| |
| |||||||
Log-Analyse und Auswertung: Windows 8: Entfernen von Safefinder, Snap.do, SideCubes und CoWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
 |
15.08.2015, 15:14
| #1 |
| |  Windows 8: Entfernen von Safefinder, Snap.do, SideCubes und Co Hallo! Leider Gottes habe ich mir scheinbar einiges an Malware eingefangen, dass ich ohne Unterstüzung nicht loswerde ... Ich habe Eure Anleitung gelesen, poste nun die Logs von FRST (GMER hat leider nicht funktioniert) und bin euch schon im vornherein dankbar für jede Hilfe!! FRST.txt: Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:14-08-2015 01 durchgeführt von CM (Administrator) auf CHRISTIAN (15-08-2015 15:51:54) Gestartet von C:\Users\CM\Desktop Geladene Profile: CM (Verfügbare Profile: CM) Platform: Windows 8.1 (X64) Sprache: Deutsch (Deutschland) Internet Explorer Version 11 (Standard-Browser: FF) Start-Modus: Normal Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Prozesse (Nicht auf der Ausnahmeliste) ================= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.) (Intel Corporation) C:\Windows\System32\igfxCUIService.exe (ABBYY) C:\Program Files (x86)\Common Files\ABBYY\FineReader\10.00\Licensing\CE\NetworkLicenseServer.exe (Qualcomm Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe (Acer Incorporated) C:\Program Files (x86)\Acer\Acer Cloud\CCDMonitorService.exe () C:\Program Files\Controller\cohc.exe (Dritek System Inc.) C:\Program Files (x86)\Launch Manager\dsiwmis.exe (Diskeeper Corporation) C:\Program Files\Diskeeper Corporation\ExpressCache\ExpressCache.exe (Acer Incorporated) C:\Program Files\Acer\Acer Instant Service\Sleep Memory Optimizer\FFSService.exe (Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe (Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe (Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe (McAfee, Inc.) C:\Program Files (x86)\McAfee\SiteAdvisor\mcsacore.exe (McAfee, Inc.) C:\Program Files\Common Files\mcafee\systemcore\mfemms.exe (McAfee, Inc.) C:\Windows\System32\mfevtps.exe (McAfee, Inc.) C:\Windows\System32\mfevtps.exe (NTI Corporation) C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe (McAfee, Inc.) C:\Program Files\Common Files\mcafee\AMCore\mcshield.exe (McAfee, Inc.) C:\Program Files\Common Files\mcafee\systemcore\mfefire.exe (Dritek System INC.) C:\Windows\RfBtnSvc64.exe (Atheros) C:\Program Files (x86)\Qualcomm Atheros\Ath_WlanAgent.exe () C:\ProgramData\Zontone\Zontone.exe (McAfee, Inc.) C:\Program Files\mcafee\msc\McAPExe.exe (McAfee, Inc.) C:\Program Files\Common Files\mcafee\systemcore\mfefire.exe (McAfee, Inc.) C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe (Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMutilps32.exe (Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe (Intel Corporation) C:\Windows\System32\igfxEM.exe (Intel Corporation) C:\Windows\System32\igfxHK.exe (Intel Corporation) C:\Windows\System32\igfxTray.exe (Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LManager.exe (Dritek System Inc.) C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe (Intel Corporation) C:\Windows\System32\igfxext.exe (Microsoft Corporation) C:\Windows\System32\SkyDrive.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe (McAfee, Inc.) C:\Program Files\Common Files\mcafee\Platform\McUICnt.exe (ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe () C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe (NTI Corporation) C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe (Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.11.149\SSScheduler.exe (Dolby Laboratories Inc.) C:\Dolby PCEE4\pcee4.exe (Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe (ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe (Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerTray.exe (Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerEvent.exe (CyberLink) C:\Program Files (x86)\CyberLink\MediaEspresso\DeviceDetector\DeviceDetector.exe (Qualcomm Atheros) C:\Program Files (x86)\Bluetooth Suite\BtTray.exe (Atheros Communications) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe () C:\Program Files\Acer\Acer Instant Service\InstantUpdate\iuBrowserIEAgent.exe () C:\Program Files\Acer\Acer Instant Service\InstantUpdate\iuEmailOutlookAgent.exe (Acer Incorporated) C:\Program Files\Acer\Acer Theft Shield\USecuAppClient.exe () C:\Program Files\ReviverSoft\Driver Reviver\DriverReviver.exe (Egis Technology Inc.) C:\Program Files\EgisTec IPS\PmmUpdate.exe (Egis Technology Inc.) C:\Program Files\EgisTec IPS\EgisUpdate.exe ==================== Registry (Nicht auf der Ausnahmeliste) =========================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.) HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [2864528 2012-08-20] (ELAN Microelectronics Corp.) HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12936848 2012-07-31] (Realtek Semiconductor) HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1214608 2012-07-31] (Realtek Semiconductor) HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch HKLM\...\Run: [HotKeysCmds] => C:\Windows\system32\hkcmd.exe HKLM\...\Run: [Persistence] => C:\Windows\system32\igfxpers.exe HKLM\...\Run: [BtPreLoad] => C:\Program Files (x86)\Bluetooth Suite\BtPreLoad.exe [64640 2012-08-10] () HKLM-x32\...\Run: [mcui_exe] => C:\Program Files\McAfee.com\Agent\mcagent.exe [641504 2015-07-21] (McAfee, Inc.) HKLM-x32\...\Run: [Dolby Home Theater v4] => C:\Dolby PCEE4\pcee4.exe [508256 2012-04-23] (Dolby Laboratories Inc.) HKLM-x32\...\Run: [LManager] => [X] HKLM-x32\...\Run: [Bonus.SSR.FR10] => C:\Program Files (x86)\ABBYY FineReader 10\Bonus.ScreenshotReader.exe [941320 2009-12-20] (ABBYY.) HKLM\...\Policies\Explorer: [NoFolderOptions] 0 HKLM\...\Policies\Explorer: [NoControlPanel] 0 HKU\S-1-5-21-2407381306-1223850301-1151369756-1001\...\Run: [Spotify Web Helper] => C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe [1193176 2012-10-18] () AppInit_DLLs: C:\ProgramData\Zontone\yjnsg3mq.dll => C:\ProgramData\Zontone\yjnsg3mq.dll [146944 2015-08-11] () AppInit_DLLs-x32: C:\ProgramData\Zontone\4spzqbdf.dll => C:\ProgramData\Zontone\4spzqbdf.dll [120320 2015-08-11] () Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Acer Backup Manager Tray.lnk [2012-09-01] ShortcutTarget: Acer Backup Manager Tray.lnk -> C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe (NTI Corporation) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk [2015-07-26] ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.11.149\SSScheduler.exe (McAfee, Inc.) ==================== Internet (Nicht auf der Ausnahmeliste) ==================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt..) HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com HKU\S-1-5-21-2407381306-1223850301-1151369756-1001\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBUTwkzwGbNf1Lchis4Xjylf4aAb52mZkzohosIxYuqQ8rXqRc_Pqjp71f4SudyAmUg0UZKnOHAP7OowVFcOrbMDpEe8tuY_-dqmtGsmbh502bSqFLvmzQnrF9wclFp9pLD9myHYCY14Jnf-JB3yaANu6ZMENop9Y-HJd6t4g,,&q={searchTerms} HKU\S-1-5-21-2407381306-1223850301-1151369756-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://%66%65%65%64.%73%6E%61%70%64%6F.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBUTwkzwGbNf1Lchis4Xjylf4aAb52mZkzohosIxYuqQ8rXqRc_Pqjp71f4SudyAmUg0UZKnOHAP7OowVFcOrbMDpESn-6ghCJn4sX6CTmIR1Cg47szre_SIYGidSpFtBohtEXgldALXo0inJYnQAwbvS3gb9dINtUPNlobOg,, HKU\S-1-5-21-2407381306-1223850301-1151369756-1001\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBUTwkzwGbNf1Lchis4Xjylf4aAb52mZkzohosIxYuqQ8rXqRc_Pqjp71f4SudyAmUg0UZKnOHAP7OowVFcOrbMDpEe8tuY_-dqmtGsmbh502bSqFLvmzQnrF9wclFp9pLD9myHYCY14Jnf-JB3yaANu6ZMENop9Y-HJd6t4g,,&q={searchTerms} HKU\S-1-5-21-2407381306-1223850301-1151369756-1001\Software\Microsoft\Internet Explorer\Main,SearchAssistant = hxxp://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBUTwkzwGbNf1Lchis4Xjylf4aAb52mZkzohosIxYuqQ8rXqRc_Pqjp71f4SudyAmUg0UZKnOHAP7OowVFcOrbMDpEe8tuY_-dqmtGsmbh502bSqFLvmzQnrF9wclFp9pLD9myHYCY14Jnf-JB3yaANu6ZMENop9Y-HJd6t4g,,&q={searchTerms} SearchScopes: HKLM-x32 -> DefaultScope {ielnksrch} URL = SearchScopes: HKLM-x32 -> ielnksrch URL = hxxp://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBUTwkzwGbNf1Lchis4Xjylf4aAb52mZkzohosIxYuqQ8rXqRc_Pqjp71f4SudyAmUg0UZKnOHAP7OowVFcOrbMDpEe8tuY_-dqmtGsmbh502bSqFLvmzQnrF9wclFp9pLD9myHYCY14Jnf-JB3yaANu6ZMENop9Y-HJd6t4g,,&q={searchTerms} SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-21-2407381306-1223850301-1151369756-1001 -> DefaultScope {ielnksrch} URL = hxxp://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBUTwkzwGbNf1Lchis4Xjylf4aAb52mZkzohosIxYuqQ8rXqRc_Pqjp71f4SudyAmUg0UZKnOHAP7OowVFcOrbMDpEe8tuY_-dqmtGsmbh502bSqFLvmzQnrF9wclFp9pLD9myHYCY14Jnf-JB3yaANu6ZMENop9Y-HJd6t4g,,&q={searchTerms} SearchScopes: HKU\S-1-5-21-2407381306-1223850301-1151369756-1001 -> {ielnksrch} URL = hxxp://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBUTwkzwGbNf1Lchis4Xjylf4aAb52mZkzohosIxYuqQ8rXqRc_Pqjp71f4SudyAmUg0UZKnOHAP7OowVFcOrbMDpEe8tuY_-dqmtGsmbh502bSqFLvmzQnrF9wclFp9pLD9myHYCY14Jnf-JB3yaANu6ZMENop9Y-HJd6t4g,,&q={searchTerms} BHO: CIESpeechBHO Class -> {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} -> C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll [2012-08-10] (Qualcomm Atheros Commnucations) Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll [2015-08-04] (McAfee, Inc.) Handler-x32: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll [2015-08-04] (McAfee, Inc.) Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll [2015-08-04] (McAfee, Inc.) Handler-x32: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll [2015-08-04] (McAfee, Inc.) Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\mcafee\msc\McSnIePl64.dll [2015-07-21] (McAfee, Inc.) Filter-x32: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files (x86)\McAfee\msc\McSnIePl.dll [2015-07-21] (McAfee, Inc.) Hosts: 0.0.0.1 mssplus.mcafee.com Tcpip\Parameters: [DhcpNameServer] 192.168.178.1 Tcpip\..\Interfaces\{B7849172-6A74-4C08-8B3E-2D246B3D9F41}: [DhcpNameServer] 192.168.178.1 FireFox: ======== FF ProfilePath: C:\Users\CM\AppData\Roaming\Mozilla\Firefox\Profiles\dl70p1bv.default FF DefaultSearchEngine: findit FF Homepage: web.de FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_18_0_0_232.dll [2015-08-13] () FF Plugin: @mcafee.com/MSC,version=10 -> c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL [2015-07-21] () FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_232.dll [2015-08-13] () FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-06-06] (Intel Corporation) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-06-06] (Intel Corporation) FF Plugin-x32: @mcafee.com/MSC,version=10 -> c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL [2015-07-21] () FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3508.0205 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2013-02-05] (Microsoft Corporation) FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN) FF SearchPlugin: C:\Users\CM\AppData\Roaming\Mozilla\Firefox\Profiles\dl70p1bv.default\searchplugins\findit.xml [2015-08-11] FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\findit.xml [2015-08-11] FF Extension: McAfee WebAdvisor - C:\Users\CM\AppData\Roaming\Mozilla\Firefox\Profiles\dl70p1bv.default\Extensions\{4ED1F68A-5463-4931-9384-8FFF5ED91D92}.xpi [2015-07-31] FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK FF Extension: McAfee Anti-Spam Thunderbird Extension - C:\Program Files\McAfee\MSK [2012-09-01] Chrome: ======= CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx [2015-08-06] CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx [2015-08-06] ==================== Dienste (Nicht auf der Ausnahmeliste) ======================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) R2 ABBYY.Licensing.FineReader.Corporate.10.0; C:\Program Files (x86)\Common Files\ABBYY\FineReader\10.00\Licensing\CE\NetworkLicenseServer.exe [814344 2009-12-19] (ABBYY) R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [211584 2012-08-10] (Qualcomm Atheros Commnucations) [Datei ist nicht signiert] S3 BthHFSrv; C:\Windows\System32\BthHFSrv.dll [324608 2014-11-21] (Microsoft Corporation) R2 CCDMonitorService; C:\Program Files (x86)\Acer\Acer Cloud\CCDMonitorService.exe [2435728 2012-08-23] (Acer Incorporated) R2 cohci1394; C:\Program Files\Controller\cohc.exe [376832 2015-07-27] () [Datei ist nicht signiert] S3 DeviceFastLaneService; C:\Program Files\Acer\Acer Device Fast-lane\DeviceFastLaneSvc.exe [468624 2012-08-22] (Acer Incorporated) R3 ePowerSvc; C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe [658576 2012-08-22] (Acer Incorporated) R2 ExpressCache; C:\Program Files\Diskeeper Corporation\ExpressCache\ExpressCache.exe [79664 2012-03-30] (Diskeeper Corporation) R2 FFSOpzSvc; C:\Program Files\Acer\Acer Instant Service\Sleep Memory Optimizer\FFSService.exe [161384 2012-03-12] (Acer Incorporated) R2 HomeNetSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [368048 2015-07-21] (McAfee, Inc.) R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [319376 2014-10-01] (Intel Corporation) S3 