Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung
Pc spinnt / Unknown MBR Code... Bootkit?

Pc spinnt / Unknown MBR Code... Bootkit?


Log-Analyse und Auswertung: Pc spinnt / Unknown MBR Code... Bootkit?

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML.

 
Vorheriger Beitrag Vorheriger Beitrag   Nächster Beitrag Nächster Beitrag
Alt 21.10.2015, 19:21   #1
FrankW187
 
Pc spinnt / Unknown MBR Code... Bootkit? - Standard

Pc spinnt / Unknown MBR Code... Bootkit?


Hallo,

also teilweise spinnt das Internet an meinem Rechner. Der Seitenaufbau funktioniert dann teilweise und die Seiten laden dann endlos aber laden nur teilweise in Chrome und auch FF IE nutze ich nicht. Leitung 100Mbit und bei anderen Clients ist mir das Problem bisher noch nicht aufgefallen. Des Weiteren hatte ich das Gefühl, dass der PC teilweise ferngesteuert wird z.B. einfach aus dem Ruhezuhstand aufwacht und andere merkwüdige Sachen passieren deshalb auch mein Beitrag.

Gefunden habe ich bisher Unknown MBR code. Anstelle nur zu fixen würde mich auch eine Möglichkeit interessieren um den MBR code zu betrachten und zu sehen was oder eventuell auch wer oder wie der PC infiziert wurde.

Wie sieht es eigentlich aus mit UEFI Rootkits oder Rootkits in Grafikkarten? Auch wenn es noch nicht sehr häufig ist funktionieren tut es ja. Wie kann man Grafikkarte und UEFI überprüfen?

Anbei die Logfiles mir ist nichts besonderes aufgefallen außer GMER und da gab es auch 2 Fehlermeldungen "C:\windows\system32\config\system: Der Prozess kann nicht auf die Datei zugreifen, da sie von einem anderen Prozess verwendet wird." und C:\users\Frank\ntuser.dat auch. Hab vorher auch schon Trojaner gefunden z.b. Katusha etc ist alles schon gelöscht aber leider läuft der PC noch nicht richtig. MBAM hat nur PUP gefunden.


Code:
ATTFilter
defogger_disable by jpshortstuff (23.02.10.1)
Log created at 14:17 on 21/10/2015 (Frank)

Checking for autostart values...
HKCU\~\Run values retrieved.
HKLM\~\Run values retrieved.

Checking for services/drivers...


-=E.O.F=-
FSRT.txt
Code:
ATTFilter
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:18-10-2015
durchgeführt von Frank (Administrator) auf Frank-PC (21-10-2015 14:22:18)
Gestartet von C:\scan
Geladene Profile: Frank & Gast (Verfügbare Profile: Frank & Gast)
Platform: Windows 7 Professional Service Pack 1 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Creative Technology Ltd) C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe
(Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(AVM Berlin) C:\Program Files\FRITZ!Fernzugang\avmike.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Small Office Security 15.0.2\avp.exe
(AVM Berlin) C:\Program Files\FRITZ!Fernzugang\certsrv.exe
() C:\Program Files (x86)\GNU\GnuPG\dirmngr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(MSI) C:\Program Files (x86)\MSI\Super-Charger\ChargeService.exe
(AVM Berlin) C:\Program Files\FRITZ!Fernzugang\nwtsrv.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Small Office Security 15.0.2\avpui.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
() C:\Program Files (x86)\Synology\Assistant\UsbClientService.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(SteelSeries ApS) C:\Program Files\SteelSeries\SteelSeries Engine\SteelSeriesEngine.exe
(Spotify Ltd) C:\Users\Frank\AppData\Roaming\Spotify\SpotifyWebHelper.exe
(Dropbox, Inc.) C:\Users\Frank\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Renesas Electronics Corporation) C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\rusb3mon.exe
(Renesas Electronics Corporation) C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
(Creative Technology Ltd) C:\Program Files (x86)\Creative\Sound Blaster Recon3D PCIe\Sound Blaster Recon3D PCIe Control Panel\SBRnPCIe.exe
(Corsair Components, Inc.) C:\Program Files (x86)\Corsair\Corsair Gaming Headset Software\HeadsetControlPanel.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\IPC\AdobeIPCBroker.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\HEX\Adobe CEF Helper.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ADS\Adobe Desktop Service.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\HEX\Adobe CEF Helper.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
() C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCLibrary\CCLibrary.exe
(Joyent, Inc) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCLibrary\libs\node.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWelcome.exe
(FileZilla Project) C:\Program Files (x86)\FileZilla FTP Client\filezilla.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(Don HO don.h@free.fr) C:\Program Files (x86)\Notepad++\notepad++.exe
(Valve Corporation) E:\Games\steam\Steam.exe
(Valve Corporation) E:\Games\steam\bin\steamwebhelper.exe
(Valve Corporation) E:\Games\steam\bin\steamwebhelper.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae-svc.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae64.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDScan.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe


==================== Registry (Nicht auf der Ausnahmeliste) ===========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2655520 2015-10-12] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [508104 2015-09-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [RUSB3MON] => C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\rusb3mon.exe [115048 2011-09-20] (Renesas Electronics Corporation)
HKLM-x32\...\Run: [NUSB3MON] => C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [113288 2010-11-17] (Renesas Electronics Corporation)
HKLM-x32\...\Run: [Sound Blaster Recon3D PCIe Control Panel] => C:\Program Files (x86)\Creative\Sound Blaster Recon3D PCIe\Sound Blaster Recon3D PCIe Control Panel\SBRnPCIe.exe [976896 2012-12-18] (Creative Technology Ltd)
HKLM-x32\...\Run: [Corsair Gaming Headset Software] => C:\Program Files (x86)\Corsair\Corsair Gaming Headset Software\HeadsetControlPanel.exe [2918152 2014-08-18] (Corsair Components, Inc.)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2292912 2015-09-17] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [TrueImageMonitor.exe] => C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe [6405376 2013-03-28] (Acronis)
HKLM-x32\...\Run: [SDTray] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [4101576 2014-06-24] (Safer-Networking Ltd.)
HKLM-x32\...\Run: [Malwarebytes Anti-Exploit] => C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae.exe [2620728 2015-07-22] (Malwarebytes Corporation)
Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
HKU\S-1-5-21-1137705209-1149081475-1850392428-1000\...\Run: [SteelSeries Engine] => C:\Program Files\SteelSeries\SteelSeries Engine\SteelSeriesEngine.exe [242688 2013-07-12] (SteelSeries ApS)
HKU\S-1-5-21-1137705209-1149081475-1850392428-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8204056 2015-04-23] (Piriform Ltd)
HKU\S-1-5-21-1137705209-1149081475-1850392428-1000\...\Run: [Dropbox Update] => C:\Users\Frank\AppData\Local\Dropbox\Update\DropboxUpdate.exe [134512 2015-06-23] (Dropbox, Inc.)
HKU\S-1-5-21-1137705209-1149081475-1850392428-1000\...\Run: [Spotify Web Helper] => C:\Users\Frank\AppData\Roaming\Spotify\SpotifyWebHelper.exe [2541160 2015-10-13] (Spotify Ltd)
HKU\S-1-5-21-1137705209-1149081475-1850392428-1000\...\Run: [SpybotPostWindows10UpgradeReInstall] => C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe [1011200 2015-07-28] (Safer-Networking Ltd.)
HKU\S-1-5-21-1137705209-1149081475-1850392428-501\...\Run: [LightScribe Control Panel] => C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe [2736128 2013-01-16] (Hewlett-Packard Company)
HKU\S-1-5-21-1137705209-1149081475-1850392428-501\...\Run: [RESTART_STICKY_NOTES] => C:\Windows\system32\StikyNot.exe [427520 2009-07-14] (Microsoft Corporation)
HKU\S-1-5-21-1137705209-1149081475-1850392428-501\...\Run: [SteelSeries Engine] => C:\Program Files\SteelSeries\SteelSeries Engine\SteelSeriesEngine.exe [242688 2013-07-12] (SteelSeries ApS)
HKU\S-1-5-21-1137705209-1149081475-1850392428-501\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8204056 2015-04-23] (Piriform Ltd)
HKU\S-1-5-21-1137705209-1149081475-1850392428-501\...\Run: [Spotify Web Helper] => C:\Users\Frank\AppData\Roaming\Spotify\SpotifyWebHelper.exe [2541160 2015-10-13] (Spotify Ltd)
HKU\S-1-5-21-1137705209-1149081475-1850392428-501\...\Run: [Plex Media Server] => "C:\Program Files (x86)\Plex\Plex Media Server\Plex Media Server.exe"
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2015-09-11] ()
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2015-09-11] ()
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2015-09-11] ()
ShellIconOverlayIdentifiers: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Frank\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-10-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Frank\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-10-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Frank\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-10-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Frank\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-10-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Frank\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-10-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Frank\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-10-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Frank\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-10-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Frank\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-10-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [01UnsuppModule] -> {AEB16659-2125-4ADA-A4AB-45EE21E86469} => C:\Users\Frank\AppData\Local\CloudStation\CloudStation.app\icon-overlay\13\x64\iconOverlay.dll [2015-10-20] (TODO: <Company name>)
ShellIconOverlayIdentifiers: [02SyncingModule] -> {48AB5ADA-36B1-4137-99C9-2BD97F8788AB} => C:\Users\Frank\AppData\Local\CloudStation\CloudStation.app\icon-overlay\13\x64\iconOverlay.dll [2015-10-20] (TODO: <Company name>)
ShellIconOverlayIdentifiers: [03SyncedModule] -> {472CE1AD-5D53-4BCF-A1FB-3982A5F55138} => C:\Users\Frank\AppData\Local\CloudStation\CloudStation.app\icon-overlay\13\x64\iconOverlay.dll [2015-10-20] (TODO: <Company name>)
ShellIconOverlayIdentifiers: [04ReadOnlyModule] -> {A433C3E0-8B24-40EB-93C3-4B10D9959F58} => C:\Users\Frank\AppData\Local\CloudStation\CloudStation.app\icon-overlay\13\x64\iconOverlay.dll [2015-10-20] (TODO: <Company name>)
ShellIconOverlayIdentifiers: [05NoPermModule] -> {C701AD67-3DF0-47C9-89CB-DFA6207BE229} => C:\Users\Frank\AppData\Local\CloudStation\CloudStation.app\icon-overlay\13\x64\iconOverlay.dll [2015-10-20] (TODO: <Company name>)
Startup: C:\Users\Frank\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2015-06-23]
ShortcutTarget: Dropbox.lnk -> C:\Users\Frank\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
BootExecute: autocheck autochk * sdnclean64.exe
GroupPolicyScripts: Beschränkung <======= ACHTUNG

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

ProxyServer: [S-1-5-21-1137705209-1149081475-1850392428-1000] => socks=localhost:5000
Hosts: Es ist mehr als ein Eintrag in der Hosts Datei zu finden. Siehe Hosts-Bereich in Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1 192.168.0.2
Tcpip\..\Interfaces\{0D40A8AD-C772-4206-AB38-D0B0BACE1433}: [DhcpNameServer] 192.168.0.1 192.168.0.2
Tcpip\..\Interfaces\{3CE39511-DE4F-4A30-B9C3-85902ED1EF3F}: [DhcpNameServer] 192.168.0.1 192.168.0.2
Tcpip\..\Interfaces\{B6C2ADF6-5E8C-4D2E-9779-E615AE0AF4C9}: [DhcpNameServer] 192.168.0.1 192.168.0.2
Tcpip\..\Interfaces\{E629FDD8-146A-491C-8B9C-620A1483C367}: [DhcpNameServer] 192.168.0.1 192.168.0.2

