| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Reimage RepairWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
03.09.2015, 08:05
| #1 |
 |  Reimage Repair Hallo zusammen! Ich habe leider unwissentlich ein paar Programme installiert, die ich jetzt nicht mehr deinstallieren kann. Dazu gehören: - System NotifierV02.09 - Search module - YT Downloader - Remote Desktop Access (VuuPC) - Phrase Professor 1.10.0.22 - GamesDesktop 014.005010078 - TV Time - Cross Browse -Ge-Force Zudem öffnet sich Reimage Repair im Browser ständig selbst. Ich hoffe, ihr könnt mir helfen. Vielen lieben Dank im Voraus, Verena |
|
03.09.2015, 08:18
| #2 |
| /// the machine /// TB-Ausbilder    | Reimage Repair hi,
__________________Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:  FRST 32-Bit | FRST 64-Bit(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
__________________ |
|
04.09.2015, 20:03
| #3 |
| | Reimage Repair Hallo,
__________________leider kann ich FRST gar nicht installieren, wenn ich auf "Download" klicke passiert gar nichts. Es öffnen sich lediglich unterwünscht weitere Seiten. Was kann ich denn da machen?  Viele Grüße Verena |
|
05.09.2015, 14:43
| #4 |
| /// the machine /// TB-Ausbilder | Reimage Repair Browser zurücksetzen. Dann nochmal versuchen, zur Not das Tool von einem anderen PC laden. Ich brauch die Logs, ohne die geht gar nix 
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
06.09.2015, 11:43
| #5 |
| | Reimage Repair Hallo! Jetzt hat es geklappt Hier der erste Teil des FRST.txt: Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:04-09-2015
durchgeführt von Verena (Administrator) auf VERENA-PC (06-09-2015 11:40:50)
Gestartet von C:\Users\Verena\Downloads
Geladene Profile: UpdatusUser & Verena (Verfügbare Profile: UpdatusUser & Verena)
Platform: Windows 10 Home (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: Edge)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Cisco Systems, Inc.) C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\dsiwmis.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Registration\GREGsvc.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Updater\UpdaterService.exe
() C:\Program Files (x86)\8CBD48C6-1441211369-E111-9306-DC0EA11C2A46\jnsq4F6D.tmp
(Microsoft Corporation) C:\Windows\System32\mqsvc.exe
(NTI Corporation) C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe
(Samsung Electronics Co., Ltd.) C:\Windows\System32\spool\drivers\x64\3\NetFaxServer64.exe
() C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe
(ShopperPro) C:\Program Files\Common Files\ShopperPro\spbiu.exe
() C:\Program Files (x86)\8CBD48C6-1441211369-E111-9306-DC0EA11C2A46\hnsa67D9.tmp
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMutilps32.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Ratio Applications) C:\ProgramData\ewWhKiM\qywrpqAxJSA.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(Cinema PlusV02.09) C:\Program Files (x86)\CinemaPlus-3.2cV02.09\3bdeed13-2db0-4dc1-9605-22126b0b7b26-10.exe
(HQ-VideoV02.09) C:\Program Files (x86)\System NotifierV02.09\1a5e6f5d-2207-4995-9489-b84f694df449-10.exe
(Webar) C:\Program Files (x86)\Ge-Force\575c0d94-4438-4047-8a05-41731250fe8c-10.exe
(Cinema PlusV02.09) C:\Program Files (x86)\CinemaPlus-3.2cV02.09\3bdeed13-2db0-4dc1-9605-22126b0b7b26-6.exe
(Webar) C:\Program Files (x86)\Ge-Force\575c0d94-4438-4047-8a05-41731250fe8c-6.exe
(Cinema PlusV02.09) C:\Program Files (x86)\CinemaPlus-3.2cV02.09\3bdeed13-2db0-4dc1-9605-22126b0b7b26-14.exe
(Webar) C:\Program Files (x86)\Ge-Force\575c0d94-4438-4047-8a05-41731250fe8c-1-6.exe
(Cinema PlusV02.09) C:\Program Files (x86)\CinemaPlus-3.2cV02.09\3bdeed13-2db0-4dc1-9605-22126b0b7b26-1-6.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(Wiz) C:\Users\Verena\AppData\Local\Temp\WIZZ\ioprotect.exe
(Microsoft Corporation) C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
() C:\ProgramData\Jissifsefaieg\1.0.5.1\wsiuuenw.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe
(Microsoft Corporation) C:\Users\Verena\AppData\Local\Microsoft\OneDrive\OneDrive.exe
(NTI Corporation) C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LManager.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMworker.exe
(brother) C:\Program Files (x86)\Brownie\BrStsW64.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE
() C:\Windows\Samsung\PanelMgr\SSMMgr.exe
() C:\Windows\twain_32\Samsung\CLX3180\Scan2Pc.exe
(Cisco Systems, Inc.) C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe
() C:\Windows\Samsung\PanelMgr\caller64.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\Brownie\BRNIPMON.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerEvent.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
() C:\ProgramData\Jissifsefaieg\1.0.5.1\wsiuuenw.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Portmon/EE) C:\Users\Verena\AppData\Local\Temp\nsm38E4.tmp
(Tencent Inc.) C:\Users\Verena\AppData\Local\Temp\E592A50D-87A9-437F-9F9B-31AA642D3A9Bmp\QQBrowser.exe
() C:\Users\Verena\AppData\Local\gmsd_de_005010078\upgmsd_de_005010078.exe
() C:\Program Files (x86)\gmsd_de_005010078\gmsd_de_005010078.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe
() C:\ProgramData\Radio\prompt.exe
() C:\ProgramData\Radio\prompt.exe
(Dropbox, Inc.) C:\Users\Verena\AppData\Roaming\Dropbox\bin\Dropbox.exe
() C:\Program Files (x86)\8CBD48C6-1441211369-E111-9306-DC0EA11C2A46\knsw2829.tmp
(RealNetworks, Inc.) C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe
() C:\Program Files (x86)\8CBD48C6-1441211369-E111-9306-DC0EA11C2A46\knsc4FD1.tmp
(AnyProtect.com) C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\OUTLOOK.EXE
(Crossbrowse) C:\Program Files (x86)\Crossbrowse\Crossbrowse\Application\crossbrowse.exe
(Crossbrowse) C:\Program Files (x86)\Crossbrowse\Crossbrowse\Application\crossbrowse.exe
(Microsoft Corporation) C:\Windows\System32\InstallAgent.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
(Microsoft Corporation) C:\Windows\System32\browser_broker.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Adobe Systems Incorporated) C:\Windows\System32\Macromed\Flash\FlashUtil_ActiveX.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe
==================== Registry (Nicht auf der Ausnahmeliste) ===========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13885696 2015-06-24] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1402624 2015-06-24] (Realtek Semiconductor)
HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [3233976 2015-09-01] (ELAN Microelectronics Corp.)
HKLM\...\Run: [IntelTBRunOnce] => wscript.exe //b //nologo "C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs"
HKLM\...\Run: [Power Management] => C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe [1831016 2011-08-02] (Acer Incorporated)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
HKLM\...\Run: [SpaceSoundPro] => "C:\Program Files\SpaceSoundPro\SpaceSoundPro.exe"
HKLM-x32\...\Run: [BackupManagerTray] => C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe [297280 2011-04-24] (NTI Corporation)
HKLM-x32\...\Run: [LManager] => C:\Program Files (x86)\Launch Manager\LManager.exe [1103440 2011-07-01] (Dritek System Inc.)
HKLM-x32\...\Run: [Dolby Advanced Audio v2] => C:\Dolby PCEE4\pcee4.exe [506712 2011-06-01] (Dolby Laboratories Inc.)
HKLM-x32\...\Run: [SuiteTray] => C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe [341360 2011-09-20] (Egis Technology Inc.)
HKLM-x32\...\Run: [BrStsWnd] => C:\Program Files (x86)\Brownie\BrstsW64.exe [3695984 2011-03-25] (brother)
HKLM-x32\...\Run: [Samsung PanelMgr] => C:\Windows\Samsung\PanelMgr\SSMMgr.exe [688128 2011-07-06] ()
HKLM-x32\...\Run: [CLX3180_Scan2Pc] => C:\Windows\Twain_32\Samsung\CLX3180\Scan2pc.exe [1990144 2011-04-29] ()
HKLM-x32\...\Run: [3180 Scan2PC] => C:\Windows\twain_32\Samsung\CLX3180\Scan2Pc.exe [1990144 2011-04-29] ()
HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation)
HKLM-x32\...\Run: [Cisco AnyConnect Secure Mobility Agent for Windows] => C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe [707472 2014-03-12] (Cisco Systems, Inc.)
HKLM-x32\...\Run: [TkBellExe] => C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe [295072 2012-12-16] (RealNetworks, Inc.)
HKLM-x32\...\Run: [YTDownloader] => "C:\Program Files (x86)\YTDownloader\YTDownloader.exe" /boot
HKLM-x32\...\Run: [gmsd_de_005010078] => C:\Program Files (x86)\gmsd_de_005010078\gmsd_de_005010078.exe [3984528 2015-09-02] ()
HKLM-x32\...\RunOnce: [IOPROTECT] => C:\Users\Verena\AppData\Local\Temp\WIZZ\ioproduct_service.bat [124 2015-09-02] () <===== ACHTUNG
HKLM-x32\...\RunOnce: [upgmsd_de_005010078.exe] => C:\Users\Verena\AppData\Local\gmsd_de_005010078\upgmsd_de_005010078.exe [3314832 2015-09-02] ()
HKLM-x32\...\RunOnce: [Update] => C:\Users\Verena\AppData\Roaming\VOPackage\VOPackage.exe /runonce
Winlogon\Notify\igfxcui: C:\WINDOWS\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-1577607291-3742472165-1464039351-1000\...\Run: [Sidebar] => %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun
HKU\S-1-5-21-1577607291-3742472165-1464039351-1000\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [517632 2015-07-10] (Microsoft Corporation)
HKU\S-1-5-21-1577607291-3742472165-1464039351-1001\...\Run: [Dropbox Update] => C:\Users\Verena\AppData\Local\Dropbox\Update\DropboxUpdate.exe [134512 2015-06-19] (Dropbox, Inc.)
HKU\S-1-5-21-1577607291-3742472165-1464039351-1001\...\Run: [OneDrive] => C:\Users\Verena\AppData\Local\Microsoft\OneDrive\OneDrive.exe [404064 2015-09-02] (Microsoft Corporation)
HKU\S-1-5-21-1577607291-3742472165-1464039351-1001\...\Run: [GoogleChromeAutoLaunch_03520036EFBEA4305B5692C0BB44A891] => C:\Program Files (x86)\Crossbrowse\Crossbrowse\Application\crossbrowse.exe [796672 2015-05-12] (Crossbrowse)
HKU\S-1-5-21-1577607291-3742472165-1464039351-1001\...\Run: [YTDownloader] => "C:\Program Files (x86)\YTDownloader\YTDownloader.exe" /boot
AppInit_DLLs: c:\Windows\System32\nvinitx.dll => c:\Windows\System32\nvinitx.dll [177088 2015-07-13] (NVIDIA Corporation)
AppInit_DLLs: ,C:\WINDOWS\system32\nvinitx.dll => C:\WINDOWS\system32\nvinitx.dll [177088 2015-07-13] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\WINDOWS\SysWOW64\nvinit.dll => C:\WINDOWS\SysWOW64\nvinit.dll [155280 2015-07-13] (NVIDIA Corporation)
ShellIconOverlayIdentifiers: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Verena\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll Keine Datei
ShellIconOverlayIdentifiers: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Verena\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll Keine Datei
ShellIconOverlayIdentifiers: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Verena\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll Keine Datei
ShellIconOverlayIdentifiers: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Verena\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll Keine Datei
ShellIconOverlayIdentifiers: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Verena\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll Keine Datei
ShellIconOverlayIdentifiers: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Verena\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll Keine Datei
ShellIconOverlayIdentifiers: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Verena\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll Keine Datei
ShellIconOverlayIdentifiers: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Verena\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll Keine Datei
Startup: C:\Users\Verena\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\crossbrowse.lnk [2015-09-02]
ShortcutTarget: crossbrowse.lnk -> C:\Program Files (x86)\Crossbrowse\Crossbrowse\Application\crossbrowse.exe (Crossbrowse)
Startup: C:\Users\Verena\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2014-11-02]
ShortcutTarget: Dropbox.lnk -> C:\Users\Verena\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\Users\Verena\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2010 Bildschirmausschnitt- und Startprogramm.lnk [2012-04-15]
ShortcutTarget: OneNote 2010 Bildschirmausschnitt- und Startprogramm.lnk -> C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE (Microsoft Corporation)
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt..)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{3b7f2f84-982a-49ea-9368-45fb5bc144d9}: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{b0d6ddbf-db99-4fd2-9675-c35ced802d52}: [DhcpNameServer] 192.168.178.1
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617910&ResetID=130856855472853968&GUID=72A09B6E-8225-4B37-94F8-E33EAFCC85C1
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-19\Software\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm
HKU\S-1-5-20\Software\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm
HKU\S-1-5-21-1577607291-3742472165-1464039351-1001\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-1577607291-3742472165-1464039351-1001\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com/ie
HKU\S-1-5-21-1577607291-3742472165-1464039351-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617910&ResetID=130857369855555849&GUID=72A09B6E-8225-4B37-94F8-E33EAFCC85C1
SearchScopes: HKLM -> {7F4EFF06-7032-458e-AE16-1C1D8255C28A} URL = hxxp://www-searching.com/search.aspx?site=shdefault&prd=smw&pid=s&shr=d&q={searchTerms}&s=F92ztutdk0000,91607e43-c226-480e-9475-b1b96633a574,
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-1577607291-3742472165-1464039351-1000 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-1577607291-3742472165-1464039351-1001 -> DefaultScope {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = hxxp://www-searching.com/search.aspx?s=F93ztutdk0004,6c17976b-6391-4c13-86d6-cc2f17d6cb30,&q={searchTerms}
SearchScopes: HKU\S-1-5-21-1577607291-3742472165-1464039351-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-1577607291-3742472165-1464039351-1001 -> {2A44F415-BC14-4AC0-AF6C-0D89E7908512} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKU\S-1-5-21-1577607291-3742472165-1464039351-1001 -> {4B0B64FD-EC90-484B-A3F3-3997730B5B73} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKU\S-1-5-21-1577607291-3742472165-1464039351-1001 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = hxxp://www-searching.com/search.aspx?s=F93ztutdk0004,6c17976b-6391-4c13-86d6-cc2f17d6cb30,&q={searchTerms}
SearchScopes: HKU\S-1-5-21-1577607291-3742472165-1464039351-1001 -> {7F4EFF06-7032-458e-AE16-1C1D8255C28A} URL = hxxp://www-searching.com/search.aspx?site=shdefault&prd=smw&pid=s&shr=d&q={searchTerms}&s=F92ztutdk0000,91607e43-c226-480e-9475-b1b96633a574,
SearchScopes: HKU\S-1-5-21-1577607291-3742472165-1464039351-1001 -> {BB1C9FE6-A25C-4D5D-9631-59F983A1351B} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
BHO: Citavi Picker -> {609D670F-B735-4da7-AC6D-F3BD358E325E} -> C:\WINDOWS\system32\mscoree.dll [2015-07-10] (Microsoft Corporation)
BHO: Adblock IE -> {667BEE43-20BD-4CE3-94AC-E63E04D4B191} -> C:\Program Files\MGTEK\Adblock IE\adblockie.dll [2013-05-08] (MGTEK)
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: RealNetworks Download and Record Plugin for Internet Explorer -> {3049C3E9-B461-4BC5-8870-4C09146192CA} -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll [2012-11-29] (RealDownloader)
BHO-x32: Citavi Picker -> {609D670F-B735-4da7-AC6D-F3BD358E325E} -> C:\WINDOWS\SysWOW64\mscoree.dll [2015-07-10] (Microsoft Corporation)
BHO-x32: Adblock IE -> {667BEE43-20BD-4CE3-94AC-E63E04D4B191} -> C:\Program Files (x86)\MGTEK\Adblock IE\adblockie.dll [2013-05-08] (MGTEK)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
DPF: HKLM {166B1BCA-3F9C-11CF-8075-444553540000} hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: HKLM {233C1507-6A77-46A4-9443-F871F945D258} hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Technologies)
FireFox:
========
FF ProfilePath: C:\Users\Verena\AppData\Roaming\Mozilla\Firefox\Profiles\fpx32vvt.default-1374689957011
FF NewTab: hxxp://www-searching.com/?site=shyosffdefault&prd=set&s=F92ztutdk0000,91607e43-c226-480e-9475-b1b96633a574
FF DefaultSearchEngine: Search Module
FF SelectedSearchEngine: Yahoo DE
FF Homepage: hxxp://www.mystartsearch.com/?type=hp&ts=1441213265&z=ca518fbf7d0208bbd6016degfz1z6g1o2g5c1g8cbw&from=cmi&uid=WDCXWD6400BPVT-22HXZT3_WD-WX91A91P5075P5075
FF Keyword.URL: hxxp://www-searching.com/search.aspx?site=shdefault&prd=smw&pid=s&shr=d&q={searchTerms}&s=F92ztutdk0000,91607e43-c226-480e-9475-b1b96633a574,
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_18_0_0_232.dll [2015-08-13] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_232.dll [2015-08-13] ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2013-10-07] (Google)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2014-01-06] (Google, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=10.5.1 -> C:\Windows\SysWOW64\npDeployJava1.dll [2012-07-05] (Oracle Corporation)
FF Plugin-x32: @mcafee.com/SAFFPlugin -> C:\Program Files (x86)\McAfee\SiteAdvisor\npmcffplg32.dll [Keine Datei]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~4\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2011-05-14] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2011-05-14] (Microsoft Corporation)
FF Plugin-x32: @real.com/nppl3260;version=16.0.0.282 -> c:\program files (x86)\real\realplayer\Netscape6\nppl3260.dll [2012-12-16] (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprndlchromebrowserrecordext;version=1.3.0 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll [2012-11-29] (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprndlhtml5videoshim;version=1.3.0 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll [2012-11-29] (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprndlpepperflashvideoshim;version=1.3.0 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll [2012-11-29] (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpplugin;version=16.0.0.282 -> c:\program files (x86)\real\realplayer\Netscape6\nprpplugin.dll [2012-12-16] (RealPlayer)
FF Plugin-x32: @realnetworks.com/npdlplugin;version=1 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll [2012-11-29] (RealDownloader)
FF Plugin-x32: @staging.google.com/globalUpdate Update;version=10 -> C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\npglobalupdateUpdate4.dll [2015-09-03] (globalUpdate)
FF Plugin-x32: @staging.google.com/globalUpdate Update;version=4 -> C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\npglobalupdateUpdate4.dll [2015-09-03] (globalUpdate)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.13\npGoogleUpdate3.dll [2015-08-27] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.13\npGoogleUpdate3.dll [2015-08-27] (Google Inc.)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\4\NP_wtapp.dll [2012-12-19] ()
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-06-29] (Adobe Systems Inc.)