irstrtsv; C:\Windows\SysWOW64\irstrtsv.exe [193576 2012-07-20] (Intel Corporation) R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [166720 2012-06-25] (Intel Corporation) R2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1871160 2015-06-18] (Malwarebytes Corporation) R2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1133880 2015-06-18] (Malwarebytes Corporation) R2 McAfee SiteAdvisor Service; C:\Program Files (x86)\McAfee\SiteAdvisor\McSACore.exe [155368 2015-08-04] (McAfee, Inc.) R2 McAPExe; C:\Program Files\McAfee\MSC\McAPExe.exe [782608 2015-07-21] (McAfee, Inc.) S3 McAWFwk; C:\Program Files\mcafee\msc\McAWFwk.exe [332080 2012-01-26] (McAfee, Inc.) S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.11.149\McCHSvc.exe [289256 2015-06-26] (McAfee, Inc.) S4 mccspsvc; C:\Program Files\Common Files\McAfee\CSP\1.6.1008.0\McCSPServiceHost.exe [1694152 2015-07-23] (McAfee, Inc.) R2 McMPFSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [368048 2015-07-21] (McAfee, Inc.) R2 McNaiAnn; C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe [368048 2015-07-21] (McAfee, Inc.) S3 McODS; C:\Program Files\mcafee\VirusScan\mcods.exe [639456 2015-07-17] (McAfee, Inc.) S2 McOobeSv; C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe [200728 2012-05-11] (McAfee, Inc.) R2 mcpltsvc; C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe [368048 2015-07-21] (McAfee, Inc.) R2 McProxy; C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe [368048 2015-07-21] (McAfee, Inc.) R3 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [232656 2015-06-29] (McAfee, Inc.) R2 mfemms; C:\Program Files\Common Files\McAfee\SystemCore\\mfemms.exe [373704 2015-07-06] (McAfee, Inc.) R2 mfevtp; C:\windows\system32\mfevtps.exe [254792 2015-06-29] (McAfee, Inc.) R2 MSK80Service; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [368048 2015-07-21] (McAfee, Inc.) R2 NTI IScheduleSvc; C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe [259136 2012-08-23] (NTI Corporation) R2 RfButtonDriverService; C:\Windows\RfBtnSvc64.exe [93296 2012-10-18] (Dritek System INC.) S3 USecuAppSvc; c:\Program Files\Acer\Acer Theft Shield\USecuAppSvc.exe [344720 2012-08-22] (Acer Incorporated) S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366552 2015-07-07] (Microsoft Corporation) S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2015-07-07] (Microsoft Corporation) R2 ZAtheros Wlan Agent; C:\Program Files (x86)\Qualcomm Atheros\Ath_WlanAgent.exe [81536 2012-08-01] (Atheros) [Datei ist nicht signiert] S2 Got; C:\ProgramData\Got\Got [X] R2 Zontone; C:\ProgramData\Zontone\Zontone [X] ===================== Treiber (Nicht auf der Ausnahmeliste) ========================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) S3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [76952 2012-08-10] (Qualcomm Atheros) R3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [226304 2014-11-21] (Microsoft Corporation) R3 cfwids; C:\Windows\System32\drivers\cfwids.sys [77536 2015-07-02] (McAfee, Inc.) S3 dot4; C:\Windows\system32\DRIVERS\Dot4.sys [151968 2012-10-19] (Windows (R) Win 7 DDK provider) S3 Dot4Print; C:\Windows\System32\drivers\Dot4Prt.sys [21928 2015-03-23] (Windows (R) Win 7 DDK provider) R1 excfs; C:\Windows\System32\DRIVERS\excfs.sys [23344 2012-03-30] (Diskeeper Corporation) R0 excsd; C:\Windows\System32\DRIVERS\excsd.sys [95024 2012-03-30] (Diskeeper Corporation) S3 HipShieldK; C:\Windows\System32\drivers\HipShieldK.sys [207208 2015-05-19] (McAfee, Inc.) R3 irstrtdv; C:\Windows\System32\drivers\irstrtdv.sys [43800 2012-07-21] (Intel Corporation) R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25816 2015-06-18] (Malwarebytes Corporation) R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [113880 2015-08-15] (Malwarebytes Corporation) R3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [64216 2015-06-18] (Malwarebytes Corporation) R3 mfeaack; C:\Windows\System32\drivers\mfeaack.sys [412440 2015-07-02] (McAfee, Inc.) R3 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [347800 2015-07-02] (McAfee, Inc.) S0 mfeelamk; C:\Windows\System32\drivers\mfeelamk.sys [80920 2015-07-02] (McAfee, Inc.) R3 mfefirek; C:\Windows\System32\drivers\mfefirek.sys [496888 2015-07-02] (McAfee, Inc.) R0 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [875928 2015-07-02] (McAfee, Inc.) R3 mfencbdc; C:\Windows\System32\DRIVERS\mfencbdc.sys [529080 2015-06-28] (McAfee, Inc.) S3 mfencrk; C:\Windows\System32\DRIVERS\mfencrk.sys [109728 2015-06-28] (McAfee, Inc.) R3 mfesapsn; C:\Program Files (x86)\McAfee\SiteAdvisor\x64\mfesapsn.sys [37960 2015-08-04] (McAfee, Inc.) R0 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [344704 2015-07-02] (McAfee, Inc.) R3 Ps2Kb2Hid; C:\Windows\System32\drivers\aPs2Kb2Hid.sys [26736 2012-10-18] (Dritek System Inc.) ==================== NetSvcs (Nicht auf der Ausnahmeliste) =================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) ==================== Ein Monat: Erstellte Dateien und Ordner ======== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.) 2015-08-15 15:51 - 2015-08-15 15:52 - 00022071 _____ C:\Users\CM\Desktop\FRST.txt 2015-08-15 15:46 - 2015-08-15 15:52 - 00000000 ____D C:\FRST 2015-08-15 15:44 - 2015-08-15 15:45 - 02173952 _____ (Farbar) C:\Users\CM\Desktop\FRST64.exe 2015-08-15 15:44 - 2015-08-15 15:44 - 00000466 _____ C:\Users\CM\Downloads\defogger_disable.log 2015-08-15 15:44 - 2015-08-15 15:44 - 00000000 _____ C:\Users\CM\defogger_reenable 2015-08-15 15:33 - 2015-08-15 15:33 - 00050477 _____ C:\Users\CM\Downloads\Defogger.exe 2015-08-14 10:53 - 2015-08-14 11:06 - 00000000 ____D C:\Users\CM\Documents\Bluetooth Folder 2015-08-14 06:54 - 2015-08-15 14:59 - 00000358 _____ C:\WINDOWS\Tasks\Start Driver Reviver for CHRISTIAN@CM(logon).job 2015-08-14 06:54 - 2015-08-14 10:51 - 00002626 _____ C:\WINDOWS\System32\Tasks\Start Driver Reviver for CHRISTIAN@CM(logon) 2015-08-14 06:54 - 2015-08-14 06:54 - 00001051 _____ C:\Users\Public\Desktop\Driver Reviver.lnk 2015-08-14 06:54 - 2015-08-14 06:54 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ReviverSoft 2015-08-14 06:53 - 2015-08-15 14:59 - 00002722 _____ C:\WINDOWS\System32\Tasks\Start Driver Reviver( SR ) for CHRISTIAN@CM 2015-08-14 06:53 - 2015-08-15 14:59 - 00000342 _____ C:\WINDOWS\Tasks\Start Driver Reviver( SR ) for CHRISTIAN@CM.job 2015-08-14 06:53 - 2015-08-14 06:53 - 04797752 _____ (ReviverSoft LLC) C:\Users\CM\Downloads\DriverReviverSetup_ppc.exe 2015-08-14 06:53 - 2015-08-14 06:53 - 00002610 _____ C:\WINDOWS\System32\Tasks\Start Driver Reviver( SR ) for CHRISTIAN@CM at logon 2015-08-14 06:53 - 2015-08-14 06:53 - 00000000 ____D C:\ProgramData\ReviverSoft 2015-08-14 06:53 - 2015-08-14 06:53 - 00000000 ____D C:\Program Files\ReviverSoft 2015-08-13 08:55 - 2015-08-13 08:55 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Security Scan Plus 2015-08-13 08:55 - 2015-08-13 08:55 - 00000000 ____D C:\Program Files\McAfee Security Scan 2015-08-12 11:27 - 2015-07-30 16:04 - 00124624 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll 2015-08-12 11:27 - 2015-07-30 15:48 - 00103120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll 2015-08-12 11:10 - 2015-08-12 11:10 - 00000000 ____D C:\WINDOWS\PCHEALTH 2015-08-11 23:03 - 2015-08-11 23:03 - 00003480 _____ C:\WINDOWS\System32\Tasks\snp 2015-08-11 23:03 - 2015-08-11 23:03 - 00003118 _____ C:\WINDOWS\System32\Tasks\snf 2015-08-11 23:02 - 2015-08-14 10:50 - 00000000 ____D C:\ProgramData\Zontone 2015-08-11 23:02 - 2015-08-11 23:02 - 03471189 _____ (Dongphase) C:\Program Files\Common Files\a2d0ljkm.exe 2015-08-11 23:02 - 2015-08-11 23:02 - 00000000 ____D C:\ProgramData\Zontones 2015-08-11 23:02 - 2015-07-19 03:58 - 00136904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe 2015-08-11 23:02 - 2015-07-18 20:51 - 03704320 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll 2015-08-11 23:02 - 2015-07-18 20:31 - 00140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuwebv.dll 2015-08-11 23:02 - 2015-07-18 20:31 - 00095744 _____ (Microsoft Corporation) C:\WINDOWS\system32\wudriver.dll 2015-08-11 23:02 - 2015-07-18 20:31 - 00035840 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapp.exe 2015-08-11 23:02 - 2015-07-18 20:29 - 00409088 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUSettingsProvider.dll 2015-08-11 23:02 - 2015-07-18 20:29 - 00124928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuwebv.dll 2015-08-11 23:02 - 2015-07-18 20:29 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapp.exe 2015-08-11 23:02 - 2015-07-18 20:28 - 00081920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wudriver.dll 2015-08-11 23:02 - 2015-07-18 20:12 - 02228736 _____ (Microsoft Corporation) C:\WINDOWS\system32\wucltux.dll 2015-08-11 23:02 - 2015-07-18 20:10 - 00891904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll 2015-08-11 23:02 - 2015-07-18 20:09 - 00721920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll 2015-08-11 23:01 - 2015-07-16 23:14 - 25192448 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll 2015-08-11 23:01 - 2015-07-16 22:36 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll 2015-08-11 23:01 - 2015-07-16 22:36 - 00417792 _____ (Microsoft Corporation) C:\WINDOWS\system32\html.iec 2015-08-11 23:01 - 2015-07-16 22:35 - 02885632 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll 2015-08-11 23:01 - 2015-07-16 22:26 - 05923328 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll 2015-08-11 23:01 - 2015-07-16 22:23 - 00615936 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieui.dll 2015-08-11 23:01 - 2015-07-16 22:21 - 00816640 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll 2015-08-11 23:01 - 2015-07-16 22:20 - 19870208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll 2015-08-11 23:01 - 2015-07-16 21:53 - 00145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll 2015-08-11 23:01 - 2015-07-16 21:51 - 00504320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll 2015-08-11 23:01 - 2015-07-16 21:50 - 00341504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\html.iec 2015-08-11 23:01 - 2015-07-16 21:45 - 02279424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll 2015-08-11 23:01 - 2015-07-16 21:45 - 01032704 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll 2015-08-11 23:01 - 2015-07-16 21:41 - 00479232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieui.dll 2015-08-11 23:01 - 2015-07-16 21:39 - 00664064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll 2015-08-11 23:01 - 2015-07-16 21:38 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll 2015-08-11 23:01 - 2015-07-16 21:36 - 00801280 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll 2015-08-11 23:01 - 2015-07-16 21:34 - 14451200 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll 2015-08-11 23:01 - 2015-07-16 21:32 - 02125824 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl 2015-08-11 23:01 - 2015-07-16 21:14 - 02880000 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll 2015-08-11 23:01 - 2015-07-16 21:13 - 00880128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll 2015-08-11 23:01 - 2015-07-16 21:12 - 04520448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll 2015-08-11 23:01 - 2015-07-16 21:12 - 02427904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll 2015-08-11 23:01 - 2015-07-16 21:10 - 12856832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll 2015-08-11 23:01 - 2015-07-16 21:06 - 00689152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll 2015-08-11 23:01 - 2015-07-16 21:01 - 01545728 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll 2015-08-11 23:01 - 2015-07-16 20:52 - 01048576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll 2015-08-11 23:01 - 2015-07-16 20:49 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll 2015-08-11 23:01 - 2015-07-16 20:42 - 01951232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll 2015-08-11 23:01 - 2015-07-16 20:38 - 01310720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll 2015-08-11 23:01 - 2015-07-16 20:37 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll 2015-08-11 23:01 - 2015-06-09 20:27 - 00411133 _____ C:\WINDOWS\system32\ApnDatabase.xml 2015-08-11 22:58 - 2015-07-29 01:24 - 00025776 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe 2015-08-11 22:58 - 2015-07-28 16:24 - 01148416 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll 2015-08-11 22:58 - 2015-07-28 16:24 - 01116160 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll 2015-08-11 22:58 - 2015-07-28 16:24 - 00774144 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll 2015-08-11 22:58 - 2015-07-28 16:24 - 00743424 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll 2015-08-11 22:58 - 2015-07-28 16:24 - 00437248 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll 2015-08-11 22:58 - 2015-07-28 16:24 - 00069120 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll 2015-08-11 22:58 - 2015-07-16 02:29 - 07458648 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe 2015-08-11 22:58 - 2015-07-16 02:29 - 01735000 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll 2015-08-11 22:58 - 2015-07-16 02:29 - 00101720 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mountmgr.sys 2015-08-11 22:58 - 2015-07-16 02:28 - 01499920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll 2015-08-11 22:58 - 2015-07-14 23:59 - 01113944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys 2015-08-11 22:58 - 2015-07-14 23:59 - 00487256 _____ (Microsoft Corporation) C:\WINDOWS\system32\netcfgx.dll 2015-08-11 22:58 - 2015-07-14 23:59 - 00393560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netcfgx.dll 2015-08-11 22:58 - 2015-07-14 05:22 - 02529880 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll 2015-08-11 22:58 - 2015-07-14 05:21 - 01901776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll 2015-08-11 22:58 - 2015-07-13 21:46 - 00059392 _____ (Microsoft Corporation) C:\WINDOWS\system32\csrsrv.dll 2015-08-11 22:58 - 2015-07-13 21:45 - 00059392 _____ (Microsoft Corporation) C:\WINDOWS\system32\basesrv.dll 2015-08-11 22:58 - 2015-07-10 20:19 - 01101824 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdvidcrl.dll 2015-08-11 22:58 - 2015-07-10 19:54 - 01217024 _____ (Microsoft Corporation) C:\WINDOWS\system32\sysmain.dll 2015-08-11 22:58 - 2015-07-10 19:42 - 02345472 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll 2015-08-11 22:58 - 2015-07-10 19:14 - 00856064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdvidcrl.dll 2015-08-11 22:58 - 2015-07-10 19:13 - 07032320 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll 2015-08-11 22:58 - 2015-07-10 18:47 - 01556992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll 2015-08-11 22:58 - 2015-07-10 18:31 - 06213120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll 2015-08-11 22:58 - 2015-07-09 19:13 - 00221184 _____ (Microsoft Corporation) C:\WINDOWS\system32\notepad.exe 2015-08-11 22:58 - 2015-07-09 19:13 - 00221184 _____ (Microsoft Corporation) C:\WINDOWS\notepad.exe 2015-08-11 22:58 - 2015-07-09 18:30 - 00212992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\notepad.exe 2015-08-11 22:58 - 2015-07-07 11:40 - 00270168 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdFilter.sys 2015-08-11 22:58 - 2015-07-07 11:40 - 00114520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdNisDrv.sys 2015-08-11 22:58 - 2015-07-07 11:40 - 00044560 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdBoot.sys 2015-08-11 22:58 - 2015-07-02 00:19 - 00228864 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebClnt.dll 2015-08-11 22:58 - 2015-07-02 00:16 - 00104448 _____ (Microsoft Corporation) C:\WINDOWS\system32\davclnt.dll 2015-08-11 22:58 - 2015-07-01 23:37 - 00198656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WebClnt.dll 2015-08-11 22:58 - 2015-07-01 23:35 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\davclnt.dll 2015-08-11 22:58 - 2015-06-12 19:03 - 18823680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll 2015-08-11 22:58 - 2015-06-12 18:36 - 15159296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll 2015-08-11 22:58 - 2015-06-11 22:12 - 02476376 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys 2015-08-11 22:58 - 2015-06-11 22:12 - 00428888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS 2015-08-11 22:58 - 2015-05-12 02:24 - 00536920 _____ (Microsoft Corporation) C:\WINDOWS\system32\mcupdate_GenuineIntel.dll 2015-08-11 22:57 - 2015-07-29 16:37 - 01994752 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll 2015-08-11 22:57 - 2015-07-29 16:30 - 01381888 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll 2015-08-11 22:57 - 2015-07-29 16:23 - 01559552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWrite.dll 2015-08-11 22:57 - 2015-07-24 20:57 - 04177408 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys 2015-08-11 22:57 - 2015-07-24 20:57 - 00358912 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll 2015-08-11 22:57 - 2015-07-24 20:52 - 00044032 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll 2015-08-11 22:57 - 2015-07-24 19:27 - 00301568 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll 2015-08-11 22:57 - 2015-07-24 19:23 - 00035840 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll 2015-08-11 22:47 - 2015-08-11 22:47 - 00003156 _____ C:\WINDOWS\System32\Tasks\uxdhnzsu 2015-08-11 22:47 - 2015-08-11 22:47 - 00000000 ____D C:\Program Files\Common Files\fheekncx 2015-08-11 09:42 - 2015-08-11 09:42 - 00000458 _____ C:\Users\CM\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\DVD-RW-Laufwerk (E) ABBYY FINEREADER.lnk 2015-08-11 09:32 - 2015-08-11 09:32 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ABBYY FineReader 10 2015-08-11 09:31 - 2015-08-11 09:40 - 00000000 ____D C:\Program Files (x86)\ABBYY FineReader 10 2015-08-10 21:24 - 2015-08-10 21:24 - 00000000 ____D C:\Users\CM\AppData\Local\GWX 2015-08-10 19:44 - 2015-08-15 14:58 - 00113880 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys 2015-08-10 19:44 - 2015-08-10 19:44 - 00001082 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk 2015-08-10 19:44 - 2015-08-10 19:44 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 2015-08-10 19:44 - 2015-08-10 19:44 - 00000000 ____D C:\ProgramData\Malwarebytes 2015-08-10 19:44 - 2015-08-10 19:44 - 00000000 ____D C:\Program Files (x86)\ Malwarebytes Anti-Malware 2015-08-10 19:44 - 2015-06-18 08:42 - 00064216 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys 2015-08-10 19:44 - 2015-06-18 08:41 - 00109272 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys 2015-08-10 19:44 - 2015-06-18 08:41 - 00025816 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys 2015-08-10 19:32 - 2015-08-10 19:36 - 00000000 ____D C:\AdwCleaner 2015-08-10 19:31 - 2015-08-10 19:32 - 24345872 _____ (Malwarebytes Corporation ) C:\Users\CM\Downloads\mbam-setup-2.1.8.1057.exe 2015-08-10 19:28 - 2015-08-10 19:28 - 02248704 _____ C:\Users\CM\Downloads\adwcleaner_4.208.exe 2015-08-10 19:04 - 2015-08-12 11:10 - 00000000 ____D C:\WINDOWS\system32\appraiser 2015-08-10 18:51 - 2015-08-10 18:51 - 00003174 _____ C:\WINDOWS\System32\Tasks\{9E330F1F-59C2-4E91-BCB5-6CB5C80C79A1} 2015-08-10 14:06 - 2015-08-10 14:06 - 00064326 _____ C:\Users\CM\Downloads\Reiseplan_ELLEN_GRAEBENER_YKJ2IJ(1) 2015-08-10 14:04 - 2015-08-10 14:08 - 00064326 _____ C:\Users\CM\Downloads\Reiseplan_ELLEN_GRAEBENER_YKJ2IJ 2015-08-06 17:56 - 2015-08-06 17:56 - 00015973 _____ C:\WINDOWS\system32\ScanResults.xml 2015-08-06 17:50 - 2015-08-06 17:50 - 00000464 _____ C:\WINDOWS\system32\ScannerSettings 2015-08-05 20:21 - 2015-05-25 15:23 - 00036864 _____ (Microsoft Corporation) C:\WINDOWS\system32\UtcResources.dll 2015-08-05 20:21 - 2015-05-25 15:07 - 01430528 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll 2015-08-05 20:18 - 2014-06-10 00:13 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TsWpfWrp.exe 2015-08-05 20:18 - 2014-06-10 00:13 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe 2015-08-05 20:16 - 2014-07-24 05:20 - 00875688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcr120_clr0400.dll 2015-08-05 20:16 - 2014-07-24 05:20 - 00869544 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvcr120_clr0400.dll 2015-08-05 20:14 - 2015-06-27 01:21 - 00227328 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepdu.dll 2015-08-05 20:14 - 2015-05-21 15:08 - 00193536 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll 2015-08-05 20:14 - 2015-01-19 20:42 - 01487976 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll 2015-08-05 20:11 - 2015-05-12 15:19 - 00294912 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemEventsBrokerServer.dll 2015-08-05 14:13 - 2015-08-05 15:48 - 00000000 ____D C:\Users\CM\AppData\Roaming\Spotify 2015-08-05 14:13 - 2015-08-05 14:13 - 00000000 ____D C:\Users\CM\AppData\Local\Spotify 2015-08-05 05:30 - 2015-08-05 05:30 - 00000000 ____D C:\Users\CM\AppData\Local\BMExplorer 2015-08-05 05:28 - 2015-08-05 05:28 - 00000144 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat 2015-08-04 13:15 - 2015-08-14 11:19 - 00000000 ____D C:\Users\CM\AppData\Local\Deployment 2015-08-04 12:44 - 2015-08-15 15:31 - 00000000 __RDO C:\Users\CM\OneDrive (2) 2015-08-04 12:43 - 2015-08-04 12:43 - 00002259 _____ C:\WINDOWS\epplauncher.mif 2015-08-04 12:40 - 2015-08-04 12:41 - 14262464 _____ (Microsoft Corporation) C:\Users\CM\Downloads\mseinstall.exe 2015-08-04 12:40 - 2015-08-04 12:41 - 14262464 _____ (Microsoft Corporation) C:\Users\CM\Downloads\mseinstall(1).exe 2015-08-04 12:34 - 2015-08-04 12:34 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_LocationProvider_01_11_00.Wdf 2015-08-04 11:23 - 2015-08-04 11:23 - 00000451 _____ C:\WINDOWS\system32\{F33C3B9B-72AF-418A-B3FD-560646F7CDA2}.bat 2015-08-04 11:23 - 2015-08-04 11:23 - 00000020 ___SH C:\Users\CM\ntuser.ini 2015-08-04 01:11 - 2015-08-13 14:50 - 00000000 ___DC C:\WINDOWS\Panther 2015-08-04 01:10 - 2015-08-06 14:01 - 00000000 ____D C:\Windows.old 2015-08-04 01:07 - 2015-08-04 01:07 - 04837376 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncEngine.dll 2015-08-04 01:07 - 2015-08-04 01:07 - 02819584 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers.dll 2015-08-04 01:07 - 2015-08-04 01:07 - 01574400 _____ (Microsoft Corporation) C:\WINDOWS\system32\vssapi.dll 2015-08-04 01:07 - 2015-08-04 01:07 - 01454080 _____ (Microsoft Corporation) C:\WINDOWS\system32\VSSVC.exe 2015-08-04 01:07 - 2015-08-04 01:07 - 01154048 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDrive.exe 2015-08-04 01:07 - 2015-08-04 01:07 - 01142272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vssapi.dll 2015-08-04 01:07 - 2015-08-04 01:07 - 01084416 _____ (Microsoft Corporation) C:\WINDOWS\system32\IKEEXT.DLL 2015-08-04 01:07 - 2015-08-04 01:07 - 01027584 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll 2015-08-04 01:07 - 2015-08-04 01:07 - 00962216 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll 2015-08-04 01:07 - 2015-08-04 01:07 - 00952896 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll 2015-08-04 01:07 - 2015-08-04 01:07 - 00885760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll 2015-08-04 01:07 - 2015-08-04 01:07 - 00845312 _____ (Microsoft Corporation) C:\WINDOWS\system32\BFE.DLL 2015-08-04 01:07 - 2015-08-04 01:07 - 00827392 _____ (Microsoft Corporation) C:\WINDOWS\system32\spoolsv.exe 2015-08-04 01:07 - 2015-08-04 01:07 - 00801584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll 2015-08-04 01:07 - 2015-08-04 01:07 - 00786120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll 2015-08-04 01:07 - 2015-08-04 01:07 - 00733696 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDriveTelemetry.dll 2015-08-04 01:07 - 2015-08-04 01:07 - 00713216 _____ (Microsoft Corporation) C:\WINDOWS\system32\nshwfp.dll 2015-08-04 01:07 - 2015-08-04 01:07 - 00702464 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasapi32.dll 2015-08-04 01:07 - 2015-08-04 01:07 - 00658432 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSDApi.dll 2015-08-04 01:07 - 2015-08-04 01:07 - 00657920 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsapi.dll 2015-08-04 01:07 - 2015-08-04 01:07 - 00624640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasapi32.dll 2015-08-04 01:07 - 2015-08-04 01:07 - 00561664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\nshwfp.dll 2015-08-04 01:07 - 2015-08-04 01:07 - 00558080 _____ (Microsoft Corporation) C:\WINDOWS\system32\untfs.dll 2015-08-04 01:07 - 2015-08-04 01:07 - 00555520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSDApi.dll 2015-08-04 01:07 - 2015-08-04 01:07 - 00551232 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vhdmp.sys 2015-08-04 01:07 - 2015-08-04 01:07 - 00514048 _____ (Microsoft Corporation) C:\WINDOWS\system32\DevicePairing.dll 2015-08-04 01:07 - 2015-08-04 01:07 - 00507392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\untfs.dll 2015-08-04 01:07 - 2015-08-04 01:07 - 00498688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dnsapi.dll 2015-08-04 01:07 - 2015-08-04 01:07 - 00473408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netio.sys 2015-08-04 01:07 - 2015-08-04 01:07 - 00465408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DevicePairing.dll 2015-08-04 01:07 - 2015-08-04 01:07 - 00422400 _____ (Microsoft Corporation) C:\WINDOWS\system32\FWPUCLNT.DLL 2015-08-04 01:07 - 2015-08-04 01:07 - 00420864 _____ (Microsoft Corporation) C:\WINDOWS\system32\vpnike.dll 2015-08-04 01:07 - 2015-08-04 01:07 - 00332800 _____ (Microsoft Corporation) C:\WINDOWS\system32\fhcpl.dll 2015-08-04 01:07 - 2015-08-04 01:07 - 00309760 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSDMon.dll 2015-08-04 01:07 - 2015-08-04 01:07 - 00272384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FWPUCLNT.DLL 2015-08-04 01:07 - 2015-08-04 01:07 - 00252416 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsrslvr.dll 2015-08-04 01:07 - 2015-08-04 01:07 - 00242176 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinSCard.dll 2015-08-04 01:07 - 2015-08-04 01:07 - 00211968 _____ (Microsoft Corporation) C:\WINDOWS\system32\QSHVHOST.DLL 2015-08-04 01:07 - 2015-08-04 01:07 - 00182784 _____ (Microsoft Corporation) C:\WINDOWS\system32\rascfg.dll 2015-08-04 