FAAE-40CA-AA10-9B45D0F0DEA1}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{2AD807F9-587C-4875-9657-78ECA1287021}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{2B5E4010-ABA0-478B-BDB7-EDF0F552A6C0}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{2C6E051D-8B31-416C-BDAA-A7DAA0C96725}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{2D013119-F5F5-497F-BA7C-4634FC8A4D0F}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{2D069506-BF99-4CAF-A5C6-5C8D6BA36279}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{2D225196-613C-4FAF-AC89-21D5A0A4785A}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{2E3C4D29-3463-41B0-A8A2-852CE129DC71}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{2E9CB712-9B1A-4B63-9B92-2DEB3A6FD1FD}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{2EA53015-45F7-48AC-BB1D-5A08BC7181AD}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{2EBD5ADA-DD93-410B-A396-3BB7337FB1A1}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{2EBEF249-CD51-4DB7-90D6-B46B4072AF8F}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{306D74BA-3A41-419B-A7CA-A1310A65870A}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{30AEBAD5-D55D-4293-93EC-A275DEBE7994}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{312118D5-D7FA-465F-A53E-C7A27DA63730}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{32335B5C-61F3-4B6D-AD78-BE46CD65B53E}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{3242C6A1-D872-4D1B-ACB3-B788B2B54A6D}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{32B5FC43-962B-4284-8A3E-17606B9F213B}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{3304B92B-3316-4CCA-86D5-2F241D3269DD}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{33C32777-545A-4397-8481-8AFD8024D41B}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{342353D4-13E3-4EDE-9670-E23BD3FA81F6}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{3423D1E1-06A2-4AC1-8E53-C4D4B18E6DEF}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{34A5C7CF-945D-4D8D-A66C-0C08AF44DE6E}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{34BC466C-05F8-47A4-81E6-33224A1A4C18}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{34DBDCCB-B87F-4A0A-8DCB-99BEFB8B3192}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{351153E6-58DC-4F59-8D6D-089602880F47}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{351FC454-DA06-4198-9D7A-18AC8E225EE3}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{352DF6FF-B64C-4776-BE64-FEBDDCB575BA}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{35B57159-42B7-4E0B-AE45-B7A41D4E6544}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{36066E92-9C97-4B96-8ECD-D5B9B8277BB0}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{36ED02CC-13BD-40D0-8233-B695308D9113}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{370A857A-F799-4ECF-BD9F-0217B693DE84}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{371BE5F4-EEFF-4CE3-8E77-9A4474CF8E78}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{37A05528-E95C-48F6-9B1F-F30A6C4110CF}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{38CB91DB-E94F-47A4-94D8-855C8E19D392}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{38E6432C-3645-4BBE-BB56-FE8BF75B017A}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{390C8FB0-F763-412D-8199-DE9342E5089B}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{392DB2BF-EB6A-4A3F-B746-D0194139DF3C}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{3947D2F1-0419-4A13-B4E9-11AF9B2425FC}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{39C367ED-AA4B-4382-AD21-AB9421E1BC18}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{3A016684-730E-47DA-92B1-59C700521278}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{3A20DDC3-EBB5-42AD-8A6B-FD2219F6B2F2}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{3A9FF50D-4F19-4DFF-B88A-63F10AC42C41}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{3AEB9BE8-C25E-4EB3-B33D-62419C1DC85A}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{3B086C91-1B16-42F0-B743-45F97BBC387C}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{3C3DF6AD-CAC0-4E75-B826-1A6A791FDAAD}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{3CC89D95-76B0-4300-811C-65B38E40694B}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{3D130CF8-E2EE-415D-8F63-882E6F6B3A8C}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{3D5A6FC3-054C-44A3-BC0C-3F6625A3418D}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{3DD2FB6D-5462-4B07-A6EF-1CD8BFBAFF5A}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{3DE05237-9F23-4987-8268-0B9F867C866A}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{3DEF5EC2-CBEA-4B6E-A064-F503191F74CC}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{3E00240E-39A0-4AC9-97C8-30A344BAF3D5}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{3E6E66A1-1969-4FDD-A971-10C6EF51781C}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{3E9C9FCB-E9E4-4CF0-8767-769986213777}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{3ED363D0-1BE3-4A79-A7D0-438FE1B545AF}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{3F187694-25B8-45F7-9AE0-756B480D9F64}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{3FC8868B-D525-473F-9F6D-F6C2B479EE76}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{4045294C-983B-46A0-AC35-E1DE53475965}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{40845BD2-D65B-4A85-B5D8-E7A4724B98B1}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{40E14810-1C53-43F5-840B-23589C5D040F}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{40FFFDB0-A18C-48C4-BDBA-A66C6015B6E5}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{4189B4AA-EBEC-43FB-B069-355081988B65}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{41A2DE57-24F1-4FE0-9C58-A3180641728D}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{41C1B783-8062-4E1A-93E6-1FA1465E043E}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{41C8EF58-7CFD-4C87-9166-D18E222210A8}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{41FDEAE3-25BF-4ED8-972F-877CE91AC1FB}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{42300ECE-CE71-4AA1-B7F3-CE0520232D0E}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{42392412-77F8-4F2F-A189-05B44E7F5445}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{423C492A-5855-40FF-B9DD-96F6F230765E}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{42C1D379-A015-4CCD-90FC-B182DB1C058E}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{44464247-0ECB-4201-B159-6FC71C243E8D}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{445A0E78-2E2F-4102-9649-A75A27959A35}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{4489D6EC-EA54-40C5-9262-373EFA1C12C8}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{457BE3BB-C10B-4BD6-8B8C-348F79470CE6}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{45E5D672-1168-4267-9937-F532DFA5193A}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{46EC13A7-486A-4EDD-B675-C41F3886C73D}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{47540EA0-5F4F-4AC2-A5B4-0D2D54C7A8B5}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{4806F42B-E570-4BE2-B781-93D7A3CB6E31}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{484586DF-C6F4-44DE-AB45-A191D649CFCB}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{48CDFF70-BBF1-4183-9C12-3B3FB3262C73}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{49237112-EB74-41EF-BC64-A5D0AC9AF920}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{493602BB-C473-4E8A-80E0-CD916C6D4CCC}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{4A28BA8C-5A8C-4E0E-A6B6-C1A559F08F50}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{4A5AC60B-85F7-4059-A949-D817EF72D2AC}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{4AEAE283-1B64-44CA-82CB-C9606DDDD1E1}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{4B0AA17A-C094-4F1E-A424-8628B943FE6A}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{4B34AFEA-81EB-44C2-AD50-8834D0B43354}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{4C0B83EE-14B5-4E01-9C9C-62D36267265B}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{4C36CAAB-F07A-44DF-866C-A2323A2439D5}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{4C38A086-5045-40D8-9E5C-27423E95A3EF}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{4CCC0EDC-84C6-4D75-9A0A-A3834AB5E363}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{4DBD1434-5ECD-4BC6-A3B9-04CD00ECCDA0}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{4DC0C528-F245-41FE-99C8-E57832A7C0C5}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{4E031966-58B5-4289-A444-19FA78BCBEA6}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{4E4AB4B0-BB93-430E-AB16-D586782366E0}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{4EA0BF39-9250-48DD-A26C-954B06F053EA}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{4EB3F336-E3CE-49C6-A1D3-945A8555A12B}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{4EC47D46-C164-4E7A-B94D-369290B73404}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{50430AFB-B8C6-49A7-A955-B33F6066EA7A}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{509BA454-95BF-463B-974A-6E61B0A10BA5}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{50F41FFC-17FA-4F9C-82DE-A0EDF4576245}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{5106BF84-CE21-4763-98FE-0804B614B770}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{5169E159-E9E0-4E54-9360-5DC31572A7B0}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{518C9745-5F9A-450D-A648-210760012F0E}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{51A3B005-8F31-49B5-8B78-C31FFD0344CE}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{51B111EA-A76C-4B92-8038-0349F3859A63}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{51ED0A69-74D1-4F04-A7C7-C257B8FF2D5B}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{52BA1E10-EC12-4655-966E-9ADC7A5A8743}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{52CB62FD-0804-4940-A619-09D8CA36A130}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{52D78230-5A9C-4493-8E0C-47175749B0B8}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{52E47B3F-60E1-48BA-9069-1B06638A09C1}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{52F2A207-5A97-4E7E-9A37-58487460789C}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{52F77CFE-D3B1-4FB9-B2B2-6EBB1A64539F}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{53452D24-44E4-4AC3-961D-968F58F6230F}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{53636C1B-6B9F-4235-BB93-73BDEE4CED43}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{53F95722-B71B-4CEF-BFD6-2507614C11D0}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{54328B77-F1F7-4507-958E-76106FE1A1E5}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{54629FA8-2B97-4427-8624-2B029FA20DF9}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{55160344-7242-4E11-8598-01B60D44D545}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{552A3BC6-EF91-4198-A330-E88B1848ED1E}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{5535672D-5E7C-4B0F-8C06-5E5CC5597F5C}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{553E5966-D844-407A-AEE8-CBBE271A89B3}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{557F3A9E-25C9-4FC5-9CEE-194115078F1A}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{55DBC5C4-673D-41E2-9F9C-C29F3B983B60}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{55EF2BAF-69A8-48C7-B11C-C8C709BD5DDA}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{561BAD79-2F31-488E-8999-9347B8A1A54C}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{562990AF-9EEF-4845-80A1-A9C1BF6EA5F5}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{56BF48C3-14C9-4884-8EB7-758CB5610ADA}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{56F3CCD4-C5DE-4646-BF5C-9CEFB705CBD6}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{5732B668-55DF-4884-B32E-DC23A6C1D2B0}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{578A6027-3A87-42FB-9C6F-1902EE6D7220}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{583BFC02-13CB-4EF9-84E8-A8F2DD933981}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{58853A4C-3B97-4248-9EF1-C21FDB7649E4}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{5933A7F8-B8B9-4FF4-BADC-D3DF1BEF2DD3}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{59669E95-20BA-437D-AD47-B3360B089D99}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{596C7FCE-4D59-43EF-833B-06416F763392}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{59DE8BB8-4E15-4580-9158-8347FC067BBC}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{59E6E68D-A5A8-4951-BAA1-5C16026DC274}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{5A18C18B-D884-4A4F-9715-79D7941E24B4}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{5AB20AA5-F9E7-47AB-93FE-0A3A53EFF10F}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{5AD8C712-0A33-40BA-BC8A-3504BD46E1A1}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{5B12B689-5931-4F11-BAF2-7DD9E56653FF}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{5B94DDFC-611D-43BF-86D6-EE3879D024BA}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{5B9DDE3D-0646-458A-94F0-CE5D47DC52EC}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{5BC96475-1D2D-4B52-953C-BCC3DB7DA833}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{5BF43A00-FE2C-400F-BD30-3F1C59847D93}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{5C19A7EB-EA8C-4D77-9A04-1C65CA4A3BF3}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{5C270603-4315-40F4-892C-7F81668ABAF7}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{5C8848ED-5749-489E-A451-2A73EBB9895A}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{5D944843-86B6-481A-ABB7-C45F6A2BD4C7}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{5D9E80E4-F20A-4C49-B3A7-47681ECBDE96}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{5E0D397C-D0AF-4544-B93E-2DB955BABE5C}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{5E4DE757-5BB2-4A1B-84C2-3F42CA7645E7}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{5E70F6D8-984A-468E-996B-15EB9D28B6A6}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{5E782697-F8C7-46C0-B504-0F4BAE6F45D7}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{5EFCCF9E-D409-4F9C-AA88-E099AF64F403}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{5F4DECDD-F551-4F28-9135-0CC19DF72785}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{5FC15A0B-E382-41DA-B81C-F7CC1BF46EC5}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{602EFA53-79DB-40C4-91B9-16EC5F1E63F3}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{60AD859C-02A5-4E85-A44E-44092381B1D3}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{60CEDA52-812E-4C39-A430-2DAFD9EB30D1}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{60DD19A2-9DCC-44A7-A512-055E39DC9CFA}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{60EB432D-D958-4DCF-864C-807414DE272F}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{60F679F4-E92C-4579-B083-98D239A82F90}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{61073E9B-4088-4AED-AA91-21F23462E58E}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{61A55114-64A2-4C1F-BB6D-CB5569C89972}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{621A926B-EA8D-46B7-8AF4-FE7980994CC3}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{6226F4F4-F262-4956-A079-A47EE4F94E3E}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{62480AD8-94C2-4362-927E-A9AB9BB94E24}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{626938FE-6A38-4F84-B0EA-182C0413DFDB}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{628BE028-DF3F-457C-BE01-8BB70DF7FD3B}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{6338774C-07E5-4EC0-BCAF-9F837F9477AE}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{63A40E68-CCF9-4F6E-A13C-0E4B49D5396F}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{6433DFBA-D60F-4280-9C8F-FABE0A124035}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{647E13C3-CC89-4449-921C-E6E77E046CA7}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{64A224F0-7101-4585-A10C-098C8C641FE1}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{64EF5D25-82FF-4E9F-9B9D-3246884472C2}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{65004196-D2B6-4D0B-B380-909B15F225BE}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{6531DECB-6525-40A0-A751-B2225B5D01D0}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{654A27BD-B3D5-419F-99DC-E796F7321DAE}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{655041BF-D40F-46AB-8CA1-DF52D6B8C173}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{65701BD2-ED18-462E-87B0-FB813DADE3E1}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{6586195C-6353-457E-A73E-8A37AD144B88}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{659071C0-C8F5-4338-97D5-5231B4832D67}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{65BE66FE-D6EB-4B61-89B7-74323CA54ABA}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{6641001E-4BE4-4E72-B523-C1DB18B55F58}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{66B21E2C-C6B5-4F3C-BBF4-87FBFE667FF7}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{66D472C8-E312-4D36-BD9F-4004E1995BD5}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{68303787-059E-4B4D-A22A-1294F7534C78}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{68375A62-D6E7-474F-A9CE-6355B61319FA}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{68A2DE37-CCE7-440A-BF79-13C0351D2E63}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{697A1744-2BFF-42F0-B283-E36584CC06B8}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{69A0B3FE-333F-4CBB-A1E8-AE95815DA8DC}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{69CBA496-FAB4-42D7-94C0-7C8C9FC4E8B1}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{69F6CE17-CFCE-45C2-89CE-1BA5ADA035EA}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{6A091128-C454-47C7-9FD2-D8505CD8ADE1}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{6A3BABCD-54DE-4167-9360-8E5A7ECEADAE}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{6A7B8A17-7582-48D8-8A6B-26D610BE4608}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{6AB270B1-663A-43E6-809A-7FD424BC7C91}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{6AF08085-607B-4178-BD88-E9935ACC4AE3}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{6B0ECCC1-3A3B-4450-A96D-0B6783370FEF}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{6B2ABA40-F9DB-4457-8903-504BE3DCBBC0}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{6BAF5EB3-86D3-40D6-92C8-552C35B0F47B}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{6BB9D465-9AC5-403D-896B-301BD87FF7B5}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{6BC813A8-1A02-4B9B-86CB-DEDE4E5866DC}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{6BF769C6-9C9A-49FA-B47D-93B7D0B32CF8}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{6C5AE7A6-BC48-400A-811B-DAA2B6B085FE}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{6C767017-10FD-4146-A7EC-8BCFB4BF4642}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{6C99E23A-2D97-4F51-8D2A-FBB6A1FF63BA}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{6CCF76FE-F394-4F04-8A8B-272CEA9EB86C}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{6D2813CB-98B4-43BA-8912-01C74812439B}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{6D4CB9F2-D0DD-497F-B325-1B7AF95D42B8}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{6DACE85A-5A07-49B8-B9B5-110F3BDE7446}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{6E58767C-FA92-4B10-B88E-1C6CEBCA8713}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{6E754C9C-2FC0-448E-8865-B3E8E1910844}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{6E95C953-9904-4CD7-B978-EF9F5939B729}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{6EFDAB5B-FAEB-4CB0-B45C-E2264CA292DF}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{6EFE7300-81C1-4FF6-87B7-65B80AA7E91D}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{6FD2CFB7-071F-4FEB-8F37-814C5F45F82C}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{7006B836-AAD8-4DF2-ADB8-B03051E6B647}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{70A59D00-35B4-49B4-8DFD-8E56E0AF1552}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{70E0E716-FC5F-483A-839C-819D304FE086}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{70E5A00F-F7AA-484B-BB67-ADAAA3EFFBD2}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{711A951A-3C9D-42D3-A74D-02A943357E50}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{71519E73-821B-4FFF-9851-B1912C06C1AB}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{71535151-782A-4B8D-B890-F118A8777106}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{71F81BD3-D007-43EB-830F-B1E651B0AEC5}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{727FD849-749F-43CD-AA96-F99470EE6BE2}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{72C0E24C-5EB1-4A2F-A31B-8B0D67BECF34}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{72E18C6C-441D-4FF7-B784-3A621C8A9849}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{733BD082-B411-4FB8-989E-537760627C3B}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{73E704D7-79D6-479C-BA68-96ECDC4DBC47}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{742C9554-F614-4855-BA4B-D1543D885533}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{744A2747-DC56-4A51-8993-E2C4CA1EC15A}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{74ABE