FF SearchPlugin: C:\Users\Verena\AppData\Roaming\Mozilla\Firefox\Profiles\fpx32vvt.default-1374689957011\searchplugins\smod.xml [2015-09-02]
FF SearchPlugin: C:\Users\Verena\AppData\Roaming\Mozilla\Firefox\Profiles\fpx32vvt.default-1374689957011\searchplugins\yahoo-msd.xml [2014-09-28]
FF Extension: Amazon-Icon - C:\Users\Verena\AppData\Roaming\Mozilla\Firefox\Profiles\fpx32vvt.default-1374689957011\Extensions\amazon-icon@giga.de [2014-11-01]
FF Extension: CinemaPlus-3.2cV02.09 - C:\Users\Verena\AppData\Roaming\Mozilla\Firefox\Profiles\fpx32vvt.default-1374689957011\Extensions\d4db60df25f14dae9dd18@185c395f9e794c9ab86be3eb.com [2015-09-02]
FF Extension: Foxi Security - C:\Users\Verena\AppData\Roaming\Mozilla\Firefox\Profiles\fpx32vvt.default-1374689957011\Extensions\foxi@securitii-dhfjs.com [2014-11-01]
FF Extension: Simple New Tab - C:\Users\Verena\AppData\Roaming\Mozilla\Firefox\Profiles\fpx32vvt.default-1374689957011\Extensions\snt@dotlabs.co [2013-11-28]
FF Extension: Ge-Force - C:\Users\Verena\AppData\Roaming\Mozilla\Firefox\Profiles\fpx32vvt.default-1374689957011\Extensions\TTSD90021300@PYDKGV101145942.com [2015-09-02]
FF Extension: Search App - C:\Users\Verena\AppData\Roaming\Mozilla\Firefox\Profiles\fpx32vvt.default-1374689957011\Extensions\{1d33817b-02d7-4cfa-a618-2d2fe2f6add4}.xpi [2015-01-07]
FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor
FF HKLM-x32\...\Firefox\Extensions: [{34712C68-7391-4c47-94F3-8F88D49AD632}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
FF Extension: RealDownloader - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext [2012-12-16]
FF HKLM-x32\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
FF HKLM-x32\...\Firefox\Extensions: [{8AA36F4F-6DC7-4c06-77AF-5035170634FE}] - C:\ProgramData\Swiss Academic Software\Citavi Picker\Firefox
FF Extension: Citavi Picker - C:\ProgramData\Swiss Academic Software\Citavi Picker\Firefox [2015-04-27]
FF ExtraCheck: C:\Program Files (x86)\mozilla firefox\firefox.cfg [2015-09-01] <==== ACHTUNG
Chrome:
=======
CHR dev: Chrome dev build erkannt! <======= ACHTUNG
CHR HomePage: Default -> hxxp://www-searching.com/?pid=s&s=F93ztutdk0004,6c17976b-6391-4c13-86d6-cc2f17d6cb30&vp=ch&prd=set
CHR StartupUrls: Default -> "hxxp://www-searching.com/?pid=s&s=F93ztutdk0004,6c17976b-6391-4c13-86d6-cc2f17d6cb30&vp=ch&prd=set"
CHR DefaultSearchURL: Default -> "url":"hxxp://www-searching.com/search.aspx?site=shdefault&prd=smw&pid=s&shr=d&q={searchTerms}&s=Unknown"
CHR DefaultSearchKeyword: Default -> www-searching.com
CHR DefaultSuggestURL: Default -> hxxp://api.searchpredict.com/api/?rqtype=ffplugin&siteID=8661&dbCode=1&command={searchTerms}
CHR Profile: C:\Users\Verena\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Docs) - C:\Users\Verena\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-06-08]
CHR Extension: (RealDownloader) - C:\Users\Verena\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhngdhcfkoamngbedgpaokgjbnpdiji [2013-05-02]
CHR Extension: (CinemaPlus-3.2cV02.09) - C:\Users\Verena\AppData\Local\Google\Chrome\User Data\Default\Extensions\papbadoldddalgcjcicnikcfenodpghp [2015-09-02]
CHR HKU\S-1-5-21-1577607291-3742472165-1464039351-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [jlcgehabolcakkjhgmgpkagpolbjlhfa] - https://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [idhngdhcfkoamngbedgpaokgjbnpdiji] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Chrome\Ext\realdownloader.crx [2012-11-29]
CHR HKLM-x32\...\Chrome\Extension: [ohgndokldibnndfnjnagojmheejlengn] - https://clients2.google.com/service/update2/crx
==================== Dienste (Nicht auf der Ausnahmeliste) ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R2 ETDService; C:\Program Files\Elantech\ETDService.exe [135352 2015-09-01] (ELAN Microelectronics Corp.)
S2 Freemake Improver; C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe [108032 2014-02-04] (Freemake) [Datei ist nicht signiert]
R2 giqozewi; C:\Program Files (x86)\8CBD48C6-1441211369-E111-9306-DC0EA11C2A46\knsw2829.tmp [1380864 2015-09-05] () [Datei ist nicht signiert]
S2 globalUpdate; C:\Program Files (x86)\globalUpdate\Update\globalupdate.exe [68608 2015-09-03] (globalUpdate) [Datei ist nicht signiert] <==== ACHTUNG
S3 globalUpdatem; C:\Program Files (x86)\globalUpdate\Update\globalupdate.exe [68608 2015-09-03] (globalUpdate) [Datei ist nicht signiert] <==== ACHTUNG
R2 jimocoso; C:\Program Files (x86)\8CBD48C6-1441211369-E111-9306-DC0EA11C2A46\jnsq4F6D.tmp [227328 2015-09-02] () [Datei ist nicht signiert]
R2 MSMQ; C:\Windows\system32\mqsvc.exe [26112 2015-09-01] (Microsoft Corporation)
R2 NTI IScheduleSvc; C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe [256832 2011-04-24] (NTI Corporation)
R2 qywrpqAxJSA; C:\ProgramData\ewWhKiM\qywrpqAxJSA.exe [2731488 2015-09-02] (Ratio Applications)
R2 RealNetworks Downloader Resolver Service; C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe [38608 2012-11-29] ()
R2 Samsung Network Fax Server; C:\Windows\system32\spool\drivers\x64\3\NetFaxServer64.exe [229888 2011-04-28] (Samsung Electronics Co., Ltd.) [Datei ist nicht signiert]
R2 SPBIUpd; C:\Program Files\Common Files\ShopperPro\spbiu.exe [2346416 2015-09-02] (ShopperPro)
R2 sysejogo; C:\Program Files (x86)\8CBD48C6-1441211369-E111-9306-DC0EA11C2A46\knsc4FD1.tmp [1381888 2015-09-05] () [Datei ist nicht signiert]
R2 totyseku; C:\Program Files (x86)\8CBD48C6-1441211369-E111-9306-DC0EA11C2A46\hnsa67D9.tmp [137728 2015-09-02] () [Datei ist nicht signiert]
S3 w3logsvc; C:\Windows\system32\inetsrv\w3logsvc.dll [84480 2015-09-01] (Microsoft Corporation)
R2 W3SVC; C:\Windows\system32\inetsrv\iisw3adm.dll [578560 2015-09-01] (Microsoft Corporation)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [362928 2015-07-10] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-07-10] (Microsoft Corporation)
|
|
06.09.2015, 11:45
| #6 |
| | Reimage Repair Der zweite Teil: Code:
ATTFilter ===================== Treiber (Nicht auf der Ausnahmeliste) ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R3 BCM43XX; C:\Windows\system32\DRIVERS\bcmwl63a.sys [7593176 2015-07-10] (Broadcom Corporation)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [498512 2015-08-18] (Symantec Corporation)
R3 MQAC; C:\Windows\System32\drivers\mqac.sys [175104 2015-09-01] (Microsoft Corporation)
R1 ppfd_vw_1_10_0_22; C:\Windows\System32\drivers\ppfd_vw_1_10_0_22.sys [57744 2015-08-14] (PhraseProfessor)
R3 SPBIUpdd; C:\Program Files\Common Files\ShopperPro\spbiw.sys [41624 2015-09-02] ()
S3 UdeCx; C:\Windows\System32\drivers\udecx.sys [44032 2015-07-10] ()
S3 vpnva; C:\Windows\System32\drivers\vpnva64-6.sys [52592 2014-03-12] (Cisco Systems, Inc.)