01:07 - 2015-08-04 01:07 - 00169984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinSCard.dll 2015-08-04 01:07 - 2015-08-04 01:07 - 00166912 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll 2015-08-04 01:07 - 2015-08-04 01:07 - 00162304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rascfg.dll 2015-08-04 01:07 - 2015-08-04 01:07 - 00155648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\QSHVHOST.DLL 2015-08-04 01:07 - 2015-08-04 01:07 - 00143360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxAllUserStore.dll 2015-08-04 01:07 - 2015-08-04 01:07 - 00136512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wfplwfs.sys 2015-08-04 01:07 - 2015-08-04 01:07 - 00128512 _____ (Microsoft Corporation) C:\WINDOWS\splwow64.exe 2015-08-04 01:07 - 2015-08-04 01:07 - 00128000 _____ (Microsoft Corporation) C:\WINDOWS\system32\QSVRMGMT.DLL 2015-08-04 01:07 - 2015-08-04 01:07 - 00112640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rasl2tp.sys 2015-08-04 01:07 - 2015-08-04 01:07 - 00096768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\agilevpn.sys 2015-08-04 01:07 - 2015-08-04 01:07 - 00094208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\QSVRMGMT.DLL 2015-08-04 01:07 - 2015-08-04 01:07 - 00086336 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pdc.sys 2015-08-04 01:07 - 2015-08-04 01:07 - 00080896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wanarp.sys 2015-08-04 01:07 - 2015-08-04 01:07 - 00077824 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasdiag.dll 2015-08-04 01:07 - 2015-08-04 01:07 - 00074752 _____ (Microsoft Corporation) C:\WINDOWS\system32\vsstrace.dll 2015-08-04 01:07 - 2015-08-04 01:07 - 00072192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndproxy.sys 2015-08-04 01:07 - 2015-08-04 01:07 - 00061440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasdiag.dll 2015-08-04 01:07 - 2015-08-04 01:07 - 00058176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dam.sys 2015-08-04 01:07 - 2015-08-04 01:07 - 00055296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vsstrace.dll 2015-08-04 01:07 - 2015-08-04 01:07 - 00048128 _____ (Microsoft Corporation) C:\WINDOWS\system32\kmddsp.tsp 2015-08-04 01:07 - 2015-08-04 01:07 - 00043008 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasmxs.dll 2015-08-04 01:07 - 2015-08-04 01:07 - 00039744 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\intelpep.sys 2015-08-04 01:07 - 2015-08-04 01:07 - 00039424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kmddsp.tsp 2015-08-04 01:07 - 2015-08-04 01:07 - 00033280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasmxs.dll 2015-08-04 01:07 - 2015-08-04 01:07 - 00030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasser.dll 2015-08-04 01:07 - 2015-08-04 01:07 - 00024576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndistapi.sys 2015-08-04 01:07 - 2015-08-04 01:07 - 00022528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasser.dll 2015-08-04 01:07 - 2015-08-04 01:07 - 00016896 _____ (Microsoft Corporation) C:\WINDOWS\system32\eventcls.dll 2015-08-04 01:07 - 2015-08-04 01:07 - 00015360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eventcls.dll 2015-08-04 01:05 - 2015-08-15 15:50 - 01100757 _____ C:\WINDOWS\WindowsUpdate.log 2015-08-04 01:05 - 2015-08-04 01:05 - 04417536 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbgeng.dll 2015-08-04 01:05 - 2015-08-04 01:05 - 02985984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbgeng.dll 2015-08-04 01:05 - 2015-08-04 01:05 - 01491456 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbghelp.dll 2015-08-04 01:05 - 2015-08-04 01:05 - 01207296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbghelp.dll 2015-08-04 01:05 - 2015-08-04 01:05 - 00000000 _SHDL C:\Users\Default\Vorlagen 2015-08-04 01:05 - 2015-08-04 01:05 - 00000000 _SHDL C:\Users\Default\Startmenü 2015-08-04 01:05 - 2015-08-04 01:05 - 00000000 _SHDL C:\Users\Default\Netzwerkumgebung 2015-08-04 01:05 - 2015-08-04 01:05 - 00000000 _SHDL C:\Users\Default\Lokale Einstellungen 2015-08-04 01:05 - 2015-08-04 01:05 - 00000000 _SHDL C:\Users\Default\Eigene Dateien 2015-08-04 01:05 - 2015-08-04 01:05 - 00000000 _SHDL C:\Users\Default\Druckumgebung 2015-08-04 01:05 - 2015-08-04 01:05 - 00000000 _SHDL C:\Users\Default\Documents\Eigene Musik 2015-08-04 01:05 - 2015-08-04 01:05 - 00000000 _SHDL C:\Users\Default\Documents\Eigene Bilder 2015-08-04 01:05 - 2015-08-04 01:05 - 00000000 _SHDL C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programme 2015-08-04 01:05 - 2015-08-04 01:05 - 00000000 _SHDL C:\Users\Default\AppData\Local\Verlauf 2015-08-04 01:05 - 2015-08-04 01:05 - 00000000 _SHDL C:\Users\Default\AppData\Local\Anwendungsdaten 2015-08-04 01:05 - 2015-08-04 01:05 - 00000000 _SHDL C:\Users\Default\Anwendungsdaten 2015-08-04 01:05 - 2015-08-04 01:05 - 00000000 _SHDL C:\Users\Default User\Documents\Eigene Musik 2015-08-04 01:05 - 2015-08-04 01:05 - 00000000 _SHDL C:\Users\Default User\Documents\Eigene Bilder 2015-08-04 01:05 - 2015-08-04 01:05 - 00000000 _SHDL C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programme 2015-08-04 01:05 - 2015-08-04 01:05 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Verlauf 2015-08-04 01:05 - 2015-08-04 01:05 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Anwendungsdaten 2015-08-04 01:04 - 2015-08-04 01:04 - 00445440 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhotoMetadataHandler.dll 2015-08-04 01:04 - 2015-08-04 01:04 - 00364544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PhotoMetadataHandler.dll 2015-08-04 01:04 - 2015-08-04 01:04 - 00316416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\udfs.sys 2015-08-04 01:04 - 2015-08-04 01:04 - 00275968 _____ (Microsoft Corporation) C:\WINDOWS\system32\authz.dll 2015-08-04 01:04 - 2015-08-04 01:04 - 00180224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authz.dll 2015-08-04 01:03 - 2015-08-04 01:03 - 01090048 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmCoreR.dll 2015-08-04 01:03 - 2015-08-04 01:03 - 00791040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MrmCoreR.dll 2015-08-04 01:02 - 2015-08-04 01:02 - 02052608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl 2015-08-04 01:02 - 2015-08-04 01:02 - 00327168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll 2015-08-04 01:02 - 2015-08-04 01:02 - 00316928 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll 2015-08-04 01:02 - 2015-08-04 01:02 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll 2015-08-04 01:02 - 2015-08-04 01:02 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webcheck.dll 2015-08-04 01:02 - 2015-08-04 01:02 - 00199680 _____ (Microsoft Corporation) C:\WINDOWS\system32\msrating.dll 2015-08-04 01:02 - 2015-08-04 01:02 - 00168960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrating.dll 2015-08-04 01:02 - 2015-08-04 01:02 - 00128000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iepeers.dll 2015-08-04 01:02 - 2015-08-04 01:02 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll 2015-08-04 01:02 - 2015-08-04 01:02 - 00088064 _____ (Microsoft Corporation) C:\WINDOWS\system32\MshtmlDac.dll 2015-08-04 01:02 - 2015-08-04 01:02 - 00087552 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdc.ocx 2015-08-04 01:02 - 2015-08-04 01:02 - 00076288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll 2015-08-04 01:02 - 2015-08-04 01:02 - 00073216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdc.ocx 2015-08-04 01:02 - 2015-08-04 01:02 - 00064000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MshtmlDac.dll 2015-08-04 01:02 - 2015-08-04 01:02 - 00022960 _____ C:\WINDOWS\system32\emptyregdb.dat 2015-08-04 01:01 - 2015-08-04 01:01 - 03607552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll 2015-08-04 01:01 - 2015-08-04 01:01 - 03320320 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll 2015-08-04 01:01 - 2015-08-04 01:01 - 02774528 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll 2015-08-04 01:01 - 2015-08-04 01:01 - 02460160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll 2015-08-04 01:01 - 2015-08-04 01:01 - 02171904 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlowUI.dll 2015-08-04 01:01 - 2015-08-04 01:01 - 00672984 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAgent.exe 2015-08-04 01:01 - 2015-08-04 01:01 - 00463872 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.Handlers.dll 2015-08-04 01:01 - 2015-08-04 01:01 - 00273240 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlows.exe 2015-08-04 01:01 - 2015-08-04 01:01 - 00116736 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsDatabase.dll 2015-08-04 01:01 - 2015-08-04 01:01 - 00065024 _____ (Microsoft Corporation) C:\WINDOWS\system32\msiexec.exe 2015-08-04 01:01 - 2015-08-04 01:01 - 00059904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msiexec.exe 2015-08-04 01:00 - 2015-08-04 01:00 - 00814080 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll 2015-08-04 01:00 - 2015-08-04 01:00 - 00620032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll 2015-08-04 01:00 - 2015-08-04 01:00 - 00374272 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll 2015-08-04 00:59 - 2015-08-04 00:59 - 01763352 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll 2015-08-04 00:59 - 2015-08-04 00:59 - 01488040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecs.dll 2015-08-04 00:59 - 2015-08-04 00:59 - 01249280 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAutomationCore.dll 2015-08-04 00:59 - 2015-08-04 00:59 - 01018880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIAutomationCore.dll 2015-08-04 00:59 - 2015-08-04 00:59 - 00788680 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll 2015-08-04 00:59 - 2015-08-04 00:59 - 00602776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll 2015-08-04 00:59 - 2015-08-04 00:59 - 00108544 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\i8042prt.sys 2015-08-04 00:59 - 2015-08-04 00:59 - 00059712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\kbdclass.sys 2015-08-04 00:59 - 2015-08-04 00:59 - 00051008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mouclass.sys 2015-08-04 00:59 - 2015-08-04 00:59 - 00032256 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\kbdhid.sys 2015-08-04 00:59 - 2015-08-04 00:59 - 00030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mouhid.sys 2015-08-04 00:59 - 2015-08-04 00:59 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sermouse.sys 2015-08-04 00:58 - 2015-08-04 00:58 - 00186368 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpapisrv.dll 2015-08-04 00:58 - 2015-08-04 00:58 - 00130048 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiFiDisplay.dll 2015-08-04 00:56 - 2015-08-04 00:56 - 00971776 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSShared.dll 2015-08-04 00:56 - 2015-08-04 00:56 - 00811008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSShared.dll 2015-08-04 00:56 - 2015-08-04 00:56 - 00513480 _____ C:\WINDOWS\SysWOW64\locale.nls 2015-08-04 00:56 - 2015-08-04 00:56 - 00513480 _____ C:\WINDOWS\system32\locale.nls 2015-08-04 00:56 - 2015-08-04 00:56 - 00429568 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll 2015-08-04 00:56 - 2015-08-04 00:56 - 00391680 _____ (Microsoft Corporation) C:\WINDOWS\system32\nlasvc.dll 2015-08-04 00:56 - 2015-08-04 00:56 - 00360448 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncsi.dll 2015-08-04 00:56 - 2015-08-04 00:56 - 00358912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll 2015-08-04 00:56 - 2015-08-04 00:56 - 00274944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll 2015-08-04 00:56 - 2015-08-04 00:56 - 00210944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll 2015-08-04 00:56 - 2015-08-04 00:56 - 00057856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthhfenum.sys 2015-08-04 00:56 - 2015-08-04 00:56 - 00046456 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockScreenContentServer.exe 2015-08-04 00:55 - 2015-08-04 00:55 - 03547648 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll 2015-08-04 00:55 - 2015-08-04 00:55 - 01970432 _____ (Microsoft Corporation) C:\WINDOWS\system32\crypt32.dll 2015-08-04 00:55 - 2015-08-04 00:55 - 01612992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\crypt32.dll 2015-08-04 00:55 - 2015-08-04 00:55 - 01091072 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll 2015-08-04 00:55 - 2015-08-04 00:55 - 00864256 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32spl.dll 2015-08-04 00:55 - 2015-08-04 00:55 - 00477184 _____ (Microsoft Corporation) C:\WINDOWS\system32\puiobj.dll 2015-08-04 00:55 - 2015-08-04 00:55 - 00367104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\puiobj.dll 2015-08-04 00:55 - 2015-08-04 00:55 - 00346112 _____ (Microsoft Corporation) C:\WINDOWS\system32\eappcfg.dll 2015-08-04 00:55 - 2015-08-04 00:55 - 00339456 _____ (Microsoft Corporation) C:\WINDOWS\system32\eapphost.dll 2015-08-04 00:55 - 2015-08-04 00:55 - 00331776 _____ (Microsoft Corporation) C:\WINDOWS\system32\eapp3hst.dll 2015-08-04 00:55 - 2015-08-04 00:55 - 00309760 _____ (Microsoft