449-6754-4AE6-A6BB-5A5194B980AC}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{74B4BCE9-BC80-4F27-B801-01D9F792FD98}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{75314165-9F95-432A-B769-2D9818FA6D36}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{75D01871-DEDC-4EC0-A8AE-34E7A4FAC2BC}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{75FD164F-B4A2-4B8A-94CD-DB9D5232CFEC}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{760E47D1-1EF0-4D9F-9946-2DC634C3C56C}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{7654C2B8-CADB-4970-AC64-DA4FBF604D3A}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{766EABFE-C009-4513-A78B-47703CB434D5}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{77616D81-0C8C-4247-AB5D-7636B68C26D6}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{77908D3D-EEAF-4E41-9138-C05F2984EE0C}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{78291492-CB97-402A-8FC7-5F866E5AE788}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{782D8F7C-176C-4672-A704-B2568D3714A8}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{7833C38D-D2E1-4DB6-B67E-1A0CC0056F85}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{789AB63F-F379-4BCE-B9CE-C7533189F3D2}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{795DBF8C-4E29-4C9B-AF15-DCAF777EF91D}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{7981FD84-6238-45A2-B1AB-28788A82E520}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{798F8D32-BECB-448C-A907-C652A6D2E76F}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{79DD7A99-D16C-4CC4-A6DD-14D8B79F4DDB}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{79E46886-9221-43F0-ADE7-953267053CA3}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{7A53183E-68A2-40AA-B9E2-A7EE93C3A312}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{7A5AB209-11F8-4F7F-A349-8DEAB97E3E3A}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{7A7DF3BC-6B1B-4E31-918A-26FF0491D7C7}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{7AA5E95E-0928-4883-B17C-C205965945DC}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{7AC7299F-4890-45F8-AD8D-C32FDC52818C}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{7ACA3411-BD97-4DD9-AC72-14716E3C8102}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{7BEF870B-4710-467A-A9BF-36FB3B3042AC}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{7C98E6D8-FA9C-4AAF-9251-EC305900413B}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{7CD7049A-F1B6-4C2E-9E2D-6591F883463D}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{7CE45B2F-5DE9-4DE5-9FC2-81FEFEE8A65A}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{7CE805BC-B652-4B19-93D0-437FAE745A0E}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{7CF558F1-6300-4169-96F3-A2B3818C0A30}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{7CFC574C-4750-481F-A1B4-6C8E1A5F234E}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{7D226DC1-536E-45E7-A948-806D6C12B3A4}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{7D2FEC64-0143-4734-BF69-7E889EB7BB0D}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{7D4A0DC0-D5D6-4D69-AE6A-9A11B25C21BB}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{7D96CD27-D466-482C-860D-4ED2B71FDDE8}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{7DA1C159-EF91-4BE1-8EDD-A8741C576FF4}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{7E47F098-184C-489C-9755-2D717F7CB3B3}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{7EBC553F-205E-4F0F-BAD3-A625F3A962D7}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{7ECF193B-DBD1-400B-B750-2F326D4EDF52}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{7EE28D57-668F-491F-BBD9-EC5167B3484A}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{7F0282FA-6352-4B51-997B-3C2517D9C6EC}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{7F65D0CD-9DCD-4B1E-A2D7-B5ED65519EB1}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{7FA429F3-505F-490A-A0F4-556D9512E7AE}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{8013BA3C-1C83-4021-8E6C-70D795FEA2DB}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{81051A2E-D68E-4D63-8274-F9C842FFFEC5}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{817B3718-AC5C-45EF-9135-2C71252C9847}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{81F12C2E-823B-47FE-B164-639DA8745FD1}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{826B55BA-7E6B-4679-90D8-82BCD307B7C4}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{82A02EC0-386D-445B-89BA-999444ABD087}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{82E9C5FF-7E3C-4224-9991-AC54C1D5F749}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{8327B45A-4ACF-45B9-B368-49D63D6457EB}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{837ECC04-AA6E-4360-9273-7E3F29728C7B}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{839630FE-BBFB-4530-8511-8204591E4DFB}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{841171C0-2389-4B8B-9F94-F1AB42F3E4F8}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{8416AB2A-B3FF-4C9F-A4DB-88C6F615F275}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{841F67C8-0C42-4E02-B671-9843AF8E5365}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{847D1F27-93F6-4E0A-AE8B-E007D7B0ACEF}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{85098F0F-749A-4DA6-BE86-462919E53A68}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{862016CE-55C3-456A-B03F-0FDE365800A5}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{86842297-21C4-4BE4-8B62-B91B8B26709C}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{86ED2ED2-5747-4A69-A881-E9D39D484F1E}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{87D98BAE-E326-4E4D-B0E1-9060C0DDCD80}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{87E5611C-250D-478C-9083-A08B1094DD02}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{880BF971-1920-460E-B3AD-7E0F55A48F4E}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{883F4480-1F7A-44D1-A2D8-D391DA9AD238}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{88F95B39-BB9B-4B80-84FF-7920D7D1F03C}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{891143F9-E133-46F4-A091-37BAC1D22445}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{898CD707-DF2B-4B51-AB8A-01DE4FEC094A}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{89958CB3-8770-406B-9F67-E749F4A05835}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{899E6A40-3ECF-474D-BB4C-56785EF74092}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{89AE42C9-0CFA-4DFC-9408-2E5981B78D9B}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{89E41493-A68B-494A-9DEA-B728CE15E849}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{8A0A0E74-1AFD-4219-B08F-CD7F76FDA511}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{8A181796-FB34-4894-A21A-D0E12E8EB56C}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{8A7F4C21-911A-4F6E-8471-444F44552629}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{8C405FED-A9B2-4B6B-A6C0-B55487C5457F}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{8CDCD502-7DE3-47E3-AA08-D37910C87E6E}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{8D5302E8-F691-4D67-BA2A-CF489ED16747}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{8D7F3A4A-09C0-4517-B01A-6BEEE05AE6EC}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{8E2055DC-70F9-458D-8728-5579A407DB64}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{8E4C3D63-88B7-45DF-B3D9-06D3014FFFA1}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{8F20EFCB-3219-41D0-8E05-7D1B1DA43F7C}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{8F7AC12C-ABAF-43FA-B569-38BACB9D8558}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{8FE33FBB-4A91-4FA3-89E5-14EA51D07A26}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{9032DBBD-04CD-4EC0-8BD0-092C7549BA2E}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{90472007-C199-4BC1-B21A-A0940500CFBC}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{90B631B0-549A-43E1-BF3F-1C1880C04729}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{923C21C6-16A3-470B-815D-871FDB25ED3C}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{92E2C68A-5193-41D9-BF1A-D82B52377AF0}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{93B08543-4660-424C-A183-54DEF23AEEB5}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{93F82AC9-BF3A-42F8-9F9D-EB307959A650}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{9451596A-E2A9-4233-A781-535D1C5C7841}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{94801AD8-8788-4D18-B81D-A74F24082454}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{949ECC7E-8B5B-423D-AC31-60B742F5E22C}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{94AD3151-9568-4ACE-8243-6473BA29DAC2}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{9556299C-CF56-4772-97DE-1373D96E40FD}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{9561856A-1815-450F-934C-C8FBC4173B53}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{95D3C098-07BF-4AE1-88F8-B3967DA10B18}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{95F2B70A-0ADD-4F26-B217-E76076955845}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{95F66D80-9227-4E51-9B02-112E80590DA6}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{96535846-B5AE-408A-B2E3-CFF75F517999}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{9678A29C-C34F-4200-A8CF-8F6922F26D5E}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{96C47E48-09BB-48B0-8327-D676A3CF8533}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{96D0641F-973B-4CB2-92A7-B02F6F54B530}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{970D05C7-7D83-4B5A-AE18-1619ED7845CE}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{97876A72-10C3-4CCE-9207-EA9390083A65}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{97AB1361-BED3-4D70-BEB7-C59783D941CF}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{9838765C-B2B6-4FC7-A846-F115F3A40542}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{98D8D8C9-C1D3-4E32-95BF-8D507C4EC649}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{98E976A4-E171-4264-85B5-B9EE1B554179}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{993FE0FD-5209-49C1-9C6A-3555DADD9610}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{99556098-6598-48C3-AE29-85DB360A1F91}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{99ECBBFF-9433-4211-A89C-3C654BCA8C1D}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{99F89378-7DAB-43B7-8754-49545D4A1C04}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{9A16FF72-AB8A-40B6-B092-1A7751D1B27A}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{9A442556-9F10-40B1-96E4-C461C2F33C18}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{9AB3A448-EF97-4B14-94F8-C2CF12B92FA7}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{9AF100D7-33C8-493D-9D4E-323B65EF8833}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{9B329359-1B05-4B73-A7DB-7A1F49B79F8E}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{9B877689-D2D6-40AC-9B58-70A8C2524DD0}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{9B9E66B5-6665-47B0-AFFC-77385701E603}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{9BD600A8-956D-412C-A506-D67B92AF469B}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{9BFCEFBE-85BB-42F9-880E-151585894682}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{9C2725F5-FDC2-4F4B-BC5B-23C1A6BCADC7}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{9C59AF6F-8FB0-4E06-A148-BAF516B541F6}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{9C8869A0-6E2C-486E-A12B-C093F437339B}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{9C8EDD0F-1884-42C8-936C-62F7FF0105E9}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{9CE46CF1-8E18-42F4-9AF8-7CF8807CC05B}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{9D87DA8F-E24C-4DD6-8BE5-C655D6F920A0}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{9DA58E73-7BEB-4CCD-885E-B999E5F6B0DE}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{9DA64D3B-24F7-4233-A3A9-E251FEC6CD28}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{9E04C8A3-5C9A-4BC9-BB94-DFE008B4DE24}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{9E5238B3-7B19-416C-9A2E-0BCB6BA4AC42}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{9F116572-C562-4B5D-B94B-25ECC583563E}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{9F6E07BC-CF26-4924-B236-914CA3329BA7}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{9F9B55D6-7DFB-4C3B-9E5A-6F5CD426E26B}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{A04EB973-C2B8-47BA-94F4-65B4B9D1DEB1}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{A06527DC-8D04-416C-8964-B627D0759014}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{A07DA9EE-D296-41E1-9BA4-A20E9ACE1A81}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{A12A640C-80D5-4CBE-A299-E5138F0DF507}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{A13A7558-4903-4329-BE14-1916D9053A69}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{A1BD0C20-143A-4F6F-9DE7-1B131C79F0BB}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{A1C6EF48-65E5-4141-AC0A-24D16210C1FF}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{A1CC800C-79FB-4605-9B57-DAA6108B3FFC}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{A20CE719-A21A-41AD-87A3-C4988A36A81F}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{A23B04F3-284B-4543-AA8E-FBD0F29CDD51}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{A264EB7E-DB6B-4396-B71A-83CD2220E6AB}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{A30BAD0C-6572-47F5-9760-2F2BC2930FF1}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{A3526243-A3A6-4D6C-8C74-A2F7DBBAA993}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{A35BD259-2C2A-47C3-AE35-D6A278519CA5}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{A3A9E6F4-1686-4AAC-ADC0-8CE9CC5E4B00}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{A3C31FE6-0183-48B6-82FA-4158D710928B}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{A4A51832-A7CB-4F62-B721-F5CC3E75E7C4}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{A4CA42C2-E0F9-4553-9E21-31ED174D0411}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{A51DAD79-E1C0-49DF-AA0C-2F93171AA14E}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{A5D250E5-60B5-4C3D-A912-E2AD94C162BD}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{A6297E33-A449-4079-8465-E4779EF97BD0}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{A693B7F2-267A-447B-9C98-1624E9EAE22F}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{A6C16114-922C-4AFB-BB1D-D891A946E93A}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{A6FE9E35-975F-4D96-9DBF-6DCEF8262118}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{A70F61C0-7DC1-4B68-80AA-5C546D3DC033}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{A72E4738-102E-45AB-8715-1B0273A420CA}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{A74751CE-2E4B-4ADE-A00F-85392EA37393}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{A782570F-D266-4047-932C-1B7CE42368A9}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{A7C00D4A-75CD-440C-8BC4-6FD78EEE4748}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{A80C9E93-CD70-4B3B-B2C7-28F1B5FFC205}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{A813BDC2-1BF2-4829-8155-9B8A778367C7}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{A83388E6-34D7-4451-A593-A837A30FF007}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{A852ADB1-02E5-4A0E-8BCF-6DD02F633969}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{A86AC946-0B43-42C8-9311-341CFCBDB596}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{A8D0992E-45CB-46E9-ACF3-DB2B41AC1A75}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{A8D4792F-C661-426C-ACF8-0C6E3ACA0E53}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{A928E2BE-CAA8-490C-A75E-3B40F3CC6D5A}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{A9A4DCDE-5702-4E83-83C5-8730CF6CC0F4}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{A9DC1D69-D44B-4B67-988E-30A5B6BC23F2}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{AA10C3CA-737C-4289-8599-272C1A368D76}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{AAB79CC3-ED5B-4490-9EE5-48489ADEC5D6}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{AABE2D99-58D2-4A80-9580-EBB105EF6A9B}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{AADBCB2F-0669-45A9-8C03-B91098BF911A}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{AB694935-8F4B-4F4E-99CD-1293016166D0}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{ABBEE966-00D8-47DC-8563-A11A5D9D031D}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{ABF7F9FC-9476-42D0-B3AB-D127764E8357}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{AC1627AD-26A3-46C7-AA1C-758E69E36BB0}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{AC6788F5-A3E1-44BB-B98E-95F8DDE35553}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{AC906719-661A-464F-9FCF-D0B7857E2BB3}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{AC9134AA-9484-4A1E-AF04-383CE22785B5}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{AC933DD5-61A9-4E2C-BD42-3C5816C5BC38}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{AD33DFB0-33A4-44A9-9995-0B91FCC70421}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{ADC1CC9C-E3D8-43DD-A724-8A872760BCE4}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{AE1C0278-A74B-4BD6-BD60-91B2FA869F93}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{AE35BE18-0187-4ACB-968F-F5BA517E0C5D}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{AEE50F59-1342-40F6-8ED9-44FFC4E2C6C1}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{AF7D6E03-0107-4835-A51B-03D87CB46EF8}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{AF805252-E986-4ED9-BBCB-89409C0F8376}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{AF997B9D-F50D-4335-8CDE-AEB06867A932}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{B0274983-DA05-4C28-BF93-932C0FC72AFE}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{B0925939-C1DD-4C2F-A706-BCCBAFA3A9F7}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{B121B408-5642-43DF-9063-82732D37A4C1}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{B144A600-E508-40B9-8A44-C667C01A9C59}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{B15803EE-E277-4187-9D16-4317EED4A7F9}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{B1A77694-A702-45A1-B486-693A1333F341}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{B2CD8B07-68D2-49FB-8381-554AA791C33D}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{B314F53C-5DE7-470E-A8CA-1BB08A17AB31}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{B376898C-E44F-4795-9D18-FA0B521143CD}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{B43ADFC7-EC2C-4EB7-A7DE-A6147607D1FE}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{B4773DAF-DFB1-44A3-BD59-D598867D74B5}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{B524E42E-580D-460A-8792-04BB00F1350C}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{B54D8E5A-7E18-4088-A91B-BC843CE0358C}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{B55E4816-2412-4EBB-8A93-8296ED259EC0}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{B595578F-D4A9-4905-9604-E94C5F66F159}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{B658F21E-8382-4CAC-8696-3B2696DF0E3C}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{B68C23FB-044D-48F9-AB21-18639A10682A}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{B6E9AFE8-7FD6-43F3-9388-2433CE8921D5}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{B71D8E0E-9C5F-437D-932B-FF2D5949FC76}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{B7295790-ADE5-4080-8EF8-BFDF72048AD6}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{B7767C3C-5819-4F65-BB4C-1411FE6D2D3C}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{B7FA7C7D-2AA2-49B3-B34B-01E61C096A13}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{B7FD4E07-AD1E-4818-9084-7E24A6E3AA49}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{B80EBDCA-DE52-4CE1-AF12-9D763AE3BB54}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{B89C273B-3993-4DA9-AD92-428B4100D18F}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{B8EA7C5E-5DB7-4279-B414-2EE021A80E70}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{B8EE1131-47A7-41CC-8655-1F214E5A68B1}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{B92E117F-B98D-44CC-8E63-B08E67D7E69C}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{B92F4E6A-7094-4D67-A9A1-03EBD58EDEC8}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{B95A3068-4D10-42FD-81B3-8A4D21B7E7C3}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{B9FC53F7-9588-41A0-BA08-AFC4457E2293}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{BA45FB6A-62BE-46D2-847A-14D4ECC525C6}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{BA955502-CE57-43D8-8B83-743A3694F1FB}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{BAC4BEDE-79D5-4119-9A68-4651F901C202}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{BB367E3A-C8DF-4BA7-B718-AF6DFF9714CA}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{BB79A9B1-D378-4439-89C9-B9A9A86296AB}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{BBCAAFFB-CA42-405B-88FE-67E8D7E5DFDF}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{BBE9F9DD-3644-4CDA-9F92-13D317AC4F3E}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{BBF3212C-26D0-4949-BB45-EA6CBEA71653}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{