S0 WdBoot; C:\Windows\System32\drivers\WdBoot.sys [44568 2015-07-10] (Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [291680 2015-07-10] (Microsoft Corporation)
R2 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [119648 2015-07-10] (Microsoft Corporation)
R1 wsafd_1_10_0_19; C:\Windows\System32\drivers\wsafd_1_10_0_19.sys [57728 2015-06-16] (Word Surfer)
R1 wsfd_vw_1_10_0_20; C:\Windows\System32\drivers\wsfd_vw_1_10_0_20.sys [57728 2015-07-06] (WS)
U3 idsvc; kein ImagePath
S3 wfpcapture; \SystemRoot\System32\drivers\wfpcapture.sys [X]
U3 wpcsvc; kein ImagePath
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat: Erstellte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2015-09-06 11:40 - 2015-09-06 11:44 - 00032571 _____ C:\Users\Verena\Downloads\FRST.txt
2015-09-06 11:39 - 2015-09-06 11:42 - 00000000 ____D C:\FRST
2015-09-06 11:39 - 2015-09-06 11:39 - 02188800 _____ (Farbar) C:\Users\Verena\Downloads\FRST64.exe
2015-09-06 11:31 - 2015-09-06 11:31 - 00016148 _____ C:\WINDOWS\system32\VERENA-PC_Verena_HistoryPrediction.bin
2015-09-06 11:31 - 2015-09-06 11:31 - 00001122 _____ C:\Users\Verena\Desktop\AnyProtect.lnk
2015-09-06 11:31 - 2015-09-06 11:31 - 00000000 ____D C:\Users\Verena\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AnyProtect PC Backup
2015-09-05 15:04 - 2015-09-05 15:04 - 00000000 ____D C:\Users\Verena\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2015-09-04 21:05 - 2015-09-04 21:05 - 00613255 _____ (CMI Limited) C:\Users\Verena\AppData\Local\nsp67A4.tmp
2015-09-04 20:49 - 2015-09-04 20:49 - 00000000 ____D C:\ProgramData\Radio
2015-09-03 12:34 - 2015-09-03 12:34 - 00000000 ____D C:\TVTime
2015-09-03 08:54 - 2015-09-03 08:54 - 00004412 _____ C:\WINDOWS\System32\Tasks\SPBIW_UpdateTask_Time_323638343739373137382d505b2d34454137455a5a786c
2015-09-03 08:53 - 2015-09-03 08:58 - 00003816 _____ C:\WINDOWS\System32\Tasks\Inst_Rep
2015-09-03 08:48 - 2015-09-06 11:31 - 00000000 ____D C:\Program Files (x86)\AnyProtectEx
2015-09-03 08:48 - 2015-09-03 08:48 - 00613255 _____ (CMI Limited) C:\Users\Verena\AppData\Local\nsp2FC1.tmp
2015-09-03 08:47 - 2015-09-04 21:00 - 00001010 _____ C:\WINDOWS\Tasks\lI6qhaY.job
2015-09-03 08:47 - 2015-09-03 08:47 - 00004132 _____ C:\WINDOWS\System32\Tasks\lI6qhaY
2015-09-03 08:45 - 2015-09-03 12:49 - 00000000 ____D C:\Users\Verena\AppData\Local\gmsd_de_005010078
2015-09-03 08:45 - 2015-09-03 12:46 - 00000000 ____D C:\Program Files (x86)\gmsd_de_005010078
2015-09-03 08:43 - 2015-09-03 08:43 - 00000000 ____D C:\ProgramData\Browser
2015-09-02 20:39 - 2015-09-02 20:39 - 00613255 _____ (CMI Limited) C:\Users\Verena\AppData\Local\nsy326A.tmp
2015-09-02 20:39 - 2015-09-02 20:39 - 00000000 ____D C:\Program Files (x86)\predm
2015-09-02 19:58 - 2015-09-02 19:58 - 00613255 _____ (CMI Limited) C:\Users\Verena\AppData\Local\nsz9E6B.tmp
2015-09-02 19:55 - 2015-09-05 15:35 - 00001040 _____ C:\WINDOWS\Tasks\b6TtfCU4fgZ9RE6NnSqEJ1.job
2015-09-02 19:55 - 2015-09-04 20:55 - 00002134 _____ C:\WINDOWS\Tasks\1a5e6f5d-2207-4995-9489-b84f694df449-10_user.job
2015-09-02 19:55 - 2015-09-03 12:16 - 00002468 _____ C:\WINDOWS\Tasks\1a5e6f5d-2207-4995-9489-b84f694df449-5_user.job
2015-09-02 19:55 - 2015-09-03 12:16 - 00001030 _____ C:\WINDOWS\Tasks\IyEFViIqK8st2WX35.job
2015-09-02 19:55 - 2015-09-03 12:15 - 00002468 _____ C:\WINDOWS\Tasks\1a5e6f5d-2207-4995-9489-b84f694df449-5.job
2015-09-02 19:55 - 2015-09-02 19:55 - 00005584 _____ C:\WINDOWS\System32\Tasks\1a5e6f5d-2207-4995-9489-b84f694df449-5
2015-09-02 19:55 - 2015-09-02 19:55 - 00004190 _____ C:\WINDOWS\System32\Tasks\b6TtfCU4fgZ9RE6NnSqEJ1
2015-09-02 19:55 - 2015-09-02 19:55 - 00004172 _____ C:\WINDOWS\System32\Tasks\IyEFViIqK8st2WX35
2015-09-02 19:55 - 2015-09-02 19:55 - 00000000 ____D C:\Program Files (x86)\System NotifierV02.09
2015-09-02 19:43 - 2015-09-02 20:44 - 00000000 ____D C:\Users\Verena\AppData\Local\TVTime
2015-09-02 19:41 - 2015-09-02 19:43 - 00000000 ____D C:\Users\Verena\AppData\Local\Comms
2015-09-02 19:32 - 2015-09-02 19:32 - 00613255 _____ (CMI Limited) C:\Users\Verena\AppData\Local\nsiC544.tmp
2015-09-02 19:29 - 2015-09-06 11:31 - 00003526 _____ C:\WINDOWS\System32\Tasks\Jissifsefaieg
2015-09-02 19:29 - 2015-09-03 08:43 - 00000000 ____D C:\ProgramData\Jissifsefaieg
2015-09-02 19:25 - 2015-09-02 21:58 - 00000000 ____D C:\Users\Verena\AppData\Roaming\Opera Software
2015-09-02 19:25 - 2015-09-02 21:58 - 00000000 ____D C:\Users\Verena\AppData\Local\Opera Software
2015-09-02 19:23 - 2015-09-02 21:58 - 00000000 ____D C:\Program Files (x86)\Opera
2015-09-02 19:23 - 2015-09-02 19:24 - 00000000 ____D C:\ProgramData\TVTime
2015-09-02 19:23 - 2015-09-02 19:24 - 00000000 ____D C:\ProgramData\ewWhKiM
2015-09-02 19:01 - 2015-09-02 21:50 - 00000000 ____D C:\Program Files (x86)\DailyPcClean Support
2015-09-02 19:01 - 2015-09-02 19:01 - 00000000 ____D C:\Users\Verena\Documents\DailyPCClean
2015-09-02 18:58 - 2015-09-05 21:01 - 00002786 _____ C:\WINDOWS\Tasks\575c0d94-4438-4047-8a05-41731250fe8c-5_user.job
2015-09-02 18:57 - 2015-09-05 21:01 - 00003814 _____ C:\WINDOWS\Tasks\575c0d94-4438-4047-8a05-41731250fe8c-1-7.job
2015-09-02 18:57 - 2015-09-05 21:01 - 00003470 _____ C:\WINDOWS\Tasks\575c0d94-4438-4047-8a05-41731250fe8c-1-6.job
2015-09-02 18:57 - 2015-09-05 21:01 - 00002786 _____ C:\WINDOWS\Tasks\575c0d94-4438-4047-8a05-41731250fe8c-5.job
2015-09-02 18:57 - 2015-09-03 18:57 - 00004490 _____ C:\WINDOWS\Tasks\575c0d94-4438-4047-8a05-41731250fe8c-4.job
2015-09-02 18:57 - 2015-09-03 09:01 - 00006934 _____ C:\WINDOWS\System32\Tasks\575c0d94-4438-4047-8a05-41731250fe8c-1-7
2015-09-02 18:57 - 2015-09-03 09:01 - 00006590 _____ C:\WINDOWS\System32\Tasks\575c0d94-4438-4047-8a05-41731250fe8c-1-6
2015-09-02 18:57 - 2015-09-03 09:01 - 00005902 _____ C:\WINDOWS\System32\Tasks\575c0d94-4438-4047-8a05-41731250fe8c-5
2015-09-02 18:57 - 2015-09-02 18:57 - 00007606 _____ C:\WINDOWS\System32\Tasks\575c0d94-4438-4047-8a05-41731250fe8c-4
2015-09-02 18:56 - 2015-09-05 10:00 - 00006202 _____ C:\WINDOWS\Tasks\575c0d94-4438-4047-8a05-41731250fe8c-6.job
2015-09-02 18:56 - 2015-09-05 10:00 - 00002108 _____ C:\WINDOWS\Tasks\575c0d94-4438-4047-8a05-41731250fe8c-10_user.job
2015-09-02 18:56 - 2015-09-04 21:00 - 00005858 _____ C:\WINDOWS\Tasks\575c0d94-4438-4047-8a05-41731250fe8c-7.job
2015-09-02 18:56 - 2015-09-03 09:00 - 00009318 _____ C:\WINDOWS\System32\Tasks\575c0d94-4438-4047-8a05-41731250fe8c-6
2015-09-02 18:56 - 2015-09-03 09:00 - 00008974 _____ C:\WINDOWS\System32\Tasks\575c0d94-4438-4047-8a05-41731250fe8c-7
2015-09-02 18:56 - 2015-09-02 18:56 - 00000000 ____D C:\Program Files (x86)\b6380599-0a17-4fd7-a1e1-22ec41b6723e
2015-09-02 18:55 - 2015-09-03 08:59 - 00200192 _____ C:\WINDOWS\SysWOW64\ff51fb.exe
2015-09-02 18:55 - 2015-09-02 18:58 - 00000000 ____D C:\Program Files (x86)\Ge-Force
2015-09-02 18:53 - 2015-09-06 11:31 - 00002874 _____ C:\WINDOWS\System32\Tasks\APSnotifierPP1
2015-09-02 18:53 - 2015-09-06 11:31 - 00002872 _____ C:\WINDOWS\System32\Tasks\APSnotifierPP3
2015-09-02 18:53 - 2015-09-06 11:31 - 00002872 _____ C:\WINDOWS\System32\Tasks\APSnotifierPP2
2015-09-02 18:53 - 2015-09-06 11:31 - 00000378 _____ C:\WINDOWS\Tasks\APSnotifierPP1.job
2015-09-02 18:53 - 2015-09-06 11:31 - 00000376 _____ C:\WINDOWS\Tasks\APSnotifierPP3.job
2015-09-02 18:53 - 2015-09-06 11:31 - 00000376 _____ C:\WINDOWS\Tasks\APSnotifierPP2.job
2015-09-02 18:52 - 2015-09-02 18:52 - 00613255 _____ (CMI Limited) C:\Users\Verena\AppData\Local\nsy85FE.tmp
2015-09-02 18:52 - 2015-09-02 18:52 - 00000000 __SHD C:\Users\Verena\AppData\Roaming\AnyProtectEx
2015-09-02 18:48 - 2015-09-02 18:48 - 00004414 _____ C:\WINDOWS\System32\Tasks\SMW_UpdateTask_Time_323638343739373137382d3437415a556c2a3223346c41
2015-09-02 18:48 - 2015-09-02 18:48 - 00000000 ____D C:\ProgramData\SearchModule
2015-09-02 18:48 - 2015-09-02 18:48 - 00000000 ____D C:\Program Files\Common Files\Goobzo
2015-09-02 18:46 - 2015-09-06 11:46 - 00003158 _____ C:\WINDOWS\Tasks\3bdeed13-2db0-4dc1-9605-22126b0b7b26-14.job
2015-09-02 18:46 - 2015-09-03 12:46 - 00003494 _____ C:\WINDOWS\Tasks\3bdeed13-2db0-4dc1-9605-22126b0b7b26-13.job
2015-09-02 18:46 - 2015-09-03 12:16 - 00001036 _____ C:\WINDOWS\Tasks\HztSu0wh4JrtyLfcXxrV.job
2015-09-02 18:46 - 2015-09-03 12:16 - 00001012 _____ C:\WINDOWS\Tasks\hZXISqFX.job
2015-09-02 18:46 - 2015-09-03 12:15 - 00002468 _____ C:\WINDOWS\Tasks\3bdeed13-2db0-4dc1-9605-22126b0b7b26-5_user.job
2015-09-02 18:46 - 2015-09-03 12:15 - 00002468 _____ C:\WINDOWS\Tasks\3bdeed13-2db0-4dc1-9605-22126b0b7b26-5.job
2015-09-02 18:46 - 2015-09-03 08:47 - 00005584 _____ C:\WINDOWS\System32\Tasks\3bdeed13-2db0-4dc1-9605-22126b0b7b26-5
2015-09-02 18:46 - 2015-09-02 18:46 - 00006672 _____ C:\WINDOWS\System32\Tasks\3bdeed13-2db0-4dc1-9605-22126b0b7b26-13
2015-09-02 18:46 - 2015-09-02 18:46 - 00006336 _____ C:\WINDOWS\System32\Tasks\3bdeed13-2db0-4dc1-9605-22126b0b7b26-14
2015-09-02 18:46 - 2015-09-02 18:46 - 00004182 _____ C:\WINDOWS\System32\Tasks\HztSu0wh4JrtyLfcXxrV
2015-09-02 18:46 - 2015-09-02 18:46 - 00004136 _____ C:\WINDOWS\System32\Tasks\hZXISqFX
2015-09-02 18:45 - 2015-09-06 11:47 - 00003160 _____ C:\WINDOWS\Tasks\3bdeed13-2db0-4dc1-9605-22126b0b7b26-1-6.job
2015-09-02 18:45 - 2015-09-06 11:46 - 00005540 _____ C:\WINDOWS\Tasks\3bdeed13-2db0-4dc1-9605-22126b0b7b26-6.job
2015-09-02 18:45 - 2015-09-06 11:46 - 00002134 _____ C:\WINDOWS\Tasks\3bdeed13-2db0-4dc1-9605-22126b0b7b26-10_user.job
2015-09-02 18:45 - 2015-09-05 15:05 - 00000924 _____ C:\WINDOWS\Tasks\globalUpdateUpdateTaskMachineUA.job
2015-09-02 18:45 - 2015-09-03 12:45 - 00004516 _____ C:\WINDOWS\Tasks\3bdeed13-2db0-4dc1-9605-22126b0b7b26-4.job
2015-09-02 18:45 - 2015-09-03 12:16 - 00000920 _____ C:\WINDOWS\Tasks\globalUpdateUpdateTaskMachineCore.job
2015-09-02 18:45 - 2015-09-03 12:15 - 00005204 _____ C:\WINDOWS\Tasks\3bdeed13-2db0-4dc1-9605-22126b0b7b26-7.job
2015-09-02 18:45 - 2015-09-03 12:15 - 00004516 _____ C:\WINDOWS\Tasks\3bdeed13-2db0-4dc1-9605-22126b0b7b26-3.job
2015-09-02 18:45 - 2015-09-03 12:15 - 00003496 _____ C:\WINDOWS\Tasks\3bdeed13-2db0-4dc1-9605-22126b0b7b26-1-7.job
2015-09-02 18:45 - 2015-09-03 12:15 - 00000004 _____ C:\WINDOWS\SysWOW64\029B560A371F4E00AB32838EBC01B9E7
2015-09-02 18:45 - 2015-09-03 09:00 - 00003994 _____ C:\WINDOWS\System32\Tasks\globalUpdateUpdateTaskMachineUA
2015-09-02 18:45 - 2015-09-03 09:00 - 00003762 _____ C:\WINDOWS\System32\Tasks\globalUpdateUpdateTaskMachineCore
2015-09-02 18:45 - 2015-09-03 08:54 - 00000000 ____D C:\Program Files\Common Files\ShopperPro
2015-09-02 18:45 - 2015-09-03 08:47 - 00006616 _____ C:\WINDOWS\System32\Tasks\3bdeed13-2db0-4dc1-9605-22126b0b7b26-1-7
2015-09-02 18:45 - 2015-09-03 08:47 - 00006280 _____ C:\WINDOWS\System32\Tasks\3bdeed13-2db0-4dc1-9605-22126b0b7b26-1-6
2015-09-02 18:45 - 2015-09-03 08:46 - 00008656 _____ C:\WINDOWS\System32\Tasks\3bdeed13-2db0-4dc1-9605-22126b0b7b26-6
2015-09-02 18:45 - 2015-09-03 08:46 - 00008320 _____ C:\WINDOWS\System32\Tasks\3bdeed13-2db0-4dc1-9605-22126b0b7b26-7
2015-09-02 18:45 - 2015-09-03 08:46 - 00007632 _____ C:\WINDOWS\System32\Tasks\3bdeed13-2db0-4dc1-9605-22126b0b7b26-3
2015-09-02 18:45 - 2015-09-02 19:25 - 00003316 _____ C:\WINDOWS\System32\Tasks\runTask
2015-09-02 18:45 - 2015-09-02 19:25 - 00003226 _____ C:\WINDOWS\System32\Tasks\updateTask
2015-09-02 18:45 - 2015-09-02 18:55 - 00000000 ____D C:\Users\Verena\AppData\Local\BrowserHelper
2015-09-02 18:45 - 2015-09-02 18:50 - 00004412 _____ C:\WINDOWS\System32\Tasks\SPBIW_UpdateTask_Time_323638343739373137382d3437415a556c2a3223346c41
2015-09-02 18:45 - 2015-09-02 18:45 - 00007632 _____ C:\WINDOWS\System32\Tasks\3bdeed13-2db0-4dc1-9605-22126b0b7b26-4
2015-09-02 18:45 - 2015-09-02 18:45 - 00000000 ____D C:\Users\Verena\AppData\Local\globalUpdate
2015-09-02 18:45 - 2015-09-02 18:45 - 00000000 ____D C:\Users\Public\Documents\ShopperPro
2015-09-02 18:45 - 2015-09-02 18:45 - 00000000 ____D C:\ProgramData\ShopperPro
2015-09-02 18:45 - 2015-09-02 18:45 - 00000000 ____D C:\Program Files (x86)\globalUpdate
2015-09-02 18:45 - 2015-09-02 18:45 - 00000000 ____D C:\Program Files (x86)\66a92713-39e9-42fe-a45a-0a3d741309a9
2015-09-02 18:44 - 2015-09-03 12:52 - 00000000 ____D C:\Users\Verena\AppData\Local\SmartWeb
2015-09-02 18:44 - 2015-09-03 12:45 - 00004134 _____ C:\WINDOWS\System32\Tasks\SmartWeb Upgrade Trigger Task
2015-09-02 18:44 - 2015-09-03 08:54 - 00003680 _____ C:\WINDOWS\System32\Tasks\ShopperProJSUpd
2015-09-02 18:44 - 2015-09-02 18:46 - 00000000 ____D C:\Program Files (x86)\CinemaPlus-3.2cV02.09
2015-09-02 18:44 - 2015-09-02 18:44 - 00000000 ____D C:\Users\Verena\AppData\Local\CrashRpt
2015-09-02 18:43 - 2015-09-03 12:16 - 00001078 _____ C:\WINDOWS\Tasks\Crossbrowse.job
2015-09-02 18:43 - 2015-09-03 08:45 - 00004200 _____ C:\WINDOWS\System32\Tasks\Crossbrowse
2015-09-02 18:43 - 2015-09-03 08:44 - 00002471 _____ C:\Users\Public\Desktop\Crossbrowse.lnk
2015-09-02 18:43 - 2015-09-02 18:43 - 00000000 ____D C:\Users\Verena\AppData\Local\Crossbrowse
2015-09-02 18:43 - 2015-09-02 18:43 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Crossbrowse
2015-09-02 18:43 - 2015-09-02 18:43 - 00000000 ____D C:\Program Files (x86)\Crossbrowse
2015-09-02 18:35 - 2015-09-06 11:34 - 00004162 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{46D6A097-0CD4-4543-91CE-773F04323F0F}
2015-09-02 18:30 - 2015-09-02 21:36 - 00000000 ____D C:\Users\Verena\AppData\Local\8CBD48C6-1441218632-E111-9306-DC0EA11C2A46
2015-09-02 18:30 - 2015-09-02 18:30 - 00000000 ____D C:\Users\Verena\AppData\Roaming\dlg
2015-09-02 18:30 - 2014-12-17 23:02 - 00000027 _____ C:\WINDOWS\system32\Drivers\etc\hp.bak
2015-09-02 18:29 - 2015-09-06 11:31 - 00000000 ____D C:\Program Files (x86)\8CBD48C6-1441211369-E111-9306-DC0EA11C2A46
2015-09-02 18:29 - 2015-09-02 18:29 - 00000000 ____D C:\Users\Verena\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VOPackage
2015-09-02 18:28 - 2015-09-02 18:28 - 00516064 _____ ( ) C:\Users\Verena\Downloads\jetzt_installieren.exe
2015-09-01 13:38 - 2015-09-01 13:38 - 00000000 ____D C:\Users\Verena\AppData\Local\NetworkTiles
2015-09-01 11:15 - 2015-09-01 11:15 - 00000000 ____D C:\Users\Verena\AppData\Local\MicrosoftEdge
2015-09-01 11:11 - 2015-09-02 11:11 - 00002404 _____ C:\Users\Verena\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2015-09-01 11:11 - 2015-09-02 11:11 - 00000000 ___RD C:\Users\Verena\OneDrive
2015-09-01 11:09 - 2015-09-01 11:09 - 00047288 _____ (ELAN Microelectronics Corp.) C:\WINDOWS\system32\ETDCoInstaller01000.dll
2015-09-01 11:09 - 2015-09-01 11:09 - 00001337 _____ C:\Users\Verena\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Realtek HD Audio-Manager.lnk
2015-09-01 11:09 - 2015-09-01 11:09 - 00001055 _____ C:\Users\Verena\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Optionale Features.lnk
2015-09-01 11:09 - 2015-09-01 11:09 - 00000000 ____D C:\ProgramData\Microsoft OneDrive
2015-09-01 11:09 - 2015-07-09 20:25 - 16736256 _____ (Microsoft Corporation) C:\WINDOWS\system32\prm0001.dll
2015-09-01 11:07 - 2015-09-01 11:07 - 00000000 ____D C:\Users\Verena\AppData\Local\Publishers
2015-09-01 11:05 - 2015-09-02 19:41 - 00000000 ____D C:\Users\Verena\AppData\Local\Packages
2015-09-01 11:05 - 2015-09-01 11:05 - 00000020 ___SH C:\Users\Verena\ntuser.ini
2015-09-01 11:05 - 2015-09-01 11:05 - 00000000 ____D C:\Users\Verena\AppData\Local\TileDataLayer
2015-09-01 10:30 - 2015-09-01 11:04 - 00000000 ___DC C:\WINDOWS\Panther
2015-09-01 10:27 - 2015-09-01 10:27 - 00000000 ____D C:\Windows.old