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = 
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = 
HKU\S-1-5-21-1137705209-1149081475-1850392428-1000\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-1137705209-1149081475-1850392428-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
HKU\S-1-5-21-1137705209-1149081475-1850392428-501\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/
BHO: Virtual Keyboard Plugin -> {4A66AD60-A03D-4D01-86F0-5F0F7C0EF1AD} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Small Office Security 15.0.2\x64\IEExt\ie_plugin.dll [2014-12-23] (Kaspersky Lab ZAO)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18] (Microsoft Corporation)
BHO: Content Blocker Plugin -> {93BC2EA7-2F17-4729-948A-D2E03FFB2412} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Small Office Security 15.0.2\x64\IEExt\ie_plugin.dll [2014-12-23] (Kaspersky Lab ZAO)
BHO: Safe Money Plugin -> {AB379017-4C03-4E00-8EDF-E6D6AF7CCF82} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Small Office Security 15.0.2\x64\IEExt\ie_plugin.dll [2014-12-23] (Kaspersky Lab ZAO)
BHO: Kein Name -> {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} -> Keine Datei
BHO-x32: Virtual Keyboard Plugin -> {4A66AD60-A03D-4D01-86F0-5F0F7C0EF1AD} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Small Office Security 15.0.2\IEExt\ie_plugin.dll [2014-12-23] (Kaspersky Lab ZAO)
BHO-x32: Content Blocker Plugin -> {93BC2EA7-2F17-4729-948A-D2E03FFB2412} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Small Office Security 15.0.2\IEExt\ie_plugin.dll [2014-12-23] (Kaspersky Lab ZAO)
BHO-x32: Safe Money Plugin -> {AB379017-4C03-4E00-8EDF-E6D6AF7CCF82} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Small Office Security 15.0.2\IEExt\ie_plugin.dll [2014-12-23] (Kaspersky Lab ZAO)

FireFox:
========
FF ProfilePath: C:\Users\Frank\AppData\Roaming\Mozilla\Firefox\Profiles\suyl9h7i.default
FF Homepage: hxxps://startpage.com/do/mypage.pl?prf=42d6615880469f9cf2f55006e95e1f5f
FF NetworkProxy: "http_port", 80
FF NetworkProxy: "socks", "127.0.0.1"
FF NetworkProxy: "socks_port", 5000
FF NetworkProxy: "socks_remote_dns", true
FF NetworkProxy: "type", 4
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_19_0_0_207.dll [2015-10-14] ()
FF Plugin: @java.com/DTPlugin,version=10.25.2 -> C:\Windows\system32\npDeployJava1.dll [2013-08-29] (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled [Keine Datei]
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2015-09-17] (Adobe Systems)
FF Plugin: synology.com/SurveillancePlugin_x86_64 -> C:\Program Files (x86)\Synology\SurveillancePlugin\1.0.0.746\npSurveillancePlugin_x86_64.dll [2015-07-31] (Synology)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_19_0_0_207.dll [2015-10-14] ()
FF Plugin-x32: @esn/esnlaunch,version=2.1.7 -> C:\Program Files (x86)\Battlelog Web Plugins\2.1.7\npesnlaunch.dll [2013-05-30] (ESN Social Software AB)
FF Plugin-x32: @kaspersky.com/content_blocker_663BE84DBCC949E88C7600F63CA7F098 -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Small Office Security 15.0.2\FFExt\content_blocker@kaspersky.com [2015-05-05] ()
FF Plugin-x32: @kaspersky.com/online_banking_08806E753BE44495B44E90AA2513BDC5 -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Small Office Security 15.0.2\FFExt\online_banking@kaspersky.com [2015-05-05] ()
FF Plugin-x32: @kaspersky.com/virtual_keyboard_07402848C2F6470194F131B0F3DE025E -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Small Office Security 15.0.2\FFExt\virtual_keyboard@kaspersky.com [2015-05-05] ()
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [Keine Datei]
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-10-03] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-10-03] (NVIDIA Corporation)
FF Plugin-x32: @samsungsmartcam.com/npwViewer -> C:\Program Files (x86)\Samsung\SmartCam\npwViewer_lib.dll [2014-11-27] (Samsung Techwin)
FF Plugin-x32: @samsungsmartcam.com/npwViewer_turn -> C:\Program Files (x86)\Samsung\SmartCam\npwViewer_lib_turn.dll [2014-11-27] (Samsung Techwin)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-17] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-17] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.8 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-09-30] (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2015-09-17] (Adobe Systems)
FF Plugin-x32: samsungtechwin.com/SmartCamFinder -> C:\Program Files (x86)\Samsung\SmartCam\npSmartCamFinder.dll [2014-08-17] (Samsung Techwin)
FF Plugin-x32: synology.com/SurveillancePlugin -> C:\Program Files (x86)\Synology\SurveillancePlugin\1.0.0.746\npSurveillancePlugin.dll [2015-07-31] (Synology)
FF Plugin HKU\S-1-5-21-1137705209-1149081475-1850392428-1000: @samsungsmartcam.com/npwViewer -> C:\Program Files (x86)\Samsung\SmartCam\npwViewer_lib.dll [2014-11-27] (Samsung Techwin)
FF Plugin HKU\S-1-5-21-1137705209-1149081475-1850392428-1000: @samsungsmartcam.com/npwViewer_turn -> C:\Program Files (x86)\Samsung\SmartCam\npwViewer_lib_turn.dll [2014-11-27] (Samsung Techwin)
FF Plugin HKU\S-1-5-21-1137705209-1149081475-1850392428-1000: samsungtechwin.com/SmartCamFinder -> C:\Program Files (x86)\Samsung\SmartCam\npSmartCamFinder.dll [2014-08-17] (Samsung Techwin)
FF user.js: detected! => C:\Users\Frank\AppData\Roaming\Mozilla\Firefox\Profiles\suyl9h7i.default\user.js [2015-10-05]
FF user.js: detected! => C:\Users\Frank\AppData\Roaming\Mozilla\Firefox\Profiles\n3xu4gt9.clear\user.js [2015-10-05]
FF user.js: detected! => C:\Users\Frank\AppData\Roaming\Mozilla\Firefox\Profiles\JonDoFox\user.js [2015-10-05]
FF user.js: detected! => C:\Users\Frank\AppData\Roaming\Mozilla\Firefox\Profiles\6lrco4ln.1233213123123123\user.js [2015-10-05]
FF SearchPlugin: C:\Users\Frank\AppData\Roaming\Mozilla\Firefox\Profiles\JonDoFox\searchplugins\blekko-ssl.xml [2014-01-20]
FF SearchPlugin: C:\Users\Frank\AppData\Roaming\Mozilla\Firefox\Profiles\JonDoFox\searchplugins\duckduckgo-ssl-javascript-free.xml [2013-08-06]
FF SearchPlugin: C:\Users\Frank\AppData\Roaming\Mozilla\Firefox\Profiles\JonDoFox\searchplugins\google-de-ssl.xml [2013-08-06]
FF SearchPlugin: C:\Users\Frank\AppData\Roaming\Mozilla\Firefox\Profiles\JonDoFox\searchplugins\google-encrypted-no-personalization.xml [2013-08-06]
FF SearchPlugin: C:\Users\Frank\AppData\Roaming\Mozilla\Firefox\Profiles\JonDoFox\searchplugins\ixquick---deutsch.xml [2013-08-06]
FF SearchPlugin: C:\Users\Frank\AppData\Roaming\Mozilla\Firefox\Profiles\JonDoFox\searchplugins\ixquick-ssl-pictures---deutsch.xml [2013-08-06]
FF SearchPlugin: C:\Users\Frank\AppData\Roaming\Mozilla\Firefox\Profiles\JonDoFox\searchplugins\ixquick-ssl-pictures---english.xml [2013-08-06]
FF SearchPlugin: C:\Users\Frank\AppData\Roaming\Mozilla\Firefox\Profiles\JonDoFox\searchplugins\ixquick.xml [2013-08-06]
FF SearchPlugin: C:\Users\Frank\AppData\Roaming\Mozilla\Firefox\Profiles\JonDoFox\searchplugins\leo-eng-ger.xml [2013-08-06]
FF SearchPlugin: C:\Users\Frank\AppData\Roaming\Mozilla\Firefox\Profiles\JonDoFox\searchplugins\leo-esp-ale.xml [2013-08-06]
FF SearchPlugin: C:\Users\Frank\AppData\Roaming\Mozilla\Firefox\Profiles\JonDoFox\searchplugins\leo-fra-all.xml [2013-08-06]
FF SearchPlugin: C:\Users\Frank\AppData\Roaming\Mozilla\Firefox\Profiles\JonDoFox\searchplugins\metager2.xml [2013-08-06]
FF SearchPlugin: C:\Users\Frank\AppData\Roaming\Mozilla\Firefox\Profiles\JonDoFox\searchplugins\ssl-wikipedia-deutsch.xml [2013-08-06]
FF SearchPlugin: C:\Users\Frank\AppData\Roaming\Mozilla\Firefox\Profiles\JonDoFox\searchplugins\ssl-wikipedia-english.xml [2013-08-06]
FF SearchPlugin: C:\Users\Frank\AppData\Roaming\Mozilla\Firefox\Profiles\JonDoFox\searchplugins\startpage-https---deutsch.xml [2013-08-06]
FF SearchPlugin: C:\Users\Frank\AppData\Roaming\Mozilla\Firefox\Profiles\JonDoFox\searchplugins\startpage-https.xml [2013-08-06]
FF Extension: German Dictionary - C:\Users\Frank\AppData\Roaming\Mozilla\Firefox\Profiles\suyl9h7i.default\Extensions\de-DE@dictionaries.addons.mozilla.org [2015-05-28] [ist nicht signiert]
FF Extension: Valence - C:\Users\Frank\AppData\Roaming\Mozilla\Firefox\Profiles\suyl9h7i.default\Extensions\fxdevtools-adapters@mozilla.org [2015-09-29]
FF Extension: HTTPS-Everywhere - C:\Users\Frank\AppData\Roaming\Mozilla\Firefox\Profiles\suyl9h7i.default\Extensions\https-everywhere@eff.org [2015-08-24]
FF Extension: YouTube Unblocker - C:\Users\Frank\AppData\Roaming\Mozilla\Firefox\Profiles\suyl9h7i.default\Extensions\youtubeunblocker__web@unblocker.yt [2015-09-01]
FF Extension: iMacros for Firefox - C:\Users\Frank\AppData\Roaming\Mozilla\Firefox\Profiles\suyl9h7i.default\Extensions\{81BF1D23-5F17-408D-AC6B-BD6DF7CAF670} [2015-09-25]
FF Extension: Nightly Tester Tools - C:\Users\Frank\AppData\Roaming\Mozilla\Firefox\Profiles\suyl9h7i.default\Extensions\{8620c15f-30dc-4dba-a131-7c5d20cf4a29} [2015-06-29]
FF Extension: WOT - C:\Users\Frank\AppData\Roaming\Mozilla\Firefox\Profiles\suyl9h7i.default\Extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7} [2015-10-21]
FF Extension: HttpRequester - C:\Users\Frank\AppData\Roaming\Mozilla\Firefox\Profiles\suyl9h7i.default\Extensions\{ea4637dc-e014-4c17-9c2c-879322d23268} [2015-10-06]
FF Extension: anonymoX - C:\Users\Frank\AppData\Roaming\Mozilla\Firefox\Profiles\suyl9h7i.default\Extensions\client@anonymox.net.xpi [2014-05-03]
FF Extension: Firebug - C:\Users\Frank\AppData\Roaming\Mozilla\Firefox\Profiles\suyl9h7i.default\Extensions\firebug@software.joehewitt.com.xpi [2013-08-28]
FF Extension: Ghostery - C:\Users\Frank\AppData\Roaming\Mozilla\Firefox\Profiles\suyl9h7i.default\Extensions\firefox@ghostery.com.xpi [2015-06-29]
FF Extension: MEGA - C:\Users\Frank\AppData\Roaming\Mozilla\Firefox\Profiles\suyl9h7i.default\Extensions\firefox@mega.co.nz.xpi [2014-11-16] [ist nicht signiert]
FF Extension: JS Deminifier - C:\Users\Frank\AppData\Roaming\Mozilla\Firefox\Profiles\suyl9h7i.default\Extensions\jsdeminifier@murphy.ben.name.xpi [2015-10-12]
FF Extension: JavaScript Deobfuscator - C:\Users\Frank\AppData\Roaming\Mozilla\Firefox\Profiles\suyl9h7i.default\Extensions\jsdeobfuscator@adblockplus.org.xpi [2015-10-12]
FF Extension: NoScript - C:\Users\Frank\AppData\Roaming\Mozilla\Firefox\Profiles\suyl9h7i.default\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2014-02-24]
FF Extension: Tamper Data - C:\Users\Frank\AppData\Roaming\Mozilla\Firefox\Profiles\suyl9h7i.default\Extensions\{9c51bd27-6ed8-4000-a2bf-36cb95c0c947}.xpi [2015-06-26]
FF Extension: Video DownloadHelper - C:\Users\Frank\AppData\Roaming\Mozilla\Firefox\Profiles\suyl9h7i.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2015-03-17]
FF Extension: Web Developer - C:\Users\Frank\AppData\Roaming\Mozilla\Firefox\Profiles\suyl9h7i.default\Extensions\{c45c406e-ab73-11d8-be73-000a95be3b12}.xpi [2013-09-01]
FF Extension: Adblock Plus - C:\Users\Frank\AppData\Roaming\Mozilla\Firefox\Profiles\suyl9h7i.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2013-07-30]
FF Extension: User Agent Switcher - C:\Users\Frank\AppData\Roaming\Mozilla\Firefox\Profiles\suyl9h7i.default\Extensions\{e968fc70-8f95-4ab9-9e79-304de2a71ee1}.xpi [2015-06-26]
FF Extension: Amazon-Icon - C:\Users\Frank\AppData\Roaming\Mozilla\Firefox\Profiles\n3xu4gt9.clear\Extensions\amazon-icon@giga.de [2014-12-14] [ist nicht signiert]
FF Extension: HttpRequester - C:\Users\Frank\AppData\Roaming\Mozilla\Firefox\Profiles\n3xu4gt9.clear\Extensions\{ea4637dc-e014-4c17-9c2c-879322d23268} [2015-10-05]
FF Extension: anonymoX - C:\Users\Frank\AppData\Roaming\Mozilla\Firefox\Profiles\n3xu4gt9.clear\Extensions\client@anonymox.net.xpi [2015-10-05]
FF Extension: Kein Name - C:\Users\Frank\AppData\Roaming\Mozilla\Firefox\Profiles\n3xu4gt9.clear\Extensions\{9c51bd27-6ed8-4000-a2bf-36cb95c0c947}.xpi [2015-10-05] [ist nicht signiert]
FF Extension: Amazon-Icon - C:\Users\Frank\AppData\Roaming\Mozilla\Firefox\Profiles\JonDoFox\Extensions\amazon-icon@giga.de [2014-12-14] [ist nicht signiert]
FF Extension: HTTPS-Everywhere - C:\Users\Frank\AppData\Roaming\Mozilla\Firefox\Profiles\JonDoFox\Extensions\https-everywhere@eff.org [2014-04-29] [ist nicht signiert]
FF Extension: Cookie Monster - C:\Users\Frank\AppData\Roaming\Mozilla\Firefox\Profiles\JonDoFox\Extensions\{45d8ff86-d909-11db-9705-005056c00008} [2014-04-29] [ist nicht signiert]
FF Extension: DownloadHelper - C:\Users\Frank\AppData\Roaming\Mozilla\Firefox\Profiles\JonDoFox\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} [2014-04-29] [ist nicht signiert]
FF Extension: Kein Name - C:\Users\Frank\AppData\Roaming\Mozilla\Firefox\Profiles\JonDoFox\Extensions\{437be45a-4114-11dd-b9ab-71d256d89593}.xpi [2014-04-29] [ist nicht signiert]
FF Extension: Kein Name - C:\Users\Frank\AppData\Roaming\Mozilla\Firefox\Profiles\JonDoFox\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2014-04-29] [ist nicht signiert]
FF Extension: Adblock Plus - C:\Users\Frank\AppData\Roaming\Mozilla\Firefox\Profiles\JonDoFox\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-03-19] [ist nicht signiert]
FF Extension: Kein Name - C:\Users\Frank\AppData\Roaming\Mozilla\Firefox\Profiles\JonDoFox\Extensions\{fa8476cf-a98c-4e08-99b4-65a69cb4b7d4}.xpi [2014-03-19] [ist nicht signiert]
FF HKLM-x32\...\Firefox\Extensions: [ffpwdman@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender\Antispam32\ffpwdman => nicht gefunden
FF HKLM-x32\...\Firefox\Extensions: [content_blocker_663BE84DBCC949E88C7600F63CA7F098@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Small Office Security 15.0.2\FFExt\content_blocker@kaspersky.com
FF Extension: Dangerous Websites Blocker - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Small Office Security 15.0.2\FFExt\content_blocker@kaspersky.com [2015-05-05] [ist nicht signiert]
FF HKLM-x32\...\Firefox\Extensions: [virtual_keyboard_07402848C2F6470194F131B0F3DE025E@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Small Office Security 15.0.2\FFExt\virtual_keyboard@kaspersky.com
FF Extension: Virtual Keyboard - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Small Office Security 15.0.2\FFExt\virtual_keyboard@kaspersky.com [2015-05-05] [ist nicht signiert]
FF HKLM-x32\...\Firefox\Extensions: [online_banking_08806E753BE44495B44E90AA2513BDC5@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Small Office Security 15.0.2\FFExt\online_banking@kaspersky.com
FF Extension: Safe Money - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Small Office Security 15.0.2\FFExt\online_banking@kaspersky.com [2015-05-05] [ist nicht signiert]