BC0FDA12-BCD5-4D42-A136-CAF1952AEF9A}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{BC2677D3-5D86-46A3-98E5-EF20B19DB047}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{BC4A8D6F-26A3-40DA-B767-B958A78CCE05}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{BDB0A7AA-8A37-4396-8947-27B677383E22}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{BE4790C0-2F3B-4EAC-8424-D75859BE2BE3}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{BE7F87A3-946D-48E5-8008-91E13E31E004}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{BE84A76A-BF08-46A5-8FBF-6AAB5FFB7BDF}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{BEF9CFAD-548A-45E8-8480-10CC9D3F985A}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{BF20E3A4-823C-4A40-8CFB-FCE2AC488C9A}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{BF2AB2DF-4BAE-458E-9A30-38CCBFE038B6}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{BF430B64-3214-4BB3-AF84-BDC432BCD377}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{BF473CB5-F8ED-4C09-8756-2FFC0612C4F9}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{BF8BEF7B-E9D0-4BA1-9CB4-2B169BE02CE0}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{BFD7D42F-503D-493A-89D3-82B9CF81D44F}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{BFDA25A8-8A86-42FA-B563-DDD8B66598EE}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{BFFCD57A-5824-4211-A819-8737B320D513}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{C115CDCC-D81F-48A3-BEA2-751C73DC54F4}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{C167EEB8-55FC-4CA2-BC0C-427E6F19C649}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{C1860EA4-F652-431C-B6BC-7B9D439EFF16}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{C1BAA62B-E5D9-40E1-ADC2-B2A1707623F5}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{C2474529-E447-4DE4-9EF7-13DA9F787536}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{C27D5E85-09A1-4EA6-9AB6-897001D347FD}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{C2E9D693-4AEB-4411-BB9F-EC04449045BC}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{C33D414A-A607-47F5-822E-D595C4C5EC89}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{C3A38133-EEAB-4C8E-A774-E7BF3EBD00AF}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{C3AF2BD2-B330-4A07-8A71-A80780C86C19}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{C3CF039A-3B6C-4637-985A-D0249AB45A98}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{C3EF6704-784B-41A6-A0C9-51494B1F522F}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{C3F4EA24-05EA-4372-AACA-A342987E0639}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{C4C3096E-DABE-4107-8BC3-33C2D8265144}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{C4E399E0-6132-4EE4-8FA0-3DA2DC643E3A}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{C536A08D-989D-4C6E-B4FF-EB5DB5EDA36F}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{C592764C-87FA-44D7-B04C-069EE0642312}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{C5B6444E-12EB-4838-84A7-C791FB3ABD05}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{C5B677E0-8F00-4084-BFCA-78F3D090E38D}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{C5B8EACD-7D0D-451C-A2AD-4BEE87CCE45E}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{C6079D17-1CE2-4417-AFC4-B93CBE2BBE53}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{C66AA9D1-BABE-452D-B575-8EDDF575E695}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{C6D60F67-1FA6-4AE9-90BB-31D5212AB351}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{C6EC179C-AB7A-45AA-83EA-6A67DD858553}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{C7995812-E533-4388-92D2-9E72A2178FB3}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{C7EC4693-B6E3-49AE-ADDD-B34FDA802198}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{C7F7DE26-9FB5-46D7-A22A-51B2CC439929}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{C83B9881-4B46-4F79-816B-C4FF2530699E}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{C8506C8B-0DB9-4D04-96F8-385124EFE72F}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{C8C61ACD-7A6B-4030-AC77-FF80E6D63D38}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{C8CCFC49-DD25-403D-848F-85B216C07BAB}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{C9183692-422A-4DA0-9FCA-0695C48465BD}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{C94C1EEE-3E52-47F6-A01C-B199D3CDEFFD}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{C955A9B6-1974-446D-95B0-22DAEB8EF0A8}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{C987C925-46BC-42CF-99CB-551DE79E7C2F}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{CA679588-E4FA-4305-846B-40A482938F14}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{CA67EBD0-7F74-4283-98A7-2FCA8A412EED}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{CA78A7D4-7F9E-44AD-8C69-D3F263F0CA2F}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{CB18D4B2-99E7-4FFA-93C5-CD5FC3937441}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{CB408810-FD18-4E95-8D46-FB936B1CF054}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{CBA294C3-1EFE-4ED0-918D-F135D960ECC4}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{CC143603-777A-4E26-B649-480E76BD8858}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{CC2EB85E-B0F7-4B2F-9D75-FBF80A4BF676}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{CC9A695F-1269-4C9C-96AA-BA77EEFBED3D}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{CCAA7287-8A6C-42F6-B2E7-02F65F1F8BCE}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{CCAE8F68-48F9-4C32-886F-62FF3E4FD97C}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{CCD8D432-B9D9-4B8E-9018-23A893031944}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{CD934F6F-ED3D-4656-80B4-DE8D22A65587}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{CD9A3FD9-7109-464C-9ADB-D3569A1D9281}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{CDC595EB-57B0-4923-A2A2-205555BAF137}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{CDEA35F9-156B-4E66-A68D-85C97684882D}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{CE03FCC4-73AF-4508-B723-451CBD7234FD}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{CE0D8F98-000D-49D9-8E29-339381B6754A}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{CE7ADF19-90F4-4A79-9BCD-3519942A8D4D}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{CEB54546-0537-406E-82AE-7275935F7C15}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{CECDF4DA-66C6-4D0E-8A57-C081C6836657}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{CF5BA015-CE19-4EA9-B57F-263F282774D4}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{CF67A15B-CDA8-4EDD-93CC-3AC86AD7D324}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{D19716C2-26BA-42CC-8DD7-750AC3A0F45C}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{D1C676C1-5B11-4852-9D5B-20C6FFFC3C17}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{D1D71B2E-2127-47E4-91F4-E75D8248415A}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{D1D9E099-1D50-4567-B5DC-F3EBA563B74C}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{D2071DE0-C1EA-4B27-A5E2-0FD8382E6641}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{D21155D1-91AE-46AC-AD30-896F057DC61F}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{D341B434-D241-42F9-A4F0-042081E788DB}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{D422FB99-BE28-455C-9BB5-438F2A8BF062}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{D49BBCEB-9470-4632-961A-240E2E1FD379}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{D4CD7D0D-E540-45BC-9AD8-7C86E19F9C49}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{D610EB1D-5E64-4B03-8E4B-F55B09EED817}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{D62A6F51-1FE4-408F-9CF7-536C997BD406}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{D67C6416-97DD-4561-869A-7DD13ACD6906}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{D6BD7A85-60F3-449B-8FDB-D71E3A4D0A4D}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{D6F4C2B9-7FD8-4D01-9977-610C03969D1B}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{D788A22D-81F9-452F-BF87-68ACC359DB55}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{D79D1E1B-041D-4BB4-A505-744E7081E72A}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{D8053D02-045A-4D7C-A7EF-CF5AF1F6BD77}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{D827491D-AADB-4310-A13B-7AFC9F2C9857}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{D82C74A1-DACA-4B33-B14F-93EAAB26DABE}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{D83092F8-8FCE-4D14-BE6F-0B11F1D8F0AE}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{D8655027-3BB6-49B8-A254-95C660C36DC4}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{D8B94ED5-F5BA-442C-A9E8-AFD9B6243303}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{D8BD597E-C4CD-4798-9494-EAB437EB1A82}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{D90081CE-CFDB-4EF7-A946-3B62EA71DCCB}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{D92A8914-B351-4EC1-9305-8840AEA98B88}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{D9D4B75D-7375-42BF-A4EE-6683CA045D2B}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{DA571A36-84DA-450B-BAF7-3F585AB0EC63}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{DA806316-12AE-4BE2-BA46-4D0A8BFD85AB}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{DAA988D3-3B58-4DF6-83E2-AED1A4544B16}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{DACE726E-5A9B-45AE-A741-5325D881C08E}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{DADC44CC-6181-4539-B0D8-33DDFF2135D3}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{DAF52D44-4265-43DD-A413-3AF6160A9790}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{DAFFC107-E7A9-4A89-8386-788EBBA9DB5E}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{DB4ACA39-9611-4045-A7D1-8BFCFA914C46}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{DB8207BD-29D1-4101-80C4-4F9BEC384CFC}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{DB83D03D-E0BD-4EF5-9385-8934CE6491D5}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{DBE69D9F-CA7D-4C60-B96F-206843E28B27}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{DC6B1162-5585-4014-BB38-CA95163E1425}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{DD0B689F-812D-4BA0-BC53-751CD34D8253}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{DE201669-2D26-4F08-A579-E2AD7B2CC7DE}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{DE4634FF-9371-45B7-8B68-77F6835F8A0D}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{DE880815-24B3-43EE-B448-7AF542283562}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{DF56B66D-9259-4F0A-AC23-DF48D825F8E5}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{DF5D4845-DF8D-436B-BFEB-1C1F411B3CB7}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{DF72D31B-4002-4211-B62B-D97708181AAE}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{E01CD080-B9D6-439A-9FA7-8A7BB52D2004}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{E04C86ED-EF77-486A-B882-678BFD588BE5}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{E0857CF6-51E7-4DB9-B8E3-E4940BB6AA9D}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{E0DC7BEC-9E23-41EF-8E9C-0672567ACA18}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{E0DE9AD9-7264-49E8-B971-08C5BE304DD3}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{E105F213-6657-44CA-AB72-F4F537C542B4}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{E16F05A2-5EAB-4F65-9DAE-E7BA8B6478BF}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{E173A351-C234-4E52-9FCF-3BCBEA913387}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{E1778A98-D3A3-48A3-8723-9D1EDEA00128}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{E1B75744-DBC5-49EF-9343-69DB3E803990}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{E21C9D20-F520-4343-9E9E-375C01302DE5}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{E23D8DC0-EB7A-461E-921D-C68E48460998}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{E275843B-8ACA-4DCE-8C21-A6DF68F2C49B}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{E35918E0-80E9-4E5D-81A9-C87F8F2EF4B6}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{E36DF666-773D-4713-95E7-1C8EF3722541}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{E421BB50-DBC3-47FC-8210-935838D46F67}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{E4FC4EB0-8083-4E64-AAAF-0FF8B5BD8D67}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{E56C50FB-A04E-40BB-8BEB-A519A1CF320D}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{E61C3E32-8EAE-4636-BF75-3FCB049540E4}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{E6BD2218-4823-45CB-ADB9-1801D3EA007C}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{E6BEC89F-3860-42D1-8D0F-210058F97048}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{E748D746-C70E-43C5-A561-0B94FE351565}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{E7A961B7-3190-4D66-9251-1F3A1B288FFC}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{E7C5414A-9B6E-4AD0-B1E4-71EE515193E3}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{E7C5D84B-0980-48BF-B10F-B14F5B7E936A}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{E7DC45BF-9423-4090-BEAA-6CC3A591B092}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{E7E533DD-6264-484F-8587-D641B195017C}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{E7F59486-B135-465A-BAB6-C330EEF34D5F}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{E81FD480-32B5-4022-9928-08BE489F77C6}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{E91F748E-F669-4C81-969A-8B96BFF41557}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{E9203F77-E575-4A27-A10D-82E97C3D4DFB}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{E95196CE-E1EB-4C11-96D2-4C32390D03EF}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{E96A9104-F67A-4EA8-986C-73BB2D65824A}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{E9F0A743-7341-4446-AA09-BD2C9FD8A21A}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{E9F150C1-B453-480C-B059-4B141A7A32D0}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{EA0CA80C-2EED-4676-AD8F-20D26BA07BCD}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{EA9AFEAE-780F-4FBF-B777-EA2E630FB252}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{EACE6A1C-CF94-4E16-ABAA-CBF10A8B5295}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{EB04C79F-6DAF-4F2E-A8AC-691863184EAA}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{EB3D4190-EA6C-4973-9A75-2263E83F0FCB}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{EBF55BFA-E5C1-4775-81D5-C3DF8E3D2195}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{EC56EB3C-914E-4364-AF2B-7884164D0D12}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{ED003DDE-1473-4B71-BDBE-BA2BA13FEE22}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{ED3E3551-F41E-4577-94BC-4C8EA90F2DBB}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{ED566E98-1B8D-4128-9670-4EBF2C787A36}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{ED5F3B24-EE3D-410B-8889-20792839C571}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{ED97605D-6918-4EA1-B806-625A2411C78C}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{EDD838BD-B2F5-4EDE-A869-84C0B5C02846}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{EDFDF22F-4C81-47A4-B2A0-6515550F72E8}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{EDFE45D7-7D1C-42FA-B061-46B52F74A9F6}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{EE58C588-46F7-4993-9247-E02689897637}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{EF094C68-17B7-435E-A98F-83F01B59B7D3}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{EF154B5D-40F0-48CE-84F2-36959B037948}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{EF3317D2-A893-4D6A-A13C-12A178A7F9AC}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{EFCD3243-E4B5-4AE7-A7D2-DFD3AC7C723C}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{EFD74263-1023-4D20-8D5E-AC6A01990794}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{F00656DA-7C33-4849-8743-2AC08DE4A1D1}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{F0574A9A-1455-4BA3-9E11-E1DF304B093C}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{F0721848-5365-4FAC-A01F-A8C0040F1D33}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{F077256E-B77A-4358-85BF-D0A5EADE567C}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{F0911392-96D7-472E-A59B-6B231E026ADA}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{F0BF774C-FCAD-4548-96FE-D17C46DBB63A}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{F158234C-07ED-4266-8D86-8BAD9F4A6BF6}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{F1AA8394-CEA1-42FC-A93C-F3C8F75026C7}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{F1F62875-1C99-4BC2-997A-406AAD6EE8CB}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{F21E91F5-DD05-4B2E-900F-11D6D81F4120}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{F2A89490-488B-4BC8-97F3-2C801E972004}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{F2AA2E53-EF89-4753-A74E-D4E39263332F}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{F316AAB7-3DDC-4D96-9B2D-675EC63CBC2B}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{F3403FDC-9990-45FC-A287-98D47CE6673D}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{F4292637-C56C-4419-914C-B8552EB353D5}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{F5C2DD22-9BBF-4B4D-A446-92EE190DE39A}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{F5D84A9E-1155-407F-9F16-9E51910F3389}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{F62A264A-F483-493F-BB21-E255C9F21456}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{F6909926-7E91-4F94-8240-131D94AAFE5D}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{F77C7AC9-34FE-4A03-97AB-73AF6551DE8C}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{F796B9F7-803C-43F6-95F6-B8FE9E2035E7}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{F799CAE4-B3F1-4A13-8457-B067FB1EBD5E}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{F79F4A90-C717-4869-9144-449E362C77D6}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{F82E2179-57C6-4F2C-82FA-2AECEB0731B7}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{F876F334-964F-441C-8C74-101CF62E8C4F}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{F89A643C-B3E2-49B8-BFA2-F5E1C35F7970}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{F8A9165E-73CA-46AA-BCE5-19A6BAEB5CE2}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{F8F4ADD4-C9C0-46B0-8B69-CFE7DD920BFA}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{F956D87E-F0D6-40B1-BBDD-060B84393C48}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{F9736B8C-4F51-4665-9637-21180F3582B4}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{F9820E3B-0E78-4FEB-AD85-272BFE1492B0}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{F9C15573-410E-4F0E-BFFE-0C47F22A38A7}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{F9E165C6-6EC7-4B46-A840-5C262CC3D035}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{FA243D52-6D9A-4BCE-92DA-BF933CCAA7AD}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{FA67E119-9AF1-4E1F-8641-AEF01241D66E}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{FA8EB595-1749-4ACF-974F-A481B5C87720}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{FAEA763B-C068-4EE6-8E64-6B8FDD813E0E}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{FAFD2C5F-F7B5-4962-AF0F-2998EC0619C4}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{FB20F5ED-BE3E-49A1-9DA0-73D9C895F196}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{FB56DD7C-E737-4035-B7A7-7C3DCE651786}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{FBABE7A5-B39A-4E52-B4CB-CDE142D9368E}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{FBD7BD90-045A-4F07-A82A-4127DC24C281}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{FC104FED-54D3-4A6E-9A30-459E05AB8853}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{FC2E926C-7994-484B-8AAE-E42F862526FB}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{FD57E669-FB45-41E0-A03E-ED316CDC41F8}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{FDAF7668-1BE4-4567-A8A4-B3BE2EE7C5B0}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{FDB6B0D4-9784-4B8A-BC9F-D4C237F3D032}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{FDCEF2EA-77F1-47CE-BAFC-E285B569F956}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{FE4EDBF2-9CC7-4FF8-8C57-E9CB8BFE211C}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{FF36E299-16AE-412C-A419-A289AFCEF4CA}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{FF5AF798-AE29-40AE-BD9C-E5327ED5679E}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{FFB28D76-11DF-443F-A4A9-9EFE9894C7B6}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{FFEAA846-B9C1-4804-894B-2554922B38D5}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{FFF17376-D05E-4525-9443-A3CD8EBBC264}



~~~ FireFox

Successfully deleted: [File] C:\user.js
Successfully deleted the following from C:\Users\Chris\AppData\Roaming\mozilla\firefox\profiles\txq8f1mc.default\prefs.js

user_pref(browser.search.searchengine.desc, this is my first firefox searchEngine);
user_pref(browser.search.searchengine.ptid, 2sq);
user_pref(browser.search.searchengine.uid, ST3500630AS_6QG3R38EXXXX6QG3R38E);
Emptied folder: C:\Users\Chris\AppData\Roaming\mozilla\firefox\profiles\txq8f1mc.default\minidumps [49 files]