2015-09-01 10:26 - 2015-09-01 10:26 - 24591872 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 22320576 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 21873152 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 20854232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 19333632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 18810368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 16710144 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 14241792 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 13024256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 12589056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 12502016 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 11552768 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 11260928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 09885184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 08020832 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2015-09-01 10:26 - 2015-09-01 10:26 - 07569408 _____ (Microsoft Corporation) C:\WINDOWS\system32\mos.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 07523328 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 07051264 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 06488312 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 06305792 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Search.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 06101504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mos.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 05454848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 05118024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 05076480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingMaps.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 04791296 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 04760576 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExplorerFrame.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 04611584 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 04532304 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2015-09-01 10:26 - 2015-09-01 10:26 - 04398080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Search.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 04350464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExplorerFrame.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 04169728 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIRibbon.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 04047288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2015-09-01 10:26 - 2015-09-01 10:26 - 03780096 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 03687936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 03620736 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 03589632 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2015-09-01 10:26 - 2015-09-01 10:26 - 03579904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 03443200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIRibbon.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 03362816 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 03248640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 03248128 _____ (Microsoft Corporation) C:\WINDOWS\system32\msftedit.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 02878000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 02741760 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 02661376 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 02646528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 02606080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msftedit.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 02558976 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 02498808 _____ C:\WINDOWS\system32\CoreUIComponents.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 02462136 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 02446336 _____ C:\WINDOWS\system32\InputService.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 02416640 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 02415616 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 02235904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 02224128 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 02207744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 02178560 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 02150696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 02147592 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d9.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 02125824 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.appcore.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 02116960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2015-09-01 10:26 - 2015-09-01 10:26 - 02112512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 01985024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWrite.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 01983328 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2015-09-01 10:26 - 2015-09-01 10:26 - 01964544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssrch.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 01914880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 01890304 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 01867672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d9.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 01823232 _____ C:\WINDOWS\SysWOW64\InputService.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 01822280 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 01820672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Logon.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 01793024 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 01773056 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 01769568 _____ C:\WINDOWS\SysWOW64\CoreUIComponents.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 01714176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.appcore.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 01680896 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 01643872 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 01611264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 01602560 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 01601024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Speech.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 01593856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 01591856 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 01562968 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpmde.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 01561360 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmde.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 01533496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 01521664 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActiveSyncProvider.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 01420288 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataService.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 01418240 _____ (Microsoft Corporation) C:\WINDOWS\system32\RecoveryDrive.exe
2015-09-01 10:26 - 2015-09-01 10:26 - 01417216 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 01411072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Editing.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 01396576 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 01382912 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2015-09-01 10:26 - 2015-09-01 10:26 - 01380864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 01365072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 01356368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmde.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 01334784 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAutomationCore.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 01294352 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2015-09-01 10:26 - 2015-09-01 10:26 - 01290752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Shell.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 01274880 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifinetworkmanager.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 01203200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Bluetooth.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 01203200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Unistore.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 01201664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Cred.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 01177600 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 01169408 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 01168736 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2015-09-01 10:26 - 2015-09-01 10:26 - 01161728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Speech.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 01135312 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipUp.exe
2015-09-01 10:26 - 2015-09-01 10:26 - 01123400 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2015-09-01 10:26 - 2015-09-01 10:26 - 01112064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIAutomationCore.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 01101792 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmCoreR.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 01085776 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 01067520 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 01061888 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 01043968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Editing.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 01031680 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorDataService.exe
2015-09-01 10:26 - 2015-09-01 10:26 - 01018568 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2015-09-01 10:26 - 2015-09-01 10:26 - 00991584 _____ (Microsoft Corporation) C:\WINDOWS\system32\ReAgent.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00988672 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXService.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00980832 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2015-09-01 10:26 - 2015-09-01 10:26 - 00966424 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.appcore.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00962400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00934752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\refsv1.sys
2015-09-01 10:26 - 2015-09-01 10:26 - 00925696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Unistore.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00916800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00911360 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedStartModel.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00902656 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchIndexer.exe
2015-09-01 10:26 - 2015-09-01 10:26 - 00872448 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntshrui.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00869376 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapControlCore.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00858624 _____ (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00858408 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2015-09-01 10:26 - 2015-09-01 10:26 - 00856064 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContactApis.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00855552 _____ (Microsoft Corporation) C:\WINDOWS\system32\winhttp.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00850432 _____ (Microsoft Corporation) C:\WINDOWS\system32\comdlg32.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00846336 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpncore.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00845664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ReAgent.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00841728 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Import.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00832512 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsStore.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00828416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Bluetooth.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00823336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MrmCoreR.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00816576 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00808856 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00801632 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
2015-09-01 10:26 - 2015-09-01 10:26 - 00799232 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpccpl.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00798208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntshrui.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00783872 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00783112 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00777728 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00762896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.appcore.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00754688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Cred.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00752640 _____ (Microsoft Corporation) C:\WINDOWS\system32\efscore.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00750592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comdlg32.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00713312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00712192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchIndexer.exe
2015-09-01 10:26 - 2015-09-01 10:26 - 00700256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe
2015-09-01 10:26 - 2015-09-01 10:26 - 00695136 _____ (Microsoft Corporation) C:\WINDOWS\system32\wimgapi.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00680448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.Connectivity.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00679424 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppContracts.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00677888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00670208 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00667136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winhttp.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00658568 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipSVC.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00643616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00632168 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00630160 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00623616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ContactApis.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00607008 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00606392 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2015-09-01 10:26 - 2015-09-01 10:26 - 00601344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2015-09-01 10:26 - 2015-09-01 10:26 - 00594472 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Shell.Broker.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00593920 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmsvc.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00590336 _____ (Microsoft Corporation) C:\WINDOWS\system32\MessagingDataModel2.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00589824 _____ (Microsoft Corporation) C:\WINDOWS\system32\uxtheme.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00589312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\efscore.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00585728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00584704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIRibbonRes.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00584704 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Sensors.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00584704 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIRibbonRes.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00584544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wimgapi.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00578048 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2015-09-01 10:26 - 2015-09-01 10:26 - 00575488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Import.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00575488 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00573440 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Cortana.Desktop.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00569344 _____ (Microsoft Corporation) C:\WINDOWS\system32\MCRecvSrc.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00565088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\acpi.sys
2015-09-01 10:26 - 2015-09-01 10:26 - 00562688 _____ (Microsoft Corporation) C:\WINDOWS\system32\MbaeApi.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00553472 _____ (Microsoft Corporation) C:\WINDOWS\system32\GamePanel.exe
2015-09-01 10:26 - 2015-09-01 10:26 - 00542720 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFolder.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00539216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2015-09-01 10:26 - 2015-09-01 10:26 - 00527952 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00521568 _____ (Microsoft Corporation) C:\WINDOWS\system32\wimserv.exe
2015-09-01 10:26 - 2015-09-01 10:26 - 00520704 _____ (Microsoft Corporation) C:\WINDOWS\system32\PsmServiceExtHost.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00518144 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationController.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00516960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS
2015-09-01 10:26 - 2015-09-01 10:26 - 00510976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00507696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxgi.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00505696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2015-09-01 10:26 - 2015-09-01 10:26 - 00505344 _____ C:\WINDOWS\system32\EditionUpgradeManagerObj.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00503808 _____ (Microsoft Corporation) C:\WINDOWS\system32\tileobjserver.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00503296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.Connectivity.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00501008 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00498016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbhub.sys