Corporation) C:\WINDOWS\system32\compstui.dll 2015-08-04 00:55 - 2015-08-04 00:55 - 00278016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eappcfg.dll 2015-08-04 00:55 - 2015-08-04 00:55 - 00266752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eapphost.dll 2015-08-04 00:55 - 2015-08-04 00:55 - 00250880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eapp3hst.dll 2015-08-04 00:55 - 2015-08-04 00:55 - 00131584 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll 2015-08-04 00:55 - 2015-08-04 00:55 - 00102912 _____ (Microsoft Corporation) C:\WINDOWS\system32\eappgnui.dll 2015-08-04 00:55 - 2015-08-04 00:55 - 00091648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eappgnui.dll 2015-08-04 00:55 - 2015-08-04 00:55 - 00014848 _____ (Microsoft Corporation) C:\WINDOWS\system32\winshfhc.dll 2015-08-04 00:55 - 2015-08-04 00:55 - 00012800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winshfhc.dll 2015-08-04 00:54 - 2015-08-10 19:09 - 00000000 ___SD C:\WINDOWS\system32\GWX 2015-08-04 00:54 - 2015-08-10 19:04 - 00000000 ___SD C:\WINDOWS\SysWOW64\GWX 2015-08-04 00:54 - 2015-08-04 00:54 - 01661576 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll 2015-08-04 00:54 - 2015-08-04 00:54 - 01212248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll 2015-08-04 00:54 - 2015-08-04 00:54 - 00950784 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdh.dll 2015-08-04 00:54 - 2015-08-04 00:54 - 00749568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdh.dll 2015-08-04 00:54 - 2015-08-04 00:54 - 00653824 _____ (Microsoft Corporation) C:\WINDOWS\system32\comctl32.dll 2015-08-04 00:54 - 2015-08-04 00:54 - 00549888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comctl32.dll 2015-08-04 00:54 - 2015-08-04 00:54 - 00411648 _____ (Microsoft Corporation) C:\WINDOWS\system32\tracerpt.exe 2015-08-04 00:54 - 2015-08-04 00:54 - 00402432 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMPhoto.dll 2015-08-04 00:54 - 2015-08-04 00:54 - 00377152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys 2015-08-04 00:54 - 2015-08-04 00:54 - 00369152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tracerpt.exe 2015-08-04 00:54 - 2015-08-04 00:54 - 00360480 _____ (Microsoft Corporation) C:\WINDOWS\system32\sechost.dll 2015-08-04 00:54 - 2015-08-04 00:54 - 00357376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMPhoto.dll 2015-08-04 00:54 - 2015-08-04 00:54 - 00285184 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64.dll 2015-08-04 00:54 - 2015-08-04 00:54 - 00257216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sechost.dll 2015-08-04 00:54 - 2015-08-04 00:54 - 00246272 _____ (Microsoft Corporation) C:\WINDOWS\system32\microsoft-windows-system-events.dll 2015-08-04 00:54 - 2015-08-04 00:54 - 00075264 _____ (Microsoft Corporation) C:\WINDOWS\system32\clfsw32.dll 2015-08-04 00:54 - 2015-08-04 00:54 - 00058880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\clfsw32.dll 2015-08-04 00:54 - 2015-08-04 00:54 - 00020992 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usb8023.sys 2015-08-04 00:54 - 2015-08-04 00:54 - 00013312 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64cpu.dll 2015-08-04 00:53 - 2015-08-04 00:53 - 01385256 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll 2015-08-04 00:53 - 2015-08-04 00:53 - 01124352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll 2015-08-04 00:53 - 2015-08-04 00:53 - 00239424 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys 2015-08-04 00:53 - 2015-08-04 00:53 - 00154432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsd.sys 2015-08-04 00:53 - 2015-08-04 00:53 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSWbPrxy.exe 2015-08-04 00:53 - 2015-08-04 00:53 - 00080384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ahcache.sys 2015-08-04 00:52 - 2015-08-04 00:52 - 04298240 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_47.dll 2015-08-04 00:52 - 2015-08-04 00:52 - 03551744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_47.dll 2015-08-04 00:52 - 2015-08-04 00:52 - 02067968 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpdshext.dll 2015-08-04 00:52 - 2015-08-04 00:52 - 01969664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wpdshext.dll 2015-08-04 00:52 - 2015-08-04 00:52 - 01488896 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfc42u.dll 2015-08-04 00:52 - 2015-08-04 00:52 - 01464832 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfc42.dll 2015-08-04 00:52 - 2015-08-04 00:52 - 01380600 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll 2015-08-04 00:52 - 2015-08-04 00:52 - 01230336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfc42u.dll 2015-08-04 00:52 - 2015-08-04 00:52 - 01204224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfc42.dll 2015-08-04 00:52 - 2015-08-04 00:52 - 01201664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys 2015-08-04 00:52 - 2015-08-04 00:52 - 01097216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32.dll 2015-08-04 00:52 - 2015-08-04 00:52 - 00167424 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rfcomm.sys 2015-08-04 00:52 - 2015-08-04 00:52 - 00097792 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidbth.sys 2015-08-04 00:51 - 2015-08-04 00:51 - 01696256 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtsvc.dll 2015-08-04 00:51 - 2015-08-04 00:51 - 00780800 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsm.dll 2015-08-04 00:51 - 2015-08-04 00:51 - 00564224 _____ (Microsoft Corporation) C:\WINDOWS\system32\apphelp.dll 2015-08-04 00:51 - 2015-08-04 00:51 - 00325464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBXHCI.SYS 2015-08-04 00:51 - 2015-08-04 00:51 - 00227328 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvc.dll 2015-08-04 00:51 - 2015-08-04 00:51 - 00203264 _____ (Microsoft Corporation) C:\WINDOWS\system32\ubpm.dll 2015-08-04 00:51 - 2015-08-04 00:51 - 00158720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rgb9rast.dll 2015-08-04 00:50 - 2015-08-04 00:50 - 01441792 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll 2015-08-04 00:50 - 2015-08-04 00:50 - 01311960 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcrt4.dll 2015-08-04 00:50 - 2015-08-04 00:50 - 00989184 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll 2015-08-04 00:50 - 2015-08-04 00:50 - 00802816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll 2015-08-04 00:50 - 2015-08-04 00:50 - 00747520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpcrt4.dll 2015-08-04 00:50 - 2015-08-04 00:50 - 00561928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys 2015-08-04 00:50 - 2015-08-04 00:50 - 00445440 _____ (Microsoft Corporation) C:\WINDOWS\system32\certcli.dll 2015-08-04 00:50 - 2015-08-04 00:50 - 00442712 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll 2015-08-04 00:50 - 2015-08-04 00:50 - 00401408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys 2015-08-04 00:50 - 2015-08-04 00:50 - 00359936 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinSetupUI.dll 2015-08-04 00:50 - 2015-08-04 00:50 - 00332120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll 2015-08-04 00:50 - 2015-08-04 00:50 - 00324096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certcli.dll 2015-08-04 00:50 - 2015-08-04 00:50 - 00284672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb10.sys 2015-08-04 00:50 - 2015-08-04 00:50 - 00202240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys 2015-08-04 00:50 - 2015-08-04 00:50 - 00178008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys 2015-08-04 00:50 - 2015-08-04 00:50 - 00075264 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorageContextHandler.dll 2015-08-04 00:50 - 2015-08-04 00:50 - 00066048 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups.dll 2015-08-04 00:50 - 2015-08-04 00:50 - 00060928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StorageContextHandler.dll 2015-08-04 00:50 - 2015-08-04 00:50 - 00052224 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups2.dll 2015-08-04 00:50 - 2015-08-04 00:50 - 00034304 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceSetupStatusProvider.dll 2015-08-04 00:50 - 2015-08-04 00:50 - 00028672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DeviceSetupStatusProvider.dll 2015-08-04 00:50 - 2015-08-04 00:50 - 00027136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wups.dll 2015-08-04 00:49 - 2015-08-04 00:49 - 22292672 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll 2015-08-04 00:49 - 2015-08-04 00:49 - 19734960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll 2015-08-04 00:49 - 2015-08-04 00:49 - 07784448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll 2015-08-04 00:49 - 2015-08-04 00:49 - 05264384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll 2015-08-04 00:49 - 2015-08-04 00:49 - 03109376 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExplorerFrame.dll 2015-08-04 00:49 - 2015-08-04 00:49 - 02706432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExplorerFrame.dll 2015-08-04 00:49 - 2015-08-04 00:49 - 02162176 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRH.dll 2015-08-04 00:49 - 2015-08-04 00:49 - 01812992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRH.dll 2015-08-04 00:49 - 2015-08-04 00:49 - 00933888 _____ (Microsoft Corporation) C:\WINDOWS\system32\calc.exe 2015-08-04 00:49 - 2015-08-04 00:49 - 00816128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\calc.exe 2015-08-04 00:49 - 2015-08-04 00:49 - 00410128 _____ (Microsoft Corporation) C:\WINDOWS\system32\services.exe 2015-08-04 00:49 - 2015-08-04 00:49 - 00172544 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Input.Inking.dll 2015-08-04 00:49 - 2015-08-04 00:49 - 00141824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Input.Inking.dll 2015-08-04 00:48 - 2015-08-04 00:48 - 00723072 _____ (Microsoft Corporation) C:\WINDOWS\system32\SHCore.dll 2015-08-04 00:48 - 2015-08-04 00:48 - 00560392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SHCore.dll 2015-08-04 00:48 - 2015-08-04 00:48 - 00259072 _____ (Microsoft Corporation) C:\WINDOWS\system32\pku2u.dll 2015-08-04 00:48 - 2015-08-04 00:48 - 00208896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\pku2u.dll 2015-08-04 00:48 - 2015-08-04 00:48 - 00200192 _____ (Microsoft Corporation) C:\WINDOWS\system32\storewuauth.dll 2015-08-04 00:48 - 2015-08-04 00:48 - 00140800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxdav.sys 2015-08-04 00:48 - 2015-08-04 00:48 - 00017408 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaext.dll 2015-08-04 00:48 - 2015-08-04 00:48 - 00015360 _____ (Microsoft Corporation) C:\WINDOWS\system32\wu.upgrade.ps.dll 2015-08-04 00:46 - 2015-08-04 00:46 - 03633664 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll 2015-08-04 00:46 - 2015-08-04 00:46 - 02749952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll 2015-08-04 00:46 - 2015-08-04 00:46 - 02551808 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll 2015-08-04 00:46 - 2015-08-04 00:46 - 02256896 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll 2015-08-04 00:46 - 2015-08-04 00:46 - 01943040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll 2015-08-04 00:46 - 2015-08-04 00:46 - 01920000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssrch.dll 2015-08-04 00:46 - 2015-08-04 00:46 - 00903168 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchIndexer.exe 2015-08-04 00:46 - 2015-08-04 00:46 - 00774144 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssvp.dll 2015-08-04 00:46 - 2015-08-04 00:46 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchIndexer.exe 2015-08-04 00:46 - 2015-08-04 00:46 - 00699392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssvp.dll 2015-08-04 00:46 - 2015-08-04 00:46 - 00538624 _____ (Microsoft Corporation) C:\WINDOWS\system32\scesrv.dll 2015-08-04 00:46 - 2015-08-04 00:46 - 00468480 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssph.dll 2015-08-04 00:46 - 2015-08-04 00:46 - 00467776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS 2015-08-04 00:46 - 2015-08-04 00:46 - 00393728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\scesrv.dll 2015-08-04 00:46 - 2015-08-04 00:46 - 00391680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssph.dll 2015-08-04 00:46 - 2015-08-04 00:46 - 00337408 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchProtocolHost.exe 2015-08-04 00:46 - 2015-08-04 00:46 - 00272896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchProtocolHost.exe 2015-08-04 00:46 - 2015-08-04 00:46 - 00248832 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssphtb.dll 2015-08-04 00:46 - 2015-08-04 00:46 - 00035840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\atlthunk.dll 2015-08-04 00:44 - 2015-08-04 00:44 - 02501368 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe 2015-08-04 00:44 - 2015-08-04 00:44 - 02207488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe 2015-08-04 00:44 - 2015-08-04 00:44 - 00991552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\http.sys 2015-08-04 00:44 - 2015-08-04 00:44 - 00522240 _____ (Microsoft