~~~ Chrome


[C:\Users\Chris\Appdata\Local\Google\Chrome\User Data\Default\Preferences] - default search provider reset

[C:\Users\Chris\Appdata\Local\Google\Chrome\User Data\Default\Preferences] - Extensions Deleted:

[C:\Users\Chris\Appdata\Local\Google\Chrome\User Data\Default\Secure Preferences] - default search provider reset

[C:\Users\Chris\Appdata\Local\Google\Chrome\User Data\Default\Secure Preferences] - Extensions Deleted:
[]





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 02.09.2015 at 17:49:25,70
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

christenhove · 07.09.2015, 23:01

Und hier die aktuelle FRST :

FRST Logfile:

Code:

ATTFilter

Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:07-09-2015
durchgeführt von Chris (Administrator) auf CHRIS-PC (07-09-2015 23:54:06)
Gestartet von C:\Users\Chris\Downloads
Geladene Profile: Chris (Verfügbare Profile: Chris & UpdatusUser)
Platform: Windows 7 Ultimate Service Pack 1 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: Chrome)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe
(Logitech Inc.) C:\Program Files\Logitech\GamePanel Software\LGDevAgt.exe
(Logitech Inc.) C:\Program Files\Logitech\GamePanel Software\LCD Manager\LCDMon.exe
(Logitech Inc.) C:\Program Files\Logitech\GamePanel Software\G-series Software\LGDCore.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
() C:\Program Files (x86)\MOUSE Editor\MouseEditor.exe
(DT Soft Ltd) C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe
(Logitech Inc.) C:\Program Files\Logitech\GamePanel Software\LCD Manager\Applets\LCDMedia.exe
(Logitech Inc.) C:\Program Files\Logitech\GamePanel Software\LCD Manager\Applets\LCDClock.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office15\ONENOTEM.EXE
(Dropbox, Inc.) C:\Users\Chris\AppData\Roaming\Dropbox\bin\Dropbox.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe
(Nitro PDF Software) C:\Program Files\Common Files\Nitro\Reader\3.0\NitroPDFReaderDriverService3x64.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\Brother\ControlCenter3\BrccMCtl.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\Browny02\BrYNSvc.exe
(Microsoft Corporation) C:\Program Files\Windows Media Player\WMPSideShowGadget.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(Apple Inc.) C:\Program Files\iTunes\iTunes.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceHelper.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\distnoted.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\distnoted.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\ATH.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\SyncServer.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_18_0_0_232.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_18_0_0_232.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe


==================== Registry (Nicht auf der Ausnahmeliste) ===========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [Launch LgDeviceAgent] => C:\Program Files\Logitech\GamePanel Software\LgDevAgt.exe [415816 2010-08-03] (Logitech Inc.)
HKLM\...\Run: [Launch LCDMon] => C:\Program Files\Logitech\GamePanel Software\LCD Manager\LCDMon.exe [2412616 2010-08-03] (Logitech Inc.)
HKLM\...\Run: [Launch LGDCore] => C:\Program Files\Logitech\GamePanel Software\G-series Software\LGDCore.exe [4725320 2010-08-03] (Logitech Inc.)
HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [1337000 2015-04-30] (Microsoft Corporation)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [170256 2015-08-13] (Apple Inc.)
HKLM-x32\...\Run: [ControlCenter3] => C:\Program Files (x86)\Brother\ControlCenter3\brctrcen.exe [114688 2008-12-24] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [BrStsMon00] => C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe [2621440 2010-02-09] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [60712 2015-05-15] (Apple Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [256896 2014-07-25] (Oracle Corporation)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2015-08-06] (Apple Inc.)
HKLM\...\Winlogon: [LegalNoticeText] Hurensohn diggah was geht ich geb dir kack lan, muck nich rumen du!!
HKU\S-1-5-21-892971799-3770444226-59494271-1000\...\Run: [OscarEditor] => C:\Program Files (x86)\MOUSE Editor\MouseEditor.exe [2624512 2010-07-22] ()
HKU\S-1-5-21-892971799-3770444226-59494271-1000\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3514176 2011-11-10] (DT Soft Ltd)
HKU\S-1-5-21-892971799-3770444226-59494271-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [30877280 2014-12-11] (Skype Technologies S.A.)
HKU\S-1-5-21-892971799-3770444226-59494271-1000\...\Run: [Dropbox Update] => C:\Users\Chris\AppData\Local\Dropbox\Update\DropboxUpdate.exe [134512 2015-06-20] (Dropbox, Inc.)
AppInit_DLLs: C:\ProgramData\Saophase\Y-find.dll => Keine Datei
ShellIconOverlayIdentifiers: [###MegaShellExtPending] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} =>  Keine Datei
ShellIconOverlayIdentifiers: [###MegaShellExtSynced] -> {05B38830-F4E9-4329-978B-1DD28605D202} =>  Keine Datei
ShellIconOverlayIdentifiers: [###MegaShellExtSyncing] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} =>  Keine Datei
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Chris\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Chris\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Chris\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Chris\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Chris\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Chris\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Chris\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-08-14] (Dropbox, Inc.)
Startup: C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\An OneNote senden.lnk [2015-09-02]
ShortcutTarget: An OneNote senden.lnk -> C:\Program Files\Microsoft Office\Office15\ONENOTEM.EXE (Microsoft Corporation)
Startup: C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2014-08-13]
ShortcutTarget: Dropbox.lnk -> C:\Users\Chris\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt..)