Chrome: 
=======
CHR Profile: C:\Users\Frank\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Kaspersky Protection) - C:\Users\Frank\AppData\Local\Google\Chrome\User Data\Default\Extensions\dbhjdbfgekjfcfkkfjjmlmojhbllhbho [2015-05-05]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Frank\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-02-24]
CHR Extension: (Synology Web Clipper) - C:\Users\Frank\AppData\Local\Google\Chrome\User Data\Default\Extensions\pcfbfimijgibligmbglggnbiobgjgmbk [2015-10-20]
CHR HKLM\...\Chrome\Extension: [dbhjdbfgekjfcfkkfjjmlmojhbllhbho] - hxxps://chrome.google.com/webstore/detail/dbhjdbfgekjfcfkkfjjmlmojhbllhbho
CHR HKLM-x32\...\Chrome\Extension: [dbhjdbfgekjfcfkkfjjmlmojhbllhbho] - hxxps://chrome.google.com/webstore/detail/dbhjdbfgekjfcfkkfjjmlmojhbllhbho

Opera: 
=======
OPR Extension: (Online Tvs 24/7) - C:\Users\Frank\AppData\Roaming\Opera Software\Opera Stable\Extensions\gpnolafbdbankibfhpmkgkalpiapmgme [2014-11-16]

==================== Dienste (Nicht auf der Ausnahmeliste) ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [669872 2015-09-15] (Adobe Systems Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2015936 2015-09-29] (Adobe Systems, Incorporated)
S4 Apple Mobile Device; C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDevice.exe [55336 2015-07-28] ()
R2 avmike; C:\Program Files\FRITZ!Fernzugang\avmike.exe [337824 2012-11-28] (AVM Berlin)
R2 AVP15.0.2; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Small Office Security 15.0.2\avp.exe [194000 2015-06-23] (Kaspersky Lab ZAO)
R2 certsrv; C:\Program Files\FRITZ!Fernzugang\certsrv.exe [143776 2012-11-28] (AVM Berlin)
S4 CLKMSVC10_38F51D56; C:\Program Files (x86)\CyberLink\PowerDVD10\NavFilter\kmsvc.exe [242664 2012-05-09] (CyberLink)
S3 Creative ALchemy AL6 Licensing Service; C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe [79360 2013-07-27] (Creative Labs) [Datei ist nicht signiert]
R2 CTAudSvcService; C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe [423424 2012-10-08] (Creative Technology Ltd) [Datei ist nicht signiert]
S4 CtHdaSvc; C:\Windows\sysWow64\CtHdaSvc.exe [103936 2013-07-30] (Creative Technology Ltd)
R2 DirMngr; C:\Program Files (x86)\GNU\GnuPG\dirmngr.exe [218112 2013-10-07] () [Datei ist nicht signiert]
S3 EasyAntiCheat; C:\Windows\SysWOW64\EasyAntiCheat.exe [237864 2015-02-27] (EasyAntiCheat Ltd)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1156384 2015-10-12] (NVIDIA Corporation)
S4 HiSuiteOuc64.exe; C:\ProgramData\HiSuiteOuc\HiSuiteOuc64.exe [138272 2014-09-05] ()
S4 HuaweiHiSuiteService64.exe; C:\ProgramData\HandSetService\HuaweiHiSuiteService64.exe [219680 2014-09-05] ()
S4 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15720 2013-08-07] (Intel Corporation)
S3 ICCS; C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe [160256 2012-02-01] (Intel Corporation) [Datei ist nicht signiert]
S4 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [69632 2005-11-14] (Macrovision Corporation) [Datei ist nicht signiert]
S4 LightScribeService; C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [73728 2013-01-16] (Hewlett-Packard Company) [Datei ist nicht signiert]
R2 MbaeSvc; C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae-svc.exe [713016 2015-07-22] (Malwarebytes Corporation)
S2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1513784 2015-10-05] (Malwarebytes)
S2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1135416 2015-10-05] (Malwarebytes)
R2 MSI_SuperCharger; C:\Program Files (x86)\MSI\Super-Charger\ChargeService.exe [161776 2013-08-19] (MSI)
S4 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1873696 2015-10-12] (NVIDIA Corporation)
S4 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [5568288 2015-10-12] (NVIDIA Corporation)
R2 nwtsrv; C:\Program Files\FRITZ!Fernzugang\nwtsrv.exe [191328 2013-06-10] (AVM Berlin)
S4 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2078216 2015-10-15] (Electronic Arts)
S4 SbieSvc; C:\Program Files\Sandboxie\SbieSvc.exe [187592 2014-01-17] (Sandboxie Holdings, LLC)
R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1738168 2014-06-24] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2088408 2014-06-27] (Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [171928 2014-04-25] (Safer-Networking Ltd.)
R2 UsbClientService; C:\Program Files (x86)\Synology\Assistant\UsbClientService.exe [248736 2015-05-11] ()
S3 VsEtwService120; C:\Program Files\Microsoft Visual Studio 12.0\Common7\Packages\Debugger\Services\VsEtwService.exe [87728 2013-10-05] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)

