| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Probleme mit InternetbrowserWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
18.02.2016, 16:44
| #1 |
  |  Probleme mit Internetbrowser Hallo  ,seit einigen Tagen hab ich das Problem, dass Firefox keine Seite lädt und Chrome andauernd abstürzt. Zusätzlich wird der Prozess beim beenden der beiden Browser irgendwie nicht wirklich beendet. Im normalen Taskmanager taucht er nicht auf, allerdings im Process Explorer wird der Prozess weiterhin angezeigt und beim beenden kommt: Code:
ATTFilter Error terminating process: Zugriff verweigert
Code:
ATTFilter Unable to terminate firefox.exe (PID xxxx): Es wurde versucht, auf einen Prozess zuzugreifen, der gerade beendet wurde.
FRST: Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:17-02-2016 durchgeführt von KaskadekingDE (Administrator) auf KASKADEKING-PC (18-02-2016 16:20:55) Gestartet von C:\Users\***\Desktop Geladene Profile: KaskadekingDE (Verfügbare Profile: KaskadekingDE) Platform: Windows 10 Home Version 1511 (X64) Sprache: Deutsch (Deutschland) Internet Explorer Version 11 (Standard-Browser: FF) Start-Modus: Normal Anleitung für Farbar Recovery Scan Tool: FRST Tutorial - How to use Farbar Recovery Scan Tool - Malware Removal Guides and Tutorials ==================== Prozesse (Nicht auf der Ausnahmeliste) ================= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.) (AMD) C:\Windows\System32\atiesrxx.exe (AMD) C:\Windows\System32\atieclxx.exe (Sandboxie Holdings, LLC) C:\Program Files\Sandboxie\SbieSvc.exe (Sophos Limited) C:\Program Files (x86)\Sophos\Sophos Anti-Virus\SavService.exe (Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe (BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe (Microsoft Corporation) C:\Program Files (x86)\Common Files\Microsoft Shared\Phone Tools\CoreCon\11.0\Bin\IpOverUsbSvc.exe (Guillemot Corporation) C:\Windows\SysWOW64\HerculesWiFiService.exe (BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe (JetBrains s.r.o) C:\Program Files (x86)\JetBrains\ETW Host\JetBrains.ETW.Collector.Host.exe (Apple Inc.) C:\Program Files (x86)\Xamarin\Bonjour\mDNSResponder.exe (Hi-Rez Studios) D:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe (VMware, Inc.) C:\Windows\SysWOW64\vmnetdhcp.exe (VMware, Inc.) C:\Windows\SysWOW64\vmnat.exe (Sophos Limited) C:\Program Files (x86)\Sophos\Sophos Anti-Virus\Web Intelligence\swi_service.exe (Sophos Limited) C:\Program Files (x86)\Sophos\Sophos Anti-Virus\Web Intelligence\swi_filter.exe (Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe (Sophos Limited) C:\Program Files (x86)\Sophos\AutoUpdate\ALsvc.exe (Sophos Limited) C:\Program Files (x86)\Sophos\Management Communications System\Endpoint\McsClient.exe (Sophos Limited) C:\Program Files (x86)\Sophos\Sophos Anti-Virus\Web Control\swc_service.exe (Malwarebytes) D:\Programme\ Malwarebytes Anti-Malware \mbamscheduler.exe (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (Sophos Limited) C:\Program Files (x86)\Sophos\Sophos Anti-Virus\SAVAdminService.exe () C:\Windows\SysWOW64\PnkBstrA.exe (Sophos Limited) C:\Program Files (x86)\Sophos\Management Communications System\Endpoint\McsAgent.exe (VMware, Inc.) D:\Programme\VMware\vmware-authd.exe (SeriousBit) D:\Programme\NetBalancer\SeriousBit.NetBalancer.Service.exe () D:\Programme\Synergy\synergyd.exe (Sophos Limited) C:\Program Files (x86)\Common Files\Sophos\Web Intelligence\swi_fc.exe (Malwarebytes) D:\Programme\ Malwarebytes Anti-Malware \mbamservice.exe (CHENGDU YIWO Tech Development Co., Ltd) D:\Programme\EaseUS Todo Backup\Todo Backup\bin\Agent.exe (CyberGhost S.R.L) C:\Program Files\CyberGhost 5\Service.exe (Microsoft Corporation) C:\Windows\System32\vds.exe () D:\Programme\EaseUS Todo Backup\Todo Backup\bin\TodoBackupService.exe (Malwarebytes) D:\Programme\ Malwarebytes Anti-Malware \mbam.exe () D:\Programme\Hercules WiFi\WiFi Station N\WiFiN.exe () C:\Program Files\WindowsApps\Microsoft.Messaging_2.13.20000.0_x86__8wekyb3d8bbwe\SkypeHost.exe (Google Inc.) C:\Program Files (x86)\Google\Update\1.3.29.5\GoogleCrashHandler.exe (Google Inc.) C:\Program Files (x86)\Google\Update\1.3.29.5\GoogleCrashHandler64.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe (Ruiware) D:\Programme\WinPatrol\WinPatrol.exe (eM Client, Inc.) C:\Program Files (x86)\eM Client\MailClient.exe (Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe (Sophos Limited) C:\Program Files (x86)\Sophos\AutoUpdate\ALMon.exe (Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe (Mozilla Corporation) D:\Programme\Mozilla Firefox\firefox.exe (Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe (Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe (Microsoft Corporation) C:\Windows\System32\browser_broker.exe (Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe konnte nicht auf den Prozess zugreifen -> MicrosoftEdgeCP.exe (Sysinternals - www.sysinternals.com) D:\Bibliotheken\Dokumente\ProcessExplorer\procexp.exe (Sysinternals - www.sysinternals.com) C:\Users\***\AppData\Local\Temp\PROCEXP64.exe (Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe (Igor Pavlov) D:\Programme\7-Zip\7zFM.exe (Microsoft Corporation) C:\Windows\System32\DataExchangeHost.exe konnte nicht auf den Prozess zugreifen -> swi_lspdiag.exe (Microsoft Corporation) C:\Windows\System32\wlanext.exe (Valve Corporation) D:\Programme\Steam\Steam.exe (Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe (Valve Corporation) D:\Programme\Steam\bin\steamwebhelper.exe konnte nicht auf den Prozess zugreifen -> MicrosoftEdgeCP.exe (Valve Corporation) D:\Programme\Steam\bin\steamwebhelper.exe (Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe (Valve Corporation) D:\Programme\Steam\bin\steamwebhelper.exe (Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe (Adobe Systems Incorporated) C:\Windows\System32\Macromed\Flash\FlashUtil_ActiveX.exe (Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe ==================== Registry (Nicht auf der Ausnahmeliste) =========================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.) HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8492800 2015-07-29] (Realtek Semiconductor) HKLM\...\Run: [Greenshot] => D:\Programme\Greenshot\Greenshot.exe [528384 2015-11-10] (Greenshot) HKLM-x32\...\Run: [Raptr] => C:\Program Files (x86)\Raptr\raptrstub.exe [56080 2015-10-01] (Raptr, Inc) HKLM-x32\...\Run: [EaseUS EPM tray] => D:\Programme\EaseUS Partition Master 10.8\bin\EpmNews.exe [2089056 2015-09-16] (CHENGDU YIWO Tech Development Co., Ltd) HKLM-x32\...\Run: [BlueStacks Agent] => C:\Program Files (x86)\BlueStacks\HD-Agent.exe [883352 2015-12-14] (BlueStack Systems, Inc.) HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [597040 2015-10-06] (Oracle Corporation) HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2015-08-21] (Advanced Micro Devices, Inc.) HKLM-x32\...\Run: [VirtualCloneDrive] => D:\Programme\VirtualCloneDrive\VCDDaemon.exe [88984 2013-03-10] (Elaborate Bytes AG) HKLM-x32\...\Run: [Sophos AutoUpdate Monitor] => C:\Program Files (x86)\Sophos\AutoUpdate\almon.exe [1418504 2016-01-03] (Sophos Limited) HKU\S-1-5-21-117306591-3796779208-521460896-1001\...\Run: [WinPatrol] => D:\Programme\WinPatrol\winpatrol.exe [1238152 2015-05-17] (Ruiware) HKU\S-1-5-21-117306591-3796779208-521460896-1001\...