Winsock: Catalog5 07 C:\Windows\system32\UDDIzvw14.dll Keine Datei 
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1 192.168.2.1
Tcpip\..\Interfaces\{00BCA64A-9B25-4898-A153-6587D202BBCB}: [DhcpNameServer] 192.168.2.1 192.168.2.1
Tcpip\..\Interfaces\{2A4F243C-66B8-4E7C-B4CA-C6568F10B110}: [DhcpNameServer] 139.7.30.126 139.7.30.125
Tcpip\..\Interfaces\{2E9D61F5-C90C-4442-93F0-39579CC1D500}: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{49289D89-2BAC-49F9-97B4-2B7074A535BA}: [DhcpNameServer] 192.168.2.1 192.168.2.1
Tcpip\..\Interfaces\{501087A8-592D-40F7-821B-8BF8B6E8F58B}: [DhcpNameServer] 192.168.2.1 192.168.2.1
Tcpip\..\Interfaces\{5C119CA1-2D4B-40C7-8C83-2FCF2B6CFB83}: [DhcpNameServer] 192.168.2.1 192.168.2.1
Tcpip\..\Interfaces\{936707D0-776D-4A51-B69A-1422D3CFAE11}: [DhcpNameServer] 192.168.2.1 192.168.2.1
Tcpip\..\Interfaces\{D8516AF5-2BBC-4588-82E7-A97CD2FC915A}: [DhcpNameServer] 192.168.2.1 192.168.2.1

Internet Explorer:
==================
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-892971799-3770444226-59494271-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
URLSearchHook: HKLM-x32 -> Standard = {855F3B16-6D32-4fe6-8A56-BBB695989046}
URLSearchHook: HKLM-x32 - (Kein Name) - {c840e246-6b95-475e-9bd7-caa1c7eca9f2} - Keine Datei
SearchScopes: HKLM -> DefaultScope {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL = 
SearchScopes: HKLM-x32 -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSSE
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2015-07-14] (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL [2014-01-23] (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2015-07-14] (Microsoft Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2015-07-14] (Microsoft Corporation)
BHO-x32: DivX Plus Web Player HTML5 <video> -> {326E768D-4182-46FD-9C16-1449A49795F4} -> C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll [2011-05-23] (DivX, LLC)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2014-07-25] (Oracle Corporation)
BHO-x32: Skype Browser Helper -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2011-10-10] (Skype Technologies S.A.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL [2014-01-21] (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2015-07-14] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2014-07-25] (Oracle Corporation)
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2015-06-16] (Microsoft Corporation)
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2011-10-10] (Skype Technologies S.A.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Technologies)

FireFox:
========
FF ProfilePath: C:\Users\Chris\AppData\Roaming\Mozilla\Firefox\Profiles\txq8f1mc.default
FF NewTab: about:blank
FF SelectedSearchEngine: Yahoo!
FF Homepage: about:home
FF Keyword.URL: hxxps://de.search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&ilc=12&type=926458&p=
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_18_0_0_232.dll [2015-08-15] ()
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll [2011-06-20] (DivX, LLC.)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MIF5BA~1\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_232.dll [2015-08-15] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2015-07-30] ()
FF Plugin-x32: @divx.com/DivX Browser Plugin,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll [2011-05-25] (DivX, LLC)
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll [2011-06-20] (DivX, LLC.)
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2013-07-12] (Google)
FF Plugin-x32: @java.com/DTPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll [2014-07-25] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll [2014-07-25] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2015-07-14] (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~3\Office15\NPSPWRAP.DLL [2014-01-21] (Microsoft Corporation)
FF Plugin-x32: @nitropdf.com/NitroPDF -> C:\Program Files (x86)\Nitro\Reader 3\npnitromozilla.dll [2013-07-26] (Nitro PDF)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2013-01-18] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2013-01-18] (NVIDIA Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll [Keine Datei]
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.13\npGoogleUpdate3.dll [2015-09-01] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.13\npGoogleUpdate3.dll [2015-09-01] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-06-29] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2015-07-14] (Microsoft Corporation)
FF SearchPlugin: C:\Users\Chris\AppData\Roaming\Mozilla\Firefox\Profiles\txq8f1mc.default\searchplugins\google-images.xml [2014-10-27]
FF SearchPlugin: C:\Users\Chris\AppData\Roaming\Mozilla\Firefox\Profiles\txq8f1mc.default\searchplugins\google-maps.xml [2014-10-27]
FF Extension: VKontakte.ru Downloader - C:\Users\Chris\AppData\Roaming\Mozilla\Firefox\Profiles\txq8f1mc.default\Extensions\vk@sergeykolosov.mp.xpi [2014-12-22]
FF Extension: Adblock Plus - C:\Users\Chris\AppData\Roaming\Mozilla\Firefox\Profiles\txq8f1mc.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-07-26]
FF HKLM-x32\...\Firefox\Extensions: [{23fcfd51-4958-4f00-80a3-ae97e717ed8b}] - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5
FF Extension: DivX Plus Web Player HTML5 &video& - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2011-07-20]
FF HKU\S-1-5-21-892971799-3770444226-59494271-1000\...\Firefox\Extensions: [cliqz@cliqz.com] - C:\Users\Chris\AppData\Roaming\Mozilla\Firefox\Profiles\txq8f1mc.default\extensions\cliqz@cliqz.com

Chrome: 
=======
CHR Profile: C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-08-31]
CHR Extension: (Google Docs) - C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-08-31]
CHR Extension: (Google Drive) - C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-08-31]
CHR Extension: (YouTube) - C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-08-31]
CHR Extension: (Google Search) - C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-08-31]
CHR Extension: (Google Sheets) - C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-08-31]
CHR Extension: (Google Docs Offline) - C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-09-03]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-08-31]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-08-31]
CHR Extension: (Gmail) - C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-08-31]

==================== Dienste (Nicht auf der Ausnahmeliste) ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77128 2015-05-29] (Apple Inc.)
R3 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [245760 2010-01-25] (Brother Industries, Ltd.) [Datei ist nicht signiert]
R2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1871160 2015-06-18] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1133880 2015-06-18] (Malwarebytes Corporation)
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [23816 2015-04-30] (Microsoft Corporation)
R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [366544 2015-04-30] (Microsoft Corporation)
R2 NitroReaderDriverReadSpool3; C:\Program Files\Common Files\Nitro\Reader\3.0\NitroPDFReaderDriverService3x64.exe [230416 2013-07-26] (Nitro PDF Software)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [75136 2011-07-07] ()
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)