===================== Treiber (Nicht auf der Ausnahmeliste) ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R0 cm_km_w; C:\Windows\System32\DRIVERS\cm_km_w.sys [247016 2015-06-23] (Kaspersky Lab UK Ltd)
R3 CorsairAudioFilter; C:\Windows\System32\DRIVERS\corsveng2kamd64.sys [112808 2014-08-15] (Corsair Components, Inc.)
R3 cthda; C:\Windows\System32\drivers\cthda.sys [1049880 2013-07-30] (Creative Technology Ltd)
R3 cthdb; C:\Windows\System32\DRIVERS\cthdb.sys [28440 2013-07-30] (Creative Technology Ltd)
S3 dtlitescsibus; C:\Windows\System32\DRIVERS\dtlitescsibus.sys [30264 2015-08-15] (Disc Soft Ltd)
S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
R1 ESProtectionDriver; C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae64.sys [63064 2015-07-22] ()
U5 hw_usbdev; C:\Windows\System32\Drivers\hw_usbdev.sys [116864 2014-07-29] (Huawei Technologies Co., Ltd.)
R0 iaStorF; C:\Windows\System32\DRIVERS\iaStorF.sys [28008 2013-08-07] (Intel Corporation)
R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [478392 2015-06-23] (Kaspersky Lab ZAO)
R2 kldisk; C:\Windows\System32\DRIVERS\kldisk.sys [64368 2015-06-23] (Kaspersky Lab ZAO)
R3 klflt; C:\Windows\System32\DRIVERS\klflt.sys [159960 2015-06-23] (Kaspersky Lab ZAO)
R1 klhk; C:\Windows\System32\DRIVERS\klhk.sys [225976 2015-06-30] (Kaspersky Lab ZAO)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [831672 2015-10-06] (Kaspersky Lab ZAO)
R1 KLIM6; C:\Windows\System32\DRIVERS\klim6.sys [39280 2015-06-23] (Kaspersky Lab ZAO)
R3 klkbdflt; C:\Windows\System32\DRIVERS\klkbdflt.sys [40304 2015-06-23] (Kaspersky Lab ZAO)
R3 klmouflt; C:\Windows\System32\DRIVERS\klmouflt.sys [39280 2015-06-23] (Kaspersky Lab ZAO)
R1 klpd; C:\Windows\System32\DRIVERS\klpd.sys [24944 2015-06-23] (Kaspersky Lab ZAO)
R1 kltdi; C:\Windows\System32\DRIVERS\kltdi.sys [65208 2015-06-23] (Kaspersky Lab ZAO)
R1 Klwtp; C:\Windows\System32\DRIVERS\klwtp.sys [85360 2015-06-23] (Kaspersky Lab ZAO)
R1 kneps; C:\Windows\System32\DRIVERS\kneps.sys [190648 2015-10-06] (Kaspersky Lab ZAO)
S3 lachesis35g; C:\Windows\System32\DRIVERS\lachesis35g.sys [11776 2012-12-10] (Razer USA Ltd) [Datei ist nicht signiert]
S3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-10-05] (Malwarebytes)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-10-05] (Malwarebytes Corporation)
R2 npf; C:\Windows\System32\drivers\npf.sys [36600 2015-06-01] (Riverbed Technology, Inc.)
R3 NTIOLib_1_0_3; C:\Program Files (x86)\MSI\Super-Charger\NTIOLib_X64.sys [13368 2012-10-25] (MSI)
S3 NTIOLib_1_0_4; C:\Program Files (x86)\MSI\Live Update 5\NTIOLib_X64.sys [14136 2010-10-22] (MSI)
S3 NTIOLib_MSISMB_CC; C:\Program Files (x86)\MSI\ControlCenter\Sleep\NTIOLib_X64.sys [13368 2012-11-09] (MSI)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [20768 2015-10-12] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [50472 2015-08-11] (NVIDIA Corporation)
R3 NWIM; C:\Windows\System32\DRIVERS\avmnwim.sys [412024 2011-07-05] (AVM Berlin)
R3 rusb3hub; C:\Windows\System32\DRIVERS\rusb3hub.sys [114568 2012-08-27] (Renesas Electronics Corporation)
R3 rusb3xhc; C:\Windows\System32\DRIVERS\rusb3xhc.sys [230280 2012-08-27] (Renesas Electronics Corporation)
R3 SAlphamHid; C:\Windows\System32\DRIVERS\SAlpham64.sys [38016 2013-06-25] (SteelSeries Corporation)
S3 SbieDrv; C:\Program Files\Sandboxie\SbieDrv.sys [202600 2014-01-17] (Sandboxie Holdings, LLC)
S3 subvgaproduct64; C:\Windows\System32\DRIVERS\subvga64.sys [5120 2014-10-07] (Windows (R) Win 7 DDK provider)
S3 USBAAPL64; C:\Windows\System32\Drivers\usbaapl64.sys [54784 2015-06-10] (Apple, Inc.) [Datei ist nicht signiert]
S3 vnet; C:\Windows\System32\DRIVERS\virtualnet.sys [17408 2013-07-01] (Shrew Soft Inc) [Datei ist nicht signiert]
S1 BdfNdisf; \??\c:\program files\common files\bitdefender\bitdefender firewall\bdfndisf6.sys [X]
S3 glavcam; system32\DRIVERS\glavcam.sys [X]
S3 PROCEXP151; \??\C:\Windows\system32\Drivers\PROCEXP151.SYS [X]
S3 RTL8187; system32\DRIVERS\rtl8187.sys [X]
S3 taphss6; system32\DRIVERS\taphss6.sys [X]
S3 VBoxNetFlt; system32\DRIVERS\VBoxNetFlt.sys [X]
S3 vmci; \SystemRoot\system32\DRIVERS\vmci.sys [X]
S3 VMnetAdapter; system32\DRIVERS\vmnetadapter.sys [X]