2015-09-01 10:26 - 2015-09-01 10:26 - 00485888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.BlockedShutdown.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00480256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MCRecvSrc.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00477696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LogonController.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00465920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MessagingDataModel2.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00458752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\uxtheme.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00452608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchFolder.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00448512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MbaeApi.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00446976 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapConfiguration.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00445240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioEng.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00441344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppContracts.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00437248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Sensors.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00430592 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppcomapi.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00425824 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00421888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Bluetooth.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00420352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GamePanel.exe
2015-09-01 10:26 - 2015-09-01 10:26 - 00416256 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcdedit.exe
2015-09-01 10:26 - 2015-09-01 10:26 - 00414720 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.BioFeedback.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00412672 _____ C:\WINDOWS\system32\diagtrack_win.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00407616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00406528 _____ (Microsoft Corporation) C:\WINDOWS\system32\CredProvDataModel.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00403968 _____ C:\WINDOWS\system32\diagtrack_wininternal.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00384000 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppBroker.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00366592 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00365056 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00359936 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncsi.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00356352 _____ (Microsoft Corporation) C:\WINDOWS\system32\stobject.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00343040 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00342528 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvr.exe
2015-09-01 10:26 - 2015-09-01 10:26 - 00335248 _____ (Microsoft Corporation) C:\WINDOWS\system32\wintrust.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00334848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CredProvDataModel.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00329728 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00328704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapConfiguration.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00325984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys
2015-09-01 10:26 - 2015-09-01 10:26 - 00324096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00322048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.BlockedShutdown.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00322048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\stobject.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00316928 _____ (Microsoft Corporation) C:\WINDOWS\system32\ConhostV2.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00311808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LockAppBroker.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00310784 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsApi.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00303616 _____ (Microsoft Corporation) C:\WINDOWS\system32\MBMediaManager.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00303104 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00296960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Bluetooth.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00294912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00291840 _____ (Microsoft Corporation) C:\WINDOWS\system32\systemcpl.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00290312 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininit.exe
2015-09-01 10:26 - 2015-09-01 10:26 - 00289248 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppHost.exe
2015-09-01 10:26 - 2015-09-01 10:26 - 00286208 _____ (Microsoft Corporation) C:\WINDOWS\system32\provhandlers.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00283648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.BioFeedback.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00282112 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEEventDispatcher.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00279552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\systemcpl.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00279552 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00275456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcastdvr.exe
2015-09-01 10:26 - 2015-09-01 10:26 - 00271872 _____ (Microsoft Corporation) C:\WINDOWS\system32\ConsoleLogon.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00267776 _____ (Microsoft Corporation) C:\WINDOWS\system32\provengine.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00265480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wintrust.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00263168 _____ (Microsoft Corporation) C:\WINDOWS\system32\DisplayManager.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00253440 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_UserAccount.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00251392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SensorsApi.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00247808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00243760 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00242264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LockAppHost.exe
2015-09-01 10:26 - 2015-09-01 10:26 - 00242176 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00235008 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Notifications.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00232960 _____ (Microsoft Corporation) C:\WINDOWS\system32\DevicesFlowBroker.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00229376 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorService.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00217088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VEEventDispatcher.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00208736 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00208384 _____ (Microsoft Corporation) C:\WINDOWS\system32\srumsvc.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00204288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmcsp.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00204288 _____ (Microsoft Corporation) C:\WINDOWS\system32\OmaDmAgent.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00193536 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedStartModelShim.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00193024 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseModernAppMgmtCSP.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00191488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DisplayManager.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00190464 _____ (Microsoft Corporation) C:\WINDOWS\system32\ReInfo.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00187904 _____ (Microsoft Corporation) C:\WINDOWS\system32\provisioningcsp.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00186880 _____ (Microsoft Corporation) C:\WINDOWS\system32\BootMenuUX.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00185856 _____ (Microsoft Corporation) C:\WINDOWS\system32\psmsrv.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00185344 _____ (Microsoft Corporation) C:\WINDOWS\system32\cloudAP.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00181760 _____ (Microsoft Corporation) C:\WINDOWS\system32\shutdownux.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00181088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxAllUserStore.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00179712 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_SignInOptions.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00179200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\srumsvc.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00176640 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcdboot.exe
2015-09-01 10:26 - 2015-09-01 10:26 - 00169984 _____ (Microsoft Corporation) C:\WINDOWS\system32\storewuauth.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00168960 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe
2015-09-01 10:26 - 2015-09-01 10:26 - 00167424 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Privacy.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00162304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ReInfo.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00162304 _____ (Microsoft Corporation) C:\WINDOWS\system32\SubscriptionMgr.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00151040 _____ (Microsoft Corporation) C:\WINDOWS\system32\TabSvc.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00150528 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2015-09-01 10:26 - 2015-09-01 10:26 - 00148992 _____ (Microsoft Corporation) C:\WINDOWS\system32\tetheringservice.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00137216 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEStoreEventHandlers.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00123392 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00120832 _____ (Microsoft Corporation) C:\WINDOWS\system32\omadmclient.exe
2015-09-01 10:26 - 2015-09-01 10:26 - 00116736 _____ (Microsoft Corporation) C:\WINDOWS\system32\sendmail.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00107520 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmapi.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00104960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sendmail.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00097128 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcd.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00093696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmapi.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00084480 _____ (Microsoft Corporation) C:\WINDOWS\system32\spbcd.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00082616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcd.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\system32\setbcdlocale.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00069120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\spbcd.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00068096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Cortana.ProxyStub.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00067072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbser.sys
2015-09-01 10:26 - 2015-09-01 10:26 - 00065536 _____ (Microsoft Corporation) C:\WINDOWS\system32\msiexec.exe
2015-09-01 10:26 - 2015-09-01 10:26 - 00064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\unenrollhook.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00061280 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dam.sys
2015-09-01 10:26 - 2015-09-01 10:26 - 00060928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Cortana.OneCore.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00058368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msiexec.exe
2015-09-01 10:26 - 2015-09-01 10:26 - 00057856 _____ (Microsoft Corporation) C:\WINDOWS\system32\hmkd.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00056320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Cortana.PAL.Desktop.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00053248 _____ (Microsoft Corporation) C:\WINDOWS\system32\omadmprc.exe
2015-09-01 10:26 - 2015-09-01 10:26 - 00046080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\UcmUcsi.sys
2015-09-01 10:26 - 2015-09-01 10:26 - 00045568 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00045056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hmkd.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00037376 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00032768 _____ C:\WINDOWS\system32\LicenseManagerApi.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00032768 _____ (Microsoft Corporation) C:\WINDOWS\system32\calc.exe
2015-09-01 10:26 - 2015-09-01 10:26 - 00031232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\calc.exe
2015-09-01 10:26 - 2015-09-01 10:26 - 00028672 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationControllerPS.dll
2015-09-01 10:24 - 2015-09-01 10:24 - 00008192 _____ C:\WINDOWS\system32\config\userdiff
2015-09-01 10:21 - 2015-09-01 10:21 - 00000000 ____D C:\WINDOWS\SysWOW64\XPSViewer
2015-09-01 10:21 - 2015-09-01 10:21 - 00000000 ____D C:\WINDOWS\SysWOW64\BestPractices
2015-09-01 10:21 - 2015-09-01 10:21 - 00000000 ____D C:\WINDOWS\system32\msmq
2015-09-01 10:21 - 2015-09-01 10:21 - 00000000 ____D C:\WINDOWS\system32\BestPractices
2015-09-01 10:21 - 2015-09-01 10:21 - 00000000 ____D C:\Program Files\Reference Assemblies
2015-09-01 10:21 - 2015-09-01 10:21 - 00000000 ____D C:\Program Files\MSBuild
2015-09-01 10:21 - 2015-09-01 10:21 - 00000000 ____D C:\Program Files (x86)\Reference Assemblies
2015-09-01 10:21 - 2015-09-01 10:21 - 00000000 ____D C:\inetpub
2015-09-01 10:21 - 2015-09-01 09:51 - 00000000 ____D C:\Program Files (x86)\MSBuild
2015-09-01 10:20 - 2015-06-17 19:10 - 01166520 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationNative_v0300.dll
2015-09-01 10:20 - 2015-06-17 19:10 - 00124112 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2015-09-01 10:20 - 2015-06-17 19:10 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe
2015-09-01 10:20 - 2015-05-29 22:07 - 00778936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationNative_v0300.dll
2015-09-01 10:20 - 2015-05-29 22:07 - 00102608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2015-09-01 10:20 - 2015-05-29 22:07 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TsWpfWrp.exe
2015-09-01 10:07 - 2015-09-01 10:07 - 00000000 _SHDL C:\Users\Default\Vorlagen
2015-09-01 10:07 - 2015-09-01 10:07 - 00000000 _SHDL C:\Users\Default\Startmenü
2015-09-01 10:07 - 2015-09-01 10:07 - 00000000 _SHDL C:\Users\Default\Netzwerkumgebung
2015-09-01 10:07 - 2015-09-01 10:07 - 00000000 _SHDL C:\Users\Default\Lokale Einstellungen
2015-09-01 10:07 - 2015-09-01 10:07 - 00000000 _SHDL C:\Users\Default\Eigene Dateien
2015-09-01 10:07 - 2015-09-01 10:07 - 00000000 _SHDL C:\Users\Default\Druckumgebung
2015-09-01 10:07 - 2015-09-01 10:07 - 00000000 _SHDL C:\Users\Default\Documents\Eigene Musik
2015-09-01 10:07 - 2015-09-01 10:07 - 00000000 _SHDL C:\Users\Default\Documents\Eigene Bilder
2015-09-01 10:07 - 2015-09-01 10:07 - 00000000 _SHDL C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2015-09-01 10:07 - 2015-09-01 10:07 - 00000000 _SHDL C:\Users\Default\AppData\Local\Verlauf
2015-09-01 10:07 - 2015-09-01 10:07 - 00000000 _SHDL C:\Users\Default\AppData\Local\Anwendungsdaten
2015-09-01 10:07 - 2015-09-01 10:07 - 00000000 _SHDL C:\Users\Default\Anwendungsdaten
2015-09-01 10:07 - 2015-09-01 10:07 - 00000000 _SHDL C:\Users\Default User\Documents\Eigene Musik
2015-09-01 10:07 - 2015-09-01 10:07 - 00000000 _SHDL C:\Users\Default User\Documents\Eigene Bilder
2015-09-01 10:07 - 2015-09-01 10:07 - 00000000 _SHDL C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2015-09-01 10:07 - 2015-09-01 10:07 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Verlauf
2015-09-01 10:07 - 2015-09-01 10:07 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Anwendungsdaten
2015-09-01 10:07 - 2015-09-01 10:07 - 00000000 __SHD C:\Recovery
2015-09-01 10:04 - 2015-09-01 10:04 - 00022960 _____ C:\WINDOWS\system32\emptyregdb.dat
2015-09-01 10:00 - 2015-09-01 10:00 - 00000020 ___SH C:\Users\UpdatusUser\ntuser.ini
2015-09-01 09:57 - 2015-07-10 12:59 - 02718208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2015-09-01 09:50 - 2015-09-01 09:50 - 00001576 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2015-09-01 09:50 - 2015-09-01 09:50 - 00000000 ____D C:\Users\Default\AppData\Roaming\Macromedia
2015-09-01 09:50 - 2015-09-01 09:50 - 00000000 ____D C:\Users\Default\AppData\Local\Microsoft Help
2015-09-01 09:50 - 2015-09-01 09:50 - 00000000 ____D C:\Users\Default User\AppData\Roaming\Macromedia
2015-09-01 09:50 - 2015-09-01 09:50 - 00000000 ____D C:\Users\Default User\AppData\Local\Microsoft Help
2015-09-01 09:44 - 2015-09-01 09:44 - 00000000 ____D C:\Program Files\Common Files\SpeechEngines