===================== Treiber (Nicht auf der Ausnahmeliste) ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S3 bulkadi; C:\Windows\System32\DRIVERS\bulkrazer_x64.sys [25088 2011-02-09] (Windows (R) Codename Longhorn DDK provider) [Datei ist nicht signiert]
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [279616 2011-12-11] (DT Soft Ltd)
S3 ebdrv; C:\Windows\system32\DRIVERS\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
S3 HTCAND64; C:\Windows\System32\Drivers\ANDROIDUSB.sys [33736 2009-11-02] (HTC, Corporation) [Datei ist nicht signiert]
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-06-18] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [113880 2015-09-07] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-06-18] (Malwarebytes Corporation)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [280376 2015-03-04] (Microsoft Corporation)
S3 Netaapl; C:\Windows\System32\DRIVERS\netaapl64.sys [22528 2011-05-10] (Apple Inc.) [Datei ist nicht signiert]
R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [124568 2015-03-04] (Microsoft Corporation)
S3 ZDCNDIS6a64; C:\Windows\system32\ZDCNDIS6a64.sys [41280 2007-11-06] (Printing Communications Assoc., Inc. (PCAUSA))
S3 ZDCNDIS6a64; C:\Windows\SysWOW64\ZDCNDIS6a64.sys [41280 2007-11-06] (Printing Communications Assoc., Inc. (PCAUSA))
S3 ZY202_VS; C:\Windows\System32\DRIVERS\WlanGZG.sys [1041920 2007-11-06] (Atheros Communications, Inc.)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S1 grjldxdn; \??\C:\Windows\system32\drivers\grjldxdn.sys [X]
S1 iixvqrdn; \??\C:\Windows\system32\drivers\iixvqrdn.sys [X]
S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X]
S3 tsusbhub; system32\drivers\tsusbhub.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2015-09-07 23:54 - 2015-09-07 23:54 - 00023030 _____ C:\Users\Chris\Downloads\FRST.txt
2015-09-07 23:54 - 2015-09-07 23:54 - 00000000 ____D C:\Users\Chris\Downloads\FRST-OlderVersion
2015-09-06 21:04 - 2015-09-06 21:04 - 00377024 _____ C:\Users\Chris\Downloads\Arctic Monkeys - Do I Wanna Know .mp3.sfk
2015-09-05 23:51 - 2015-09-06 00:02 - 00287856 _____ C:\Users\Chris\Downloads\Kid Ink feat. Tyga, Wale, YG, Rich Homie Quan - Ride Out (OST Furious 7).mp3.sfk
2015-09-05 23:42 - 2015-08-17 20:37 - 226651124 _____ C:\Users\Chris\Desktop\GOPR0067.MP4
2015-09-05 23:10 - 2015-09-05 23:14 - 00068064 _____ C:\Users\Chris\Desktop\GOPR0106.MP4.sfk
2015-09-05 22:45 - 2015-09-05 22:47 - 00244696 _____ C:\Users\Chris\Downloads\Mick Harvey - Out Of Time Man.mp3.sfk
2015-09-05 21:41 - 2015-08-17 20:39 - 145035576 _____ C:\Users\Chris\Desktop\GOPR0047.MP4
2015-09-05 21:22 - 2015-09-05 21:22 - 00310168 _____ C:\Users\Chris\Downloads\The Lemonheads - Mrs. Robinson.mp3.sfk
2015-09-04 18:21 - 2015-09-04 18:21 - 00000000 ____D C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2015-09-03 22:46 - 2015-09-03 22:46 - 00000000 ____D C:\Users\Default\AppData\Local\Microsoft Help
2015-09-03 22:46 - 2015-09-03 22:46 - 00000000 ____D C:\Users\Default User\AppData\Local\Microsoft Help
2015-09-03 11:55 - 2015-09-03 11:55 - 00014620 _____ C:\Users\Chris\Documents\Mappe1 (Wiederhergestellt).xlsm
2015-09-03 11:46 - 2015-09-03 11:46 - 00008243 _____ C:\Users\Chris\Documents\Mappe1 (Wiederhergestellt).xlsx
2015-09-02 22:58 - 2015-09-02 22:58 - 00000000 ____D C:\Users\Chris\Documents\Benutzerdefinierte Office-Vorlagen
2015-09-02 17:49 - 2015-09-02 17:49 - 00093290 _____ C:\Users\Chris\Desktop\JRT.txt
2015-09-02 17:42 - 2015-09-02 17:43 - 01799392 _____ (Malwarebytes Corporation) C:\Users\Chris\Downloads\JRT.exe
2015-09-02 16:57 - 2015-09-02 16:57 - 00000000 ____D C:\Users\Chris\Documents\OneNote-Notizbücher
2015-09-02 16:25 - 2015-09-02 16:25 - 00000000 ____D C:\ProgramData\Microsoft Toolkit
2015-09-02 16:15 - 2015-09-02 16:15 - 00000000 ____D C:\Windows\System32\Tasks\OfficeSoftwareProtectionPlatform
2015-09-02 16:14 - 2015-09-03 22:59 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2015-09-02 16:13 - 2015-09-02 16:13 - 00000000 ____D C:\Program Files\Common Files\DESIGNER
2015-09-02 16:11 - 2015-09-02 16:11 - 00000000 ____D C:\Windows\PCHEALTH
2015-09-02 16:08 - 2015-09-02 16:08 - 00000000 ____D C:\Program Files\Microsoft Analysis Services
2015-09-02 16:08 - 2015-09-02 16:08 - 00000000 ____D C:\Program Files (x86)\Microsoft Analysis Services
2015-09-02 16:07 - 2015-09-03 22:59 - 00000000 ____D C:\ProgramData\Microsoft Help
2015-09-02 16:07 - 2015-09-02 19:44 - 00000000 ____D C:\Users\Chris\AppData\Local\Microsoft Help
2015-09-02 16:07 - 2015-09-02 16:11 - 00000000 ____D C:\Program Files\Microsoft Office
2015-09-02 16:07 - 2015-09-02 16:07 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
2015-09-02 16:06 - 2015-09-02 16:06 - 00000000 __RHD C:\MSOCache
2015-09-02 15:13 - 2015-09-02 15:30 - 51578903 _____ C:\Users\Chris\Downloads\2.5.2.rar
2015-09-02 14:57 - 2015-09-02 14:57 - 00000980 _____ C:\Users\Chris\Desktop\AdwCleaner[C3].txt
2015-09-02 14:50 - 2015-09-02 14:50 - 00019115 _____ C:\Users\Chris\Desktop\mbam.txt
2015-09-02 12:14 - 2015-09-07 21:52 - 00113880 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-09-02 12:14 - 2015-09-02 13:02 - 00001092 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2015-09-02 12:14 - 2015-09-02 12:14 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2015-09-02 12:13 - 2015-09-02 12:14 - 00000000 ____D C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2015-09-02 12:13 - 2015-09-02 12:13 - 00000000 ____D C:\ProgramData\Malwarebytes
2015-09-02 12:13 - 2015-06-18 08:41 - 00109272 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-09-02 12:13 - 2015-06-18 08:41 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-09-02 12:13 - 2015-06-18 08:41 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2015-09-02 12:02 - 2015-09-02 12:03 - 24345872 _____ (Malwarebytes Corporation ) C:\Users\Chris\Downloads\mbam-setup-2.1.8.1057.exe
2015-09-02 11:19 - 2015-09-02 11:19 - 00027687 _____ C:\ComboFix.txt
2015-09-02 10:52 - 2011-06-26 08:45 - 00256000 _____ C:\Windows\PEV.exe
2015-09-02 10:52 - 2010-11-07 19:20 - 00208896 _____ C:\Windows\MBR.exe
2015-09-02 10:52 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2015-09-02 10:52 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2015-09-02 10:52 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2015-09-02 10:52 - 2000-08-31 02:00 - 00098816 _____ C:\Windows\sed.exe
2015-09-02 10:52 - 2000-08-31 02:00 - 00080412 _____ C:\Windows\grep.exe
2015-09-02 10:52 - 2000-08-31 02:00 - 00068096 _____ C:\Windows\zip.exe
2015-09-02 10:51 - 2015-09-02 11:19 - 00000000 ____D C:\Qoobox
2015-09-02 10:50 - 2015-09-02 11:17 - 00000000 ____D C:\Windows\erdnt
2015-09-02 10:46 - 2015-09-02 10:47 - 05635829 ____R (Swearware) C:\Users\Chris\Downloads\ComboFix.exe
2015-09-02 07:31 - 2015-09-02 10:01 - 459881413 _____ C:\Users\Chris\Downloads\o13vl64x.part2.rar
2015-09-01 22:40 - 2015-09-01 22:55 - 00000000 ____D C:\Users\Chris\Desktop\JDownloader
2015-09-01 22:37 - 2015-09-01 22:37 - 00000964 _____ C:\Users\Chris\Downloads\9c91f7707abdae49a8348b6e8170fc0b.dlc
2015-09-01 22:33 - 2015-09-02 14:35 - 524288000 _____ C:\Users\Chris\Downloads\o13vl64x.part1.rar
2015-09-01 22:00 - 2015-09-01 22:01 - 00054108 _____ C:\Users\Chris\Downloads\Addition.txt
2015-09-01 21:58 - 2015-09-07 23:54 - 00000000 ____D C:\FRST
2015-09-01 21:57 - 2015-09-07 23:54 - 02190336 _____ (Farbar) C:\Users\Chris\Downloads\FRST64.exe
2015-09-01 20:23 - 2015-09-01 20:23 - 04241742 _____ (Bycatch) C:\Program Files\Common Files\fapihsdd.exe
2015-09-01 20:04 - 2015-09-01 20:04 - 00003156 _____ C:\Windows\System32\Tasks\ibqp15zq
2015-09-01 20:04 - 2015-09-01 20:04 - 00000000 ____D C:\Program Files\Common Files\3ecvmapm
2015-09-01 19:05 - 2015-09-04 19:44 - 00000000 ____D C:\Users\Chris\Documents\Finanzen
2015-09-01 17:12 - 2015-09-01 17:12 - 04241742 _____ (Bycatch) C:\Program Files\Common Files\0pzeiztr.exe
2015-09-01 16:57 - 2015-09-01 16:57 - 00003156 _____ C:\Windows\System32\Tasks\vyk1avwh
2015-09-01 16:57 - 2015-09-01 16:57 - 00000000 ____D C:\Program Files\Common Files\535fla3w
2015-09-01 15:47 - 2015-09-02 14:53 - 00000000 ____D C:\AdwCleaner
2015-09-01 15:44 - 2015-09-01 15:44 - 01654272 _____ C:\Users\Chris\Downloads\AdwCleaner_5.005.exe
2015-08-31 20:48 - 2015-08-31 20:48 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-08-31 20:47 - 2015-09-02 16:50 - 00002175 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2015-08-31 20:35 - 2015-08-31 20:35 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2015-08-31 20:32 - 2015-08-31 20:32 - 00242984 _____ C:\Users\Chris\Downloads\Firefox Setup Stub 40.0.3.exe
2015-08-28 15:00 - 2015-09-02 22:58 - 00000000 ____D C:\Users\Chris\Documents\Studium - Bauingenieurwesen Bachelor
2015-08-28 12:11 - 2015-08-28 12:11 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FreeOTFE Explorer
2015-08-28 12:10 - 2015-08-28 12:10 - 03350512 _____ (Sarah Dean) C:\Users\Chris\Downloads\FreeOTFEExplorer_3_51.exe
2015-08-28 12:02 - 2015-08-28 12:02 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TrueCrypt
2015-08-28 11:59 - 2015-08-28 12:01 - 00000000 ____D C:\Users\Chris\AppData\Roaming\TrueCrypt
2015-08-28 11:58 - 2015-08-28 12:02 - 00230840 _____ (TrueCrypt Foundation) C:\Windows\system32\Drivers\truecrypt.sys
2015-08-27 20:45 - 2015-08-27 20:45 - 00000000 ____D C:\Users\Chris\AppData\Local\Mega Limited
2015-08-27 20:43 - 2015-08-27 20:44 - 09980608 _____ (MEGA Limited) C:\Users\Chris\Downloads\MEGAsyncSetup.exe
2015-08-27 20:37 - 2015-08-27 20:37 - 00000000 ____D C:\Users\Chris\AppData\Roaming\TaiG
2015-08-27 20:36 - 2015-07-15 15:54 - 72369664 _____ (taig tools) C:\Users\Chris\Desktop\TaiGJBreak_EN_2430.exe
2015-08-27 19:09 - 2015-08-27 19:09 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
2015-08-27 19:09 - 2015-08-27 19:09 - 00000000 ____D C:\Program Files (x86)\QuickTime
2015-08-27 19:03 - 2015-08-27 19:03 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2015-08-27 18:59 - 2015-08-27 19:03 - 00000000 ____D C:\Program Files\iTunes
2015-08-27 18:59 - 2015-08-27 18:59 - 00000000 ____D C:\Program Files\iPod
2015-08-27 16:45 - 2015-08-27 16:45 - 00003146 _____ C:\Windows\System32\Tasks\{226C6825-5220-4BE6-BFC3-85A1EEF608A9}
2015-08-27 16:37 - 2015-08-17 14:29 - 00000826 _____ C:\Windows\system32\Drivers\etc\hp.bak
2015-08-26 18:01 - 2015-08-26 18:01 - 00000000 ____D C:\Users\Chris\Documents\Reise
2015-08-26 18:00 - 2015-09-04 19:45 - 00000000 ____D C:\Users\Chris\AppData\Roaming\Nitro PDF
2015-08-26 18:00 - 2015-08-26 18:00 - 00000000 ____D C:\Users\Chris\AppData\Roaming\Nitro
2015-08-26 18:00 - 2015-08-26 18:00 - 00000000 ____D C:\Users\Chris\AppData\Roaming\FileOpen
2015-08-26 18:00 - 2015-08-26 18:00 - 00000000 ____D C:\ProgramData\FileOpen
2015-08-26 17:55 - 2013-07-26 06:57 - 00029712 _____ (Nitro PDF Software) C:\Windows\system32\nitrolocalmon2.dll
2015-08-26 17:55 - 2013-07-26 06:57 - 00017936 _____ (Nitro PDF Software) C:\Windows\system32\nitrolocalui2.dll
2015-08-26 17:54 - 2015-09-02 13:02 - 00002499 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nitro Reader 3.lnk
2015-08-26 17:54 - 2015-09-02 13:02 - 00001997 _____ C:\Users\Public\Desktop\Nitro Reader.lnk
2015-08-26 17:54 - 2015-08-26 17:54 - 00000000 ____D C:\Program Files\Common Files\Nitro
2015-08-26 17:53 - 2015-08-26 17:53 - 00000000 ____D C:\ProgramData\Nitro
2015-08-26 17:53 - 2015-08-26 17:53 - 00000000 ____D C:\Program Files (x86)\Nitro
2015-08-26 17:51 - 2015-08-26 17:51 - 00000000 ____D C:\Users\Chris\AppData\Roaming\Downloaded Installations
2015-08-24 16:57 - 2015-08-24 17:02 - 00321112 _____ C:\Users\Chris\Downloads\Take That - These Days.mp3.sfk
2015-08-23 19:16 - 2015-08-23 19:17 - 00336640 _____ C:\Users\Chris\Downloads\Coldplay - Viva la Vida.mp3.sfk
2015-08-23 18:58 - 2015-08-23 18:58 - 00320072 _____ C:\Users\Chris\Downloads\Dropkick Murphys - The State Of Massachusetts [ OST Реактивные клоуны ].mp3.sfk
2015-08-23 18:18 - 2011-12-31 18:10 - 57522638 _____ C:\Users\Chris\Desktop\GOPR0106.MP4
2015-08-23 17:09 - 2015-08-23 17:09 - 05668016 _____ (WindSolutions) C:\Users\Chris\Downloads\Install_CopyTransControlCenter.exe
2015-08-23 17:04 - 2015-08-23 17:05 - 01260832 _____ C:\Users\Chris\Downloads\SharePod - CHIP-Installer.exe
2015-08-21 23:03 - 2015-09-05 21:07 - 00244760 _____ C:\Users\Chris\Downloads\Arctic Monkeys - Fluorescent Adolescent.mp3.sfk
2015-08-21 21:40 - 2015-09-07 23:16 - 00000000 ____D C:\Users\Chris\Desktop\Video Australien Bonu
2015-08-19 23:11 - 2015-08-11 03:20 - 25191936 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-08-19 23:11 - 2015-08-11 03:14 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-08-19 23:11 - 2015-08-11 02:33 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-08-19 23:11 - 2015-08-11 02:20 - 19871232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-08-17 19:34 - 2015-08-17 19:34 - 00000000 ____D C:\Users\Chris\AppData\Local\TuneUp Software
2015-08-17 19:29 - 2015-09-02 13:02 - 00001522 _____ C:\Users\Public\Desktop\Free YouTube to MP3 Converter.lnk
2015-08-17 19:29 - 2015-09-02 13:02 - 00001231 _____ C:\Users\Public\Desktop\DVDVideoSoft Free Studio.lnk
2015-08-17 19:29 - 2015-08-17 19:29 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft
2015-08-17 19:28 - 2015-08-17 19:29 - 00000000 ____D C:\Program Files (x86)\FreeCodecPack
2015-08-17 19:28 - 2015-08-17 19:29 - 00000000 ____D C:\Program Files (x86)\DVDVideoSoft
2015-08-17 19:21 - 2015-08-17 19:24 - 36627576 _____ (DVDVideoSoft Ltd. ) C:\Users\Chris\Downloads\FreeYouTube61ToMP3Converter.exe
2015-08-17 18:35 - 2015-09-02 13:00 - 00001003 _____ C:\Users\Chris\Desktop\TransMac.lnk
2015-08-17 18:35 - 2015-08-17 18:35 - 00000000 ____D C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TransMac
2015-08-17 18:35 - 2015-08-17 18:35 - 00000000 ____D C:\Users\Chris\AppData\Local\TransMac
2015-08-17 18:34 - 2015-08-17 18:35 - 00000000 ____D C:\Program Files (x86)\TransMac
2015-08-17 18:32 - 2015-08-17 18:32 - 01260832 _____ C:\Users\Chris\Downloads\TransMac - CHIP-Installer.exe
2015-08-17 16:27 - 2015-08-17 16:27 - 00000000 ____D C:\Users\Chris\AppData\Local\CEF
2015-08-14 22:47 - 2015-07-30 15:13 - 00124624 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2015-08-14 22:47 - 2015-07-30 15:13 - 00103120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2015-08-14 22:38 - 2015-07-21 02:39 - 00389840 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-08-14 22:38 - 2015-07-21 02:12 - 00342736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-08-14 22:38 - 2015-07-16 22:54 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-08-14 22:38 - 2015-07-16 22:37 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-08-14 22:38 - 2015-07-16 22:36 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-08-14 22:38 - 2015-07-16 22:36 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-08-14 22:38 - 2015-07-16 22:36 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-08-14 22:38 - 2015-07-16 22:35 - 02885632 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-08-14 22:38 - 2015-07-16 22:35 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-08-14 22:38 - 2015-07-16 22:27 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-08-14 22:38 - 2015-07-16 22:26 - 05923328 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-08-14 22:38 - 2015-07-16 22:26 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-08-14 22:38 - 2015-07-16 22:23 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-08-14 22:38 - 2015-07-16 22:21 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-08-14 22:38 - 2015-07-16 22:21 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-08-14 22:38 - 2015-07-16 22:21 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-08-14 22:38 - 2015-07-16 22:21 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-08-14 22:38 - 2015-07-16 22:12 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-08-14 22:38 - 2015-07-16 22:08 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-08-14 22:38 - 2015-07-16 22:00 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-08-14 22:38 - 2015-07-16 21:55 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-08-14 22:38 - 2015-07-16 21:54 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-08-14 22:38 - 2015-07-16 21:51 - 00504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-08-14 22:38 - 2015-07-16 21:51 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-08-14 22:38 - 2015-07-16 21:51 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-08-14 22:38 - 2015-07-16 21:50 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-08-14 22:38 - 2015-07-16 21:50 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-08-14 22:38 - 2015-07-16 21:49 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-08-14 22:38 - 2015-07-16 21:45 - 02279424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-08-14 22:38 - 2015-07-16 21:43 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-08-14 22:38 - 2015-07-16 21:43 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-08-14 22:38 - 2015-07-16 21:41 - 00479232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-08-14 22:38 - 2015-07-16 21:39 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-08-14 22:38 - 2015-07-16 21:39 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-08-14 22:38 - 2015-07-16 21:38 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-08-14 22:38 - 2015-07-16 21:36 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-08-14 22:38 - 2015-07-16 21:35 - 00720384 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-08-14 22:38 - 2015-07-16 21:34 - 14451200 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-08-14 22:38 - 2015-07-16 21:33 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-08-14 22:38 - 2015-07-16 21:32 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-08-14 22:38 - 2015-07-16 21:29 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-08-14 22:38 - 2015-07-16 21:24 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-08-14 22:38 - 2015-07-16 21:20 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-08-14 22:38 - 2015-07-16 21:19 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-08-14 22:38 - 2015-07-16 21:17 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-08-14 22:38 - 2015-07-16 21:12 - 04520448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-08-14 22:38 - 2015-07-16 21:12 - 02427904 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-08-14 22:38 - 2015-07-16 21:10 - 12856832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-08-14 22:38 - 2015-07-16 21:06 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-08-14 22:38 - 2015-07-16 21:06 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-08-14 22:38 - 2015-07-16 21:05 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-08-14 22:38 - 2015-07-16 21:01 - 01545728 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-08-14 22:38 - 2015-07-16 20:49 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-08-14 22:38 - 2015-07-16 20:42 - 01951232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-08-14 22:38 - 2015-07-16 20:38 - 01310720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-08-14 22:38 - 2015-07-16 20:37 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-08-14 22:37 - 2015-07-28 22:09 - 00017344 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2015-08-14 22:37 - 2015-07-28 22:05 - 01116672 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-08-14 22:37 - 2015-07-28 22:05 - 00774656 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-08-14 22:37 - 2015-07-28 22:05 - 00743424 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-08-14 22:37 - 2015-07-28 22:05 - 00437760 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-08-14 22:37 - 2015-07-28 22:05 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2015-08-14 22:37 - 2015-07-28 22:05 - 00069120 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2015-08-14 22:37 - 2015-07-28 21:55 - 01148416 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-08-14 22:37 - 2015-07-15 20:15 - 05568960 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-08-14 22:37 - 2015-07-15 20:15 - 00155584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-08-14 22:37 - 2015-07-15 20:15 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-08-14 22:37 - 2015-07-15 20:15 - 00094656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mountmgr.sys
2015-08-14 22:37 - 2015-07-15 20:12 - 01730496 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-08-14 22:37 - 2015-07-15 20:11 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2015-08-14 22:37 - 2015-07-15 20:11 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2015-08-14 22:37 - 2015-07-15 20:11 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2015-08-14 22:37 - 2015-07-15 20:11 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-08-14 22:37 - 2015-07-15 20:11 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2015-08-14 22:37 - 2015-07-15 20:10 - 01743360 _____ (Microsoft Corporation) C:\Windows\system32\sysmain.dll
2015-08-14 22:37 - 2015-07-15 20:10 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-08-14 22:37 - 2015-07-15 20:10 - 01216512 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2015-08-14 22:37 - 2015-07-15 20:10 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2015-08-14 22:37 - 2015-07-15 20:10 - 00729088 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-08-14 22:37 - 2015-07-15 20:10 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-08-14 22:37 - 2015-07-15 20:10 - 00424960 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2015-08-14 22:37 - 2015-07-15 20:10 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-08-14 22:37 - 2015-07-15 20:10 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-08-14 22:37 - 2015-07-15 20:10 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-08-14 22:37 - 2015-07-15 20:10 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-08-14 22:37 - 2015-07-15 20:10 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-08-14 22:37 - 2015-07-15 20:10 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2015-08-14 22:37 - 2015-07-15 20:10 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-08-14 22:37 - 2015-07-15 20:10 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-08-14 22:37 - 2015-07-15 20:10 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2015-08-14 22:37 - 2015-07-15 20:10 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2015-08-14 22:37 - 2015-07-15 20:10 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-08-14 22:37 - 2015-07-15 20:10 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-08-14 22:37 - 2015-07-15 20:10 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-08-14 22:37 - 2015-07-15 20:10 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-08-14 22:37 - 2015-07-15 20:10 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2015-08-14 22:37 - 2015-07-15 20:10 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\msmmsp.dll