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2015-10-21 14:21 - 2015-10-21 14:22 - 00000000 ____D C:\FRST
2015-10-21 14:19 - 2015-10-21 14:22 - 00000000 ____D C:\scan
2015-10-21 14:17 - 2015-10-21 14:17 - 00000000 _____ C:\Users\Frank\defogger_reenable
2015-10-21 12:52 - 2015-10-21 13:22 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2015-10-21 12:23 - 2015-10-21 12:24 - 00000000 ____D C:\ProgramData\Malwarebytes Anti-Exploit
2015-10-21 12:23 - 2015-10-21 12:23 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Exploit
2015-10-21 12:23 - 2015-10-21 12:23 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Exploit
2015-10-21 11:16 - 2015-10-21 11:16 - 00000021 _____ C:\Windows\S.dirmngr
2015-10-21 03:29 - 2015-10-21 03:29 - 00000000 ____D C:\Program Files\Common Files\AV
2015-10-21 03:29 - 2015-07-28 17:52 - 00821920 _____ (Safer-Networking Ltd. ) C:\Users\Public\Desktop\Post Win10 Spybot-install.exe
2015-10-21 03:20 - 2015-10-21 03:20 - 00001404 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk
2015-10-21 03:20 - 2015-10-21 03:20 - 00001392 _____ C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk
2015-10-21 03:20 - 2015-10-21 03:20 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2
2015-10-21 03:20 - 2013-09-20 10:49 - 00021040 _____ (Safer Networking Limited) C:\Windows\system32\sdnclean64.exe
2015-10-21 02:47 - 2015-10-21 02:47 - 00001215 _____ C:\Users\Frank\nas.lnk
2015-10-21 00:53 - 2015-10-21 00:53 - 00000000 ____D C:\Users\Frank\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2015-10-20 22:42 - 2015-10-20 22:42 - 00002202 _____ C:\Users\Public\Desktop\Synology Photo Station Uploader.lnk
2015-10-20 22:42 - 2015-10-20 22:42 - 00000000 ____D C:\Users\Frank\AppData\Local\Synology
2015-10-20 22:39 - 2015-10-20 22:41 - 00000000 ____D C:\Users\Frank\AppData\Local\CloudStation
2015-10-20 22:39 - 2015-10-20 22:39 - 00002575 _____ C:\Users\Public\Desktop\Synology Cloud Station.lnk
2015-10-20 22:18 - 2015-10-20 22:42 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Synology
2015-10-20 22:18 - 2015-10-20 22:18 - 00001173 _____ C:\Users\Public\Desktop\Synology Assistant.lnk
2015-10-20 22:18 - 2015-10-20 22:18 - 00000000 ____D C:\ProgramData\Synology
2015-10-20 16:07 - 2015-10-20 16:07 - 00000000 ____D C:\Users\Frank\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\iReasoning
2015-10-20 16:07 - 2015-10-20 16:07 - 00000000 ____D C:\Program Files (x86)\ireasoning
2015-10-20 15:52 - 2015-10-20 15:52 - 00000000 ____D C:\Users\Frank\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinAgents MIB Browser
2015-10-20 15:52 - 2015-10-20 15:52 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinAgents MIB Browser
2015-10-20 15:52 - 2015-10-20 15:52 - 00000000 ____D C:\Program Files (x86)\WinAgents
2015-10-18 22:12 - 2015-10-20 22:41 - 00000000 ____D C:\Program Files (x86)\Synology
2015-10-18 22:12 - 2015-10-18 22:12 - 00000000 ____D C:\Users\Frank\AppData\Roaming\Synology
2015-10-18 18:30 - 2015-10-18 18:30 - 00000000 ____D C:\Program Files (x86)\ESET
2015-10-17 22:02 - 2015-10-21 11:16 - 00002688 _____ C:\Windows\PFRO.log
2015-10-17 20:28 - 2015-10-17 20:28 - 00000000 ____D C:\Program Files (x86)\Samsung
2015-10-17 18:24 - 2015-10-17 18:24 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HD Tune
2015-10-17 18:24 - 2015-10-17 18:24 - 00000000 ____D C:\Program Files (x86)\HD Tune
2015-10-17 17:50 - 2015-10-17 17:50 - 00000125 _____ C:\Users\Frank\Synology Diskstation.url
2015-10-17 03:07 - 2015-10-21 11:16 - 00002127 _____ C:\Windows\setupact.log
2015-10-17 03:07 - 2015-10-17 16:04 - 00000000 _____ C:\Windows\setuperr.log
2015-10-16 18:07 - 2015-10-16 18:07 - 00000000 ____D C:\Program Files (x86)\Western Digital Corporation
2015-10-16 17:40 - 2015-10-16 18:03 - 00000000 ____D C:\Users\Frank\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ICQ
2015-10-16 17:12 - 2015-10-16 17:59 - 00000000 ____D C:\Users\Frank\AppData\Roaming\gsmartcontrol
2015-10-16 17:11 - 2015-10-16 17:59 - 00000000 ____D C:\Program Files (x86)\GSmartControl
2015-10-16 17:11 - 2015-10-16 17:11 - 00002100 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GSmartControl.lnk
2015-10-16 12:41 - 2015-10-16 20:08 - 00000000 ____D C:\Program Files\ShrewSoft
2015-10-16 12:41 - 2015-10-16 12:41 - 00000036 ___SH C:\ProgramData\Shrew Soft VPN.dat
2015-10-16 12:41 - 2015-10-16 12:41 - 00000000 ____D C:\Users\Frank\AppData\Local\Shrew Soft VPN
2015-10-15 22:38 - 2015-10-15 22:38 - 00000000 ____D C:\Users\Frank\AppData\Roaming\AVM
2015-10-15 22:38 - 2015-10-15 22:38 - 00000000 ____D C:\Program Files (x86)\FRITZ!Fernzugang einrichten
2015-10-15 17:31 - 2015-10-03 07:06 - 42914096 _____ C:\Windows\system32\nvcompiler.dll
2015-10-15 17:31 - 2015-10-03 07:06 - 37882488 _____ C:\Windows\SysWOW64\nvcompiler.dll
2015-10-15 17:31 - 2015-10-03 07:06 - 22306936 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2015-10-15 17:31 - 2015-10-03 07:06 - 18359928 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2015-10-15 17:31 - 2015-10-03 07:06 - 16541040 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2015-10-15 17:31 - 2015-10-03 07:06 - 14832968 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2015-10-15 17:31 - 2015-10-03 07:06 - 13518496 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2015-10-15 17:31 - 2015-10-03 07:06 - 12032200 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2015-10-15 17:31 - 2015-10-03 07:06 - 11114616 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2015-10-15 17:31 - 2015-10-03 07:06 - 02869880 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2015-10-15 17:31 - 2015-10-03 07:06 - 02489976 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2015-10-15 17:31 - 2015-10-03 07:06 - 01905456 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6435850.dll
2015-10-15 17:31 - 2015-10-03 07:06 - 01564976 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6435850.dll
2015-10-15 17:31 - 2015-10-03 07:06 - 00877176 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2015-10-15 17:31 - 2015-10-03 07:06 - 00861816 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2015-10-15 17:31 - 2015-10-03 07:06 - 00689456 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2015-10-15 17:31 - 2015-10-03 07:06 - 00673912 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2015-10-15 17:31 - 2015-10-03 07:06 - 00512720 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll
2015-10-15 17:31 - 2015-10-03 07:06 - 00467912 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshimx.dll
2015-10-15 17:31 - 2015-10-03 07:06 - 00422240 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll
2015-10-15 17:31 - 2015-10-03 07:06 - 00414000 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFROpenGL.dll
2015-10-15 17:31 - 2015-10-03 07:06 - 00388024 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2015-10-15 17:31 - 2015-10-03 07:06 - 00369272 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFROpenGL.dll
2015-10-15 17:31 - 2015-10-03 07:06 - 00177416 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
2015-10-15 17:31 - 2015-10-03 07:06 - 00155976 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2015-10-15 17:31 - 2015-10-03 07:06 - 00151368 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
2015-10-15 17:31 - 2015-10-03 07:06 - 00128696 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2015-10-15 17:31 - 2015-10-03 04:18 - 00102520 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe
2015-10-15 17:29 - 2015-10-15 22:38 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FRITZ!Fernzugang
2015-10-15 15:49 - 2015-10-15 15:51 - 00000000 ____D C:\Users\Frank\AppData\Roaming\HandBrake
2015-10-15 15:48 - 2015-10-15 15:48 - 00000833 _____ C:\Users\Gast\Desktop\Handbrake.lnk
2015-10-15 15:48 - 2015-10-15 15:48 - 00000833 _____ C:\Users\Frank\Desktop\Handbrake.lnk
2015-10-15 15:48 - 2015-10-15 15:48 - 00000000 ____D C:\Users\Frank\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Handbrake
2015-10-15 15:48 - 2015-10-15 15:48 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Handbrake
2015-10-15 15:48 - 2015-10-15 15:48 - 00000000 ____D C:\Program Files\Handbrake
2015-10-15 15:46 - 2015-10-15 15:46 - 00000000 ____D C:\Users\Frank\AppData\Local\Emicsoft Studio
2015-10-15 14:12 - 2015-10-15 14:12 - 00000000 ____D C:\Users\Frank\AppData\Roaming\Brorsoft
2015-10-15 11:43 - 2015-09-18 21:22 - 00025432 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2015-10-15 11:43 - 2015-09-18 21:19 - 01291264 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-10-15 11:43 - 2015-09-18 21:19 - 00766464 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-10-15 11:43 - 2015-09-18 21:19 - 00700416 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-10-15 11:43 - 2015-09-18 21:19 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-10-15 11:43 - 2015-09-18 21:19 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2015-10-15 11:43 - 2015-09-18 21:09 - 01163776 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-10-14 13:54 - 2015-09-18 21:31 - 00391784 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-10-14 13:54 - 2015-09-18 20:58 - 00345688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-10-14 13:54 - 2015-09-16 06:48 - 25851904 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-10-14 13:54 - 2015-09-16 06:36 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-10-14 13:54 - 2015-09-16 06:36 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-10-14 13:54 - 2015-09-16 06:22 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-10-14 13:54 - 2015-09-16 06:21 - 02886656 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-10-14 13:54 - 2015-09-16 06:21 - 00585728 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-10-14 13:54 - 2015-09-16 06:21 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-10-14 13:54 - 2015-09-16 06:21 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-10-14 13:54 - 2015-09-16 06:21 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-10-14 13:54 - 2015-09-16 06:14 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-10-14 13:54 - 2015-09-16 06:13 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-10-14 13:54 - 2015-09-16 06:10 - 00616960 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-10-14 13:54 - 2015-09-16 06:09 - 05990912 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-10-14 13:54 - 2015-09-16 06:08 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-10-14 13:54 - 2015-09-16 06:08 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-10-14 13:54 - 2015-09-16 06:08 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-10-14 13:54 - 2015-09-16 06:08 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-10-14 13:54 - 2015-09-16 06:01 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-10-14 13:54 - 2015-09-16 05:58 - 20357632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-10-14 13:54 - 2015-09-16 05:58 - 00489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-10-14 13:54 - 2015-09-16 05:50 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-10-14 13:54 - 2015-09-16 05:46 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-10-14 13:54 - 2015-09-16 05:45 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-10-14 13:54 - 2015-09-16 05:45 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-10-14 13:54 - 2015-09-16 05:43 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-10-14 13:54 - 2015-09-16 05:41 - 00152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2015-10-14 13:54 - 2015-09-16 05:33 - 00504832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-10-14 13:54 - 2015-09-16 05:33 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-10-14 13:54 - 2015-09-16 05:32 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-10-14 13:54 - 2015-09-16 05:32 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-10-14 13:54 - 2015-09-16 05:31 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2015-10-14 13:54 - 2015-09-16 05:31 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-10-14 13:54 - 2015-09-16 05:29 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-10-14 13:54 - 2015-09-16 05:29 - 00720896 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-10-14 13:54 - 2015-09-16 05:28 - 02279936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-10-14 13:54 - 2015-09-16 05:28 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-10-14 13:54 - 2015-09-16 05:26 - 02126336 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-10-14 13:54 - 2015-09-16 05:26 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-10-14 13:54 - 2015-09-16 05:26 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-10-14 13:54 - 2015-09-16 05:24 - 00480256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-10-14 13:54 - 2015-09-16 05:23 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-10-14 13:54 - 2015-09-16 05:22 - 14458368 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-10-14 13:54 - 2015-09-16 05:22 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-10-14 13:54 - 2015-09-16 05:22 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-10-14 13:54 - 2015-09-16 05:15 - 00416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-10-14 13:54 - 2015-09-16 05:11 - 02487808 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-10-14 13:54 - 2015-09-16 05:10 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-10-14 13:54 - 2015-09-16 05:07 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-10-14 13:54 - 2015-09-16 05:06 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-10-14 13:54 - 2015-09-16 05:05 - 04527616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-10-14 13:54 - 2015-09-16 05:05 - 00279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-10-14 13:54 - 2015-09-16 05:04 - 00130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2015-10-14 13:54 - 2015-09-16 04:59 - 01546752 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-10-14 13:54 - 2015-09-16 04:58 - 12853760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-10-14 13:54 - 2015-09-16 04:58 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2015-10-14 13:54 - 2015-09-16 04:56 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-10-14 13:54 - 2015-09-16 04:55 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-10-14 13:54 - 2015-09-16 04:55 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-10-14 13:54 - 2015-09-16 04:48 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-10-14 13:54 - 2015-09-16 04:37 - 02011136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-10-14 13:54 - 2015-09-16 04:34 - 01311232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-10-14 13:54 - 2015-09-16 04:32 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-10-14 13:54 - 2015-08-06 20:04 - 14176768 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2015-10-14 13:54 - 2015-08-06 20:03 - 01866752 _____ (Microsoft Corporation) C:\Windows\system32\ExplorerFrame.dll
2015-10-14 13:54 - 2015-08-06 19:44 - 12875776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2015-10-14 13:54 - 2015-08-06 19:44 - 01498624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ExplorerFrame.dll
2015-10-14 13:53 - 2015-10-01 20:06 - 00692672 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2015-10-14 13:53 - 2015-10-01 20:04 - 00616360 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2015-10-14 13:53 - 2015-10-01 20:00 - 00147456 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2015-10-14 13:53 - 2015-10-01 20:00 - 00063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2015-10-14 13:53 - 2015-10-01 20:00 - 00059392 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2015-10-14 13:53 - 2015-10-01 20:00 - 00032768 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2015-10-14 13:53 - 2015-10-01 20:00 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2015-10-14 13:53 - 2015-10-01 19:50 - 00050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2015-10-14 13:53 - 2015-10-01 19:00 - 00061440 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2015-10-14 13:53 - 2015-09-29 05:16 - 05569472 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-10-14 13:53 - 2015-09-29 05:13 - 01730496 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-10-14 13:53 - 2015-09-29 05:11 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-10-14 13:53 - 2015-09-29 05:11 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2015-10-14 13:53 - 2015-09-29 05:11 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2015-10-14 13:53 - 2015-09-29 05:11 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2015-10-14 13:53 - 2015-09-29 05:11 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-10-14 13:53 - 2015-09-29 05:11 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-10-14 13:53 - 2015-09-29 05:11 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-10-14 13:53 - 2015-09-29 05:11 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2015-10-14 13:53 - 2015-09-29 05:10 - 01216512 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2015-10-14 13:53 - 2015-09-29 05:10 - 01164800 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2015-10-14 13:53 - 2015-09-29 05:10 - 00729088 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-10-14 13:53 - 2015-09-29 05:10 - 00424960 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2015-10-14 13:53 - 2015-09-29 05:10 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-10-14 13:53 - 2015-09-29 05:10 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-10-14 13:53 - 2015-09-29 05:10 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2015-10-14 13:53 - 2015-09-29 05:10 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2015-10-14 13:53 - 2015-09-29 05:10 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2015-10-14 13:53 - 2015-09-29 05:10 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-10-14 13:53 - 2015-09-29 05:10 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2015-10-14 13:53 - 2015-09-29 05:09 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2015-10-14 13:53 - 2015-09-29 05:09 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-10-14 13:53 - 2015-09-29 05:05 - 03990976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-10-14 13:53 - 2015-09-29 05:05 - 03936192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-10-14 13:53 - 2015-09-29 05:05 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-10-14 13:53 - 2015-09-29 05:05 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-10-14 13:53 - 2015-09-29 05:02 - 01311768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2015-10-14 13:53 - 2015-09-29 05:01 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-10-14 13:53 - 2015-09-29 05:01 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2015-10-14 13:53 - 2015-09-29 05:01 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-10-14 13:53 - 2015-09-29 05:01 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-10-14 13:53 - 2015-09-29 05:01 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-10-14 13:53 - 2015-09-29 05:01 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-10-14 13:53 - 2015-09-29 05:01 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-10-14 13:53 - 2015-09-29 05:01 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-10-14 13:53 - 2015-09-29 05:01 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-10-14 13:53 - 2015-09-29 05:01 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-10-14 13:53 - 2015-09-29 05:01 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-10-14 13:53 - 2015-09-29 05:01 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-10-14 13:53 - 2015-09-29 05:01 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-10-14 13:53 - 2015-09-29 05:01 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-10-14 13:53 - 2015-09-29 05:01 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-10-14 13:53 - 2015-09-29 05:01 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-10-14 13:53 - 2015-09-29 05:01 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-10-14 13:53 - 2015-09-29 05:01 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-10-14 13:53 - 2015-09-29 05:01 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-10-14 13:53 - 2015-09-29 05:01 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-10-14 13:53 - 2015-09-29 05:01 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-10-14 13:53 - 2015-09-29 05:01 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-10-14 13:53 - 2015-09-29 05:01 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-10-14 13:53 - 2015-09-29 05:01 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-10-14 13:53 - 2015-09-29 05:01 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-10-14 13:53 - 2015-09-29 05:01 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-10-14 13:53 - 2015-09-29 05:01 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-10-14 13:53 - 2015-09-29 05:01 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-10-14 13:53 - 2015-09-29 05:01 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-10-14 13:53 - 2015-09-29 05:01 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-10-14 13:53 - 2015-09-29 04:59 - 00552960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-10-14 13:53 - 2015-09-29 04:59 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-10-14 13:53 - 2015-09-29 04:59 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-10-14 13:53 - 2015-09-29 04:59 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-10-14 13:53 - 2015-09-29 04:59 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-10-14 13:53 - 2015-09-29 04:59 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2015-10-14 13:53 - 2015-09-29 04:58 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2015-10-14 13:53 - 2015-09-29 04:58 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2015-10-14 13:53 - 2015-09-29 04:58 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2015-10-14 13:53 - 2015-09-29 04:58 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-10-14 13:53 - 2015-09-29 04:57 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2015-10-14 13:53 - 2015-09-29 04:57 - 00665088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2015-10-14 13:53 - 2015-09-29 04:57 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2015-10-14 13:53 - 2015-09-29 04:57 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2015-10-14 13:53 - 2015-09-29 04:53 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-10-14 13:53 - 2015-09-29 04:53 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2015-10-14 13:53 - 2015-09-29 04:49 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-10-14 13:53 - 2015-09-29 04:49 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2015-10-14 13:53 - 2015-09-29 04:49 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2015-10-14 13:53 - 2015-09-29 04:49 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2015-10-14 13:53 - 2015-09-29 04:49 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2015-10-14 13:53 - 2015-09-29 04:49 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2015-10-14 13:53 - 2015-09-29 04:49 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2015-10-14 13:53 - 2015-09-29 04:49 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2015-10-14 13:53 - 2015-09-29 04:49 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2015-10-14 13:53 - 2015-09-29 04:49 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2015-10-14 13:53 - 2015-09-29 04:49 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2015-10-14 13:53 - 2015-09-29 04:49 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2015-10-14 13:53 - 2015-09-29 04:49 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2015-10-14 13:53 - 2015-09-29 04:49 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2015-10-14 13:53 - 2015-09-29 04:49 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2015-10-14 13:53 - 2015-09-29 04:49 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2015-10-14 13:53 - 2015-09-29 04:49 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-10-14 13:53 - 2015-09-29 04:49 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2015-10-14 13:53 - 2015-09-29 04:49 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2015-10-14 13:53 - 2015-09-29 04:49 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2015-10-14 13:53 - 2015-09-29 04:49 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2015-10-14 13:53 - 2015-09-29 04:49 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2015-10-14 13:53 - 2015-09-29 04:49 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2015-10-14 13:53 - 2015-09-29 04:49 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2015-10-14 13:53 - 2015-09-29 04:49 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2015-10-14 13:53 - 2015-09-29 04:49 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2015-10-14 13:53 - 2015-09-29 03:50 - 00159232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2015-10-14 13:53 - 2015-09-29 03:49 - 00290816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2015-10-14 13:53 - 2015-09-29 03:49 - 00129024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2015-10-14 13:53 - 2015-09-29 03:43 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2015-10-14 13:53 - 2015-09-29 03:43 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2015-10-14 13:53 - 2015-09-29 03:40 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2015-10-14 13:53 - 2015-09-29 03:40 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2015-10-14 13:53 - 2015-09-29 03:40 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2015-10-14 13:53 - 2015-09-29 03:40 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2015-10-14 13:53 - 2015-09-25 20:07 - 03168768 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-10-14 13:53 - 2015-09-25 20:07 - 02607104 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-10-14 13:53 - 2015-09-25 20:07 - 00696320 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-10-14 13:53 - 2015-09-25 20:07 - 00192512 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-10-14 13:53 - 2015-09-25 20:07 - 00098816 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-10-14 13:53 - 2015-09-25 20:07 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2015-10-14 13:53 - 2015-09-25 20:07 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2015-10-14 13:53 - 2015-09-25 20:06 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-10-14 13:53 - 2015-09-25 20:06 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2015-10-14 13:53 - 2015-09-25 20:06 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-10-14 13:53 - 2015-09-25 20:06 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2015-10-14 13:53 - 2015-09-25 19:59 - 00566784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2015-10-14 13:53 - 2015-09-25 19:59 - 00174080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2015-10-14 13:53 - 2015-09-25 19:59 - 00093696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2015-10-14 13:53 - 2015-09-25 19:59 - 00030208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2015-10-14 13:53 - 2015-09-25 19:58 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2015-10-14 13:53 - 2015-09-15 20:17 - 00157016 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-10-14 13:53 - 2015-09-15 20:17 - 00097112 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-10-14 13:53 - 2015-09-15 20:11 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-10-14 13:53 - 2015-09-15 20:11 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-10-14 13:53 - 2015-09-15 20:11 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-10-14 13:53 - 2015-09-15 20:11 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-10-14 13:53 - 2015-09-15 20:11 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-10-14 13:53 - 2015-09-15 20:11 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-10-14 13:53 - 2015-09-15 20:10 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-10-14 13:53 - 2015-09-15 19:36 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-10-14 13:53 - 2015-09-15 19:36 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-10-14 13:53 - 2015-09-15 19:36 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-10-14 13:53 - 2015-09-15 19:35 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-10-14 13:53 - 2015-07-18 15:08 - 00984448 _____ (Microsoft Corporation) C:\Windows\system32\ucrtbase.dll
2015-10-14 13:53 - 2015-07-18 15:08 - 00901264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ucrtbase.dll
2015-10-14 13:53 - 2015-07-18 15:08 - 00066400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-private-l1-1-0.dll
2015-10-14 13:53 - 2015-07-18 15:08 - 00063840 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-private-l1-1-0.dll
2015-10-14 13:53 - 2015-07-18 15:08 - 00022368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-math-l1-1-0.dll
2015-10-14 13:53 - 2015-07-18 15:08 - 00020832 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-math-l1-1-0.dll
2015-10-14 13:53 - 2015-07-18 15:08 - 00019808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-multibyte-l1-1-0.dll
2015-10-14 13:53 - 2015-07-18 15:08 - 00019808 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-multibyte-l1-1-0.dll
2015-10-14 13:53 - 2015-07-18 15:08 - 00017760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-string-l1-1-0.dll
2015-10-14 13:53 - 2015-07-18 15:08 - 00017760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-stdio-l1-1-0.dll
2015-10-14 13:53 - 2015-07-18 15:08 - 00017760 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-string-l1-1-0.dll
2015-10-14 13:53 - 2015-07-18 15:08 - 00017760 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-stdio-l1-1-0.dll
2015-10-14 13:53 - 2015-07-18 15:08 - 00016224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-runtime-l1-1-0.dll
2015-10-14 13:53 - 2015-07-18 15:08 - 00016224 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-runtime-l1-1-0.dll
2015-10-14 13:53 - 2015-07-18 15:08 - 00015712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-convert-l1-1-0.dll
2015-10-14 13:53 - 2015-07-18 15:08 - 00015712 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-convert-l1-1-0.dll
2015-10-14 13:53 - 2015-07-18 15:08 - 00014176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-time-l1-1-0.dll
2015-10-14 13:53 - 2015-07-18 15:08 - 00014176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-2-0.dll
2015-10-14 13:53 - 2015-07-18 15:08 - 00014176 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-time-l1-1-0.dll
2015-10-14 13:53 - 2015-07-18 15:08 - 00014176 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-2-0.dll
2015-10-14 13:53 - 2015-07-18 15:08 - 00013664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-filesystem-l1-1-0.dll
2015-10-14 13:53 - 2015-07-18 15:08 - 00013664 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-filesystem-l1-1-0.dll
2015-10-14 13:53 - 2015-07-18 15:08 - 00012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-process-l1-1-0.dll
2015-10-14 13:53 - 2015-07-18 15:08 - 00012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-heap-l1-1-0.dll
2015-10-14 13:53 - 2015-07-18 15:08 - 00012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-conio-l1-1-0.dll
2015-10-14 13:53 - 2015-07-18 15:08 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-process-l1-1-0.dll
2015-10-14 13:53 - 2015-07-18 15:08 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-heap-l1-1-0.dll
2015-10-14 13:53 - 2015-07-18 15:08 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-conio-l1-1-0.dll
2015-10-14 13:53 - 2015-07-18 15:08 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-utility-l1-1-0.dll
2015-10-14 13:53 - 2015-07-18 15:08 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-locale-l1-1-0.dll
2015-10-14 13:53 - 2015-07-18 15:08 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-environment-l1-1-0.dll
2015-10-14 13:53 - 2015-07-18 15:08 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-2-0.dll
2015-10-14 13:53 - 2015-07-18 15:08 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-1.dll
2015-10-14 13:53 - 2015-07-18 15:08 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-utility-l1-1-0.dll
2015-10-14 13:53 - 2015-07-18 15:08 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-locale-l1-1-0.dll
2015-10-14 13:53 - 2015-07-18 15:08 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-environment-l1-1-0.dll
2015-10-14 13:53 - 2015-07-18 15:08 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-2-0.dll
2015-10-14 13:53 - 2015-07-18 15:08 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-1.dll
2015-10-14 13:53 - 2015-07-18 15:08 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-eventing-provider-l1-1-0.dll
2015-10-14 13:53 - 2015-07-18 15:08 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l2-1-0.dll
2015-10-14 13:53 - 2015-07-18 15:08 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-timezone-l1-1-0.dll
2015-10-14 13:53 - 2015-07-18 15:08 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l2-1-0.dll
2015-10-14 13:53 - 2015-07-18 15:08 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-2-0.dll
2015-10-14 13:53 - 2015-07-18 15:08 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-eventing-provider-l1-1-0.dll
2015-10-14 13:53 - 2015-07-18 15:08 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l2-1-0.dll
2015-10-14 13:53 - 2015-07-18 15:08 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-timezone-l1-1-0.dll
2015-10-14 13:53 - 2015-07-18 15:08 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l2-1-0.dll
2015-10-14 13:53 - 2015-07-18 15:08 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-2-0.dll
2015-10-12 17:36 - 2015-10-12 17:40 - 00000000 ____D C:\Users\Frank\AppData\Roaming\npm-cache
2015-10-12 17:36 - 2015-10-12 17:39 - 00000000 ____D C:\Users\Frank\grunt
2015-10-12 17:35 - 2015-10-12 17:35 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Git
2015-10-12 17:35 - 2015-10-12 17:35 - 00000000 ____D C:\ProgramData\Git
2015-10-12 17:34 - 2015-10-12 17:35 - 00000000 ____D C:\Program Files\Git
2015-10-12 17:32 - 2015-10-12 17:37 - 00000000 ____D C:\Users\Frank\AppData\Roaming\npm
2015-10-05 18:35 - 2015-10-05 18:35 - 00000000 ____D C:\Users\Frank\AppData\Local\CrashRpt
2015-10-02 10:19 - 2015-10-02 10:19 - 00001073 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Dreamweaver CC 2015.lnk
2015-10-01 18:03 - 2015-10-13 21:51 - 00001456 _____ C:\Users\Frank\AppData\Local\Adobe Für Web speichern 13.0 Prefs
2015-10-01 16:33 - 2015-10-01 16:33 - 00001049 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop CC 2015.lnk
2015-10-01 16:32 - 2015-10-02 10:19 - 00000000 ____D C:\Program Files\Adobe
2015-10-01 16:32 - 2015-10-01 16:36 - 00000000 ____D C:\Program Files\Common Files\Adobe
2015-10-01 16:27 - 2015-10-21 11:17 - 00000000 ___RD C:\Users\Frank\Creative Cloud Files
2015-10-01 16:15 - 2015-10-01 16:15 - 00001209 _____ C:\Users\Public\Desktop\Light Image Resizer 4.lnk
2015-09-27 12:18 - 2015-09-14 02:29 - 01898288 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6435598.dll
2015-09-27 12:18 - 2015-09-14 02:29 - 01558832 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6435598.dll
2015-09-22 12:39 - 2015-09-22 12:39 - 00000000 ____D C:\Users\Frank\AppData\LocalLow\Oracle