2015-09-01 09:41 - 2015-09-03 12:15 - 00000000 ____D C:\Users\Verena
2015-09-01 09:41 - 2015-09-02 19:51 - 00000000 ___RD C:\Users\Verena\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-09-01 09:41 - 2015-09-01 09:42 - 00000000 ___RD C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-09-01 09:41 - 2015-09-01 09:41 - 00000000 _SHDL C:\Users\Verena\Vorlagen
2015-09-01 09:41 - 2015-09-01 09:41 - 00000000 _SHDL C:\Users\Verena\Startmenü
2015-09-01 09:41 - 2015-09-01 09:41 - 00000000 _SHDL C:\Users\Verena\Netzwerkumgebung
2015-09-01 09:41 - 2015-09-01 09:41 - 00000000 _SHDL C:\Users\Verena\Lokale Einstellungen
2015-09-01 09:41 - 2015-09-01 09:41 - 00000000 _SHDL C:\Users\Verena\Eigene Dateien
2015-09-01 09:41 - 2015-09-01 09:41 - 00000000 _SHDL C:\Users\Verena\Druckumgebung
2015-09-01 09:41 - 2015-09-01 09:41 - 00000000 _SHDL C:\Users\Verena\Documents\Eigene Musik
2015-09-01 09:41 - 2015-09-01 09:41 - 00000000 _SHDL C:\Users\Verena\Documents\Eigene Bilder
2015-09-01 09:41 - 2015-09-01 09:41 - 00000000 _SHDL C:\Users\Verena\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2015-09-01 09:41 - 2015-09-01 09:41 - 00000000 _SHDL C:\Users\Verena\AppData\Local\Verlauf
2015-09-01 09:41 - 2015-09-01 09:41 - 00000000 _SHDL C:\Users\Verena\AppData\Local\Anwendungsdaten
2015-09-01 09:41 - 2015-09-01 09:41 - 00000000 _SHDL C:\Users\Verena\Anwendungsdaten
2015-09-01 09:41 - 2015-09-01 09:41 - 00000000 _SHDL C:\Users\UpdatusUser\Vorlagen
2015-09-01 09:41 - 2015-09-01 09:41 - 00000000 _SHDL C:\Users\UpdatusUser\Startmenü
2015-09-01 09:41 - 2015-09-01 09:41 - 00000000 _SHDL C:\Users\UpdatusUser\Netzwerkumgebung
2015-09-01 09:41 - 2015-09-01 09:41 - 00000000 _SHDL C:\Users\UpdatusUser\Lokale Einstellungen
2015-09-01 09:41 - 2015-09-01 09:41 - 00000000 _SHDL C:\Users\UpdatusUser\Eigene Dateien
2015-09-01 09:41 - 2015-09-01 09:41 - 00000000 _SHDL C:\Users\UpdatusUser\Druckumgebung
2015-09-01 09:41 - 2015-09-01 09:41 - 00000000 _SHDL C:\Users\UpdatusUser\Documents\Eigene Musik
2015-09-01 09:41 - 2015-09-01 09:41 - 00000000 _SHDL C:\Users\UpdatusUser\Documents\Eigene Bilder
2015-09-01 09:41 - 2015-09-01 09:41 - 00000000 _SHDL C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2015-09-01 09:41 - 2015-09-01 09:41 - 00000000 _SHDL C:\Users\UpdatusUser\AppData\Local\Verlauf
2015-09-01 09:41 - 2015-09-01 09:41 - 00000000 _SHDL C:\Users\UpdatusUser\AppData\Local\Anwendungsdaten
2015-09-01 09:41 - 2015-09-01 09:41 - 00000000 _SHDL C:\Users\UpdatusUser\Anwendungsdaten
2015-09-01 09:41 - 2015-07-10 13:04 - 00000000 __RSD C:\Users\Verena\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell
2015-09-01 09:41 - 2015-07-10 13:04 - 00000000 __RSD C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell
2015-09-01 09:41 - 2015-07-10 13:04 - 00000000 ___RD C:\Users\Verena\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-09-01 09:41 - 2015-07-10 13:04 - 00000000 ___RD C:\Users\Verena\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2015-09-01 09:41 - 2015-07-10 13:04 - 00000000 ___RD C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-09-01 09:41 - 2015-07-10 13:04 - 00000000 ___RD C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2015-09-01 09:41 - 2015-07-10 13:04 - 00000000 ____D C:\Users\Verena\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2015-09-01 09:41 - 2015-07-10 13:04 - 00000000 ____D C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2015-09-01 09:39 - 2015-09-02 19:56 - 02085726 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2015-09-01 09:39 - 2015-09-01 09:40 - 00021209 _____ C:\WINDOWS\iis.log
2015-09-01 09:39 - 2015-09-01 09:39 - 01980268 _____ C:\WINDOWS\SysWOW64\PerfStringBackup.INI
2015-09-01 09:37 - 2015-09-01 09:54 - 00000000 ____D C:\WINDOWS\SysWOW64\NV
2015-09-01 09:37 - 2015-09-01 09:52 - 00000000 ____D C:\WINDOWS\system32\NV
2015-09-01 09:37 - 2015-09-01 09:44 - 00000000 ____D C:\ProgramData\NVIDIA
2015-09-01 09:37 - 2015-09-01 09:37 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2015-09-01 09:37 - 2015-07-13 19:37 - 06873744 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2015-09-01 09:37 - 2015-07-13 19:37 - 03493008 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc64.dll
2015-09-01 09:37 - 2015-07-13 19:37 - 02558792 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll
2015-09-01 09:37 - 2015-07-13 19:37 - 01059984 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshext.dll
2015-09-01 09:37 - 2015-07-13 19:37 - 00937616 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvvsvc.exe
2015-09-01 09:37 - 2015-07-13 19:37 - 00385168 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmctray.dll
2015-09-01 09:37 - 2015-07-13 19:37 - 00075080 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshextr.dll
2015-09-01 09:37 - 2015-07-13 19:37 - 00062792 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll
2015-09-01 09:37 - 2015-07-13 18:28 - 05096627 _____ C:\WINDOWS\system32\nvcoproc.bin
2015-09-01 09:36 - 2015-09-01 15:29 - 00000000 ____D C:\Program Files\Elantech
2015-09-01 09:36 - 2015-09-01 09:44 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2015-09-01 09:36 - 2015-09-01 09:44 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2015-09-01 09:36 - 2015-09-01 09:36 - 00000000 ____H C:\ProgramData\DP45977C.lfl
2015-09-01 09:36 - 2015-09-01 09:36 - 00000000 ____D C:\WINDOWS\SysWOW64\RTCOM
2015-09-01 09:36 - 2015-09-01 09:36 - 00000000 ____D C:\Program Files\Realtek
2015-09-01 09:32 - 2015-09-01 09:33 - 00028116 _____ C:\WINDOWS\system32\NetSetupMig.log
2015-09-01 09:31 - 2015-09-03 12:09 - 00023358 _____ C:\WINDOWS\PFRO.log
2015-09-01 09:04 - 2015-09-01 10:05 - 00006593 _____ C:\WINDOWS\comsetup.log
2015-09-01 09:01 - 2015-09-01 10:06 - 00014259 _____ C:\WINDOWS\diagerr.xml
2015-09-01 09:01 - 2015-09-01 10:06 - 00013338 _____ C:\WINDOWS\diagwrn.xml
2015-09-01 08:54 - 2015-09-02 21:29 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2015-08-25 15:04 - 2015-09-01 09:52 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Exact Audio Copy
2015-08-25 15:04 - 2015-08-25 15:04 - 00001078 _____ C:\Users\Public\Desktop\Exact Audio Copy.lnk
2015-08-25 15:04 - 2015-08-25 15:04 - 00000000 ____D C:\Users\Verena\AppData\Roaming\EAC
2015-08-25 15:04 - 2015-08-25 15:04 - 00000000 ____D C:\Program Files (x86)\Exact Audio Copy
2015-08-18 10:46 - 2015-09-01 09:52 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton Security Scan
2015-08-18 10:46 - 2015-08-18 10:46 - 00001461 _____ C:\Users\Public\Desktop\Norton Security Scan.LNK
2015-08-18 10:46 - 2015-08-18 10:46 - 00000000 ____D C:\WINDOWS\system32\Drivers\NSSx64
2015-08-18 10:46 - 2015-08-18 10:46 - 00000000 ____D C:\Program Files (x86)\Norton Security Scan
2015-08-16 21:02 - 2015-08-16 21:02 - 00012136 _____ C:\Users\Verena\Downloads\nr1.xwd
2015-08-16 21:00 - 2015-08-16 21:00 - 00037376 _____ C:\Users\Verena\Downloads\XWord Rätsel (2).svg
2015-08-16 20:56 - 2015-08-16 20:56 - 00037376 _____ C:\Users\Verena\Downloads\XWord Rätsel (1).svg
2015-08-16 20:52 - 2015-08-16 20:52 - 00037376 _____ C:\Users\Verena\Downloads\XWord.svg
2015-08-14 20:52 - 2015-08-14 20:52 - 00057744 _____ (PhraseProfessor) C:\WINDOWS\system32\Drivers\ppfd_vw_1_10_0_22.sys
2015-08-13 18:20 - 2015-07-20 20:12 - 00012288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wu.upgrade.ps.dll
2015-08-13 18:20 - 2015-07-16 22:12 - 00968704 _____ (Microsoft Corporation) C:\WINDOWS\system32\MsSpellCheckingFacility.exe
2015-08-13 18:20 - 2015-07-16 21:33 - 01359360 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmlmedia.dll
2015-08-13 18:20 - 2015-07-16 21:05 - 01155072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmlmedia.dll
==================== Ein Monat: Geänderte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2015-09-06 11:46 - 2013-11-05 17:20 - 00000000 ____D C:\Users\Verena\Documents\Outlook-Dateien
2015-09-06 11:43 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\AppReadiness
2015-09-06 11:38 - 2015-07-10 12:55 - 00000000 ____D C:\WINDOWS\CbsTemp
2015-09-06 11:31 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\system32\sru
2015-09-05 21:01 - 2012-08-27 21:13 - 00000884 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2015-09-05 15:11 - 2015-06-19 09:45 - 00001228 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-1577607291-3742472165-1464039351-1001UA.job
2015-09-05 15:04 - 2014-11-02 18:04 - 00000000 ___RD C:\Users\Verena\Dropbox
2015-09-05 15:04 - 2014-11-02 18:02 - 00000000 ____D C:\Users\Verena\AppData\Roaming\Dropbox
2015-09-03 12:21 - 2014-01-26 17:00 - 00003612 _____ C:\WINDOWS\System32\Tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-1577607291-3742472165-1464039351-1001
2015-09-03 12:21 - 2014-01-26 17:00 - 00003552 _____ C:\WINDOWS\System32\Tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-1577607291-3742472165-1464039351-1001
2015-09-03 12:18 - 2012-04-15 12:24 - 00000603 _____ C:\WINDOWS\Brownie.ini
2015-09-03 12:15 - 2015-07-10 14:22 - 00000275 _____ C:\WINDOWS\WindowsUpdate.log
2015-09-03 12:15 - 2012-05-07 18:32 - 00001106 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2015-09-03 12:12 - 2015-07-10 14:21 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2015-09-03 08:54 - 2015-07-10 13:04 - 00000000 ____D C:\Program Files\Common Files\System
2015-09-02 21:29 - 2015-07-10 11:05 - 00262144 ___SH C:\WINDOWS\system32\config\BBI
2015-09-02 20:44 - 2015-02-13 21:59 - 00001045 _____ C:\WINDOWS\wininit.ini
2015-09-02 19:58 - 2012-04-13 16:58 - 00000000 ____D C:\Users\Verena\AppData\Local\VirtualStore
2015-09-02 19:56 - 2015-07-10 18:34 - 00888476 _____ C:\WINDOWS\system32\perfh007.dat
2015-09-02 19:56 - 2015-07-10 18:34 - 00197074 _____ C:\WINDOWS\system32\perfc007.dat
2015-09-02 19:41 - 2011-10-14 05:15 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2015-09-02 19:40 - 2011-12-02 12:10 - 00001024 ___RH C:\Users\Public\Documents\NTIMMV9Acer.dll
2015-09-02 19:40 - 2011-10-14 05:50 - 00000000 ____D C:\Program Files (x86)\NTI
2015-09-02 19:36 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\system32\restore
2015-09-02 18:45 - 2011-10-14 05:32 - 00000000 ____D C:\Program Files (x86)\Acer
2015-09-02 18:03 - 2015-07-15 10:33 - 00000000 ____D C:\Users\Verena\Documents\Deutschkurs
2015-09-02 17:11 - 2015-06-19 09:45 - 00001176 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-1577607291-3742472165-1464039351-1001Core.job
2015-09-02 11:14 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\appcompat
2015-09-01 15:34 - 2015-07-10 14:20 - 00424008 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2015-09-01 11:09 - 2011-10-14 05:55 - 00428216 _____ (ELAN Microelectronics Corp.) C:\WINDOWS\system32\Drivers\ETD.sys
2015-09-01 11:06 - 2015-07-10 13:04 - 00000000 ___RD C:\WINDOWS\PurchaseDialog
2015-09-01 11:06 - 2015-07-10 13:04 - 00000000 ___RD C:\WINDOWS\PrintDialog
2015-09-01 11:06 - 2015-07-10 13:04 - 00000000 ___RD C:\WINDOWS\MiracastView
2015-09-01 11:05 - 2015-07-10 13:04 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2015-09-01 10:30 - 2015-07-10 13:04 - 00028672 _____ C:\WINDOWS\system32\config\BCD-Template
2015-09-01 10:27 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\SysWOW64\oobe
2015-09-01 10:27 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2015-09-01 10:27 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\system32\appraiser
2015-09-01 10:27 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\Provisioning
2015-09-01 10:27 - 2015-07-10 11:05 - 00000000 ____D C:\WINDOWS\SysWOW64\Dism
2015-09-01 10:27 - 2015-07-10 11:05 - 00000000 ____D C:\WINDOWS\system32\Dism
2015-09-01 10:26 - 2015-07-10 13:06 - 00792568 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2015-09-01 10:26 - 2015-07-10 13:06 - 00178168 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2015-09-01 10:21 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\SysWOW64\MUI
2015-09-01 10:21 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\SysWOW64\inetsrv
2015-09-01 10:21 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\system32\MUI
2015-09-01 10:21 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\system32\inetsrv
2015-09-01 10:21 - 2015-07-10 13:01 - 00635904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqsnap.dll
2015-09-01 10:21 - 2015-07-10 13:01 - 00265728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqoa.dll
2015-09-01 10:21 - 2015-07-10 13:01 - 00168960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iisRtl.dll
2015-09-01 10:21 - 2015-07-10 13:01 - 00096768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqoa.tlb
2015-09-01 10:21 - 2015-07-10 13:01 - 00091136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqoa30.tlb
2015-09-01 10:21 - 2015-07-10 13:01 - 00055808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqoa20.tlb
2015-09-01 10:21 - 2015-07-10 13:01 - 00050688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\admwprox.dll
2015-09-01 10:21 - 2015-07-10 13:01 - 00037376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqoa10.tlb
2015-09-01 10:21 - 2015-07-10 13:01 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ahadmin.dll
2015-09-01 10:21 - 2015-07-10 13:01 - 00016896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iisreset.exe
2015-09-01 10:21 - 2015-07-10 13:01 - 00014848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqcertui.dll
2015-09-01 10:21 - 2015-07-10 13:01 - 00011264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wamregps.dll
2015-09-01 10:21 - 2015-07-10 13:01 - 00010240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iisrstap.dll
2015-09-01 10:21 - 2015-07-10 13:01 - 00009096 _____ C:\WINDOWS\SysWOW64\msmqtrc.mof
2015-09-01 10:21 - 2015-07-10 13:00 - 00229888 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqrt.dll
2015-09-01 10:21 - 2015-07-10 13:00 - 00202240 _____ (Microsoft Corporation) C:\WINDOWS\system32\iisRtl.dll
2015-09-01 10:21 - 2015-07-10 13:00 - 00175104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mqac.sys
2015-09-01 10:21 - 2015-07-10 13:00 - 00055808 _____ (Microsoft Corporation) C:\WINDOWS\system32\admwprox.dll
2015-09-01 10:21 - 2015-07-10 13:00 - 00053248 _____ (Microsoft Corporation) C:\WINDOWS\system32\ahadmin.dll
2015-09-01 10:21 - 2015-07-10 13:00 - 00018432 _____ (Microsoft Corporation) C:\WINDOWS\system32\iisreset.exe
2015-09-01 10:21 - 2015-07-10 13:00 - 00015360 _____ (Microsoft Corporation) C:\WINDOWS\system32\wamregps.dll
2015-09-01 10:21 - 2015-07-10 13:00 - 00013312 _____ (Microsoft Corporation) C:\WINDOWS\system32\iisrstap.dll
2015-09-01 10:20 - 2015-07-10 13:01 - 00562176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqutil.dll
2015-09-01 10:20 - 2015-07-10 13:01 - 00161792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqrt.dll
2015-09-01 10:20 - 2015-07-10 13:00 - 01417728 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqqm.dll
2015-09-01 10:20 - 2015-07-10 13:00 - 00813056 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqsnap.dll
2015-09-01 10:20 - 2015-07-10 13:00 - 00564224 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqutil.dll
2015-09-01 10:20 - 2015-07-10 13:00 - 00316928 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqoa.dll
2015-09-01 10:20 - 2015-07-10 13:00 - 00130048 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqlogmgr.dll
2015-09-01 10:20 - 2015-07-10 13:00 - 00096768 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqoa.tlb
2015-09-01 10:20 - 2015-07-10 13:00 - 00091136 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqoa30.tlb
2015-09-01 10:20 - 2015-07-10 13:00 - 00055808 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqoa20.tlb
2015-09-01 10:20 - 2015-07-10 13:00 - 00052736 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqbkup.exe
2015-09-01 10:20 - 2015-07-10 13:00 - 00037376 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqoa10.tlb
2015-09-01 10:20 - 2015-07-10 13:00 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqsvc.exe
2015-09-01 10:20 - 2015-07-10 13:00 - 00018944 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqcertui.dll
2015-09-01 10:20 - 2015-07-10 13:00 - 00009096 _____ C:\WINDOWS\system32\msmqtrc.mof
2015-09-01 10:17 - 2012-12-24 09:56 - 00000454 ____H C:\WINDOWS\Tasks\Norton Security Scan for Verena.job
2015-09-01 10:10 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\rescache
2015-09-01 10:07 - 2015-07-10 13:04 - 00000000 ____D C:\Program Files\Windows NT
2015-09-01 10:07 - 2015-07-10 11:05 - 00000000 __RHD C:\Users\Default
2015-09-01 10:06 - 2015-07-10 14:20 - 00017695 _____ C:\WINDOWS\setupact.log
2015-09-01 10:05 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\Registration
2015-09-01 10:05 - 2015-06-19 09:45 - 00004310 _____ C:\WINDOWS\System32\Tasks\DropboxUpdateTaskUserS-1-5-21-1577607291-3742472165-1464039351-1001UA
2015-09-01 10:05 - 2015-06-19 09:45 - 00003914 _____ C:\WINDOWS\System32\Tasks\DropboxUpdateTaskUserS-1-5-21-1577607291-3742472165-1464039351-1001Core
2015-09-01 10:05 - 2015-01-07 09:37 - 00003996 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task
2015-09-01 10:05 - 2014-05-09 09:58 - 00003528 _____ C:\WINDOWS\System32\Tasks\{65C1EE69-71E9-4DD4-927C-D14FC54A6C7D}
2015-09-01 10:05 - 2014-01-18 18:32 - 00003538 _____ C:\WINDOWS\System32\Tasks\RealDownloaderDownloaderScheduledTaskS-1-5-21-1577607291-3742472165-1464039351-1001
2015-09-01 10:05 - 2013-10-13 16:18 - 00003278 _____ C:\WINDOWS\System32\Tasks\{CADFF3D7-DB59-4FA7-804F-68027FE700EA}