2015-08-14 22:37 - 2015-07-15 20:09 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2015-08-14 22:37 - 2015-07-15 20:09 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-08-14 22:37 - 2015-07-15 20:05 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-08-14 22:37 - 2015-07-15 20:05 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-08-14 22:37 - 2015-07-15 20:00 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-08-14 22:37 - 2015-07-15 20:00 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2015-08-14 22:37 - 2015-07-15 20:00 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-08-14 22:37 - 2015-07-15 20:00 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-08-14 22:37 - 2015-07-15 20:00 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-08-14 22:37 - 2015-07-15 20:00 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-08-14 22:37 - 2015-07-15 20:00 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-08-14 22:37 - 2015-07-15 20:00 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-08-14 22:37 - 2015-07-15 20:00 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-08-14 22:37 - 2015-07-15 20:00 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-08-14 22:37 - 2015-07-15 20:00 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-08-14 22:37 - 2015-07-15 20:00 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-08-14 22:37 - 2015-07-15 20:00 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-08-14 22:37 - 2015-07-15 20:00 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-08-14 22:37 - 2015-07-15 20:00 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-08-14 22:37 - 2015-07-15 20:00 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-08-14 22:37 - 2015-07-15 20:00 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-08-14 22:37 - 2015-07-15 20:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-08-14 22:37 - 2015-07-15 20:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-08-14 22:37 - 2015-07-15 20:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-08-14 22:37 - 2015-07-15 20:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-08-14 22:37 - 2015-07-15 20:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-08-14 22:37 - 2015-07-15 20:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-08-14 22:37 - 2015-07-15 20:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-08-14 22:37 - 2015-07-15 20:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-08-14 22:37 - 2015-07-15 20:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-08-14 22:37 - 2015-07-15 20:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-08-14 22:37 - 2015-07-15 20:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-08-14 22:37 - 2015-07-15 20:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-08-14 22:37 - 2015-07-15 20:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-08-14 22:37 - 2015-07-15 19:59 - 03989952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-08-14 22:37 - 2015-07-15 19:59 - 03934656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-08-14 22:37 - 2015-07-15 19:56 - 01311768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2015-08-14 22:37 - 2015-07-15 19:55 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-08-14 22:37 - 2015-07-15 19:55 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-08-14 22:37 - 2015-07-15 19:55 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-08-14 22:37 - 2015-07-15 19:55 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-08-14 22:37 - 2015-07-15 19:55 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-08-14 22:37 - 2015-07-15 19:54 - 00552960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-08-14 22:37 - 2015-07-15 19:54 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-08-14 22:37 - 2015-07-15 19:54 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-08-14 22:37 - 2015-07-15 19:54 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2015-08-14 22:37 - 2015-07-15 19:54 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2015-08-14 22:37 - 2015-07-15 19:54 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-08-14 22:37 - 2015-07-15 19:54 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2015-08-14 22:37 - 2015-07-15 19:53 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2015-08-14 22:37 - 2015-07-15 19:53 - 00665088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2015-08-14 22:37 - 2015-07-15 19:53 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2015-08-14 22:37 - 2015-07-15 19:53 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-08-14 22:37 - 2015-07-15 19:53 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2015-08-14 22:37 - 2015-07-15 19:53 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2015-08-14 22:37 - 2015-07-15 19:49 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2015-08-14 22:37 - 2015-07-15 19:48 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-08-14 22:37 - 2015-07-15 19:44 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-08-14 22:37 - 2015-07-15 19:44 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2015-08-14 22:37 - 2015-07-15 19:44 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2015-08-14 22:37 - 2015-07-15 19:44 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2015-08-14 22:37 - 2015-07-15 19:44 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2015-08-14 22:37 - 2015-07-15 19:44 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2015-08-14 22:37 - 2015-07-15 19:44 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2015-08-14 22:37 - 2015-07-15 19:44 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2015-08-14 22:37 - 2015-07-15 19:44 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2015-08-14 22:37 - 2015-07-15 19:44 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2015-08-14 22:37 - 2015-07-15 19:44 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2015-08-14 22:37 - 2015-07-15 19:44 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2015-08-14 22:37 - 2015-07-15 19:44 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2015-08-14 22:37 - 2015-07-15 19:44 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2015-08-14 22:37 - 2015-07-15 19:44 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2015-08-14 22:37 - 2015-07-15 19:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2015-08-14 22:37 - 2015-07-15 19:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-08-14 22:37 - 2015-07-15 19:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2015-08-14 22:37 - 2015-07-15 19:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2015-08-14 22:37 - 2015-07-15 19:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2015-08-14 22:37 - 2015-07-15 19:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2015-08-14 22:37 - 2015-07-15 19:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2015-08-14 22:37 - 2015-07-15 19:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2015-08-14 22:37 - 2015-07-15 19:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2015-08-14 22:37 - 2015-07-15 19:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2015-08-14 22:37 - 2015-07-15 19:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2015-08-14 22:37 - 2015-07-15 18:46 - 00290816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2015-08-14 22:37 - 2015-07-15 18:46 - 00159232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2015-08-14 22:37 - 2015-07-15 18:46 - 00129024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2015-08-14 22:37 - 2015-07-15 18:37 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2015-08-14 22:37 - 2015-07-15 18:37 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2015-08-14 22:37 - 2015-07-15 18:34 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2015-08-14 22:37 - 2015-07-15 18:34 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2015-08-14 22:37 - 2015-07-15 18:34 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2015-08-14 22:37 - 2015-07-15 18:34 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2015-08-14 22:36 - 2015-07-15 05:19 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\basesrv.dll
2015-08-14 22:36 - 2015-07-10 19:51 - 03722752 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2015-08-14 22:36 - 2015-07-10 19:51 - 00158720 _____ (Microsoft Corporation) C:\Windows\system32\aaclient.dll
2015-08-14 22:36 - 2015-07-10 19:51 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\tsgqec.dll
2015-08-14 22:36 - 2015-07-10 19:34 - 03221504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2015-08-14 22:36 - 2015-07-10 19:34 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tsgqec.dll
2015-08-14 22:36 - 2015-07-10 19:33 - 00131584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aaclient.dll
2015-08-14 22:30 - 2015-07-30 20:06 - 02565120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2015-08-14 22:30 - 2015-07-30 20:06 - 01648128 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2015-08-14 22:30 - 2015-07-30 20:06 - 01180160 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2015-08-14 22:30 - 2015-07-30 20:06 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2015-08-14 22:30 - 2015-07-30 20:06 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2015-08-14 22:30 - 2015-07-30 20:06 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2015-08-14 22:30 - 2015-07-30 20:06 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2015-08-14 22:30 - 2015-07-30 19:57 - 01987584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2015-08-14 22:30 - 2015-07-30 19:57 - 01251328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2015-08-14 22:30 - 2015-07-30 19:57 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2015-08-14 22:30 - 2015-07-30 19:57 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2015-08-14 22:30 - 2015-07-30 19:57 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2015-08-14 22:30 - 2015-07-30 19:55 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2015-08-14 22:30 - 2015-07-30 18:56 - 03208192 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-08-14 22:30 - 2015-07-30 18:52 - 00372736 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2015-08-14 22:30 - 2015-07-30 18:49 - 00299520 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2015-08-14 22:30 - 2015-07-15 05:19 - 02004992 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2015-08-14 22:30 - 2015-07-15 05:19 - 01887232 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2015-08-14 22:30 - 2015-07-15 05:14 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml6r.dll
2015-08-14 22:30 - 2015-07-15 05:13 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2015-08-14 22:30 - 2015-07-15 04:55 - 01390592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2015-08-14 22:30 - 2015-07-15 04:55 - 01241088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2015-08-14 22:30 - 2015-07-15 04:51 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6r.dll
2015-08-14 22:30 - 2015-07-15 04:51 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2015-08-14 22:30 - 2015-07-01 22:49 - 00260096 _____ (Microsoft Corporation) C:\Windows\system32\WebClnt.dll
2015-08-14 22:30 - 2015-07-01 22:48 - 00102912 _____ (Microsoft Corporation) C:\Windows\system32\davclnt.dll
2015-08-14 22:30 - 2015-07-01 22:30 - 00206848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WebClnt.dll
2015-08-14 22:30 - 2015-07-01 22:30 - 00082432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\davclnt.dll
2015-08-14 22:29 - 2015-07-20 20:12 - 03154944 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-08-14 22:29 - 2015-07-20 20:12 - 02606080 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-08-14 22:29 - 2015-07-20 20:12 - 00696320 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-08-14 22:29 - 2015-07-20 20:12 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-08-14 22:29 - 2015-07-20 20:12 - 00139776 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-08-14 22:29 - 2015-07-20 20:12 - 00098304 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-08-14 22:29 - 2015-07-20 20:12 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2015-08-14 22:29 - 2015-07-20 20:12 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2015-08-14 22:29 - 2015-07-20 20:12 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-08-14 22:29 - 2015-07-20 20:12 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2015-08-14 22:29 - 2015-07-20 20:12 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2015-08-14 22:29 - 2015-07-20 19:56 - 00566784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2015-08-14 22:29 - 2015-07-20 19:56 - 00173056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2015-08-14 22:29 - 2015-07-20 19:56 - 00093184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2015-08-14 22:29 - 2015-07-20 19:56 - 00034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2015-08-14 22:29 - 2015-07-20 19:56 - 00030208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2015-08-14 22:29 - 2015-07-10 19:51 - 14177280 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2015-08-14 22:29 - 2015-07-10 19:34 - 12875776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2015-08-14 22:29 - 2015-07-09 19:57 - 00193536 _____ (Microsoft Corporation) C:\Windows\system32\notepad.exe
2015-08-14 22:29 - 2015-07-09 19:57 - 00193536 _____ (Microsoft Corporation) C:\Windows\notepad.exe
2015-08-14 22:29 - 2015-07-09 19:42 - 00179712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe
2015-08-10 23:16 - 2015-06-02 02:07 - 00254976 _____ (Microsoft Corporation) C:\Windows\system32\cewmdm.dll
2015-08-10 23:16 - 2015-06-02 01:47 - 00210432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cewmdm.dll
2015-08-10 23:15 - 2015-06-17 19:47 - 00404992 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2015-08-10 23:15 - 2015-06-17 19:37 - 00312320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2015-08-10 23:11 - 2015-07-04 20:07 - 02087424 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2015-08-10 23:11 - 2015-07-04 19:48 - 01414656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll
2015-08-10 23:11 - 2015-06-15 23:50 - 00112064 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2015-08-10 23:11 - 2015-06-15 23:45 - 03242496 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2015-08-10 23:11 - 2015-06-15 23:45 - 01941504 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2015-08-10 23:11 - 2015-06-15 23:45 - 00504320 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2015-08-10 23:11 - 2015-06-15 23:45 - 00070656 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll
2015-08-10 23:11 - 2015-06-15 23:44 - 00128000 _____ (Microsoft Corporation) C:\Windows\system32\msiexec.exe
2015-08-10 23:11 - 2015-06-15 23:43 - 02364416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2015-08-10 23:11 - 2015-06-15 23:43 - 01805824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2015-08-10 23:11 - 2015-06-15 23:43 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll
2015-08-10 23:11 - 2015-06-15 23:42 - 00073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msiexec.exe
2015-08-10 23:11 - 2015-06-15 23:42 - 00025088 _____ (Microsoft Corporation) C:\Windows\system32\msimsg.dll
2015-08-10 23:11 - 2015-06-15 23:37 - 00025088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msimsg.dll
2015-08-10 23:11 - 2015-06-11 19:56 - 01112576 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2015-08-10 23:11 - 2015-06-11 19:16 - 00162816 _____ (Microsoft Corporation) C:\Windows\system32\rdpudd.dll
2015-08-10 23:11 - 2015-06-11 19:15 - 00020992 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpvideominiport.sys
2015-08-10 23:11 - 2015-04-27 21:23 - 01480192 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2015-08-10 23:11 - 2015-04-27 21:23 - 00229376 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2015-08-10 23:11 - 2015-04-27 21:23 - 00188416 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2015-08-10 23:11 - 2015-04-27 21:23 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2015-08-10 23:11 - 2015-04-27 21:05 - 00179200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2015-08-10 23:11 - 2015-04-27 21:04 - 01174528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2015-08-10 23:11 - 2015-04-27 21:04 - 00143872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2015-08-10 23:11 - 2015-04-27 21:04 - 00103936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2015-09-07 23:52 - 2015-06-20 18:39 - 00001224 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-892971799-3770444226-59494271-1000UA.job
2015-09-07 23:48 - 2011-06-21 14:20 - 00001110 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-09-07 23:41 - 2011-07-11 00:01 - 00000000 ____D C:\Users\Chris\AppData\Roaming\Skype
2015-09-07 23:19 - 2012-05-07 13:56 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-09-07 22:02 - 2009-07-14 06:45 - 00017136 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-09-07 22:02 - 2009-07-14 06:45 - 00017136 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-09-07 15:47 - 2011-06-21 14:20 - 00001106 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-09-07 13:15 - 2011-05-27 18:09 - 01322602 _____ C:\Windows\WindowsUpdate.log
2015-09-07 08:43 - 2012-11-25 19:19 - 00000000 ___RD C:\Users\Chris\Dropbox
2015-09-07 08:42 - 2012-11-25 19:16 - 00000000 ____D C:\Users\Chris\AppData\Roaming\Dropbox
2015-09-07 08:40 - 2011-06-02 16:02 - 00000000 ____D C:\ProgramData\NVIDIA
2015-09-07 08:40 - 2011-05-29 09:03 - 00918456 _____ C:\Windows\PFRO.log
2015-09-07 08:40 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-09-07 08:40 - 2009-07-14 06:51 - 00087465 _____ C:\Windows\setupact.log
2015-09-04 08:22 - 2011-05-28 14:30 - 00113168 _____ C:\Users\Chris\AppData\Local\GDIPFONTCACHEV1.DAT
2015-09-04 08:21 - 2009-07-14 06:45 - 00437576 _____ C:\Windows\system32\FNTCACHE.DAT
2015-09-03 22:51 - 2009-07-14 04:34 - 00000478 _____ C:\Windows\win.ini
2015-09-03 22:33 - 2015-04-25 18:45 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2015-09-03 15:12 - 2009-07-14 19:58 - 00699432 _____ C:\Windows\system32\perfh007.dat
2015-09-03 15:12 - 2009-07-14 19:58 - 00149572 _____ C:\Windows\system32\perfc007.dat
2015-09-03 15:12 - 2009-07-14 07:13 - 01620684 _____ C:\Windows\system32\PerfStringBackup.INI
2015-09-03 08:58 - 2015-06-20 18:39 - 00001172 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-892971799-3770444226-59494271-1000Core.job
2015-09-02 16:13 - 2009-07-14 20:18 - 00000000 ____D C:\Windows\ShellNew
2015-09-02 16:13 - 2009-07-14 05:20 - 00000000 ____D C:\Program Files\Common Files\Microsoft Shared
2015-09-02 16:09 - 2009-07-14 05:20 - 00000000 ____D C:\Program Files\Common Files\System
2015-09-02 14:41 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\tracing
2015-09-02 13:02 - 2015-07-10 08:11 - 00001073 _____ C:\Users\Public\Desktop\Rapid-Mosaic.lnk
2015-09-02 13:02 - 2014-11-30 21:30 - 00000953 _____ C:\Users\Public\Desktop\Steam.lnk
2015-09-02 13:02 - 2014-11-07 17:28 - 00001607 _____ C:\Users\Public\Desktop\League of Legends.lnk
2015-09-02 13:02 - 2014-10-30 17:46 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2015-09-02 13:02 - 2014-10-30 17:46 - 00002013 _____ C:\Users\Public\Desktop\Adobe Reader XI.lnk
2015-09-02 13:02 - 2014-07-02 20:06 - 00001839 _____ C:\Users\Public\Desktop\QuickTime Player.lnk
2015-09-02 13:02 - 2014-06-04 17:05 - 00001155 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2015-09-02 13:02 - 2014-06-04 17:05 - 00001137 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2015-09-02 13:02 - 2014-05-27 20:02 - 00001813 _____ C:\Users\Public\Desktop\CDBurnerXP.lnk
2015-09-02 13:02 - 2014-05-20 19:41 - 00001747 _____ C:\Users\Public\Desktop\iTunes.lnk
2015-09-02 13:02 - 2014-04-12 23:22 - 00001005 _____ C:\Users\Public\Desktop\TeamSpeak 3 Client.lnk
2015-09-02 13:02 - 2011-06-01 21:07 - 00002519 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
2015-09-02 13:02 - 2011-05-28 14:43 - 00002117 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Security Essentials.lnk
2015-09-02 13:02 - 2011-05-27 18:10 - 00001345 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk
2015-09-02 13:02 - 2011-05-27 18:10 - 00001326 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk
2015-09-02 13:02 - 2009-07-14 06:57 - 00001523 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2015-09-02 13:02 - 2009-07-14 06:57 - 00001304 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sidebar.lnk
2015-09-02 13:02 - 2009-07-14 06:57 - 00001246 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XPS Viewer.lnk
2015-09-02 13:02 - 2009-07-14 06:54 - 00001210 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Fax and Scan.lnk
2015-09-02 13:01 - 2011-12-18 12:07 - 00000945 _____ C:\ProgramData\Microsoft\Windows\Start Menu\µTorrent.lnk
2015-09-02 13:01 - 2011-11-09 12:08 - 00001304 _____ C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Diablo II SP Enhancement Mod v1.4 + PlugY v10.00.lnk
2015-09-02 13:01 - 2011-05-27 18:15 - 00001417 _____ C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2015-09-02 13:01 - 2009-07-14 07:32 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2015-09-02 13:01 - 2009-07-14 07:01 - 00001218 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Default Programs.lnk
2015-09-02 13:01 - 2009-07-14 06:49 - 00001246 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Windows Update.lnk
2015-09-02 13:00 - 2013-07-31 20:09 - 00001535 _____ C:\Users\Chris\Desktop\Diablo III.lnk
2015-09-02 13:00 - 2011-08-12 19:28 - 00001823 _____ C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Start Menu\Tunatic.lnk
2015-09-02 13:00 - 2011-07-05 20:31 - 00000000 ____D C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
2015-09-02 11:19 - 2009-07-14 05:20 - 00000000 __RHD C:\Users\Default
2015-09-02 11:10 - 2009-07-14 04:34 - 00000215 _____ C:\Windows\system.ini
2015-09-02 11:08 - 2009-07-14 04:34 - 90963968 _____ C:\Windows\system32\config\SOFTWARE.bak
2015-09-02 11:08 - 2009-07-14 04:34 - 19660800 _____ C:\Windows\system32\config\SYSTEM.bak
2015-09-02 11:08 - 2009-07-14 04:34 - 00524288 _____ C:\Windows\system32\config\DEFAULT.bak
2015-09-02 11:08 - 2009-07-14 04:34 - 00262144 _____ C:\Windows\system32\config\SECURITY.bak
2015-09-02 11:08 - 2009-07-14 04:34 - 00262144 _____ C:\Windows\system32\config\SAM.bak
2015-09-02 11:07 - 2009-07-14 04:34 - 68157440 _____ C:\Windows\system32\config\COMPONENTS.bak
2015-09-01 15:51 - 2011-09-30 19:52 - 00000000 ____D C:\ProgramData\ICQ
2015-09-01 15:42 - 2011-06-21 14:20 - 00004106 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-09-01 15:42 - 2011-06-21 14:20 - 00003854 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-09-01 15:37 - 2011-06-21 14:20 - 00000000 ____D C:\Users\Chris\AppData\Local\Google
2015-08-31 20:47 - 2011-06-21 14:20 - 00000000 ____D C:\Program Files (x86)\Google
2015-08-31 20:39 - 2011-07-30 14:39 - 00032012 _____ C:\Windows\DPINST.LOG
2015-08-28 15:18 - 2012-10-21 19:47 - 00000000 ____D C:\Users\Chris\Documents\Schule
2015-08-28 15:17 - 2013-08-23 13:24 - 00000000 ____D C:\Users\Chris\Documents\Bewerbung
2015-08-28 15:15 - 2011-11-02 16:00 - 00000000 ____D C:\Users\Chris\Documents\Dumm
2015-08-28 15:01 - 2015-05-10 16:55 - 00000000 ____D C:\Users\Chris\Documents\Ebay iPhone 6
2015-08-27 18:59 - 2011-08-23 20:07 - 00000000 ____D C:\Program Files (x86)\iTunes
2015-08-27 18:59 - 2011-06-01 21:07 - 00000000 ____D C:\Program Files\Common Files\Apple
2015-08-27 18:57 - 2015-03-31 22:47 - 00000000 ____D C:\ProgramData\E1864A66-75E3-486a-BD95-D1B7D99A84A7
2015-08-27 18:10 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\NDF
2015-08-22 18:50 - 2015-05-10 16:56 - 00000000 __SHD C:\Users\Chris\AppData\Local\EmieBrowserModeList
2015-08-22 18:50 - 2014-05-27 20:00 - 00000000 __SHD C:\Users\Chris\AppData\Local\EmieUserList
2015-08-22 18:50 - 2014-05-27 20:00 - 00000000 __SHD C:\Users\Chris\AppData\Local\EmieSiteList
2015-08-18 01:10 - 2009-07-14 07:09 - 00000000 ____D C:\Windows\System32\Tasks\WPD
2015-08-18 01:07 - 2013-01-19 18:27 - 00000000 ____D C:\ProgramData\TuneUp Software
2015-08-17 19:34 - 2013-01-19 18:27 - 00000000 ____D C:\Users\Chris\AppData\Roaming\TuneUp Software
2015-08-17 19:31 - 2011-07-19 12:30 - 00000000 ____D C:\Users\Chris\AppData\Roaming\DVDVideoSoft
2015-08-17 17:45 - 2014-11-30 21:30 - 00000000 ____D C:\Program Files (x86)\Steam
2015-08-17 16:29 - 2011-10-06 21:10 - 00000000 ____D C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2015-08-17 14:32 - 2011-11-12 14:50 - 00000000 ____D C:\Program Files (x86)\LogMeIn Hamachi
2015-08-17 14:31 - 2011-11-12 14:51 - 00000000 ____D C:\Users\Chris\AppData\Local\LogMeIn Hamachi
2015-08-16 04:12 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\rescache
2015-08-15 14:43 - 2015-04-16 03:33 - 00000000 ____D C:\Windows\system32\appraiser
2015-08-15 14:43 - 2014-05-06 22:20 - 00000000 ___SD C:\Windows\system32\CompatTel
2015-08-15 14:20 - 2012-05-07 13:56 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-08-15 14:20 - 2012-05-07 13:55 - 00778440 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-08-15 14:20 - 2011-05-28 14:33 - 00142536 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-08-14 22:47 - 2012-05-21 07:13 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2015-08-14 22:46 - 2012-05-21 07:12 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2015-08-14 22:46 - 2012-05-21 07:12 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2015-08-14 22:44 - 2013-07-17 01:08 - 00000000 ____D C:\Windows\system32\MRT
2015-08-14 21:26 - 2015-04-06 03:01 - 00000000 ___SD C:\Windows\system32\GWX
2015-08-14 21:17 - 2015-04-06 03:01 - 00000000 ___SD C:\Windows\SysWOW64\GWX
2015-08-14 21:17 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\PolicyDefinitions