Corporation) C:\WINDOWS\system32\GeofenceMonitorService.dll 2015-08-04 00:44 - 2015-08-04 00:44 - 00367104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GeofenceMonitorService.dll 2015-08-04 00:44 - 2015-08-04 00:44 - 00222208 _____ (Microsoft Corporation) C:\WINDOWS\system32\rastapi.dll 2015-08-04 00:44 - 2015-08-04 00:44 - 00207872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rastapi.dll 2015-08-04 00:44 - 2015-08-04 00:44 - 00146432 _____ (Microsoft Corporation) C:\WINDOWS\system32\poqexec.exe 2015-08-04 00:44 - 2015-08-04 00:44 - 00129536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\poqexec.exe 2015-08-04 00:43 - 2015-08-04 00:43 - 00720384 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe 2015-08-04 00:43 - 2015-08-04 00:43 - 00490496 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtmsft.dll 2015-08-04 00:43 - 2015-08-04 00:43 - 00418304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtmsft.dll 2015-08-04 00:43 - 2015-08-04 00:43 - 00107520 _____ (Microsoft Corporation) C:\WINDOWS\system32\inseng.dll 2015-08-04 00:42 - 2015-08-04 00:42 - 03084288 _____ (Microsoft Corporation) C:\WINDOWS\system32\msftedit.dll 2015-08-04 00:42 - 2015-08-04 00:42 - 02471424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msftedit.dll 2015-08-04 00:42 - 2015-08-04 00:42 - 00347136 _____ (Microsoft Corporation) C:\WINDOWS\system32\photowiz.dll 2015-08-04 00:42 - 2015-08-04 00:42 - 00290816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\photowiz.dll 2015-08-04 00:41 - 2015-08-04 00:41 - 00911360 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll 2015-08-04 00:41 - 2015-08-04 00:41 - 00535640 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll 2015-08-04 00:41 - 2015-08-04 00:41 - 00531616 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll 2015-08-04 00:41 - 2015-08-04 00:41 - 00448792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll 2015-08-04 00:41 - 2015-08-04 00:41 - 00413248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Faultrep.dll 2015-08-04 00:41 - 2015-08-04 00:41 - 00372408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Faultrep.dll 2015-08-04 00:41 - 2015-08-04 00:41 - 00262144 _____ C:\WINDOWS\system32\config\userdiff 2015-08-04 00:41 - 2015-08-04 00:41 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll 2015-08-04 00:41 - 2015-08-04 00:41 - 00108944 _____ (Microsoft Corporation) C:\WINDOWS\system32\EncDump.dll 2015-08-04 00:41 - 2015-08-04 00:41 - 00038264 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFaultSecure.exe 2015-08-04 00:41 - 2015-08-04 00:41 - 00037888 _____ (Microsoft Corporation) C:\WINDOWS\system32\werdiagcontroller.dll 2015-08-04 00:41 - 2015-08-04 00:41 - 00033584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFaultSecure.exe 2015-08-04 00:41 - 2015-08-04 00:41 - 00025600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\setup16.exe 2015-08-04 00:41 - 2015-08-04 00:41 - 00016896 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntvdm64.dll 2015-08-04 00:41 - 2015-08-04 00:41 - 00014336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntvdm64.dll 2015-08-04 00:41 - 2015-08-04 00:41 - 00008704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\instnm.exe 2015-08-04 00:41 - 2015-08-04 00:41 - 00005632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wow32.dll 2015-08-04 00:41 - 2015-08-04 00:41 - 00004096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user.exe 2015-08-04 00:35 - 2015-08-04 00:35 - 00000000 ____D C:\Users\Default\AppData\Local\Microsoft Help 2015-08-04 00:35 - 2015-08-04 00:35 - 00000000 ____D C:\Users\Default User\AppData\Local\Microsoft Help 2015-08-04 00:34 - 2015-08-04 00:34 - 00001547 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk 2015-08-04 00:34 - 2015-08-04 00:34 - 00000000 ____D C:\WINDOWS\SysWOW64\XPSViewer 2015-08-04 00:34 - 2015-08-04 00:34 - 00000000 ____D C:\Program Files\Reference Assemblies 2015-08-04 00:34 - 2015-08-04 00:34 - 00000000 ____D C:\Program Files\MSBuild 2015-08-04 00:34 - 2015-08-04 00:34 - 00000000 ____D C:\Program Files (x86)\Reference Assemblies 2015-08-04 00:34 - 2015-08-04 00:34 - 00000000 ____D C:\Program Files (x86)\MSBuild 2015-08-04 00:34 - 2013-08-03 06:48 - 01166520 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationNative_v0300.dll 2015-08-04 00:34 - 2013-08-03 06:41 - 00778936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationNative_v0300.dll 2015-08-04 00:33 - 2015-08-04 00:33 - 00024576 _____ (Microsoft Corporation) C:\WINDOWS\system32\sdbinst.exe 2015-08-04 00:33 - 2015-08-04 00:33 - 00021504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sdbinst.exe 2015-08-04 00:30 - 2015-08-04 00:30 - 00000000 ____D C:\WINDOWS\system32\config\bbimigrate 2015-08-04 00:28 - 2015-08-15 15:44 - 00000000 ____D C:\Users\CM 2015-08-04 00:28 - 2015-08-04 00:30 - 00000000 ___RD C:\Users\CM\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools 2015-08-04 00:28 - 2015-08-04 00:28 - 00000000 _SHDL C:\Users\CM\Vorlagen 2015-08-04 00:28 - 2015-08-04 00:28 - 00000000 _SHDL C:\Users\CM\Startmenü 2015-08-04 00:28 - 2015-08-04 00:28 - 00000000 _SHDL C:\Users\CM\Netzwerkumgebung 2015-08-04 00:28 - 2015-08-04 00:28 - 00000000 _SHDL C:\Users\CM\Lokale Einstellungen 2015-08-04 00:28 - 2015-08-04 00:28 - 00000000 _SHDL C:\Users\CM\Eigene Dateien 2015-08-04 00:28 - 2015-08-04 00:28 - 00000000 _SHDL C:\Users\CM\Druckumgebung 2015-08-04 00:28 - 2015-08-04 00:28 - 00000000 _SHDL C:\Users\CM\Documents\Eigene Musik 2015-08-04 00:28 - 2015-08-04 00:28 - 00000000 _SHDL C:\Users\CM\Documents\Eigene Bilder 2015-08-04 00:28 - 2015-08-04 00:28 - 00000000 _SHDL C:\Users\CM\AppData\Roaming\Microsoft\Windows\Start Menu\Programme 2015-08-04 00:28 - 2015-08-04 00:28 - 00000000 _SHDL C:\Users\CM\AppData\Local\Verlauf 2015-08-04 00:28 - 2015-08-04 00:28 - 00000000 _SHDL C:\Users\CM\AppData\Local\Anwendungsdaten 2015-08-04 00:28 - 2015-08-04 00:28 - 00000000 _SHDL C:\Users\CM\Anwendungsdaten 2015-08-04 00:28 - 2014-11-21 12:52 - 00000000 ___RD C:\Users\CM\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories 2015-08-04 00:28 - 2014-11-21 12:52 - 00000000 ___RD C:\Users\CM\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility 2015-08-04 00:28 - 2014-11-21 05:42 - 00000369 _____ C:\Users\CM\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pictures.lnk 2015-08-04 00:28 - 2014-11-21 05:42 - 00000369 _____ C:\Users\CM\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Documents.lnk 2015-08-04 00:28 - 2013-08-22 17:36 - 00000000 ____D C:\Users\CM\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance 2015-08-04 00:26 - 2015-08-04 01:02 - 00028578 _____ C:\WINDOWS\diagwrn.xml 2015-08-04 00:26 - 2015-08-04 01:02 - 00028578 _____ C:\WINDOWS\diagerr.xml 2015-08-04 00:17 - 2015-08-04 00:33 - 00000000 ____D C:\Program Files (x86)\Intel 2015-08-04 00:17 - 2015-08-04 00:17 - 00000000 ____D C:\WINDOWS\SysWOW64\RTCOM 2015-08-04 00:17 - 2015-08-04 00:17 - 00000000 ____D C:\Program Files\Realtek 2015-08-04 00:16 - 2014-10-01 19:54 - 00064000 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.DLL 2015-08-04 00:16 - 2014-10-01 19:54 - 00060416 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.DLL 2015-08-04 00:15 - 2015-08-04 00:15 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_WpdFs_01_11_00.Wdf 2015-08-04 00:15 - 2015-08-04 00:15 - 00000000 ____D C:\Program Files\Elantech 2015-08-03 22:17 - 2015-08-03 22:17 - 00004608 _____ C:\Users\CM\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini 2015-08-02 19:33 - 2015-08-02 19:33 - 00000000 ___HD C:\ProgramData\CanonIJScan 2015-08-02 19:33 - 2015-08-02 19:33 - 00000000 ____D C:\Users\CM\AppData\Roaming\Canon 2015-08-02 19:33 - 2015-08-02 19:33 - 00000000 _____ C:\Users\CM\Sti_Trace.log 2015-08-02 19:31 - 2015-08-02 19:31 - 00000000 ____D C:\Users\CM\AppData\Roaming\ABBYY 2015-08-02 19:09 - 2015-08-11 09:31 - 00000000 ____D C:\Users\CM\AppData\Local\ABBYY 2015-08-02 18:06 - 2015-08-02 19:19 - 00000000 ____D C:\ProgramData\ABBYY 2015-07-31 19:22 - 2015-08-04 01:02 - 00008044 _____ C:\WINDOWS\comsetup.log 2015-07-29 23:06 - 2015-07-29 23:06 - 00000000 ____D C:\Users\CM\AppData\Local\ClearfiPhoto 2015-07-29 22:16 - 2015-07-29 22:16 - 00497213 _____ C:\Users\CM\Downloads\Microsoft Privacy Statement.htm 2015-07-29 22:16 - 2015-07-29 22:16 - 00000000 ____D C:\Users\CM\Downloads\Microsoft Privacy Statement-Dateien 2015-07-29 15:50 - 2015-07-30 09:39 - 00000000 ____D C:\Users\Administrator 2015-07-29 15:28 - 2015-08-14 11:16 - 00000000 ____D C:\Users\CM\AppData\Roaming\vlc 2015-07-29 15:27 - 2015-08-04 00:39 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN 2015-07-29 15:27 - 2015-07-29 15:27 - 00001074 _____ C:\Users\Public\Desktop\VLC media player.lnk 2015-07-29 15:27 - 2015-07-29 15:27 - 00000000 ____D C:\Program Files (x86)\VideoLAN 2015-07-29 15:25 - 2015-07-29 15:25 - 28849904 _____ C:\Users\CM\Downloads\vlc-2.2.1-win32(1).exe 2015-07-29 15:08 - 2015-07-29 15:09 - 00517392 _____ ( ) C:\Users\CM\Downloads\VLC-Media-Player_092.exe 2015-07-29 14:17 - 2015-07-29 14:17 - 00000000 ____D C:\Users\CM\Documents\Hanlet 2 x 5 Min 2015-07-29 13:41 - 2015-07-29 13:41 - 00517920 _____ ( ) C:\Users\CM\Downloads\Windows-Movie-Maker-DL-Manager(2).exe 2015-07-29 13:36 - 2015-07-29 13:37 - 00772016 _____ (Reimage®) C:\Users\CM\Downloads\ReimageRepair(11).exe 2015-07-29 13:25 - 2015-08-04 00:39 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live 2015-07-29 13:25 - 2015-08-04 00:39 - 00000000 ____D C:\WINDOWS\de 2015-07-29 13:25 - 2015-07-29 13:25 - 00001462 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Mail.lnk 2015-07-29 13:25 - 2015-07-29 13:25 - 00001378 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Photo Gallery.lnk 2015-07-29 13:25 - 2015-07-29 13:25 - 00001309 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Movie Maker.lnk 2015-07-29 13:25 - 2015-07-29 13:25 - 00000000 ____D C:\Program Files (x86)\Microsoft SQL Server Compact Edition 2015-07-29 13:24 - 2015-07-29 13:25 - 00000000 ____D C:\Program Files (x86)\Windows Live 2015-07-29 13:24 - 2015-07-29 13:24 - 00002490 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Messenger.lnk 2015-07-29 13:24 - 2015-07-29 13:24 - 00000000 ____D C:\Program Files\Windows Live 2015-07-29 13:23 - 2015-07-29 13:23 - 00000193 _____ C:\WINDOWS\DirectX.log 2015-07-29 13:23 - 2010-06-02 04:55 - 00527192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_7.dll 2015-07-29 13:23 - 2010-06-02 04:55 - 00518488 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_7.dll 2015-07-29 13:23 - 2010-06-02 04:55 - 00077656 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAPOFX1_5.dll 2015-07-29 13:23 - 2010-06-02 04:55 - 00074072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAPOFX1_5.dll 2015-07-29 13:23 - 2010-05-26 11:41 - 02526056 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_43.dll 2015-07-29 13:23 - 2010-05-26 11:41 - 02106216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_43.dll 2015-07-29 13:23 - 2010-05-26 11:41 - 00276832 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx11_43.dll 2015-07-29 13:23 - 2010-05-26 11:41 - 00248672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx11_43.dll 2015-07-29 13:23 - 2009-09-04 17:29 - 00523088 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_42.dll 2015-07-29 13:23 - 2009-09-04 17:29 - 00453456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_42.dll 2015-07-29 13:23 - 2006-11-29 13:06 - 04398360 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_32.dll 2015-07-29 13:23 - 2006-11-29 13:06 - 03426072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_32.dll 2015-07-29 13:22 - 2015-07-29 13:22 - 00000000 ___RD C:\Users\CM\SkyDrive 2015-07-29 13:22 - 2015-07-29 13:22 - 00000000 ____D C:\Program Files (x86)\Microsoft SkyDrive 2015-07-29 13:21 - 2015-07-29 13:21 - 00000000 ____D C:\ProgramData\Microsoft SkyDrive 2015-07-29 13:19 - 2015-08-10 14:08 - 00000000 ____D C:\Users\CM\AppData\Local\Windows Live 2015-07-29 13:13 - 2015-07-29 13:13 - 00517920 _____ ( ) C:\Users\CM\Downloads\Windows-Movie-Maker-DL-Manager.exe 2015-07-29 13:13 - 2015-07-29 13:13 - 00517920 _____ ( ) C:\Users\CM\Downloads\Windows-Movie-Maker-DL-Manager(1).exe 2015-07-29 12:51 - 2015-07-29 15:50 - 00000000 ____D C:\Users\CM\AppData\Roaming\dlg 2015-07-29 12:47 - 2015-08-07 20:02 - 00000000 ____D C:\ProgramData\AVG 2015-07-29 12:47 - 2015-07-29 12:47 - 00000000 ____D C:\Users\CM\AppData\Roaming\AVG 2015-07-29 12:47 - 2015-07-29 12:47 - 00000000 ____D C:\Users\CM\AppData\Local\Avg 2015-07-29 12:47 - 2015-07-29 12:47 - 00000000 ____D C:\Program Files (x86)\AVG 2015-07-29 12:41 - 2015-07-29 12:41 - 00772016 _____ (Reimage®) C:\Users\CM\Downloads\ReimageRepair(10).exe 2015-07-29 12:35 - 2015-08-15 14:58 - 00000380 _____ C:\WINDOWS\Tasks\VNFZWYG1.job 2015-07-29 12:35 - 2015-07-29 12:35 - 00002894 _____ C:\WINDOWS\System32\Tasks\VNFZWYG1 2015-07-29 12:35 - 2015-07-29 12:35 - 00000000 ____D C:\ProgramData\7b24ec7cc000461ebe26d116b88142c8 2015-07-29 12:33 - 2015-07-29 12:33 - 00517416 _____ ( ) C:\Users\CM\Downloads\install-windows-movie-maker.exe 2015-07-29 12:18 - 2015-07-29 12:18 - 00001017 _____ C:\Users\CM\AppData\Bilder - Verknüpfung.lnk 2015-07-29 12:18 - 2015-07-29 12:18 - 00000625 _____ C:\Users\CM\AppData\Roaming\Bibliotheken - Verknüpfung.lnk 2015-07-29 12:00 - 2015-07-24 12:06 - 00002687 _____ C:\Users\CM\Downloads\Hamlet 5 min. Demo wlmp (1).wlmp 2015-07-29 11:55 - 2015-07-20 15:23 - 00012288 ___SH C:\Users\CM\Desktop\Thumbs - Kopie.db 2015-07-29 10:12 - 2015-07-29 13:12 - 00000000 ____D C:\Program Files\Controller 2015-07-29 10:12 - 2015-07-29 10:12 - 00003200 _____ C:\WINDOWS\System32\Tasks\Windows-Agent für die Installation 1.0.29 2015-07-29 10:12 - 2015-07-29 10:12 - 00000000 ____D C:\Users\CM\AppData\Local\WindowsAgentfr 2015-07-29 10:12 - 2015-07-29 10:12 - 00000000 ____D C:\Users\CM\AppData\Local\McAfeeActivation 2015-07-29 10:11 - 2015-08-02 19:10 - 00000000 ____D C:\Users\CM\AppData\Local\CrashDumps 2015-07-28 16:31 - 2015-08-05 05:27 - 00000000 ____D C:\WINDOWS\system32\AutoUpdateLicense 2015-07-28 16:17 - 2015-05-19 13:59 - 00207208 _____ (McAfee, Inc.) C:\WINDOWS\system32\Drivers\HipShieldK.sys 2015-07-28 16:14 - 2015-08-13 09:00 - 00000000 ____D C:\WINDOWS\System32\Tasks\McAfee 2015-07-27 16:15 - 2015-08-03 22:18 - 00000000 ____D C:\Users\CM\AppData\Local\clear.fi 2015-07-27 16:00 - 2012-07-04 11:55 - 01354240 _____ (CANON INC.) C:\WINDOWS\system32\CNQ2414C.dll 2015-07-27 16:00 - 2012-07-04 11:55 - 00112128 _____ (CANON INC.) C:\WINDOWS\system32\CNQ2414I.dll 2015-07-27 16:00 - 2012-07-04 11:29 - 00106496 _____ (CANON INC.) C:\WINDOWS\SysWOW64\CNQ2414U.dll 2015-07-27 16:00 - 2010-12-17 14:49 - 00515072 _____ (CANON INC.) C:\WINDOWS\system32\CNQ2414L.dll 2015-07-27 16:00 - 2010-12-17 14:49 - 00438272 _____ (CANON INC.) C:\WINDOWS\SysWOW64\CNQ2414L.dll 2015-07-27 16:00 - 2010-03-19 10:04 - 00393256 _____ C:\WINDOWS\SysWOW64\CNQ2414N.DAT 2015-07-27 16:00 - 2010-03-19 10:04 - 00393256 _____ C:\WINDOWS\system32\CNQ2414N.DAT 2015-07-27 16:00 - 2008-08-25 18:02 - 00017920 _____ (CANON INC.) C:\WINDOWS\system32\CNHMCA6.dll 2015-07-27 16:00 - 2008-08-25 18:02 - 00015872 _____ (CANON INC.) C:\WINDOWS\SysWOW64\CNHMCA.dll 2015-07-27 15:18 - 2015-07-27 15:18 - 00000000 ____D C:\Users\CM\AppData\Local\Apps\2.0 2015-07-27 15:16 - 2015-08-04 00:39 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2015-07-27 15:15 - 2015-07-28 16:00 - 00000000 ____D C:\Program Files (x86)\Microsoft Works 2015-07-27 15:12 - 2015-07-27 15:12 - 00000000 ____D C:\Program Files\Microsoft Office 2015-07-27 15:11 - 2015-08-12 11:29 - 00000000 ____D C:\ProgramData\Microsoft Help 2015-07-27 15:11 - 2015-08-04 15:54 - 00000000 ____D C:\Users\CM\AppData\Local\Microsoft Help 2015-07-27 14:20 - 2015-07-27 14:41 - 340508784 _____ (Microsoft Corporation) C:\Users\CM\Downloads\MicrosoftInstaller.exe 2015-07-27 11:38 - 2015-03-04 09:26 - 00011105 _____ C:\WINDOWS\system32\AutoconfigV2.cab 2015-07-27 10:30 - 2015-08-04 00:33 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee 2015-07-26 23:20 - 2015-07-26 23:20 - 00000117 _____ C:\WINDOWS\system32\netcfg-195645406.txt 2015-07-26 22:58 - 2015-07-26 22:58 - 00000117 _____ C:\WINDOWS\system32\netcfg-194312734.txt 2015-07-26 22:58 - 2015-07-26 22:58 - 00000117 _____ C:\WINDOWS\system32\netcfg-194309687.txt 2015-07-26 22:57 - 2015-07-26 22:57 - 00000117 _____ C:\WINDOWS\system32\netcfg-194304062.txt 2015-07-26 22:57 - 2015-07-26 22:57 - 00000117 _____ C:\WINDOWS\system32\netcfg-194303656.txt 2015-07-26 14:33 - 2015-08-12 11:25 - 00000000 ____D C:\WINDOWS\system32\MRT 2015-07-26 14:33 - 2015-08-12 11:18 - 132483416 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe 2015-07-26 14:18 - 2013-05-04 06:51 - 00014848 _____ (Microsoft) C:\WINDOWS\system32\rars.rs 2015-07-26 14:18 - 2013-05-04 06:10 - 00014848 _____ (Microsoft) C:\WINDOWS\SysWOW64\rars.rs 2015-07-26 11:54 - 2015-07-26 11:54 - 00003114 _____ C:\WINDOWS\System32\Tasks\{26E9F40E-B5F3-4D4A-931D-6E738019A6DF} 2015-07-26 11:53 - 2015-07-26 11:53 - 02256152 _____ (Microsoft Corporation) C:\Users\CM\Downloads\WcPlugin(2).exe 2015-07-26 11:52 - 2015-07-26 11:52 - 00000000 ____D C:\Users\CM\AppData\Local\Macromedia 2015-07-26 11:47 - 2015-08-15 15:43 - 00000884 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job 2015-07-26 11:47 - 2015-08-13 09:44 - 00003772 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater 2015-07-26 11:47 - 2015-08-13 08:55 - 00001954 _____ C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk 2015-07-26 11:47 - 2015-07-26 11:47 - 00000000 ____D C:\ProgramData\McAfee Security Scan 2015-07-26 11:44 - 2015-08-02 19:32 - 00000000 ____D C:\Users\CM\AppData\Local\Adobe 2015-07-26 11:40 - 2015-07-26 11:40 - 00000117 _____ C:\WINDOWS\system32\netcfg-153679546.txt 2015-07-26 11:40 - 2015-07-26 11:40 - 00000117 _____ C:\WINDOWS\system32\netcfg-153676531.txt 2015-07-26 11:40 - 2015-07-26 11:40 - 00000117 _____ C:\WINDOWS\system32\netcfg-153656750.txt 2015-07-26 11:40 - 2015-07-26 11:40 - 00000117 _____ C:\WINDOWS\system32\netcfg-153656578.txt 2015-07-25 14:21 - 2015-07-25 14:21 - 00000117 _____ C:\WINDOWS\system32\netcfg-76930812.txt 2015-07-25 14:21 - 2015-07-25 14:21 - 00000117 _____ C:\WINDOWS\system32\netcfg-76930734.txt 2015-07-25 14:21 - 2015-07-25 14:21 - 00000117 _____ C:\WINDOWS\system32\netcfg-76926796.txt 2015-07-25 14:21 - 2015-07-25 14:21 - 00000117 _____ C:\WINDOWS\system32\netcfg-76926578.txt 2015-07-25 07:22 - 2015-07-25 07:22 - 00000000 ___RD C:\Users\CM\Box Sync 2015-07-25 07:05 - 2015-07-25 07:05 - 00002687 _____ C:\Users\CM\Downloads\Hamlet 5 min. Demo wlmp.wlmp 2015-07-25 07:03 - 2015-07-25 07:04 - 27015280 _____ (Box Inc.) C:\Users\CM\Downloads\BoxSyncSetup(1).exe 2015-07-25 07:00 - 2015-07-25 07:02 - 00000000 ____D C:\ProgramData\Package Cache 2015-07-25 06:59 - 2015-07-25 06:59 - 27015280 _____ (Box Inc.) C:\Users\CM\Downloads\BoxSyncSetup.exe 2015-07-25 06:39 - 2015-08-11 23:03 - 00001173 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk 2015-07-25 06:39 - 2015-08-11 23:03 - 00001167 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk 2015-07-25 06:39 - 2015-08-10 19:16 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox 2015-07-25 06:39 - 2015-07-25 06:45 - 00000000 ____D C:\Users\CM\AppData\Local\Mozilla 2015-07-25 06:39 - 2015-07-25 06:39 - 00000000 ____D C:\Users\CM\AppData\Roaming\Mozilla 2015-07-25 06:39 - 2015-07-25 06:39 - 00000000 ____D C:\ProgramData\Mozilla 2015-07-25 06:39 - 2015-07-25 06:39 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2015-07-25 06:18 - 2015-07-25 06:18 - 00000000 ____D C:\Program Files\Common Files\AV 2015-07-25 06:13 - 2015-07-25 06:13 - 00000117 _____ C:\WINDOWS\system32\netcfg-47620843.txt 2015-07-25 06:13 - 2015-07-25 06:13 - 00000117 _____ C:\WINDOWS\system32\netcfg-47617828.txt 2015-07-25 06:12 - 2015-07-25 06:12 - 00000117 _____ C:\WINDOWS\system32\netcfg-47613656.txt 2015-07-25 06:12 - 2015-07-25 06:12 - 00000117 _____ C:\WINDOWS\system32\netcfg-47612562.txt 2015-07-24 17:15 - 2015-08-15 15:06 - 00003600 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2407381306-1223850301-1151369756-1001 2015-07-24 17:12 - 2015-07-24 17:12 - 00000000 ____D C:\Users\CM\AppData\Local\EgisTec IPS 2015-07-24 17:11 - 2015-07-24 17:11 - 00000000 ____D C:\Users\CM\AppData\Roaming\Atheros 2015-07-24 17:10 - 2015-07-24 17:10 - 00019212 _____ C:\Users\CM\Desktop\Entfernte Anwendungen.html 2015-07-24 17:10 - 2015-07-24 17:10 - 00000000 ____D C:\WINDOWS\System32\Tasks\WPD 2015-07-24 17:09 - 2015-08-11 23:03 - 00001458 _____ C:\Users\CM\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk 2015-07-24 17:08 - 2015-07-24 17:08 - 00002156 _____ C:\Users\CM\Desktop\McAfee Anti-Theft.lnk 2015-07-24 17:08 - 2015-07-24 17:08 - 00002027 _____ C:\Users\Public\Desktop\LOVEFiLM.lnk 2015-07-24 17:08 - 2015-07-24 17:08 - 00001736 _____ C:\Users\Public\Desktop\Online kaufen.lnk 2015-07-24 17:08 - 2015-07-24 17:08 - 00000000 ____D C:\Program Files\Preload 2015-07-24 17:08 - 2015-07-24 17:08 - 00000000 ____D C:\Program Files\Accessory Store 2015-07-24 17:07 - 2015-07-24 17:07 - 00000093 _____ C:\WINDOWS\WLangUpt.log 2015-07-24 17:07 - 2015-07-24 17:07 - 00000000 ____D C:\Users\CM\AppData\Roaming\lm 2015-07-24 17:04 - 2015-07-24 17:04 - 00000000 ____D C:\Users\CM\AppData\Roaming\Macromedia 2015-07-24 17:04 - 2015-07-24 17:04 - 00000000 ____D C:\Users\CM\AppData\Roaming\Adobe 2015-07-24 17:03 - 2015-07-29 16:50 - 00000000 ____D C:\Users\CM\AppData\Local\VirtualStore 2015-07-24 17:02 - 2015-08-03 23:22 - 01178932 _____ C:\WINDOWS\WindowsUpdate (1).log 2015-07-24 17:01 - 2015-07-24 17:01 - 00000117 _____ C:\WINDOWS\system32\netcfg-144968.txt 2015-07-24 17:01 - 2015-07-24 17:01 - 00000117 _____ C:\WINDOWS\system32\netcfg-144906.txt 2015-07-24 17:01 - 2015-07-24 17:01 - 00000117 _____ C:\WINDOWS\system32\netcfg-142812.txt 2015-07-24 17:00 - 2015-07-24 17:00 - 00000117 _____ C:\WINDOWS\system32\netcfg-98968.txt 2015-07-24 17:00 - 2015-07-24 17:00 - 00000000 _SHDL C:\Users\Public\Documents\Eigene Musik 2015-07-24 17:00 - 2015-07-24 17:00 - 00000000 _SHDL C:\Users\Public\Documents\Eigene Bilder 2015-07-24 17:00 - 2015-07-24 17:00 - 00000000 _SHDL C:\Users\Default.migrated\Vorlagen 2015-07-24 17:00 - 2015-07-24 17:00 - 00000000 _SHDL C:\Users\Default.migrated\Startmenü 2015-07-24 17:00 - 2015-07-24 17:00 - 00000000 _SHDL C:\Users\Default.migrated\Netzwerkumgebung 2015-07-24 17:00 - 2015-07-24 17:00 - 00000000 _SHDL C:\Users\Default.migrated\Lokale Einstellungen 2015-07-24 17:00 - 2015-07-24 17:00 - 00000000 _SHDL C:\Users\Default.migrated\Eigene Dateien 2015-07-24 17:00 - 2015-07-24 17:00 - 00000000 _SHDL C:\Users\Default.migrated\Druckumgebung 2015-07-24 17:00 - 2015-07-24 17:00 - 00000000 _SHDL C:\Users\Default.migrated\Documents\Eigene Musik 2015-07-24 17:00 - 2015-07-24 17:00 - 00000000 _SHDL C:\Users\Default.migrated\Documents\Eigene Bilder 2015-07-24 17:00 - 2015-07-24 17:00 - 00000000 _SHDL C:\Users\Default.migrated\AppData\Roaming\Microsoft\Windows\Start Menu\Programme 2015-07-24 17:00 - 2015-07-24 17:00 - 00000000 _SHDL C:\Users\Default.migrated\AppData\Local\Verlauf 2015-07-24 17:00 - 2015-07-24 17:00 - 00000000 _SHDL C:\Users\Default.migrated\AppData\Local\Anwendungsdaten 2015-07-24 17:00 - 2015-07-24 17:00 - 00000000 _SHDL C:\Users\Default.migrated\Anwendungsdaten 2015-07-24 17:00 - 2015-07-24 17:00 - 00000000 _SHDL C:\ProgramData\Vorlagen 2015-07-24 17:00 - 2015-07-24 17:00 - 00000000 _SHDL C:\ProgramData\Startmenü 2015-07-24 17:00 - 2015-07-24 17:00 - 00000000 _SHDL C:\ProgramData\Microsoft\Windows\Start Menu\Programme 2015-07-24 17:00 - 2015-07-24 17:00 - 00000000 _SHDL C:\ProgramData\Dokumente 2015-07-24 17:00 - 2015-07-24 17:00 - 00000000 _SHDL C:\ProgramData\Anwendungsdaten 2015-07-24 17:00 - 2015-07-24 17:00 - 00000000 _SHDL C:\Program Files\Gemeinsame Dateien 2015-07-24 16:28 - 2015-07-24 17:47 - 00000000 ___HD C:\$SysReset 2015-07-24 14:11 - 2015-07-24 14:11 - 00871739 _____ C:\Users\CM\Downloads\Setup (3).jse 2015-07-24 14:10 - 2015-07-24 14:11 - 00871750 _____ C:\Users\CM\Downloads\Setup (1).jse 2015-07-24 14:10 - 2015-07-24 14:10 - 00871750 _____ C:\Users\CM\Downloads\Setup (2).jse 2015-07-24 13:39 - 2015-07-24 13:39 - 00772016 _____ (Reimage®) C:\Users\CM\Downloads\ReimageRepair (12).exe 2015-07-24 13:39 - 2015-07-24 13:39 - 00772016 _____ (Reimage®) C:\Users\CM\Downloads\ReimageRepair (11).exe 2015-07-24 13:38 - 2015-07-24 13:38 - 00772016 _____ (Reimage®) C:\Users\CM\Downloads\ReimageRepair (10).exe 2015-07-24 13:18 - 2015-07-24 13:18 - 00772016 _____ (Reimage®) C:\Users\CM\Downloads\ReimageRepair (9).exe 2015-07-24 13:18 - 2015-07-24 13:18 - 00772016 _____ (Reimage®) C:\Users\CM\Downloads\ReimageRepair (8).exe 2015-07-24 13:17 - 2015-07-24 13:17 - 00772016 _____ (Reimage®) C:\Users\CM\Downloads\ReimageRepair (7).exe 2015-07-24 13:13 - 2015-07-24 13:13 - 00772016 _____ (Reimage®) C:\Users\CM\Downloads\ReimageRepair (6).exe 2015-07-24 13:00 - 2015-07-24 13:00 - 00772016 _____ (Reimage®) C:\Users\CM\Downloads\ReimageRepair (5).exe 2015-07-24 12:57 - 2015-07-24 12:59 - 01112883 _____ C:\Users\CM\Downloads\FirefoxSetup.jse 2015-07-24 12:19 - 2015-07-24 12:19 - 01319011 _____ C:\Users\CM\Downloads\Firefox_38.0.1_einrichten (1).jse 2015-07-24 12:18 - 2015-07-24 12:18 - 01319011 _____ C:\Users\CM\Downloads\Nicht bestätigt 407671.crdownload 2015-07-24 11:00 - 2015-07-24 11:00 - 00772016 _____ (Reimage®) C:\Users\CM\Downloads\ReimageRepair (4).exe 2015-07-24 11:00 - 2015-07-24 11:00 - 00772016 _____ (Reimage®) C:\Users\CM\Downloads\ReimageRepair (3).exe 2015-07-24 10:56 - 2015-07-24 10:56 - 00772016 _____ (Reimage®) C:\Users\CM\Downloads\ReimageRepair (2).exe 2015-07-24 10:55 - 2015-07-24 10:55 - 00772016 _____ (Reimage®) C:\Users\CM\Downloads\ReimageRepair (1).exe 2015-07-23 18:01 - 2015-07-23 18:01 - 00772016 _____ (Reimage®) C:\Users\CM\Downloads\ReimageRepair(9).exe 2015-07-23 17:56 - 2015-07-23 17:57 - 00242928 _____ C:\Users\CM\Downloads\Firefox Setup Stub 39.0 (1).exe 2015-07-23 14:23 - 2015-07-23 14:23 - 00772016 _____ (Reimage®) C:\Users\CM\Downloads\ReimageRepair(8).exe 2015-07-23 09:42 - 2015-07-23 09:42 - 01245384 _____ (Microsoft Corporation) C:\Users\CM\Downloads\wlsetup-web(1).exe 