2015-09-01 10:05 - 2012-12-24 09:56 - 00003726 _____ C:\WINDOWS\System32\Tasks\Norton Security Scan for Verena
2015-09-01 10:05 - 2012-12-16 15:04 - 00003496 _____ C:\WINDOWS\System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-1577607291-3742472165-1464039351-1001
2015-09-01 10:05 - 2012-12-16 15:04 - 00003364 _____ C:\WINDOWS\System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-1577607291-3742472165-1464039351-1001
2015-09-01 10:05 - 2012-08-27 21:13 - 00003932 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2015-09-01 10:05 - 2012-07-23 09:07 - 00003650 _____ C:\WINDOWS\System32\Tasks\CreateChoiceProcessTask
2015-09-01 10:05 - 2012-05-07 18:33 - 00003496 _____ C:\WINDOWS\System32\Tasks\RealUpgradeScheduledTaskS-1-5-21-1577607291-3742472165-1464039351-1001
2015-09-01 10:05 - 2012-05-07 18:33 - 00003364 _____ C:\WINDOWS\System32\Tasks\RealUpgradeLogonTaskS-1-5-21-1577607291-3742472165-1464039351-1001
2015-09-01 10:05 - 2012-05-07 18:32 - 00004216 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2015-09-01 10:05 - 2012-05-07 18:32 - 00003964 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2015-09-01 10:04 - 2015-07-10 13:04 - 00000000 __RSD C:\WINDOWS\Media
2015-09-01 10:04 - 2015-07-10 13:04 - 00000000 __RHD C:\Users\Public\Libraries
2015-09-01 10:00 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\system32\spool
2015-09-01 09:52 - 2015-07-10 18:46 - 00000000 ____D C:\WINDOWS\ShellNew
2015-09-01 09:52 - 2015-07-10 13:04 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
2015-09-01 09:52 - 2015-05-15 12:42 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XMind
2015-09-01 09:52 - 2015-04-27 22:55 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Citavi 5
2015-09-01 09:52 - 2015-04-26 15:41 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NCH Software Produktpalette
2015-09-01 09:52 - 2015-04-26 15:41 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Audioverwandte Programme
2015-09-01 09:52 - 2014-12-18 22:28 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware
2015-09-01 09:52 - 2014-11-30 16:26 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MuseScore
2015-09-01 09:52 - 2014-11-30 16:21 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PriMusFree
2015-09-01 09:52 - 2014-11-30 14:38 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\capella-software
2015-09-01 09:52 - 2014-04-06 19:23 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Freemake
2015-09-01 09:52 - 2014-01-23 21:52 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Defraggler
2015-09-01 09:52 - 2013-12-13 21:00 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth
2015-09-01 09:52 - 2013-03-20 14:09 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2015-09-01 09:52 - 2012-12-16 15:02 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RealNetworks
2015-09-01 09:52 - 2012-10-13 21:00 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FRITZ!Box
2015-09-01 09:52 - 2012-09-06 09:23 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ALDI Bestellsoftware
2015-09-01 09:52 - 2012-07-24 22:10 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-09-01 09:52 - 2012-07-05 18:01 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Picasa 3
2015-09-01 09:52 - 2012-05-07 18:28 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft
2015-09-01 09:52 - 2012-04-15 12:57 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SharePoint
2015-09-01 09:52 - 2012-04-15 12:57 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
2015-09-01 09:52 - 2012-04-13 16:58 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Family Protection
2015-09-01 09:52 - 2011-12-02 12:09 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EgisTec
2015-09-01 09:52 - 2011-12-02 12:02 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dolby
2015-09-01 09:52 - 2011-12-02 11:49 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AcerSystem
2015-09-01 09:52 - 2011-10-14 05:50 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acer Backup Manager
2015-09-01 09:52 - 2011-10-14 05:42 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live
2015-09-01 09:52 - 2011-10-14 05:42 - 00000000 ____D C:\WINDOWS\tr
2015-09-01 09:52 - 2011-10-14 05:42 - 00000000 ____D C:\WINDOWS\th
2015-09-01 09:52 - 2011-10-14 05:42 - 00000000 ____D C:\WINDOWS\sv
2015-09-01 09:52 - 2011-10-14 05:42 - 00000000 ____D C:\WINDOWS\sl
2015-09-01 09:52 - 2011-10-14 05:42 - 00000000 ____D C:\WINDOWS\sk
2015-09-01 09:52 - 2011-10-14 05:42 - 00000000 ____D C:\WINDOWS\ca
2015-09-01 09:52 - 2011-10-14 05:41 - 00000000 ____D C:\WINDOWS\ru
2015-09-01 09:52 - 2011-10-14 05:41 - 00000000 ____D C:\WINDOWS\ro
2015-09-01 09:52 - 2011-10-14 05:41 - 00000000 ____D C:\WINDOWS\pl
2015-09-01 09:52 - 2011-10-14 05:41 - 00000000 ____D C:\WINDOWS\no
2015-09-01 09:52 - 2011-10-14 05:41 - 00000000 ____D C:\WINDOWS\nl
2015-09-01 09:52 - 2011-10-14 05:41 - 00000000 ____D C:\WINDOWS\it
2015-09-01 09:52 - 2011-10-14 05:41 - 00000000 ____D C:\WINDOWS\hu
2015-09-01 09:52 - 2011-10-14 05:41 - 00000000 ____D C:\WINDOWS\hr
2015-09-01 09:52 - 2011-10-14 05:41 - 00000000 ____D C:\WINDOWS\he
2015-09-01 09:52 - 2011-10-14 05:41 - 00000000 ____D C:\WINDOWS\fr
2015-09-01 09:52 - 2011-10-14 05:41 - 00000000 ____D C:\WINDOWS\fi
2015-09-01 09:52 - 2011-10-14 05:41 - 00000000 ____D C:\WINDOWS\es
2015-09-01 09:52 - 2011-10-14 05:41 - 00000000 ____D C:\WINDOWS\en
2015-09-01 09:52 - 2011-10-14 05:41 - 00000000 ____D C:\WINDOWS\el
2015-09-01 09:52 - 2011-10-14 05:41 - 00000000 ____D C:\WINDOWS\de
2015-09-01 09:52 - 2011-10-14 05:41 - 00000000 ____D C:\WINDOWS\da
2015-09-01 09:52 - 2011-10-14 05:40 - 00000000 ____D C:\WINDOWS\cs
2015-09-01 09:52 - 2011-10-14 05:40 - 00000000 ____D C:\WINDOWS\bg
2015-09-01 09:52 - 2011-10-14 05:40 - 00000000 ____D C:\WINDOWS\ar
2015-09-01 09:52 - 2011-10-14 05:32 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acer
2015-09-01 09:52 - 2011-10-14 05:16 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel
2015-09-01 09:52 - 2009-07-14 07:32 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2015-09-01 09:51 - 2015-07-10 11:05 - 00032768 ___SH C:\WINDOWS\system32\config\ELAM
2015-09-01 09:51 - 2014-01-10 23:44 - 00000000 ____D C:\Users\Verena\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google+ Auto Backup
2015-09-01 09:51 - 2013-05-30 22:44 - 00000000 ____D C:\Users\Verena\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ahnenblatt
2015-09-01 09:51 - 2013-01-15 21:46 - 00000000 ____D C:\Users\Verena\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\The KMPlayer
2015-09-01 09:51 - 2012-10-22 13:09 - 00000000 ____D C:\Users\Verena\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
2015-09-01 09:50 - 2015-07-10 13:05 - 00004362 _____ C:\WINDOWS\DtcInstall.log
2015-09-01 09:50 - 2015-07-10 13:04 - 00000000 ___RD C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-09-01 09:50 - 2015-07-10 13:04 - 00000000 ___RD C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-09-01 09:50 - 2009-07-14 05:20 - 00000000 ____D C:\Users\Default.migrated
2015-09-01 09:47 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\SysWOW64\zh-HK
2015-09-01 09:47 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\SysWOW64\tr-TR
2015-09-01 09:46 - 2015-07-10 18:34 - 00000000 ____D C:\WINDOWS\SysWOW64\sysprep
2015-09-01 09:46 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\SysWOW64\migwiz
2015-09-01 09:46 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\SysWOW64\Macromed
2015-09-01 09:46 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\SysWOW64\IME
2015-09-01 09:46 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\system32\zh-HK
2015-09-01 09:46 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2015-09-01 09:46 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\system32\tr-TR
2015-09-01 09:46 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\system32\oobe
2015-09-01 09:46 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\system32\NDF
2015-09-01 09:46 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\system32\IME
2015-09-01 09:46 - 2013-08-01 14:25 - 00000000 ____D C:\WINDOWS\system32\MRT
2015-09-01 09:46 - 2012-11-27 20:23 - 00000000 ____D C:\WINDOWS\SysWOW64\Adobe
2015-09-01 09:45 - 2015-07-10 15:19 - 00000000 ____D C:\WINDOWS\DigitalLocker
2015-09-01 09:45 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\schemas
2015-09-01 09:45 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\LiveKernelReports
2015-09-01 09:45 - 2010-11-21 09:16 - 00000000 ___RD C:\Users\Public\Recorded TV
2015-09-01 09:44 - 2015-07-10 13:04 - 00000000 __SHD C:\Program Files\Windows Sidebar
2015-09-01 09:44 - 2015-07-10 13:04 - 00000000 __SHD C:\Program Files (x86)\Windows Sidebar
2015-09-01 09:44 - 2015-07-10 13:04 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2015-09-01 09:44 - 2014-12-17 21:04 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2015-09-01 09:44 - 2014-10-11 23:36 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AnyMP4
2015-09-01 09:44 - 2014-08-25 17:19 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cisco
2015-09-01 09:44 - 2013-01-24 20:39 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EA GAMES
2015-09-01 09:44 - 2012-11-18 20:01 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Citavi 3
2015-09-01 09:44 - 2012-10-22 12:56 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Infogrames
2015-09-01 09:44 - 2012-04-15 12:35 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\I.R.I.S. Anwendungen
2015-09-01 09:44 - 2012-04-15 12:31 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung Printers
2015-09-01 09:44 - 2012-04-15 12:24 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Brother
2015-09-01 09:44 - 2011-10-14 05:31 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Evernote
2015-09-01 09:44 - 2009-07-14 07:32 - 00000000 ____D C:\Program Files\Microsoft Games
2015-09-01 09:44 - 2009-07-14 07:32 - 00000000 ____D C:\Program Files\DVD Maker
2015-09-01 09:43 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\system32\Recovery
2015-09-01 09:42 - 2014-04-06 19:23 - 00000000 ____D C:\Users\Verena\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Freemake
2015-09-01 09:39 - 2015-07-10 11:05 - 00000000 ____D C:\WINDOWS\system32\Sysprep
2015-09-01 09:37 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\Help
2015-09-01 09:11 - 2011-12-02 11:47 - 01185518 _____ C:\WINDOWS\WindowsUpdate (1).log
2015-09-01 09:11 - 2009-07-14 06:45 - 00024400 ____H C:\WINDOWS\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-09-01 09:11 - 2009-07-14 06:45 - 00024400 ____H C:\WINDOWS\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-09-01 09:01 - 2015-07-10 19:28 - 00000000 ___HD C:\$Windows.~BT
2015-08-28 09:23 - 2012-04-15 12:24 - 00000432 _____ C:\WINDOWS\BRWMARK.INI
2015-08-27 16:08 - 2012-05-07 18:32 - 00001110 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2015-08-24 10:51 - 2015-04-27 22:57 - 00000000 ____D C:\Users\Verena\Documents\Citavi 5
2015-08-18 10:46 - 2012-12-24 09:56 - 00000000 ____D C:\ProgramData\Norton
2015-08-16 11:32 - 2009-07-14 07:09 - 00000000 ____D C:\WINDOWS\System32\Tasks\WPD
2015-08-16 11:27 - 2013-03-20 14:07 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2015-08-16 11:27 - 2013-03-20 14:07 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2015-08-16 11:04 - 2012-04-15 12:54 - 00000000 ____D C:\ProgramData\Microsoft Help
2015-08-16 10:57 - 2009-07-14 04:34 - 00000510 _____ C:\WINDOWS\win.ini
2015-08-16 10:33 - 2012-08-03 09:45 - 132483416 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======
2015-04-14 18:28 - 2015-04-14 18:28 - 0004387 _____ () C:\Users\Verena\AppData\Roaming\b6TtfCU4fgZ9RE6NnSqEJ1
2015-04-20 16:05 - 2015-04-20 16:05 - 1246720 _____ () C:\Users\Verena\AppData\Roaming\b6TtfCU4fgZ9RE6NnSqEJ1.exe
2015-04-19 14:20 - 2015-04-19 14:20 - 0005872 _____ () C:\Users\Verena\AppData\Roaming\HztSu0wh4JrtyLfcXxrV
2015-04-20 16:05 - 2015-04-20 16:05 - 1579520 _____ () C:\Users\Verena\AppData\Roaming\HztSu0wh4JrtyLfcXxrV.exe
2015-04-14 18:28 - 2015-04-14 18:28 - 0004387 _____ () C:\Users\Verena\AppData\Roaming\hZXISqFX
2015-04-20 16:05 - 2015-04-20 16:05 - 1246720 _____ () C:\Users\Verena\AppData\Roaming\hZXISqFX.exe
2015-04-19 14:20 - 2015-04-19 14:20 - 0005872 _____ () C:\Users\Verena\AppData\Roaming\IyEFViIqK8st2WX35
2015-04-20 16:05 - 2015-04-20 16:05 - 1579520 _____ () C:\Users\Verena\AppData\Roaming\IyEFViIqK8st2WX35.exe
2015-04-19 14:20 - 2015-04-19 14:20 - 0005872 _____ () C:\Users\Verena\AppData\Roaming\lI6qhaY
2015-04-20 16:05 - 2015-04-20 16:05 - 1579520 _____ () C:\Users\Verena\AppData\Roaming\lI6qhaY.exe
2012-04-15 12:36 - 2012-04-15 12:36 - 0011837 _____ () C:\Users\Verena\AppData\Roaming\SmarThruOptions.xml
2014-01-20 12:34 - 2014-01-24 02:32 - 0000178 _____ () C:\Users\Verena\AppData\Roaming\WB.CFG
2014-01-20 12:34 - 2014-01-24 02:32 - 0000005 _____ () C:\Users\Verena\AppData\Roaming\WBPU-TTL.DAT
2013-07-05 17:40 - 2013-07-05 17:40 - 0008704 _____ () C:\Users\Verena\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-02-25 14:49 - 2015-04-19 10:48 - 0004096 ____H () C:\Users\Verena\AppData\Local\keyfile3.drm
2015-09-02 19:32 - 2015-09-02 19:32 - 0613255 _____ (CMI Limited) C:\Users\Verena\AppData\Local\nsiC544.tmp
2015-09-03 08:48 - 2015-09-03 08:48 - 0613255 _____ (CMI Limited) C:\Users\Verena\AppData\Local\nsp2FC1.tmp
2015-09-04 21:05 - 2015-09-04 21:05 - 0613255 _____ (CMI Limited) C:\Users\Verena\AppData\Local\nsp67A4.tmp
2015-09-02 20:39 - 2015-09-02 20:39 - 0613255 _____ (CMI Limited) C:\Users\Verena\AppData\Local\nsy326A.tmp
2015-09-02 18:52 - 2015-09-02 18:52 - 0613255 _____ (CMI Limited) C:\Users\Verena\AppData\Local\nsy85FE.tmp
2015-09-02 19:58 - 2015-09-02 19:58 - 0613255 _____ (CMI Limited) C:\Users\Verena\AppData\Local\nsz9E6B.tmp
2014-05-30 17:57 - 2014-05-30 17:57 - 0000000 _____ () C:\Users\Verena\AppData\Local\{54D355D5-865D-4B3D-83C0-DE7941F04EAD}
2015-03-10 15:59 - 2015-03-10 15:59 - 0000000 _____ () C:\Users\Verena\AppData\Local\{6237EEC7-5F06-48E9-A7FC-52B62BAF932A}
2015-03-26 12:24 - 2015-03-26 12:24 - 0000000 _____ () C:\Users\Verena\AppData\Local\{6C2D1742-245D-4886-BE82-50CCBD5F2F7C}
2011-12-02 12:14 - 2011-12-02 12:16 - 0015230 _____ () C:\ProgramData\ArcadeDeluxe5.log
2015-09-01 09:36 - 2015-09-01 09:36 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2013-12-27 21:46 - 2013-12-27 21:46 - 0000032 _____ () C:\ProgramData\PS.log
2013-09-26 23:11 - 2013-09-26 23:11 - 3855413 _____ () C:\ProgramData\SamPCFax00001FF80002
2013-09-26 23:11 - 2013-09-26 23:11 - 0000004 _____ () C:\ProgramData\SamPCFax00001FF80003
2013-09-26 23:11 - 2013-09-26 23:11 - 0000064 _____ () C:\ProgramData\SamPCFax000021C40001
2013-10-11 12:27 - 2013-10-11 12:27 - 0000032 _____ () C:\ProgramData\Temp.log
Dateien, die verschoben oder gelöscht werden sollten:
====================
C:\Users\Verena\AppData\Local\Temp\WIZZ\ioproduct_service.bat
Einige Dateien in TEMP:
====================
C:\Users\Verena\AppData\Local\Temp\25027.exe
C:\Users\Verena\AppData\Local\Temp\2959.exe
C:\Users\Verena\AppData\Local\Temp\3917.exe
C:\Users\Verena\AppData\Local\Temp\4228.exe
C:\Users\Verena\AppData\Local\Temp\6522.exe
C:\Users\Verena\AppData\Local\Temp\amisetup3995.exe
C:\Users\Verena\AppData\Local\Temp\amisetup4178__14897.exe
C:\Users\Verena\AppData\Local\Temp\bitool.dll
C:\Users\Verena\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpek2sng.dll
C:\Users\Verena\AppData\Local\Temp\FBS566.exe
C:\Users\Verena\AppData\Local\Temp\FBSA93E.exe
C:\Users\Verena\AppData\Local\Temp\fsd452.exe
C:\Users\Verena\AppData\Local\Temp\fsd7EAE.exe
C:\Users\Verena\AppData\Local\Temp\fsdE299.exe
C:\Users\Verena\AppData\Local\Temp\fsdFD97.exe
C:\Users\Verena\AppData\Local\Temp\installer.exe
C:\Users\Verena\AppData\Local\Temp\tu17p84.exe
C:\Users\Verena\AppData\Local\Temp\Uninstall.exe
C:\Users\Verena\AppData\Local\Temp\UninstallModule.exe
==================== Bamital & volsnap =================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert
LastRegBack: 2015-09-01 09:31
==================== Ende von FRST.txt ============================
|
|
06.09.2015, 11:45
| #7 |
| | Reimage Repair Und die Addition: Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:04-09-2015
durchgeführt von Verena (2015-09-06 11:57:52)
Gestartet von C:\Users\Verena\Downloads
Start-Modus: Normal
==========================================================
==================== Konten: =============================
Administrator (S-1-5-21-1577607291-3742472165-1464039351-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1577607291-3742472165-1464039351-503 - Limited - Disabled)
Gast (S-1-5-21-1577607291-3742472165-1464039351-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1577607291-3742472165-1464039351-1005 - Limited - Enabled)
UpdatusUser (S-1-5-21-1577607291-3742472165-1464039351-1000 - Limited - Enabled) => C:\Users\UpdatusUser
Verena (S-1-5-21-1577607291-3742472165-1464039351-1001 - Administrator - Enabled) => C:\Users\Verena
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
Acer Backup Manager (HKLM-x32\...\InstallShield_{0B61BBD5-DA3C-409A-8730-0C3DC3B0F270}) (Version: 3.0.0.99 - NTI Corporation)
Acer Crystal Eye Webcam (HKLM-x32\...\InstallShield_{A0382E3C-7384-429A-9BFA-AF5888E5A193}) (Version: 1.5.2904.00 - CyberLink Corp.)