\Run: [eM Client] => C:\Program Files (x86)\eM Client\MailClient.exe [15681832 2015-12-14] (eM Client, Inc.) HKU\S-1-5-21-117306591-3796779208-521460896-1001\...\Run: [FileHippo.com] => D:\Programme\FileHippo.com\FileHippo.AppManager.exe [10574544 2015-05-12] () HKU\S-1-5-21-117306591-3796779208-521460896-1001\...\Run: [BitTorrent] => C:\Users\***\AppData\Roaming\BitTorrent\BitTorrent.exe [1873952 2015-12-06] (BitTorrent Inc.) HKU\S-1-5-21-117306591-3796779208-521460896-1001\...\Run: [Spotify Web Helper] => C:\Users\***\AppData\Roaming\Spotify\SpotifyWebHelper.exe [2346096 2015-12-23] (Spotify Ltd) HKU\S-1-5-21-117306591-3796779208-521460896-1001\...\Run: [SandboxieControl] => C:\Program Files\Sandboxie\SbieCtrl.exe [787592 2015-09-21] (Sandboxie Holdings, LLC) HKU\S-1-5-21-117306591-3796779208-521460896-1001\...\Run: [CyberGhost] => C:\Program Files\CyberGhost 5\CyberGhost.exe [433256 2015-11-05] (CyberGhost S.R.L.) HKU\S-1-5-21-117306591-3796779208-521460896-1001\...\Run: [GalaxyClient] => [X] HKU\S-1-5-21-117306591-3796779208-521460896-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\WINDOWS\system32\Mystify.scr [150528 2015-10-30] (Microsoft Corporation) AppInit_DLLs-x32: C:\PROGRA~2\Sophos\SOPHOS~1\\SOPHOS~1.DLL => C:\Program Files (x86)\Sophos\Sophos Anti-Virus\\sophos_detoured.dll [275352 2015-12-02] (Sophos Limited) IFEO\SppExtComObj.exe: [Debugger] C:\WINDOWS\SECOH-QAD.exe ShellIconOverlayIdentifiers: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Users\***\AppData\Local\Microsoft\OneDrive\17.3.5907.0716_1\amd64\FileSyncShell64.dll [2015-11-29] (Microsoft Corporation) ShellIconOverlayIdentifiers: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Users\***\AppData\Local\Microsoft\OneDrive\17.3.5907.0716_1\amd64\FileSyncShell64.dll [2015-11-29] (Microsoft Corporation) ShellIconOverlayIdentifiers: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Users\***\AppData\Local\Microsoft\OneDrive\17.3.5907.0716_1\amd64\FileSyncShell64.dll [2015-11-29] (Microsoft Corporation) ShellIconOverlayIdentifiers: [###MegaShellExtPending] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => Keine Datei ShellIconOverlayIdentifiers: [###MegaShellExtSynced] -> {05B38830-F4E9-4329-978B-1DD28605D202} => Keine Datei ShellIconOverlayIdentifiers: [###MegaShellExtSyncing] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => Keine Datei ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => Keine Datei ShellIconOverlayIdentifiers-x32: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Users\***\AppData\Local\Microsoft\OneDrive\17.3.5907.0716_1\FileSyncShell.dll [2015-11-29] (Microsoft Corporation) ShellIconOverlayIdentifiers-x32: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Users\***\AppData\Local\Microsoft\OneDrive\17.3.5907.0716_1\FileSyncShell.dll [2015-11-29] (Microsoft Corporation) ShellIconOverlayIdentifiers-x32: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Users\***\AppData\Local\Microsoft\OneDrive\17.3.5907.0716_1\FileSyncShell.dll [2015-11-29] (Microsoft Corporation) ShellIconOverlayIdentifiers-x32: [###MegaShellExtPending] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => Keine Datei ShellIconOverlayIdentifiers-x32: [###MegaShellExtSynced] -> {05B38830-F4E9-4329-978B-1DD28605D202} => Keine Datei ShellIconOverlayIdentifiers-x32: [###MegaShellExtSyncing] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => Keine Datei ==================== Internet (Nicht auf der Ausnahmeliste) ==================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.) Tcpip\Parameters: [DhcpNameServer] 192.168.178.1 Tcpip\..\Interfaces\{16b3da2f-3369-4f8c-958f-17af1676bbfc}: [DhcpNameServer] 10.175.0.1 Tcpip\..\Interfaces\{bd567df3-7c98-4f98-ae5e-f75c7867c650}: [DhcpNameServer] 192.168.178.1 Internet Explorer: ================== HKU\S-1-5-21-117306591-3796779208-521460896-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://localoem.msn.com/ HKU\S-1-5-21-117306591-3796779208-521460896-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://localoem.msn.com BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> D:\Programme\Microsoft Office 2013\Office15\OCHelper.dll [2016-01-12] (Microsoft Corporation) BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> D:\Programme\Java\jre1.8.0_65\bin\ssv.dll [2015-11-16] (Oracle Corporation) BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> D:\Programme\Java\jre1.8.0_65\bin\jp2ssv.dll [2015-11-16] (Oracle Corporation) BHO-x32: Kein Name -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> Keine Datei BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2016-01-12] (Microsoft Corporation) BHO-x32: Kein Name -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> Keine Datei Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - D:\Programme\Microsoft Office 2013\Office15\MSOSB.DLL [2015-02-17] (Microsoft Corporation) FireFox: ======== FF ProfilePath: C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\anscmfsk.default FF NetworkProxy: "type", 0 FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_20_0_0_306.dll [2016-02-10] () FF Plugin: @java.com/DTPlugin,version=11.65.2 -> D:\Programme\Java\jre1.8.0_65\bin\dtplugin\npDeployJava1.dll [2015-11-16] (Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=11.65.2 -> D:\Programme\Java\jre1.8.0_65\bin\plugin2\npjp2.dll [2015-11-16] (Oracle Corporation) FF Plugin: @microsoft.com/SharePoint,version=14.0 -> D:\Programme\Microsoft Office 2013\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation) FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_20_0_0_306.dll [2016-02-10] () FF Plugin-x32: @java.com/DTPlugin,version=11.45.2 -> D:\Programme\Java\jre1.8.0_45\bin\dtplugin\npDeployJava1.dll [Keine Datei] FF Plugin-x32: @java.com/JavaPlugin,version=11.45.2 -> D:\Programme\Java\jre1.8.0_45\bin\plugin2\npjp2.dll [Keine Datei] FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2015-11-18] (Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MIF5BA~1\Office15\NPSPWRAP.DLL [2014-01-22] (Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-02] (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-02] (Google Inc.) FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> D:\Programme\VLC\npvlc.dll [2015-04-13] (VideoLAN) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-12-18] (Adobe Systems Inc.) FF Plugin HKU\S-1-5-21-117306591-3796779208-521460896-1001: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\***\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2015-07-11] (Unity Technologies ApS) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2015-11-18] (Microsoft Corporation) FF SearchPlugin: C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\anscmfsk.default\searchplugins\bugzilla.xml [2015-07-07] FF SearchPlugin: C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\anscmfsk.default\searchplugins\vb-paradise-20.xml [2015-07-13] FF Extension: HttpRequester - C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\anscmfsk.default\extensions\{ea4637dc-e014-4c17-9c2c-879322d23268} [2015-06-17] FF Extension: Greasemonkey - C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\anscmfsk.