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2015-10-21 14:17 - 2013-07-27 20:43 - 00000000 ____D C:\Users\Frank
2015-10-21 13:52 - 2015-06-23 19:41 - 00001220 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-1137705209-1149081475-1850392428-1000UA.job
2015-10-21 13:36 - 2015-08-17 22:31 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-10-21 13:36 - 2014-02-24 08:05 - 00001110 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-10-21 13:15 - 2014-01-09 21:23 - 00000000 ____D C:\ProgramData\Kaspersky Lab
2015-10-21 12:52 - 2015-05-29 00:49 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-10-21 12:26 - 2015-05-29 00:49 - 00109272 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-10-21 11:25 - 2013-07-31 19:32 - 00000000 ____D C:\Users\Frank\AppData\Roaming\FileZilla
2015-10-21 11:25 - 2009-07-14 06:45 - 00032144 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-10-21 11:25 - 2009-07-14 06:45 - 00032144 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-10-21 11:23 - 2011-04-12 09:43 - 00702348 _____ C:\Windows\system32\perfh007.dat
2015-10-21 11:23 - 2011-04-12 09:43 - 00150746 _____ C:\Windows\system32\perfc007.dat
2015-10-21 11:23 - 2009-07-14 07:13 - 01624034 _____ C:\Windows\system32\PerfStringBackup.INI
2015-10-21 11:19 - 2015-09-14 01:47 - 01767369 _____ C:\Windows\WindowsUpdate.log
2015-10-21 11:17 - 2014-12-21 19:14 - 00000000 ___RD C:\Users\Frank\Dropbox
2015-10-21 11:17 - 2014-12-21 19:13 - 00000000 ____D C:\Users\Frank\AppData\Roaming\Dropbox
2015-10-21 11:17 - 2013-12-01 14:52 - 00000000 ____D C:\ProgramData\boost_interprocess
2015-10-21 11:17 - 2013-07-31 23:00 - 00000000 ____D C:\Users\Frank\AppData\Local\Adobe
2015-10-21 11:16 - 2015-01-26 19:43 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2015-10-21 11:16 - 2014-02-24 08:05 - 00001106 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-10-21 11:16 - 2013-07-27 22:35 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2015-10-21 11:16 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-10-21 03:28 - 2014-06-14 00:34 - 00000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2
2015-10-21 03:20 - 2014-06-14 00:34 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy
2015-10-21 03:01 - 2015-05-29 00:49 - 00001115 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2015-10-21 03:01 - 2015-05-29 00:49 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2015-10-21 03:01 - 2015-05-29 00:49 - 00000000 ____D C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2015-10-20 20:10 - 2013-07-27 21:57 - 00000000 ____D C:\Users\Frank\AppData\Roaming\TS3Client
2015-10-20 18:36 - 2014-08-17 17:50 - 00000000 ____D C:\Users\Frank\.VirtualBox
2015-10-20 17:42 - 2015-07-09 20:24 - 00000000 ____D C:\Users\Frank\VirtualBox VMs
2015-10-20 16:06 - 2015-06-23 19:41 - 00001168 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-1137705209-1149081475-1850392428-1000Core.job
2015-10-19 12:16 - 2015-04-11 16:30 - 00000000 ____D C:\Users\Frank\AppData\Local\CrashDumps
2015-10-19 11:59 - 2013-07-31 19:31 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FileZilla FTP Client
2015-10-19 11:59 - 2013-07-31 19:31 - 00000000 ____D C:\Program Files (x86)\FileZilla FTP Client
2015-10-18 16:17 - 2013-07-28 00:32 - 00000000 ____D C:\Users\Frank\AppData\Roaming\vlc
2015-10-18 14:21 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\NDF
2015-10-17 21:58 - 2013-11-26 01:31 - 00000000 ____D C:\Program Files (x86)\Realtek
2015-10-17 21:57 - 2013-07-27 21:02 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2015-10-17 21:56 - 2014-11-06 00:55 - 00000000 ____D C:\Program Files\TAP-Windows
2015-10-17 21:56 - 2014-11-06 00:55 - 00000000 ____D C:\Program Files\OpenVPN
2015-10-17 21:52 - 2015-06-27 05:53 - 00000000 ____D C:\Program Files\CyberGhost 5
2015-10-17 20:28 - 2014-01-19 14:29 - 00000000 ____D C:\Users\Frank\AppData\Local\Downloaded Installations
2015-10-17 16:18 - 2014-12-29 15:26 - 00144896 ___SH C:\Users\Frank\Thumbs.db
2015-10-17 16:09 - 2014-09-05 21:17 - 00002562 _____ C:\Windows\diagwrn.xml
2015-10-17 16:09 - 2014-09-05 21:17 - 00001908 _____ C:\Windows\diagerr.xml
2015-10-17 15:13 - 2013-08-24 15:20 - 00000000 ____D C:\Program Files (x86)\Opera
2015-10-17 02:44 - 2013-11-25 23:03 - 00000000 ____D C:\Windows\Minidump
2015-10-17 00:44 - 2013-08-29 14:57 - 00000000 ____D C:\Program Files (x86)\Groovy
2015-10-17 00:31 - 2013-10-28 20:34 - 00000000 ____D C:\Users\Frank\AppData\Roaming\DVDVideoSoft
2015-10-16 23:53 - 2013-11-25 18:11 - 00000000 ____D C:\Users\Frank\AppData\Roaming\Bitcoin
2015-10-16 23:52 - 2015-06-29 01:34 - 00000000 ____D C:\Program Files (x86)\Nmap
2015-10-16 23:51 - 2013-07-28 04:38 - 00000000 ____D C:\Users\Frank\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2015-10-16 23:49 - 2015-05-04 22:45 - 00000000 ____D C:\Users\Frank\AppData\Roaming\Litecoin
2015-10-16 23:43 - 2013-08-22 22:28 - 00000000 ____D C:\ProgramData\Origin
2015-10-16 20:11 - 2013-12-20 00:15 - 00000000 ____D C:\Users\Frank\AppData\Roaming\DogeCoin
2015-10-16 18:16 - 2014-02-21 03:14 - 00000000 ____D C:\ProgramData\VMware
2015-10-16 18:02 - 2015-06-29 20:39 - 00000000 ____D C:\Users\Frank\AppData\Roaming\.purple
2015-10-16 16:31 - 2014-02-21 03:28 - 00000000 ____D C:\Users\Frank\AppData\Local\VMware
2015-10-16 16:31 - 2014-02-21 03:27 - 00000000 ____D C:\Users\Frank\AppData\Roaming\VMware
2015-10-16 15:24 - 2015-02-23 21:33 - 00000000 ____D C:\ProgramData\NVIDIA
2015-10-16 15:15 - 2014-08-17 16:05 - 00000000 ____D C:\Users\Frank\AppData\Roaming\gnupg
2015-10-16 15:15 - 2014-08-17 16:05 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Gpg4win
2015-10-16 15:06 - 2015-02-08 14:00 - 00000000 ___RD C:\Users\Frank\Virtual Machines
2015-10-15 17:32 - 2013-11-28 23:00 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2015-10-15 17:32 - 2013-07-27 20:58 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2015-10-15 17:29 - 2015-07-09 09:14 - 00000000 ____D C:\Program Files\FRITZ!Fernzugang
2015-10-15 17:19 - 2015-08-15 12:20 - 00001390 _____ C:\Users\Public\Desktop\GeForce Experience.lnk
2015-10-15 17:08 - 2014-12-12 00:27 - 00000000 ____D C:\Windows\system32\appraiser
2015-10-15 17:08 - 2014-04-23 23:16 - 00000000 ___SD C:\Windows\system32\CompatTel
2015-10-15 16:49 - 2009-07-14 07:32 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2015-10-15 16:48 - 2013-07-28 02:39 - 00000000 ____D C:\Users\Frank\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
2015-10-15 16:00 - 2013-08-22 22:28 - 00000000 ____D C:\Program Files (x86)\Origin
2015-10-15 15:56 - 2013-07-28 01:45 - 00000000 ____D C:\Program Files (x86)\Uplay
2015-10-15 15:04 - 2015-02-20 18:39 - 00000000 ____D C:\Users\Frank\AppData\Local\Steam
2015-10-15 14:59 - 2013-07-27 21:26 - 00000000 ____D C:\ProgramData\Package Cache
2015-10-15 02:39 - 2014-02-24 08:08 - 00002184 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2015-10-15 01:11 - 2015-06-28 23:37 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2015-10-15 01:11 - 2014-12-26 13:15 - 00003886 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2015-10-14 15:36 - 2015-08-17 22:31 - 00780488 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-10-14 15:36 - 2015-08-17 22:31 - 00142536 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-10-14 15:36 - 2015-08-17 22:31 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-10-14 14:05 - 2013-07-27 22:36 - 00000000 ____D C:\Windows\system32\MRT
2015-10-14 14:01 - 2013-07-27 22:05 - 143481208 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-10-14 02:27 - 2013-10-23 16:41 - 00000000 ____D C:\Users\Frank\AppData\Local\Battle.net
2015-10-14 01:20 - 2013-07-28 00:39 - 00000000 ____D C:\Users\Frank\AppData\Roaming\Spotify
2015-10-13 20:30 - 2013-07-28 00:39 - 00000000 ____D C:\Users\Frank\AppData\Local\Spotify
2015-10-12 05:05 - 2015-08-15 12:19 - 01423304 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspcap.dll
2015-10-12 05:05 - 2015-08-15 12:19 - 01316000 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspbridge.dll
2015-10-12 05:04 - 2015-08-15 12:19 - 01756424 _____ (NVIDIA Corporation) C:\Windows\system32\nvspbridge64.dll
2015-10-12 05:04 - 2015-08-15 12:19 - 01710752 _____ (NVIDIA Corporation) C:\Windows\system32\nvspcap64.dll
2015-10-11 14:36 - 2013-07-27 21:57 - 00000000 ____D C:\Program Files\TeamSpeak 3 Client
2015-10-10 16:28 - 2015-08-10 19:14 - 00000000 ____D C:\Program Files (x86)\StarCraft II - Legacy of the Void Beta
2015-10-09 03:06 - 2015-04-05 10:42 - 00000000 ___SD C:\Windows\system32\GWX
2015-10-09 03:00 - 2015-04-05 10:42 - 00000000 ___SD C:\Windows\SysWOW64\GWX
2015-10-08 17:31 - 2015-09-16 10:14 - 00000000 ____D C:\ProgramData\regid.1986-12.com.adobe
2015-10-07 16:58 - 2013-08-26 13:28 - 00000000 ____D C:\Users\Frank\AppData\Roaming\TeamViewer
2015-10-06 10:31 - 2014-12-13 18:21 - 00831672 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klif.sys
2015-10-06 10:31 - 2014-11-10 17:48 - 00190648 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\kneps.sys
2015-10-05 14:15 - 2013-07-27 20:54 - 01656012 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2015-10-05 11:02 - 2015-01-15 23:00 - 00000000 ____D C:\Program Files (x86)\Mozilla Thunderbird
2015-10-05 09:50 - 2015-05-29 00:49 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-10-05 09:50 - 2015-05-29 00:49 - 00025816 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
2015-10-03 07:06 - 2015-08-15 12:18 - 15002304 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2015-10-03 07:06 - 2015-08-15 12:18 - 03573832 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2015-10-03 07:06 - 2015-08-15 12:18 - 03154104 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2015-10-03 07:06 - 2015-02-23 21:31 - 17395512 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll
2015-10-03 07:06 - 2015-02-23 21:31 - 15716648 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2015-10-03 07:06 - 2015-02-23 21:31 - 12769408 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll
2015-10-03 07:06 - 2014-06-10 19:31 - 00033507 _____ C:\Windows\system32\nvinfo.pb
2015-10-03 04:49 - 2015-02-23 21:24 - 06358648 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2015-10-03 04:49 - 2015-02-23 21:24 - 02982520 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll
2015-10-03 04:49 - 2015-02-23 21:24 - 02554488 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll
2015-10-03 04:49 - 2015-02-23 21:24 - 00938800 _____ (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
2015-10-03 04:49 - 2015-02-23 21:24 - 00385328 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll
2015-10-03 04:49 - 2015-02-23 21:24 - 00062768 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll
2015-10-02 21:56 - 2013-07-27 20:55 - 00071280 _____ C:\Users\Frank\AppData\Local\GDIPFONTCACHEV1.DAT
2015-10-02 21:55 - 2009-07-14 06:45 - 00313928 _____ C:\Windows\system32\FNTCACHE.DAT
2015-10-02 10:20 - 2013-07-31 23:01 - 00000000 ____D C:\Program Files (x86)\Adobe
2015-10-02 10:19 - 2013-07-27 22:33 - 00000000 ____D C:\Users\Frank\AppData\Roaming\Adobe
2015-10-01 16:32 - 2013-07-31 23:01 - 00000000 ____D C:\ProgramData\Adobe
2015-10-01 16:27 - 2014-01-12 01:49 - 00001234 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Creative Cloud.lnk
2015-10-01 16:27 - 2014-01-12 01:49 - 00001222 _____ C:\Users\Public\Desktop\Adobe Creative Cloud.lnk
2015-10-01 16:17 - 2013-08-04 14:10 - 00000000 ____D C:\Users\Frank\AppData\Roaming\ObviousIdea
2015-10-01 11:33 - 2015-02-23 21:24 - 05284082 _____ C:\Windows\system32\nvcoproc.bin
2015-10-01 10:23 - 2014-12-07 03:35 - 00003850 _____ C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1377350407