2015-07-23 09:19 - 2015-08-04 11:43 - 00000000 ____D C:\Users\CM\AppData\Local\Packages 2015-07-23 07:05 - 2015-07-23 07:05 - 00242912 _____ C:\Users\CM\Downloads\Firefox Setup Stub 39.0.exe 2015-07-22 19:41 - 2015-07-22 19:41 - 00772016 _____ (Reimage®) C:\Users\CM\Downloads\ReimageRepair(7).exe 2015-07-22 12:54 - 2015-07-22 12:54 - 00772016 _____ (Reimage®) C:\Users\CM\Downloads\ReimageRepair(6).exe 2015-07-22 12:52 - 2015-07-22 12:52 - 00772016 _____ (Reimage®) C:\Users\CM\Downloads\ReimageRepair(5).exe 2015-07-22 12:51 - 2015-07-22 12:52 - 00772016 _____ (Reimage®) C:\Users\CM\Downloads\ReimageRepair(4).exe 2015-07-22 11:26 - 2015-07-22 11:26 - 00772016 _____ (Reimage®) C:\Users\CM\Downloads\ReimageRepair(3).exe 2015-07-22 11:10 - 2015-07-22 11:10 - 00772016 _____ (Reimage®) C:\Users\CM\Downloads\ReimageRepair(2).exe 2015-07-22 07:35 - 2015-07-22 07:36 - 01090263 _____ C:\Users\CM\Downloads\setup.jse 2015-07-22 07:33 - 2015-07-22 07:36 - 01245384 _____ (Microsoft Corporation) C:\Users\CM\Downloads\wlsetup-web (2).exe 2015-07-22 07:04 - 2015-07-22 07:05 - 01245384 _____ (Microsoft Corporation) C:\Users\CM\Downloads\wlsetup-web.exe 2015-07-21 19:16 - 2015-07-29 14:54 - 07357440 _____ C:\Users\CM\Downloads\WindowsMovieMakerSetup.exe 2015-07-21 18:33 - 2015-07-23 11:15 - 00000000 _____ C:\dummy.htm 2015-07-21 18:01 - 2015-07-21 18:01 - 00000000 _____ C:\LILF48E.tmp 2015-07-21 18:01 - 2015-07-21 18:01 - 00000000 _____ C:\LILF48D.tmp 2015-07-21 18:00 - 2015-07-21 18:02 - 00000000 ____D C:\c9eab403-51a3-4e95-81f7-b6263ea83a2d 2015-07-21 17:57 - 2015-07-21 18:02 - 128227047 _____ C:\Users\CM\Downloads\wlsetup-all.exe.part 2015-07-20 15:23 - 2015-08-14 06:42 - 00012288 ___SH C:\Users\CM\Desktop\Thumbs.db 2015-07-20 15:22 - 2015-07-20 14:36 - 507502069 _____ C:\Users\CM\Desktop\Projekt.m4v 2015-07-19 19:21 - 2015-07-19 19:21 - 00517344 _____ ( ) C:\Users\CM\Downloads\install-quicktime.exe 2015-07-18 06:09 - 2015-07-18 06:09 - 00000076 _____ C:\Users\CM\Downloads\IndexerVolumeGuid 2015-07-17 23:34 - 2015-07-17 23:34 - 00000000 ____D C:\Users\CM\Downloads\PC Drivers HeadQuarters 2015-07-17 23:32 - 2015-07-17 23:32 - 00334448 _____ (PC Drivers HeadQuarters LP) C:\Users\CM\Downloads\DriverDetective(1).exe 2015-07-17 23:31 - 2015-07-17 23:31 - 00334448 _____ (PC Drivers HeadQuarters LP) C:\Users\CM\Downloads\DriverDetective.exe ==================== Ein Monat: Geänderte Dateien und Ordner ======== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.) 2015-08-15 15:02 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\system32\sru 2015-08-14 13:46 - 2014-11-21 05:35 - 01776918 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2015-08-14 13:46 - 2014-11-21 04:45 - 00765582 _____ C:\WINDOWS\system32\perfh007.dat 2015-08-14 13:46 - 2014-11-21 04:45 - 00159366 _____ C:\WINDOWS\system32\perfc007.dat 2015-08-14 13:45 - 2013-08-22 16:46 - 00295877 _____ C:\WINDOWS\setupact.log 2015-08-14 10:50 - 2013-08-22 16:45 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT 2015-08-14 08:30 - 2013-08-22 15:25 - 00262144 ___SH C:\WINDOWS\system32\config\BBI 2015-08-14 06:52 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\AppReadiness 2015-08-13 14:25 - 2015-07-10 19:28 - 00000000 ___HD C:\$Windows.~BT 2015-08-13 13:30 - 2012-09-01 22:32 - 00000000 ____D C:\Program Files (x86)\McAfee 2015-08-13 09:06 - 2012-09-01 22:32 - 00000000 ____D C:\ProgramData\McAfee 2015-08-13 09:03 - 2012-09-01 22:32 - 00000000 ____D C:\Program Files\Common Files\mcafee 2015-08-13 08:51 - 2013-08-22 16:44 - 00377856 _____ C:\WINDOWS\system32\FNTCACHE.DAT 2015-08-13 08:50 - 2014-11-20 20:24 - 00037414 _____ C:\WINDOWS\PFRO.log 2015-08-12 11:38 - 2013-08-22 17:36 - 00000000 ___RD C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools 2015-08-12 11:38 - 2013-08-22 17:36 - 00000000 ___RD C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools 2015-08-12 11:38 - 2013-08-22 17:36 - 00000000 ____D C:\Program Files\Windows Defender 2015-08-12 11:38 - 2013-08-22 17:36 - 00000000 ____D C:\Program Files (x86)\Windows Defender 2015-08-12 11:29 - 2012-07-26 09:59 - 00000000 ____D C:\WINDOWS\CbsTemp 2015-08-12 11:10 - 2014-11-21 12:51 - 00000000 ___SD C:\WINDOWS\system32\CompatTel 2015-08-12 11:08 - 2013-08-22 17:36 - 00000000 ___RD C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories 2015-08-12 11:08 - 2013-08-22 17:36 - 00000000 ___RD C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories 2015-08-11 09:01 - 2013-08-22 15:25 - 00262144 ___SH C:\WINDOWS\system32\config\ELAM 2015-08-11 08:44 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\AppCompat 2015-08-10 19:05 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\system32\sr-Latn-RS 2015-08-10 19:05 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\system32\sr-Latn-CS 2015-08-10 18:47 - 2012-09-01 22:36 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games 2015-08-10 18:47 - 2012-09-01 22:36 - 00000000 ____D C:\ProgramData\WildTangent 2015-08-10 18:35 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\system32\restore 2015-08-08 15:55 - 2014-11-21 13:01 - 00794088 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe 2015-08-08 15:55 - 2014-11-21 13:01 - 00179688 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl 2015-08-05 16:04 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\system32\NDF 2015-08-05 05:30 - 2012-10-18 03:30 - 00000000 ____D C:\ProgramData\Atheros 2015-08-04 12:44 - 2015-03-23 16:29 - 00000000 __RDO C:\Users\CM\OneDrive 2015-08-04 01:11 - 2015-02-10 03:35 - 00000000 __SHD C:\Recovery 2015-08-04 01:10 - 2013-08-22 17:36 - 00262144 _____ C:\WINDOWS\system32\config\BCD-Template 2015-08-04 01:08 - 2013-08-22 17:36 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel 2015-08-04 01:07 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\SysWOW64\setup 2015-08-04 01:07 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\system32\setup 2015-08-04 01:07 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\rescache 2015-08-04 01:05 - 2013-08-22 17:36 - 00000000 ____D C:\Program Files\Windows NT 2015-08-04 01:05 - 2013-08-22 15:36 - 00000000 __RHD C:\Users\Default 2015-08-04 01:02 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\Registration 2015-08-04 01:01 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\PolicyDefinitions 2015-08-04 00:56 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\WinStore 2015-08-04 00:55 - 2014-11-21 05:27 - 02473472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll 2015-08-04 00:55 - 2013-08-22 17:36 - 00000000 ___RD C:\WINDOWS\ToastData 2015-08-04 00:54 - 2013-08-22 17:36 - 00000000 __RSD C:\WINDOWS\Media 2015-08-04 00:53 - 2013-08-22 17:36 - 00000000 __RHD C:\Users\Public\Libraries 2015-08-04 00:49 - 2013-08-22 17:36 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories 2015-08-04 00:44 - 2014-11-21 05:13 - 00000000 ____D C:\Program Files\Windows Journal 2015-08-04 00:41 - 2013-08-22 15:36 - 00000000 ____D C:\WINDOWS\system32\AdvancedInstallers 2015-08-04 00:39 - 2014-11-21 05:13 - 00000000 ____D C:\WINDOWS\ShellNew 2015-08-04 00:39 - 2013-08-22 15:36 - 00000000 ____D C:\WINDOWS\system32\Sysprep 2015-08-04 00:39 - 2012-10-18 03:46 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EgisTec 2015-08-04 00:39 - 2012-10-18 03:45 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink MediaEspresso 6.5 2015-08-04 00:39 - 2012-10-18 03:11 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dolby 2015-08-04 00:39 - 2012-09-01 23:08 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acer 2015-08-04 00:35 - 2013-08-22 17:37 - 00005217 _____ C:\WINDOWS\DtcInstall.log 2015-08-04 00:35 - 2012-07-26 07:37 - 00000000 ____D C:\Users\Default.migrated 2015-08-04 00:34 - 2014-11-21 04:45 - 00000000 ____D C:\WINDOWS\SysWOW64\WCN 2015-08-04 00:34 - 2014-11-21 04:45 - 00000000 ____D C:\WINDOWS\SysWOW64\sysprep 2015-08-04 00:34 - 2014-11-21 04:45 - 00000000 ____D C:\WINDOWS\system32\WCN 2015-08-04 00:34 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\SysWOW64\MUI 2015-08-04 00:34 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\SysWOW64\migwiz 2015-08-04 00:34 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\SysWOW64\IME 2015-08-04 00:34 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns 2015-08-04 00:34 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\system32\spool 2015-08-04 00:34 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\system32\MUI 2015-08-04 00:34 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\system32\IME 2015-08-04 00:34 - 2013-08-22 15:36 - 00000000 ____D C:\WINDOWS\SysWOW64\SMI 2015-08-04 00:34 - 2013-08-22 15:36 - 00000000 ____D C:\WINDOWS\system32\oobe 2015-08-04 00:34 - 2012-09-01 22:33 - 00000000 ____D C:\WINDOWS\SysWOW64\sda 2015-08-04 00:33 - 2013-08-22 17:43 - 00000000 ____D C:\WINDOWS\DigitalLocker 2015-08-04 00:33 - 2013-08-22 17:36 - 00000000 __SHD C:\Program Files\Windows Sidebar 2015-08-04 00:33 - 2013-08-22 17:36 - 00000000 __SHD C:\Program Files (x86)\Windows Sidebar 2015-08-04 00:33 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\IME 2015-08-04 00:33 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\Help 2015-08-04 00:33 - 2012-08-03 19:17 - 00000000 ____D C:\ProgramData\PRICache 2015-08-04 00:32 - 2013-08-22 17:36 - 00000000 ____D C:\Program Files\Common Files\microsoft shared 2015-08-04 00:30 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\system32\Recovery 2015-08-04 00:17 - 2013-08-22 16:46 - 00000084 _____ C:\WINDOWS\setuperr.log 2015-08-03 22:04 - 2012-07-26 10:12 - 00000000 ____D C:\WINDOWS\AUInstallAgent 2015-07-28 16:16 - 2012-07-26 10:12 - 00000000 ___HD C:\WINDOWS\ELAMBKUP 2015-07-27 15:35 - 2015-06-12 12:23 - 00000000 ____D C:\288a4c48-26e1-4814-8d65-7bb6d264b397 2015-07-27 15:15 - 2012-10-18 03:53 - 00000000 ____D C:\Program Files (x86)\Microsoft Office 2015-07-27 10:30 - 2012-09-01 22:33 - 00001862 _____ C:\Users\Public\Desktop\McAfee Internet Security Suite.lnk 2015-07-24 17:12 - 2012-10-18 03:45 - 00000000 ____D C:\ProgramData\EgisTec IPS 2015-07-24 17:08 - 2012-10-18 03:30 - 00000000 ____D C:\ProgramData\OEM 2015-07-24 17:08 - 2012-09-01 23:27 - 00000225 _____ C:\WINDOWS\User.xml 2015-07-24 17:08 - 2012-09-01 22:28 - 01677814 _____ C:\WINDOWS\launApp.log 2015-07-24 17:08 - 2012-08-03 20:05 - 00000000 ___HD C:\Elements 2015-07-24 17:07 - 2012-10-18 12:31 - 00000225 _____ C:\WINDOWS\WisLangCode.ini 2015-07-24 17:07 - 2012-09-01 23:17 - 00391316 _____ C:\WINDOWS\PLaunch.log 2015-07-24 17:07 - 2012-09-01 22:29 - 00000159 __RSH C:\WINDOWS\Preload.rev 2015-07-24 17:07 - 2012-09-01 22:28 - 00005410 _____ C:\WINDOWS\PatchFul.log ==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse ======= 2015-08-11 23:02 - 2015-08-11 23:02 - 3471189 _____ (Dongphase) C:\Program Files\Common Files\a2d0ljkm.exe 2015-07-29 12:18 - 2015-07-29 12:18 - 0000625 _____ () C:\Users\CM\AppData\Roaming\Bibliotheken - Verknüpfung.lnk 2015-08-03 22:17 - 2015-08-03 22:17 - 0004608 _____ () C:\Users\CM\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini 2012-10-18 03:11 - 2012-10-18 03:11 - 0000000 ____H () C:\ProgramData\DP45977C.lfl Einige Dateien in TEMP: ==================== C:\Users\CM\AppData\Local\Temp\DseShExt-x64.dll C:\Users\CM\AppData\Local\Temp\DseShExt-x86.dll C:\Users\CM\AppData\Local\Temp\Quarantine.exe C:\Users\CM\AppData\Local\Temp\SDShelEx-win32.dll C:\Users\CM\AppData\Local\Temp\SDShelEx-x64.dll C:\Users\CM\AppData\Local\Temp\sqlite3.dll ==================== Bamital & volsnap ================= (Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.) C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert C:\WINDOWS\explorer.exe => Datei ist digital signiert C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert C:\WINDOWS\system32\services.exe => Datei ist digital signiert C:\WINDOWS\system32\User32.dll => Datei ist digital signiert C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert LastRegBack: 2015-08-04 00:13 ==================== Ende von Ergebnis ============================ DANKE DANKE DANKE!!! Wirklich toll, was ihr hier leistet. |
|
15.08.2015, 15:55
| #2 |
| /// TB-Ausbilder /// Anleitungs-Guru  |  Windows 8: Entfernen von Safefinder, Snap.do, SideCubes und Co Mein Name ist Jürgen und ich werde Dir bei Deinem Problem behilflich sein. Zusammen schaffen wir das... 
 Hinweis:Ich kann Dir niemals eine Garantie geben, dass wir alle schädlichen Dateien finden werden. Eine Formatierung ist meist der schnellere und immer der sicherste Weg, aber auch nur bei wirklicher Malware empfehlenswert. Adware & Co. können wir sehr gut entfernen. Solltest Du Dich für eine Bereinigung entscheiden, arbeite solange mit, bis Du mein clean  bekommst.Los geht's: Die Addition.txt fehlt: Schritt 1   Bitte starte FRST erneut, markiere auch die checkbox  und drücke auf Untersuchen. Bitte poste mir den Inhalt der beiden Logs die erstellt werden.
__________________ |
+ R Taste und schreibe notepad in das 
+ R Taste und schreibe notepad in das 
und drücke auf Untersuchen. 
und/oder das Forum mit einer kleinen 
Combofix deinstallieren 
NoScript
Linear-Darstellung