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi [2015-11-22] FF Extension: DownThemAll! - C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\anscmfsk.default\extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}.xpi [2015-12-06] FF Extension: WOT - C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\anscmfsk.default\extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7} [2015-12-10] FF Extension: NoScript - C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\anscmfsk.default\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2016-02-13] FF Extension: uBlock Origin - C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\anscmfsk.default\Extensions\uBlock0@raymondhill.net.xpi [2016-02-16] StartMenuInternet: FIREFOX.EXE - D:\Programme\Mozilla Firefox\firefox.exe Chrome: ======= CHR Profile: C:\Users\***\AppData\Local\Google\Chrome\User Data\Default CHR Extension: (Google Präsentationen) - C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-02-16] CHR Extension: (Google Docs) - C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-02-16] CHR Extension: (Google Drive) - C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-02-16] CHR Extension: (YouTube) - C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-02-16] CHR Extension: (uBlock Origin) - C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2016-02-16] CHR Extension: (Google-Suche) - C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2016-02-16] CHR Extension: (Tampermonkey) - C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhdgffkkebhmkfjojejmpbldmpobfkfo [2016-02-16] CHR Extension: (Google Tabellen) - C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-02-16] CHR Extension: (Google Docs Offline) - C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-02-16] CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-02-16] CHR Extension: (Google Mail) - C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-02-16] ==================== Dienste (Nicht auf der Ausnahmeliste) ======================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [351944 2015-11-04] (Advanced Micro Devices, Inc.) R2 Bonjour Service; C:\Program Files (x86)\Xamarin\Bonjour\mDNSResponder.exe [384512 2015-06-02] (Apple Inc.) [Datei ist nicht signiert] S3 BstHdAndroidSvc; C:\Program Files (x86)\BlueStacks\HD-Service.exe [432792 2015-12-14] (BlueStack Systems, Inc.) R2 BstHdLogRotatorSvc; C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe [412312 2015-12-14] (BlueStack Systems, Inc.) R2 BstHdUpdaterSvc; C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe [854680 2015-12-14] (BlueStack Systems, Inc.) R2 CGVPNCliService; C:\Program Files\CyberGhost 5\Service.exe [65640 2015-11-05] (CyberGhost S.R.L) R2 EaseUS Agent; D:\Programme\EaseUS Todo Backup\Todo Backup\bin\Agent.exe [37416 2014-12-15] (CHENGDU YIWO Tech Development Co., Ltd) S3 fussvc; C:\Program Files (x86)\Windows Kits\8.1\App Certification Kit\fussvc.exe [142336 2014-02-19] (Microsoft Corporation) [Datei ist nicht signiert] S3 GalaxyClientService; D:\Programme\GalaxyClient\GalaxyClientService.exe [1616440 2015-10-14] (GOG.com) S3 GalaxyCommunication; C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe [7220792 2016-02-11] (GOG.com) R2 HerculesWiFi; C:\WINDOWS\SysWOW64\\HerculesWiFiService.exe [78232 2012-09-26] (Guillemot Corporation) U2 HiPatchService; D:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe [9728 2015-11-03] (Hi-Rez Studios) [Datei ist nicht signiert] R2 IpOverUsbSvc; C:\Program Files (x86)\Common Files\Microsoft Shared\Phone Tools\CoreCon\11.0\Bin\IpOverUsbSvc.exe [14760 2013-01-11] (Microsoft Corporation) R2 jetbrainsetw.103.0.20150818.191753; C:\Program Files (x86)\JetBrains\ETW Host\JetBrains.ETW.Collector.Host.exe [1479288 2015-08-18] (JetBrains s.r.o) R2 MBAMScheduler; D:\Programme\ Malwarebytes Anti-Malware \mbamscheduler.exe [1513784 2015-10-05] (Malwarebytes) R2 MBAMService; D:\Programme\ Malwarebytes Anti-Malware \mbamservice.exe [1135416 2015-10-05] (Malwarebytes) R2 NetBalancerService; D:\Programme\NetBalancer\SeriousBit.NetBalancer.Service.exe [145272 2016-01-15] (SeriousBit) S3 npggsvc; C:\WINDOWS\SysWOW64\GameMon.des [3916368 2016-01-09] (INCA Internet Co., Ltd.) S3 Origin Client Service; D:\Programme\Origin\OriginClientService.exe [2104840 2016-02-05] (Electronic Arts) S3 OverwolfUpdater; D:\Programme\Overwolf\OverwolfUpdater.exe [1009392 2016-01-20] (Overwolf LTD) R2 PnkBstrA; C:\WINDOWS\SysWOW64\PnkBstrA.exe [76152 2015-12-29] () R2 SAVAdminService; C:\Program Files (x86)\Sophos\Sophos Anti-Virus\SAVAdminService.exe [288552 2015-12-02] (Sophos Limited) R2 SAVService; C:\Program Files (x86)\Sophos\Sophos Anti-Virus\SavService.exe [208168 2015-12-02] (Sophos Limited) R2 SbieSvc; C:\Program Files\Sandboxie\SbieSvc.exe [177800 2015-09-21] (Sandboxie Holdings, LLC) R2 Sophos AutoUpdate Service; C:\Program Files (x86)\Sophos\AutoUpdate\ALsvc.exe [489224 2016-01-03] (Sophos Limited) R2 Sophos MCS Agent; C:\Program Files (x86)\Sophos\Management Communications System\Endpoint\McsAgent.exe [331048 2016-01-03] (Sophos Limited) R2 Sophos MCS Client; C:\Program Files (x86)\Sophos\Management Communications System\Endpoint\McsClient.exe [909608 2016-01-03] (Sophos Limited) R2 Sophos Web Control Service; C:\Program Files (x86)\Sophos\Sophos Anti-Virus\Web Control\swc_service.exe [341768 2015-12-02] (Sophos Limited) S3 Survarium-Steam Update Service; D:\Programme\Steam\steamapps\common\Survarium\game\binaries\x86\survarium_service.exe [96856 2015-12-25] () R2 swi_filter; C:\Program Files (x86)\Sophos\Sophos Anti-Virus\Web Intelligence\swi_filter.exe [300808 2015-12-02] (Sophos Limited) R2 swi_service; C:\Program Files (x86)\Sophos\Sophos Anti-Virus\Web Intelligence\swi_service.exe [3278600 2015-12-02] (Sophos Limited) R2 Synergy; D:\Programme\Synergy\synergyd.exe [311488 2015-11-19] () S3 Te.Service; C:\Program Files (x86)\Windows Kits\8.1\Testing\Runtimes\TAEF\Wex.Services.exe [119808 2013-08-22] (Microsoft Corporation) [Datei ist nicht signiert] R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [6889232 2015-12-14] (TeamViewer GmbH) R2 VMAuthdService; D:\Programme\VMware\vmware-authd.exe [87744 2015-05-31] (VMware, Inc.) S3 VSStandardCollectorService140; D:\Programme\Visual Studio\Team Tools\DiagnosticsHub\Collector\StandardCollector.Service.exe [52968 2015-07-06] (Microsoft Corporation) S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [364464 2015-10-30] (Microsoft Corporation) S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-10-30] (Microsoft Corporation) ===================== Treiber (Nicht auf der Ausnahmeliste) ========================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) S0 amdkmafd; C:\Windows\System32\drivers\amdkmafd.sys [31992 2015-06-03] (Advanced Micro Devices, Inc.) R0 amdkmpfd; C:\Windows\System32\drivers\amdkmpfd.sys [36608 2013-12-13] (Advanced Micro Devices, Inc.) R2 AODDriver4.3; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [59616 2014-02-11] (Advanced Micro Devices) R2 APXACC; C:\Windows\system32\DRIVERS\appexDrv.sys [229056 2015-04-03] (AppEx Networks Corporation) R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdWT6.sys [102912 2015-07-22] (Advanced Micro Devices) R2 BstHdDrv; C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [146016 2015-12-14] (BlueStack Systems) S3 dtlitescsibus; C:\Windows\System32\drivers\dtlitescsibus.sys [30264 2015-07-30] (Disc Soft Ltd) S3 epmntdrv; C:\WINDOWS\system32\epmntdrv.sys [18528 2014-11-18] () S3 epmntdrv; C:\WINDOWS\SysWOW64\epmntdrv.sys [14944 2014-11-18] () R0 EUBKMON; C:\Windows\System32\drivers\EUBKMON.sys [48168 2014-12-14] () S3 EuGdiDrv; C:\WINDOWS\system32\EuGdiDrv.sys [10848 2014-11-18] () S3 EuGdiDrv; C:\WINDOWS\SysWOW64\EuGdiDrv.sys [10208 2014-11-18] () S3 ManyCam; C:\Windows\system32\DRIVERS\mcvidrv.sys [49272 2014-12-29] (Visicom Media Inc.) R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25816 2015-10-05] (Malwarebytes) R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [192216 2016-02-18] (Malwarebytes) R3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [64216 2015-10-05] (Malwarebytes Corporation) S3 mcaudrv_simple; C:\Windows\system32\drivers\mcaudrv_x64.sys [35960 2014-12-29] (Visicom Media Inc.) R1 nbdrv; C:\Windows\system32\DRIVERS\nbdrv.sys [42128 2016-01-15] (SeriousBit) R3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [895256 2015-07-29] (Realtek ) R3 rtlss; C:\Windows\System32\Drivers\rtlss.sys [27240 2010-06-21] (Realtek Semiconductor Corporation) R3 RtlWlanu; C:\Windows\System32\drivers\rtwlanu.sys [3870464 2015-10-01] (Realtek Semiconductor Corporation ) R1 SAVOnAccess; C:\Windows\System32\DRIVERS\savonaccess.sys [161024 2015-12-02] (Sophos Limited) R3 SbieDrv; C:\Program Files\Sandboxie\SbieDrv.sys [191624 2015-09-21] (Sandboxie Holdings, LLC) S3 sdcfilter; C:\Windows\system32\DRIVERS\sdcfilter.sys [38144 2015-12-02] (Sophos Limited) R3 SensorsSimulatorDriver; C:\Windows\system32\DRIVERS\WUDFRd.sys [216064 2015-10-30] (Microsoft Corporation) S4 SophosBootDriver; C:\Windows\system32\DRIVERS\SophosBootDriver.sys [27904 2015-12-02] (Sophos Limited) R1 swi_callout; C:\Windows\system32\DRIVERS\swi_callout.sys [32512 2015-12-02] (Sophos Limited) S3 tapse01; C:\Windows\System32\drivers\tapse01.sys [26624 2015-05-25] (The OpenVPN Project) R1 VBoxNetLwf; C:\Windows\system32\DRIVERS\VBoxNetLwf.sys [146584 2015-10-15] (Oracle Corporation) R1 veracrypt; C:\Windows\System32\drivers\veracrypt.sys [195416 2016-02-05] (IDRIX) R0 vsock; C:\Windows\System32\drivers\vsock.sys [76480 2015-05-21] (VMware, Inc.) S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44568 2015-10-30] (Microsoft Corporation) S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [293216 2015-10-30] (Microsoft Corporation) S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [118112 2015-10-30] (Microsoft Corporation) S3 WinDivert1.1; \??\D:\Programme\KMSpico\WinDivert.sys [X] S3 XSplit_Dummy; \SystemRoot\system32\drivers\xspltspk.sys [X] ==================== NetSvcs (Nicht auf der Ausnahmeliste) =================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) ==================== Ein Monat: Erstellte Dateien und Ordner ======== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.) 2016-02-18 16:20 - 2016-02-18 16:21 - 00027827 _____ C:\Users\***\Desktop\FRST.txt 2016-02-18 16:20 - 2016-02-18 16:20 - 02371072 _____ (Farbar) C:\Users\***\Desktop\FRST64.exe 2016-02-18 16:20 - 2016-02-18 16:20 - 00000000 ____D C:\Users\***\Desktop\FRST-OlderVersion 2016-02-18 15:24 - 2016-02-18 15:24 - 00001655 _____ C:\Users\***\Desktop\Twitter Downloader.lnk 2016-02-18 15:03 - 2016-02-18 15:03 - 00034328 _____ (Sysinternals - www.sysinternals.com) C:\WINDOWS\system32\Drivers\PROCEXP152.SYS 2016-02-16 16:54 - 2016-02-16 16:54 - 00002331 _____ C:\Users\***\Desktop\Google Chrome.lnk 2016-02-16 16:37 - 2015-12-02 18:11 - 00032512 _____ (Sophos Limited) C:\WINDOWS\system32\Drivers\swi_callout.sys 2016-02-16 16:35 - 2016-02-16 16:35 - 00000842 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk 2016-02-16 16:35 - 2016-02-16 16:35 - 00000842 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk 2016-02-16 16:35 - 2016-02-16 16:35 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2016-02-16 16:27 - 2016-02-16 16:28 - 00127698 _____ C:\WINDOWS\ntbtlog.txt 2016-02-16 15:52 - 2016-02-18 16:20 - 00000000 ____D C:\FRST 2016-02-15 17:46 - 2016-02-15 17:46 - 00000696 _____ C:\Users\Public\Desktop\EasyBCD 2.2.lnk 2016-02-15 17:46 - 2016-02-15 17:46 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NeoSmart Technologies 2016-02-15 17:32 - 2016-02-17 16:06 - 00000000 ____D C:\NST 2016-02-15 17:12 - 2016-02-15 17:12 - 00000000 ____D C:\Users\***\AppData\Local\NeoSmart_Technologies 2016-02-15 14:50 - 2016-02-15 14:50 - 00000173 _____ C:\Users\***\.gitconfig 2016-02-15 13:48 - 2016-02-15 13:48 - 00026290 _____ C:\Users\***\Desktop\bookmarks-2016-02-15.json 2016-02-12 19:04 - 2016-02-12 19:04 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Survarium-Steam 2016-02-12 17:58 - 2016-02-12 17:58 - 00000000 ____D C:\ProgramData\KONAMI 2016-02-10 16:25 - 2016-01-27 07:15 - 01542816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll 2016-02-10 16:25 - 2016-01-27 07:01 - 07476064 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe 2016-02-10 16:25 - 2016-01-27 06:56 - 21124344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll 2016-02-10 16:25 - 2016-01-27 06:55 - 05242496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll 2016-02-10 16:25 - 2016-01-27 06:45 - 22564328 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll 2016-02-10 16:25 - 2016-01-27 06:45 - 06605544 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll 2016-02-10 16:25 - 2016-01-27 06:37 - 01998176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys 2016-02-10 16:25 - 2016-01-27 06:37 - 00576352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys 2016-02-10 16:25 - 2016-01-27 06:10 - 22394368 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll 2016-02-10 16:25 - 2016-01-27 06:05 - 19339776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll 2016-02-10 16:25 - 2016-01-27 06:05 - 18678272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll 2016-02-10 16:25 - 2016-01-27 06:04 - 09918976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll 2016-02-10 16:25 - 2016-01-27 06:01 - 00792064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll 2016-02-10 16:25 - 2016-01-27 05:58 - 11545088 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll 2016-02-10 16:25 - 2016-01-27 05:55 - 12125696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll 2016-02-10 16:25 - 2016-01-27 05:54 - 24603136 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll 2016-02-10 16:25 - 2016-01-27 05:52 - 00970752 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll 2016-02-10 16:25 - 2016-01-27 05:50 - 02230784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll 2016-02-10 16:25 - 2016-01-27 05:49 - 05662208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll 2016-02-10 16:25 - 2016-01-27 05:48 - 13382656 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll 2016-02-10 16:25 - 2016-01-27 05:42 - 01387520 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll 2016-02-10 16:25 - 2016-01-27 05:41 - 03592704 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys 2016-02-10 16:25 - 2016-01-27 05:39 - 02275328 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll 2016-02-10 16:25 - 2016-01-27 05:38 - 07835648 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll 2016-02-10 16:25 - 2016-01-27 05:37 - 04894720 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll 2016-02-10 16:25 - 2016-01-27 05:36 - 02757120 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll 2016-02-10 16:25 - 2016-01-27 05:32 - 01087488 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll 2016-02-10 16:24 - 2016-01-29 07:57 - 04502352 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe 2016-02-10 16:24 - 2016-01-29 07:33 - 04064320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe 2016-02-10 16:24 - 2016-01-27 07:15 - 01557776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll 2016-02-10 16:24 - 2016-01-27 07:01 - 01997328 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll 2016-02-10 16:24 - 2016-01-27 07:01 - 01819720 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll 2016-02-10 16:24 - 2016-01-27 06:59 - 00304752 _____ (Microsoft Corporation) C:\WINDOWS\system32\systemreset.exe 2016-02-10 16:24 - 2016-01-27 06:57 - 02919320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll 2016-02-10 16:24 - 2016-01-27 06:57 - 01824264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll 2016-02-10 16:24 - 2016-01-27 06:57 - 00820704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinTypes.dll 2016-02-10 16:24 - 2016-01-27 06:55 - 00081112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OpenWith.exe 2016-02-10 16:24 - 2016-01-27 06:54 - 00295264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll 2016-02-10 16:24 - 2016-01-27 06:46 - 02606824 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll 2016-02-10 16:24 - 2016-01-27 06:46 - 01270072 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll 2016-02-10 16:24 - 2016-01-27 06:44 - 00604928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys 2016-02-10 16:24 - 2016-01-27 06:44 - 00085320 _____ (Microsoft Corporation) C:\WINDOWS\system32\OpenWith.exe 2016-02-10 16:24 - 2016-01-27 06:43 - 00359776 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll 2016-02-10 16:24 - 2016-01-27 06:21 - 00162816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msorcl32.dll 2016-02-10 16:24 - 2016-01-27 06:15 - 00031232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ztrace_maps.dll 2016-02-10 16:24 - 2016-01-27 06:13 - 00065536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininetlui.dll 2016-02-10 16:24 - 2016-01-27 06:12 - 00045568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jsproxy.dll 2016-02-10 16:24 - 2016-01-27 06:11 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mtxoci.dll 2016-02-10 16:24 - 2016-01-27 06:10 - 00099840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hlink.dll 2016-02-10 16:24 - 2016-01-27 06:08 - 00299008 _____ (Microsoft Corporation) C:\WINDOWS\system32\microsoft-windows-system-events.dll 2016-02-10 16:24 - 2016-01-27 06:08 - 00036864 _____ (Microsoft Corporation) C:\WINDOWS\system32\ztrace_maps.dll 2016-02-10 16:24 - 2016-01-27 06:07 - 00203264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iassam.dll 2016-02-10 16:24 - 2016-01-27 06:05 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininetlui.dll 2016-02-10 16:24 - 2016-01-27 06:05 - 00052224 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll 2016-02-10 16:24 - 2016-01-27 06:04 - 00147456 _____ (Microsoft Corporation) C:\WINDOWS\system32\mtxoci.dll 2016-02-10 16:24 - 2016-01-27 06:03 - 00099328 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngckeyenum.dll 2016-02-10 16:24 - 2016-01-27 06:02 - 00109056 _____ (Microsoft Corporation) C:\WINDOWS\system32\hlink.dll 2016-02-10 16:24 - 2016-01-27 05:59 - 00258048 _____ (Microsoft Corporation) C:\WINDOWS\system32\iassam.dll 2016-02-10 16:24 - 2016-01-27 05:57 - 00764928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll 2016-02-10 16:24 - 2016-01-27 05:55 - 03666432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll 2016-02-10 16:24 - 2016-01-27 05:50 - 01504768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll 2016-02-10 16:24 - 2016-01-27 05:50 - 00144384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxdav.sys 2016-02-10 16:24 - 2016-01-27 05:44 - 00063488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cfgbkend.dll 2016-02-10 16:24 - 2016-01-27 05:38 - 01734656 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll 2016-02-10 16:24 - 2016-01-27 05:31 - 00079360 _____ (Microsoft Corporation) C:\WINDOWS\system32\cfgbkend.dll 2016-02-09 20:11 - 2016-02-09 20:11 - 00000836 _____ C:\Users\***\AppData\Local\recently-used.xbel 2016-02-05 22:07 - 2016-02-05 22:07 - 00001028 _____ C:\Users\Public\Desktop\Need for Speed™ Most Wanted.lnk 2016-02-05 18:18 - 2016-02-05 18:50 - 00000239 _____ C:\Users\***\Desktop\anime staffel 3.txt 2016-02-05 13:14 - 2016-02-05 13:14 - 00000212 _____ C:\Users\***\Desktop\Pro Evolution Soccer 2016 myClub.url 2016-02-05 09:57 - 2016-02-05 09:57 - 00195416 _____ (IDRIX) C:\WINDOWS\system32\Drivers\veracrypt.sys 2016-02-05 09:57 - 2016-02-05 09:57 - 00000747 _____ C:\Users\***\Desktop\VeraCrypt.lnk 2016-02-05 09:57 - 2016-02-05 09:57 - 00000000 ____D C:\Users\***\AppData\Roaming\VeraCrypt 2016-02-02 10:56 - 2016-02-02 10:56 - 00000000 ____D C:\Users\***\Desktop\SSQLib_v0.9.0 2016-02-01 18:24 - 2016-02-01 18:25 - 00000000 ____D C:\ProgramData\Overwolf 2016-02-01 18:24 - 2016-02-01 18:24 - 00003766 _____ C:\WINDOWS\System32\Tasks\Overwolf Updater Task 2016-02-01 18:24 - 2016-02-01 18:24 - 00000856 _____ C:\Users\Public\Desktop\Overwolf.lnk 2016-02-01 18:24 - 2016-02-01 18:24 - 00000000 ____D C:\Users\***\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Overwolf 2016-02-01 18:22 - 2016-02-01 18:25 - 00000000 ____D C:\Users\***\AppData\Local\Overwolf 2016-01-31 13:55 - 2016-02-16 16:33 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox 2016-01-29 18:19 - 2016-01-29 18:19 - 00000000 ____D C:\Users\Default\AppData\Local\Microsoft Help 2016-01-29 18:19 - 2016-01-29 18:19 - 00000000 ____D C:\Users\Default User\AppData\Local\Microsoft Help 2016-01-29 18:15 - 2016-01-30 19:53 - 00005386 _____ C:\WINDOWS\System32\Tasks\Microsoft Office 15 Sync Maintenance for KASKADEKING-PC-KaskadekingDE Kaskadeking-PC 2016-01-29 16:56 - 2016-02-06 21:45 - 00000120 _____ C:\Users\***\Desktop\anime staffel 2.txt 2016-01-29 16:12 - 2016-01-29 16:12 - 00000000 ____D C:\Users\***\Desktop\octoawesome-develop 2016-01-29 15:13 - 2016-01-29 15:13 - 00001899 _____ C:\Users\***\Desktop\PowerPoint 2013.lnk 2016-01-29 15:13 - 2016-01-29 15:13 - 00001855 _____ C:\Users\***\Desktop\Excel 2013.lnk 2016-01-29 15:01 - 2016-01-29 15:01 - 00001863 _____ C:\Users\***\Desktop\Word 2013.lnk 2016-01-29 14:56 - 2016-02-10 18:32 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013 2016-01-29 14:56 - 2016-01-29 14:56 - 00000000 ____D C:\Program Files\Common Files\DESIGNER 2016-01-29 14:55 - 2016-01-29 14:55 - 00000000 ____D C:\WINDOWS\PCHEALTH 2016-01-29 14:54 - 2016-01-29 14:54 - 00000000 ____D C:\Program Files\Microsoft Analysis Services 2016-01-29 14:54 - 2016-01-29 14:54 - 00000000 ____D C:\Program Files (x86)\Microsoft Analysis Services 2016-01-29 14:53 - 2016-01-30 15:45 - 00000000 ____D C:\Users\***\AppData\Local\Microsoft Help 2016-01-29 14:53 - 2016-01-29 14:53 - 00000000 ____D C:\Program Files (x86)\Microsoft Office 2016-01-28 15:25 - 2016-01-16 07:23 - 08728920 _____ (Microsoft Corp.) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll 2016-01-28 15:25 - 2016-01-16 07:21 - 01750440 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcMon.exe 2016-01-28 15:25 - 2016-01-16 07:20 - 06971752 _____ (Microsoft Corp.) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll 2016-01-28 15:25 - 2016-01-16 06:45 - 16986112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll 2016-01-28 15:25 - 2016-01-16 06:38 - 07979008 _____ (Microsoft Corporation) C:\WINDOWS\system32\mos.dll 2016-01-28 15:25 - 2016-01-16 06:35 - 13018624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll 2016-01-28 15:25 - 2016-01-16 06:31 - 00794112 _____ (Microsoft Corporation) C:\WINDOWS\system32\winhttp.dll 2016-01-28 15:25 - 2016-01-16 06:30 - 01053696 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll 2016-01-28 15:25 - 2016-01-16 06:29 - 01500672 _____ (Microsoft Corporation) C:\WINDOWS\system32\RecoveryDrive.exe 2016-01-28 15:25 - 2016-01-16 06:28 - 02624512 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputService.dll 2016-01-28 15:25 - 2016-01-16 06:24 - 02057216 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidsvc.dll 2016-01-28 15:25 - 2016-01-16 06:21 - 06297088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mos.dll 2016-01-28 15:25 - 2016-01-16 06:20 - 07199232 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll 2016-01-28 15:25 - 2016-01-16 06:20 - 02597888 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll 2016-01-28 15:25 - 2016-01-16 06:20 - 01944576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputService.dll 2016-01-28 15:25 - 2016-01-16 06:17 - 05503488 _____ (Microsoft Corporation) C:\WINDOWS\system32\d2d1.dll 2016-01-28 15:25 - 2016-01-16 06:16 - 05202944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingMaps.dll 2016-01-28 15:25 - 2016-01-16 06:15 - 04759040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll 2016-01-28 15:25 - 2016-01-16 06:14 - 01946624 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll 2016-01-28 15:25 - 2016-01-16 06:14 - 01626624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll 2016-01-28 15:24 - 2016-01-16 07:37 - 00202472 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscapi.dll 2016-01-28 15:24 - 2016-01-16 07:36 - 01173344 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll 2016-01-28 15:24 - 2016-01-16 07:36 - 00713568 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll 2016-01-28 15:24 - 2016-01-16 07:34 - 00513888 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll 2016-01-28 15:24 - 2016-01-16 07:24 - 00538632 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWanAPI.dll 2016-01-28 15:24 - 2016-01-16 07:23 - 00848160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll 2016-01-28 15:24 - 2016-01-16 07:23 - 00785088 _____ (Microsoft Corporation) C:\WINDOWS\system32\evr.dll 2016-01-28 15:24 - 2016-01-16 07:23 - 00536256 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll 2016-01-28 15:24 - 2016-01-16 07:23 - 00408120 _____ (Microsoft Corporation) C:\WINDOWS\system32\AUDIOKSE.dll 2016-01-28 15:24 - 2016-01-16 07:23 - 00369912 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe 2016-01-28 15:24 - 2016-01-16 07:20 - 00652312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\evr.dll 2016-01-28 15:24 - 2016-01-16 07:20 - 00431240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWanAPI.dll 2016-01-28 15:24 - 2016-01-16 07:20 - 00366224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AUDIOKSE.dll 2016-01-28 15:24 - 2016-01-16 07:19 - 00709688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll 2016-01-28 15:24 - 2016-01-16 07:19 - 00405568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll 2016-01-28 15:24 - 2016-01-16 07:12 - 01415200 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll 2016-01-28 15:24 - 2016-01-16 07:09 - 01089880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\http.sys 2016-01-28 15:24 - 2016-01-16 07:08 - 01174008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll 2016-01-28 15:24 - 2016-01-16 07:08 - 00440152 _____ (Microsoft Corporation) C:\WINDOWS\system32\services.exe 2016-01-28 15:24 - 2016-01-16 06:46 - 00067072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbser.sys 2016-01-28 15:24 - 2016-01-16 06:44 - 00166400 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe 2016-01-28 15:24 - 2016-01-16 06:44 - 00017408 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasadhlp.dll 2016-01-28 15:24 - 2016-01-16 06:44 - 00013824 _____ (Microsoft Corporation) C:\WINDOWS\system32\rastlsext.dll 2016-01-28 15:24 - 2016-01-16 06:43 - 00097280 _____ (Microsoft Corporation) C:\WINDOWS\system32\winhttpcom.dll 2016-01-28 15:24 - 2016-01-16 06:42 - 00120320 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsBtSvc.dll 2016-01-28 15:24 - 2016-01-16 06:42 - 00013824 _____ (Microsoft Corporation) C:\WINDOWS\system32\sscoreext.dll 2016-01-28 15:24 - 2016-01-16 06:41 - 00055296 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe 2016-01-28 15:24 - 2016-01-16 06:40 - 00106496 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasauto.dll 2016-01-28 15:24 - 2016-01-16 06:40 - 00049152 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcaui.exe 2016-01-28 15:24 - 2016-01-16 06:40 - 00019456 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasautou.exe 2016-01-28 15:24 - 2016-01-16 06:39 - 00149504 _____ (Microsoft Corporation) C:\WINDOWS\system32\FilterDS.dll 2016-01-28 15:24 - 2016-01-16 06:38 - 00406528 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll 2016-01-28 15:24 - 2016-01-16 06:38 - 00193024 _____ (Microsoft Corporation) C:\WINDOWS\system32\SimCfg.dll 2016-01-28 15:24 - 2016-01-16 06:38 - 00130560 _____ (Microsoft Corporation) C:\WINDOWS\system32\winbio.dll 2016-01-28 15:24 - 2016-01-16 06:37 - 00617984 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll 2016-01-28 15:24 - 2016-01-16 06:37 - 00274944 _____ (Microsoft Corporation) C:\WINDOWS\system32\DisplayManager.dll 2016-01-28 15:24 - 2016-01-16 06:37 - 00190464 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscsvc.dll 2016-01-28 15:24 - 2016-01-16 06:37 - 00073728 _____ (Microsoft Corporation) C:\WINDOWS\system32\SMSRouter.dll 2016-01-28 15:24 - 2016-01-16 06:36 - 00638464 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll 2016-01-28 15:24 - 2016-01-16 06:36 - 00475648 _____ (Microsoft Corporation) C:\WINDOWS\system32\DDDS.dll 2016-01-28 15:24 - 2016-01-16 06:36 - 00221696 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe 2016-01-28 15:24 - 2016-01-16 06:36 - 00160768 _____ (Microsoft Corporation) C:\WINDOWS\system32\SimAuth.dll 2016-01-28 15:24 - 2016-01-16 06:36 - 00011776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rastlsext.dll 2016-01-28 15:24 - 2016-01-16 06:35 - 00383488 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll 2016-01-28 15:24 - 2016-01-16 06:35 - 00013312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasadhlp.dll 2016-01-28 15:24 - 2016-01-16 06:34 - 00610816 _____ (Microsoft Corporation) C:\WINDOWS\system32\rastls.dll 2016-01-28 15:24 - 2016-01-16 06:34 - 00590848 _____ (Microsoft Corporation) C:\WINDOWS\system32\SmsRouterSvc.dll 2016-01-28 15:24 - 2016-01-16 06:34 - 00477696 _____ (Microsoft Corporation) C:\WINDOWS\system32\srcore.dll 2016-01-28 15:24 - 2016-01-16 06:34 - 00275456 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll 2016-01-28 15:24 - 2016-01-16 06:34 - 00079360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winhttpcom.dll 2016-01-28 15:24 - 2016-01-16 06:33 - 00726528 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidcli.dll 2016-01-28 15:24 - 2016-01-16 06:33 - 00574976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.UX.EapRequestHandler.dll 2016-01-28 15:24 - 2016-01-16 06:33 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapsBtSvc.dll 2016-01-28 15:24 - 2016-01-16 06:32 - 00621568 _____ (Microsoft Corporation) C:\WINDOWS\system32\wbiosrvc.dll 2016-01-28 15:24 - 2016-01-16 06:32 - 00041984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\pcaui.exe 2016-01-28 15:24 - 2016-01-16 06:31 - 00851456 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsStore.dll 2016-01-28 15:24 - 2016-01-16 06:31 - 00440320 _____ (Microsoft Corporation) C:\WINDOWS\system32\CredProvDataModel.dll 2016-01-28 15:24 - 2016-01-16 06:31 - 00343552 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsApi.dll 2016-01-28 15:24 - 2016-01-16 06:31 - 00017408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasautou.exe 2016-01-28 15:24 - 2016-01-16 06:30 - 02127360 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl 2016-01-28 15:24 - 2016-01-16 06:30 - 00784384 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll 2016-01-28 15:24 - 2016-01-16 06:30 - 00157696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SimCfg.dll 2016-01-28 15:24 - 2016-01-16 06:30 - 00093696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winbio.dll 2016-01-28 15:24 - 2016-01-16 06:29 - 00200704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DisplayManager.dll 2016-01-28 15:24 - 2016-01-16 06:28 - 01318912 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifinetworkmanager.dll 2016-01-28 15:24 - 2016-01-16 06:28 - 00884736 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasdlg.dll 2016-01-28 15:24 - 2016-01-16 06:28 - 00129024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SimAuth.dll 2016-01-28 15:24 - 2016-01-16 06:27 - 00335872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll 2016-01-28 15:24 - 2016-01-16 06:26 - 00535040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rastls.dll 2016-01-28 15:24 - 2016-01-16 06:26 - 00345600 _____ (Microsoft Corporation) C:\WINDOWS\system32\TextInputFramework.dll 2016-01-28 15:24 - 2016-01-16 06:26 - 00260608 _____ C:\WINDOWS\system32\MTFServer.dll 2016-01-28 15:24 - 2016-01-16 06:26 - 00175616 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Core.TextInput.dll 2016-01-28 15:24 - 2016-01-16 06:25 - 00510976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlidcli.dll 2016-01-28 15:24 - 2016-01-16 06:25 - 00457728 _____ (Microsoft Corporation) C:\WINDOWS\system32\ipnathlp.dll 2016-01-28 15:24 - 2016-01-16 06:25 - 00235008 _____ C:\WINDOWS\system32\MTF.dll 2016-01-28 15:24 - 2016-01-16 06:24 - 00613888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winhttp.dll 2016-01-28 15:24 - 2016-01-16 06:24 - 00350720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CredProvDataModel.dll 2016-01-28 15:24 - 2016-01-16 06:24 - 00273408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SensorsApi.dll 2016-01-28 15:24 - 2016-01-16 06:23 - 02050048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl 2016-01-28 15:24 - 2016-01-16 06:23 - 00687616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll 2016-01-28 15:24 - 2016-01-16 06:20 - 00799744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasdlg.dll 2016-01-28 15:24 - 2016-01-16 06:19 - 00733184 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasapi32.dll 2016-01-28 15:24 - 2016-01-16 06:19 - 00245760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TextInputFramework.dll 2016-01-28 15:24 - 2016-01-16 06:19 - 00162816 _____ C:\WINDOWS\SysWOW64\MTF.dll 2016-01-28 15:24 - 2016-01-16 06:19 - 00133632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Core.TextInput.dll 2016-01-28 15:24 - 2016-01-16 06:18 - 01674240 _____ (Microsoft Corporation) C:\WINDOWS\system32\quartz.dll 2016-01-28 15:24 - 2016-01-16 06:16 - 01542656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\quartz.dll 2016-01-28 15:24 - 2016-01-16 06:11 - 00653312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasapi32.dll 2016-01-26 18:04 - 2016-01-26 18:05 - 00000000 ____D C:\Users\***\Desktop\Vae-master 2016-01-25 15:25 - 2016-01-25 15:25 - 00000212 _____ C:\Users\***\Desktop\Sven Co-op.url 2016-01-24 18:42 - 2016-01-24 18:42 - 00018099 _____ C:\Users\***\Desktop\TextDeutsch.odt 2016-01-23 16:08 - 2016-01-23 16:08 - 00000000 ____D C:\Users\***\AppData\Roaming\Awesomium 2016-01-23 16:08 - 2016-01-09 16:39 - 03916368 _____ (INCA Internet Co., Ltd.) C:\WINDOWS\SysWOW64\GameMon.des 2016-01-23 16:07 - 2016-01-23 16:07 - 00000000 ____D C:\Program Files\Common Files\INCA Shared 2016-01-23 16:07 - 2005-01-03 07:43 - 00004682 _____ (INCA Internet Co., Ltd.) C:\WINDOWS\SysWOW64\npptNT2.sys 2016-01-23 16:07 - 2003-07-18 22:17 - 00005174 _____ C:\WINDOWS\SysWOW64\nppt9x.vxd 2016-01-23 12:08 - 2016-01-23 12:18 - 00000000 ____D C:\Users\***\AppData\Roaming\discord 2016-01-23 12:08 - 2016-01-23 12:08 - 00002245 _____ C:\Users\***\Desktop\Discord.lnk 2016-01-23 12:08 - 2016-01-23 12:08 - 00000000 ____D C:\Users\***\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Hammer & Chisel, Inc 2016-01-23 12:08 - 2016-01-23 12:08 - 00000000 ____D C:\Users\***\AppData\Local\Discord 2016-01-22 19:08 - 2016-01-22 19:08 - 00000792 _____ C:\Users\Public\Desktop\NetBalancer.lnk 2016-01-22 19:08 - 2016-01-15 08:41 - 00042128 _____ (SeriousBit) C:\WINDOWS\system32\Drivers\nbdrv.sys 2016-01-22 18:59 - 2016-01-22 18:59 - 00001502 _____ C:\Users\Public\Desktop\Blade & Soul.lnk 2016-01-22 18:58 - 2016-01-22 18:58 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NCWest 2016-01-22 18:58 - 2016-01-22 18:58 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NCSOFT 2016-01-22 18:58 - 2016-01-22 18:58 - 00000000 ____D C:\Program Files (x86)\NCWest 2016-01-22 17:32 - 2016-01-22 17:32 - 00000212 _____ C:\Users\***\Desktop\Survarium.url 2016-01-22 15:14 - 2016-01-22 15:14 - 00000000 ____D C:\Users\***\AppData\Roaming\Process Hacker 2 2016-01-22 15:12 - 2016-01-22 15:12 - 00000000 ____D C:\Users\***\Desktop\ProcessHacker 2016-01-21 19:23 - 2016-01-21 19:23 - 00003207 _____ C:\Users\***\Desktop\Wizard Chess.lnk 2016-01-21 19:23 - 2016-01-21 19:23 - 00000000 ____D C:\Users\***\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Wizard Chess 2016-01-21 14:37 - 2016-02-18 15:56 - 00003670 _____ C:\WINDOWS\System32\Tasks\CreateExplorerShellUnelevatedTask ==================== Ein Monat: Geänderte Dateien und Ordner ======== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.) 