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2015-10-01 18:03 - 2015-10-13 21:51 - 0001456 _____ () C:\Users\Frank\AppData\Local\Adobe Für Web speichern 13.0 Prefs
2013-12-21 21:45 - 2014-03-26 05:11 - 0000600 _____ () C:\Users\Frank\AppData\Local\PUTTY.RND
2015-06-20 12:27 - 2015-06-20 12:27 - 0000707 _____ () C:\Users\Frank\AppData\Local\recently-used.xbel
2014-01-15 20:39 - 2014-01-15 20:39 - 0000017 _____ () C:\Users\Frank\AppData\Local\resmon.resmoncfg
2014-12-13 22:26 - 2014-12-13 22:27 - 0014774 _____ () C:\Users\Frank\AppData\Local\WiDiSetupLog.20141213.212642.wdl
2014-12-14 00:12 - 2014-12-14 00:12 - 0015451 _____ () C:\Users\Frank\AppData\Local\WiDiSetupLog.20141213.231231.wdl
2013-07-27 21:15 - 2013-07-27 21:15 - 0477056 _____ () C:\ProgramData\1374952381.bdinstall.bin
2013-08-27 17:04 - 2013-08-27 17:04 - 0243048 _____ () C:\ProgramData\1377615743.bdinstall.bin
2015-10-16 12:41 - 2015-10-16 12:41 - 0000036 ___SH () C:\ProgramData\Shrew Soft VPN.dat