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2015-09-01 17:12 - 2015-09-01 17:12 - 4241742 _____ (Bycatch) C:\Program Files\Common Files\0pzeiztr.exe
2015-09-01 20:23 - 2015-09-01 20:23 - 4241742 _____ (Bycatch) C:\Program Files\Common Files\fapihsdd.exe
2011-07-20 16:57 - 2011-07-20 17:45 - 0008704 _____ () C:\Users\Chris\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-08-27 16:36 - 2015-08-27 16:36 - 0000187 _____ () C:\Users\Chris\AppData\Local\Nimline.exe.config

Einige Dateien in TEMP:
====================
C:\Users\Chris\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpqrr3dw.dll
C:\Users\Chris\AppData\Local\Temp\ose00001.exe
C:\Users\Chris\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap =================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert


LastRegBack: 2015-09-01 23:29

==================== Ende von FRST.txt ============================

--- --- ---

[/CODE]

cosinus · 07.09.2015, 23:25

Bitte auch ne neue Addition.txt erstellen, dazu FRST starten und einen Haken setzen bei Addition.txt, dann auf Untersuchen klicken.

02.09.2015, 16:22	#9
cosinus /// Winkelfunktion /// TB-Süch-Tiger™	Alle Browser verseucht, was tun? Von BC müsstest es runterladen können, hat bei mir eben geklappt => Downloading Junkware Removal Tool __________________ Logfiles bitte immer in CODE-Tags posten

05.09.2015, 20:09	#11
cosinus /// Winkelfunktion /// TB-Süch-Tiger™	Alle Browser verseucht, was tun? Log bitte posten. Und wir sind hier noch noch ganz fertig, es fehlt noch etwas Nachkontrolle. __________________ Logfiles bitte immer in CODE-Tags posten

07.09.2015, 23:25	#14
cosinus /// Winkelfunktion /// TB-Süch-Tiger™	Alle Browser verseucht, was tun? Bitte auch ne neue Addition.txt erstellen, dazu FRST starten und einen Haken setzen bei Addition.txt, dann auf Untersuchen klicken. __________________ Logfiles bitte immer in CODE-Tags posten

Alle Browser verseucht, was tun?

Plagegeister aller Art und deren Bekämpfung: Alle Browser verseucht, was tun?