2016-02-18 16:20 - 2015-05-30 18:32 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys 2016-02-18 16:14 - 2015-12-06 18:01 - 00001148 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job 2016-02-18 16:14 - 2015-12-06 18:01 - 00001144 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job 2016-02-18 16:12 - 2015-11-29 15:22 - 02011300 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2016-02-18 16:12 - 2015-10-30 19:35 - 00855194 _____ C:\WINDOWS\system32\perfh007.dat 2016-02-18 16:12 - 2015-10-30 19:35 - 00188946 _____ C:\WINDOWS\system32\perfc007.dat 2016-02-18 16:12 - 2015-10-30 08:21 - 00000000 ____D C:\WINDOWS\INF 2016-02-18 16:11 - 2015-06-04 20:10 - 00000000 ____D C:\ProgramData\BlueStacksSetup 2016-02-18 16:11 - 2015-05-30 15:43 - 00004164 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{A816AD26-8DB1-4860-ADDE-5794E0E9DEB5} 2016-02-18 16:07 - 2015-05-30 18:26 - 00000000 ____D C:\Users\***\AppData\Roaming\eM Client 2016-02-18 16:06 - 2015-11-29 15:40 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT 2016-02-18 16:06 - 2015-08-13 17:48 - 00000000 ____D C:\ProgramData\VMware 2016-02-18 16:00 - 2015-10-30 07:28 - 00524288 ___SH C:\WINDOWS\system32\config\BBI 2016-02-18 16:00 - 2015-04-10 09:24 - 00065536 _____ C:\WINDOWS\system32\spu_storage.bin 2016-02-18 15:45 - 2015-06-15 20:09 - 00000884 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job 2016-02-18 15:10 - 2015-06-09 14:55 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk 2016-02-18 15:03 - 2015-10-30 08:24 - 00000000 ___HD C:\Program Files\WindowsApps 2016-02-18 15:03 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\AppReadiness 2016-02-17 19:47 - 2015-06-29 15:19 - 00000000 ____D C:\Users\***\AppData\Local\CrashDumps 2016-02-17 16:07 - 2015-10-30 08:24 - 00028672 _____ C:\WINDOWS\system32\config\BCD-Template 2016-02-17 16:04 - 2015-12-30 13:07 - 00000000 ____D C:\Users\***\AppData\Local\Deployment 2016-02-17 14:39 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\LiveKernelReports 2016-02-16 19:25 - 2015-05-30 16:40 - 00000000 ____D C:\Users\***\AppData\Roaming\.minecraft 2016-02-16 16:20 - 2015-12-16 21:01 - 00000000 ____D C:\Users\***\AppData\Roaming\TeamViewer 2016-02-16 16:20 - 2015-06-23 15:28 - 00000000 ____D C:\Users\***\AppData\Roaming\BitTorrent 2016-02-16 15:37 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\L2Schemas 2016-02-15 21:15 - 2015-06-04 16:37 - 00000000 ____D C:\Users\***\.VirtualBox 2016-02-15 17:15 - 2015-11-29 15:22 - 00000000 ____D C:\Users\*** 2016-02-15 17:14 - 2015-05-30 18:15 - 00000000 ____D C:\Users\***\AppData\Roaming\GitHub 2016-02-15 17:14 - 2015-05-30 18:15 - 00000000 ____D C:\Users\***\AppData\Local\GitHub 2016-02-14 20:17 - 2015-08-01 12:19 - 00007625 _____ C:\Users\***\AppData\Local\Resmon.ResmonCfg 2016-02-14 18:08 - 2015-08-13 17:51 - 00000000 ____D C:\Users\***\AppData\Local\VMware 2016-02-14 17:53 - 2015-08-13 17:51 - 00000000 ____D C:\Users\***\AppData\Roaming\VMware 2016-02-14 17:52 - 2015-06-04 16:37 - 00000000 ____D C:\Users\***\VirtualBox VMs 2016-02-14 13:09 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\NDF 2016-02-14 13:09 - 2015-08-13 09:40 - 00000000 ____D C:\Users\***\AppData\Local\ElevatedDiagnostics 2016-02-12 21:37 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\rescache 2016-02-11 13:43 - 2015-04-15 09:17 - 00000000 __RHD C:\Users\Public\AccountPictures 2016-02-10 20:33 - 2015-10-30 19:44 - 00000000 ____D C:\Program Files\Windows Journal 2016-02-10 20:16 - 2015-12-06 18:04 - 00002271 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2016-02-10 18:27 - 2015-01-23 13:16 - 00000000 ____D C:\WINDOWS\system32\MRT 2016-02-10 18:18 - 2015-01-23 13:16 - 146614896 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe 2016-02-10 18:17 - 2015-10-30 08:11 - 00000000 ____D C:\WINDOWS\CbsTemp 2016-02-09 20:17 - 2015-12-03 15:07 - 00000000 ____D C:\Users\***\.gimp-2.8 2016-02-05 23:01 - 2015-05-30 18:40 - 00000000 ____D C:\ProgramData\Origin 2016-02-03 20:01 - 2015-10-30 08:26 - 00828920 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe 2016-02-03 20:01 - 2015-10-30 08:26 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl 2016-02-02 23:51 - 2015-07-11 08:58 - 00000000 ____D C:\Users\***\AppData\Local\Spotify 2016-02-02 23:41 - 2015-07-11 08:57 - 00000000 ____D C:\Users\***\AppData\Roaming\Spotify 2016-02-02 16:09 - 2015-12-06 18:01 - 00004206 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA 2016-02-02 16:09 - 2015-12-06 18:01 - 00003974 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore 2016-02-01 22:57 - 2015-08-03 19:44 - 00000000 ____D C:\Users\***\AppData\Roaming\TS3Client 2016-01-30 19:12 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\FxsTmp 2016-01-30 09:54 - 2015-11-29 15:20 - 00360472 _____ C:\WINDOWS\system32\FNTCACHE.DAT 2016-01-29 23:09 - 2015-10-30 08:24 - 00000000 ___SD C:\WINDOWS\system32\F12 2016-01-29 23:09 - 2015-10-30 08:24 - 00000000 ___RD C:\WINDOWS\PurchaseDialog 2016-01-29 23:09 - 2015-10-30 08:24 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel 2016-01-29 23:09 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns 2016-01-29 23:09 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\oobe 2016-01-29 23:09 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\appraiser 2016-01-29 23:09 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\bcastdvr 2016-01-29 18:27 - 2015-10-30 08:24 - 00000000 ____D C:\Program Files\Common Files\microsoft shared 2016-01-29 14:55 - 2015-10-30 08:24 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft 2016-01-29 14:54 - 2015-10-30 19:44 - 00000000 ____D C:\WINDOWS\ShellNew 2016-01-23 12:08 - 2015-06-19 20:56 - 00000000 ____D C:\Users\***\AppData\Local\SquirrelTemp 2016-01-22 19:07 - 2015-12-06 13:59 - 00000000 __SHD C:\WINDOWS\SysWOW64\AI_RecycleBin 2016-01-22 18:58 - 2015-05-30 15:40 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information 2016-01-22 16:59 - 2016-01-11 20:57 - 00000000 ____D C:\Program Files\WinPcap 2016-01-21 19:33 - 2015-10-21 18:27 - 00000000 ____D C:\Users\***\AppData\Roaming\Audacity 2016-01-20 17:49 - 2015-12-19 17:46 - 00001856 _____ C:\Users\***\Desktop\UnlockPass.lnk 2016-01-19 19:54 - 2015-06-15 20:04 - 00000000 ____D C:\Users\***\AppData\Local\Windows Live 2016-01-19 12:52 - 2015-10-04 09:12 - 00000000 ____D C:\Users\***\AppData\Local\Syncthing ==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse ======= 2015-11-14 12:43 - 2015-11-14 12:43 - 0000000 _____ () C:\Users\***\AppData\Local\debuggee.mdmp 2016-02-09 20:11 - 2016-02-09 20:11 - 0000836 _____ () C:\Users\***\AppData\Local\recently-used.xbel 2015-08-01 12:19 - 2016-02-14 20:17 - 0007625 _____ () C:\Users\***\AppData\Local\Resmon.ResmonCfg 2015-11-29 15:21 - 2015-11-29 15:21 - 0000000 ____H () C:\ProgramData\DP45977C.lfl Einige Dateien in TEMP: ==================== C:\Users\***\AppData\Local\Temp\PROCEXP64.exe ==================== Bamital & volsnap ================= (Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.) C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert C:\WINDOWS\explorer.exe => Datei ist digital signiert C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert C:\WINDOWS\system32\services.exe => Datei ist digital signiert C:\WINDOWS\system32\User32.dll => Datei ist digital signiert C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert LastRegBack: 2016-02-11 16:34 ==================== Ende von FRST.txt ============================
__________________ Mfg, Kaskadeking |
| Themen zu Probleme mit Internetbrowser |
| bluestacks, bonjour, browser, dnsapi.dll, down, error, excel, firefox, flash player, google, home, installation, malware, mozilla, problem, prozess, prozesse, realtek, registry, scan, server, software, svchost.exe, system, taskmanager, ublock, ublock origin, windows, windowsapps, zugriff verweigert |
Baum-Darstellung