Dateien, die verschoben oder gelöscht werden sollten:
====================
C:\ProgramData\Shrew Soft VPN.dat


Einige Dateien in TEMP:
====================
C:\Users\Frank\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpgrrgo9.dll


==================== Bamital & volsnap =================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert


LastRegBack: 2015-10-21 01:03

==================== Ende von FRST.txt ============================

 

Themen zu Pc spinnt / Unknown MBR Code... Bootkit?
cyberghost, desktop, dnsapi.dll, ferngesteuert, firefox, flash player, ftp, google, homepage, installation, internet, kaspersky, launch, mozilla, port, problem, prozess, prozesse, registry, rojaner gefunden, rundll, safer networking, scan, security, server, software, svchost.exe, synology, system, teamspeak, trojaner, win10, windows


« Kaspersky findet immer not-a- virus:HEUR und ich bekomme es nicht weg. | Avira erkennt mehr als 30 Funde »


Ähnliche Themen: Pc spinnt / Unknown MBR Code... Bootkit?


  1. Win 7: Rechner crashed und startet von neuem und Browser spinnt. Teil 1 (langer code)
    Plagegeister aller Art und deren Bekämpfung - 20.06.2015 (20)
  2. Win8.1 - unknown MBR Code aber keine Funde - TaskManager zeigte Zugriff Verweigert
    Plagegeister aller Art und deren Bekämpfung - 24.08.2014 (18)
  3. Windows XP: PC bootet nicht mehr richtig (Trojaner, Root-, Bootkit?)
    Log-Analyse und Auswertung - 19.03.2014 (19)
  4. Bootkit Remover hat ein Problem erkannt, wie gehts jetzt weiter?
    Log-Analyse und Auswertung - 22.11.2013 (26)
  5. unknown MBR code, kein Zugriff auf Dokumente und Einstellungen
    Log-Analyse und Auswertung - 17.03.2013 (0)
  6. C:\WINXP\system32\dllcache\explorer.exe (Trojan.Bootkit.Dropper)
    Log-Analyse und Auswertung - 30.08.2012 (13)
  7. Bootkit Mebratix.B ?
    Log-Analyse und Auswertung - 06.04.2012 (10)
  8. (Unbekanntes) Bootkit
    Plagegeister aller Art und deren Bekämpfung - 12.10.2011 (6)
  9. AVAST findet Bootkit?
    Plagegeister aller Art und deren Bekämpfung - 25.04.2011 (86)
  10. Bootkit Remover findet anscheinend defekten MBR, was nun?
    Plagegeister aller Art und deren Bekämpfung - 10.02.2011 (4)
  11. Virus überschreibt MBR immer neu.. (evt Bootkit?)
    Plagegeister aller Art und deren Bekämpfung - 19.10.2010 (19)
  12. TR Click.Cycler.ajts läßt sich mit bootkit remover oder GMER nicht beseitigen
    Plagegeister aller Art und deren Bekämpfung - 16.07.2010 (19)
  13. Bootkit Remover
    Anleitungen, FAQs & Links - 30.05.2010 (1)
  14. Bootkit hebelt Festplattenverschlüsselung aus
    Nachrichten - 30.07.2009 (0)
  15. BkCln.Unknown
    Plagegeister aller Art und deren Bekämpfung - 12.09.2005 (12)
  16. Unknown owner
    Log-Analyse und Auswertung - 27.03.2005 (5)
  17. Unknown Trojan !?
    Plagegeister aller Art und deren Bekämpfung - 29.01.2005 (10)
Anleitungen und Tipps

- Für alle Hilfesuchenden! Was beachten?

- Anleitung: MyStartSearch.com entfernen

- Anleitung: WebSearches löschen

- Hilfe: iStartSurf entfernen – so gehts!

- Anleitung: Omiga Plus richtig entfernen

- Browser Viren entfernen


Zum Thema Pc spinnt / Unknown MBR Code... Bootkit? - Hallo, also teilweise spinnt das Internet an meinem Rechner. Der Seitenaufbau funktioniert dann teilweise und die Seiten laden dann endlos aber laden nur teilweise in Chrome und auch FF IE - Pc spinnt / Unknown MBR Code... Bootkit?...
Archiv
Du betrachtest: Pc spinnt / Unknown MBR Code... Bootkit? auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19