Acer Crystal Eye Webcam (x32 Version: 1.5.2904.00 - CyberLink Corp.) Hidden
Acer ePower Management (HKLM-x32\...\{3DB0448D-AD82-4923-B305-D001E521A964}) (Version: 6.00.3008 - Acer Incorporated)
Acer eRecovery Management (HKLM-x32\...\{7F811A54-5A09-4579-90E1-C93498E230D9}) (Version: 5.00.3504 - Acer Incorporated)
Acer Games (HKLM-x32\...\WildTangent acer Master Uninstall) (Version: 1.0.2.5 - WildTangent)
Acer Registration (HKLM-x32\...\Acer Registration) (Version: 1.04.3504 - Acer Incorporated)
Acer Updater (HKLM-x32\...\{EE171732-BEB4-4576-887D-CB62727F01CA}) (Version: 1.02.3502 - Acer Incorporated)
Adblock IE 2.3 (HKLM\...\{58161756-037B-42CD-B575-AF804A2F0F47}) (Version: 2.3.1756 - MGTEK)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 15.0.0.249 - Adobe Systems Incorporated)
Adobe Download Assistant (HKLM-x32\...\com.adobe.downloadassistant.AdobeDownloadAssistant) (Version: 1.2.9 - Adobe Systems Incorporated)
Adobe Flash Player 18 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 18.0.0.232 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.12) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.12 - Adobe Systems Incorporated)
Adobe SVG Viewer 3.0 (HKLM-x32\...\Adobe SVG Viewer) (Version: 3.0 - )
Agatha Christie - Death on the Nile (x32 Version: 2.2.0.98 - WildTangent) Hidden
Ahnenblatt 2.74 (HKLM-x32\...\Ahnenblatt_is1) (Version: 2.74.0.1 - Dirk Boettcher)
ALDI Bestellsoftware 4.12.1 (HKLM-x32\...\ALDI Bestellsoftware) (Version: 4.12.1 - ORWO Net)
AnyMP4 PDF Converter Ultimate 3.1.8 (HKLM-x32\...\{9C783402-EB68-4dd3-A185-F8DF3FB91CFE}_is1) (Version: 3.1.8 - AnyMP4 Studio)
AnyProtect (HKLM-x32\...\AnyProtect) (Version: 1.0.0.4 - CMI Limited) <==== ACHTUNG
Audacity 2.0.5 (HKLM-x32\...\Audacity_is1) (Version: 2.0.5 - Audacity Team)
AVM FRITZ!Box Dokumentation (HKLM-x32\...\AVMFBox) (Version: - AVM Berlin)
Backup Manager V3 (x32 Version: 3.0.0.99 - NTI Corporation) Hidden
Bejeweled 2 Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
Broadcom NetLink Controller (HKLM\...\{C91DCB72-F5BB-410D-A91A-314F5D1B4284}) (Version: 14.8.4.1 - Broadcom Corporation)
Brother HL-3040CN (HKLM-x32\...\{B3D02AE6-DA7C-4A0F-B14F-3EE30992E5B7}) (Version: 1.00 - Brother)
capella 7 (HKLM-x32\...\{7CEB4C23-E07B-4183-9511-2FD4DC5C09B9}) (Version: 7.1.25 - capella software AG)
Chuzzle Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
CinemaPlus-3.2cV02.09 (HKLM-x32\...\CinemaPlus-3.2cV02.09) (Version: 1.36.01.22 - Cinema PlusV02.09) <==== ACHTUNG
Cisco AnyConnect Secure Mobility Client (HKLM-x32\...\Cisco AnyConnect Secure Mobility Client) (Version: 3.1.05160 - Cisco Systems, Inc.)
Cisco AnyConnect Secure Mobility Client (x32 Version: 3.1.05160 - Cisco Systems, Inc.) Hidden
Citavi (HKLM-x32\...\{E12C6653-1FF0-4686-ADB8-589C13AE761F}) (Version: 3.3.0.0 - Swiss Academic Software)
Citavi 5 (HKLM-x32\...\{7EB278FB-0C3C-445E-8665-4A6CDD9B794E}) (Version: 5.0.0.11 - Swiss Academic Software)
Crazy Chicken Kart 2 (x32 Version: 2.2.0.97 - WildTangent) Hidden
Crossbrowse (HKLM-x32\...\Crossbrowse) (Version: 39.6.2171.95 - The Crossbrowse Authors) <==== ACHTUNG
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Defraggler (HKLM\...\Defraggler) (Version: 2.16 - Piriform)
Die Sims 2 (HKLM-x32\...\{6E7DD182-9FC6-4651-0095-2E666CC6AF35}) (Version: - )
Die Sims™ 2 Apartment-Leben (HKLM-x32\...\{B6F5B704-06D3-4687-90F3-6195304AD755}) (Version: - Electronic Arts)
Die Sims™ 2 Freizeit-Spaß (HKLM-x32\...\{87F6C83D-F949-4d14-B5CB-DC8C75F8932D}) (Version: - Electronic Arts)
Die Sims™ 2 Gute Reise (HKLM-x32\...\{F248ADFA-64E0-4b03-8A83-059078BED6A0}) (Version: - Electronic Arts)
Die Sims™ 2 H&M®-Fashion-Accessoires (HKLM-x32\...\{84DDE556-43EF-43ed-B2DF-37AF9E5DDD75}) (Version: - )
Die Sims™ 2 IKEA® Home-Accessoires (HKLM-x32\...\{6E17F9751-F056-4335-B718-8AF1B1092AFB}) (Version: - Electronic Arts)
Die Sims™ 2 Küchen- und Bad-Einrichtungs-Accessoires (HKLM-x32\...\{6522C636-B04C-4333-9BEB-9E0C0B6350D6}) (Version: - Electronic Arts)
Die Sims™ 2 Party-Accessoires (HKLM-x32\...\{EAA38532-7AD0-4f78-918A-4F4F02096ECE}) (Version: - )
Die Sims™ 2 Vier Jahreszeiten (HKLM-x32\...\{DFEF49D9-FC95-4301-99B9-2FB91C6ABA06}) (Version: - )
Dolby Advanced Audio v2 (HKLM-x32\...\{B9E70C7A-9F85-4A39-A4A3-BFA3C3BF7613}) (Version: 7.2.7000.7 - Dolby Laboratories Inc)
Dropbox (HKU\S-1-5-21-1577607291-3742472165-1464039351-1001\...\Dropbox) (Version: 3.8.8 - Dropbox, Inc.)
ELAN Touchpad 11.15.0.14_X64 (HKLM\...\Elantech) (Version: 11.15.0.14 - ELAN Microelectronic Corp.)
Evernote v. 4.5.1 (HKLM-x32\...\{28921580-E4BB-11E0-9FD7-1CC1DEF07CBE}) (Version: 4.5.1.5451 - Evernote Corp.)
Exact Audio Copy 1.1 (HKLM-x32\...\Exact Audio Copy) (Version: 1.1 - Andre Wiethoff)
FATE (x32 Version: 2.2.0.97 - WildTangent) Hidden
Final Drive: Nitro (x32 Version: 2.2.0.95 - WildTangent) Hidden
Fotogalerija Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Free YouTube Download version 3.2.12.827 (HKLM-x32\...\Free YouTube Download_is1) (Version: 3.2.12.827 - DVDVideoSoft Ltd.)
Free YouTube to MP3 Converter version 3.12.12.827 (HKLM-x32\...\Free YouTube to MP3 Converter_is1) (Version: 3.12.12.827 - DVDVideoSoft Ltd.)
Freemake Audio Converter Version 1.1.0 (HKLM-x32\...\Freemake Audio Converter_is1) (Version: 1.1.0 - Ellora Assets Corporation)
FreePDFReader (HKLM-x32\...\FreePDFReader) (Version: - FreePDFConverter)
Galeria de Fotografias do Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galería fotográfica de Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galeria fotogràfica del Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galeria fotografii usługi Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galerie de photos Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galerie foto Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
GamesDesktop 014.005010078 (HKLM-x32\...\gmsd_de_005010078_is1) (Version: - GAMESDESKTOP) <==== ACHTUNG
Ge-Force (HKLM-x32\...\Ge-Force) (Version: 1.36.01.22 - Webar) <==== ACHTUNG
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 45.0.2454.85 - Google Inc.)
Google Earth (HKLM-x32\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.28.13 - Google Inc.) Hidden
Google+ Auto Backup (HKLM-x32\...\{A50DE037-B5C0-4C8A-8049-B0C576B313D1}) (Version: 1.0.21.81 - Google)
Identity Card (HKLM-x32\...\Identity Card) (Version: 1.00.3501 - Acer Incorporated)
Insaniquarium Deluxe (x32 Version: 2.2.0.97 - WildTangent) Hidden
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2418 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 10.5.0.1026 - Intel Corporation)
Jewel Match 3 (x32 Version: 2.2.0.97 - WildTangent) Hidden
Jewel Quest Solitaire (x32 Version: 2.2.0.95 - WildTangent) Hidden
John Deere Drive Green (x32 Version: 2.2.0.95 - WildTangent) Hidden
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Launch Manager (HKLM-x32\...\LManager) (Version: 5.1.7 - Acer Inc.)
Malwarebytes Anti-Malware Version 2.0.4.1028 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation)
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft Mathematics-Add-In (32 Bit) (HKLM-x32\...\{E2C98732-F973-4985-A9C5-DC06178E16EE}) (Version: 2.0.041222.01 - Microsoft Corporation)
Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUSR) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40728.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30411 (HKLM-x32\...\{5DA8F6CD-C70E-39D8-8430-3D9808D6BD17}) (Version: 9.0.30411 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{3C3D696B-0DB7-3C6D-A356-3DB8CE541918}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MuseScore 1.3 (HKLM-x32\...\MuseScore) (Version: 1.3.0 - Werner Schweer and Others)
Mystery of Mortlake Mansion (x32 Version: 2.2.0.98 - WildTangent) Hidden
MyWinLocker (Version: 4.0.14.27 - Egis Technology Inc.) Hidden
MyWinLocker 4 (x32 Version: 4.0.14.27 - Egis Technology Inc.) Hidden
MyWinLocker Suite (HKLM-x32\...\InstallShield_{17DF9714-60C9-43C9-A9C2-32BCAED44CBE}) (Version: 4.0.14.19 - Egis Technology Inc.)
MyWinLocker Suite (x32 Version: 4.0.14.19 - Egis Technology Inc.) Hidden
Norton Security Scan (HKLM-x32\...\NSS) (Version: 4.1.0.28 - Symantec Corporation)
NVIDIA Grafiktreiber 285.64 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 285.64 - NVIDIA Corporation)
NVIDIA PhysX (HKLM-x32\...\{B9DB4C76-01A4-46D5-8910-F7AA6376DBAF}) (Version: 9.10.0514 - NVIDIA Corporation)
Penguins! (x32 Version: 2.2.0.95 - WildTangent) Hidden
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9 - Google, Inc.)
Plants vs. Zombies - Game of the Year (x32 Version: 2.2.0.95 - WildTangent) Hidden
Poczta usługi Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Podstawowe programy Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Polar Bowler (x32 Version: 2.2.0.97 - WildTangent) Hidden
Pošta Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
PriMus Free 1.1 (Build 10806) (HKLM-x32\...\PriMus Free_is1) (Version: 1.1.0.10806 - Columbus Soft)
Raccolta foto di Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Readiris Pro 10 (HKLM-x32\...\{14D08502-FEE4-40E5-90D3-8A967A1D8BA2}) (Version: - )
RealDownloader (x32 Version: 1.3.0 - RealNetworks, Inc.) Hidden
RealNetworks - Microsoft Visual C++ 2008 Runtime (x32 Version: 9.0 - RealNetworks, Inc) Hidden
RealNetworks - Microsoft Visual C++ 2010 Runtime (x32 Version: 10.0 - RealNetworks, Inc) Hidden
RealPlayer (HKLM-x32\...\RealPlayer 16.0) (Version: 16.0.0 - RealNetworks)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7535 - Realtek Semiconductor Corp.)
RealUpgrade 1.1 (x32 Version: 1.1.0 - RealNetworks, Inc.) Hidden
Remote Desktop Access (VuuPC) (HKLM-x32\...\VOPackage) (Version: - CMI Limited) <==== ACHTUNG
ResearchSoft Direct Export Helper (HKLM-x32\...\ResearchSoft Direct Export Helper) (Version: - )
Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
RollerCoaster Tycoon 2 (HKLM-x32\...\{72DF62BD-FF36-424E-AA5F-D89BAFF2C249}) (Version: - )
RollerCoaster Tycoon 2: Time Twister (HKLM-x32\...\{BA1E1AFD-D1F2-4C52-88C3-186FC5E61604}) (Version: 1.00.000 - )
RollerCoaster Tycoon 2: Wacky Worlds (HKLM-x32\...\{B1AD83A0-DC92-41E3-B111-E9472349768C}) (Version: - )
Samsung Network PC Fax (HKLM-x32\...\Samsung Network PC Fax) (Version: 1.05.22.00 - Samsung Electronics Co., Ltd.)
Samsung Scan Assistant (HKLM-x32\...\Samsung Scan Assistant) (Version: 1.04.20.00 - Samsung Electronics Co., Ltd.)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft)
Setup (HKLM-x32\...\{7ADF667E-E14D-4D2C-827C-B0108F0D93BC}) (Version: - )
Shredder (Version: 2.0.8.9 - Egis Technology Inc.) Hidden
Shredder (x32 Version: 2.0.8.9 - Egis Technology Inc.) Hidden
Skype™ 7.0 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.0.102 - Skype Technologies S.A.)
Slingo Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
SmarThru 4 (HKLM-x32\...\{90F1943D-EA4A-4460-B59F-30023F3BA69A}) (Version: - Samsung Electronics Co., Ltd.)
System NotifierV02.09 (HKLM-x32\...\System NotifierV02.09) (Version: 1.36.01.22 - HQ-VideoV02.09) <==== ACHTUNG
The KMPlayer (remove only) (HKLM-x32\...\The KMPlayer) (Version: 3.4.0.59 - KMP Media co., Ltd)
Torchlight (x32 Version: 2.2.0.97 - WildTangent) Hidden
TV Time (HKLM-x32\...\TVTime) (Version: 2.7.75 - Ratio Applications)
Überwachungstool für die Intel® Turbo-Boost-Technik 2.0 (HKLM\...\{B77EFA0B-9BD3-4122-9F9A-15A963B5EA24}) (Version: 2.1.23.0 - Intel)
Update Installer for WildTangent Games App (x32 Version: - WildTangent) Hidden
Virtual Villagers 4 - The Tree of Life (x32 Version: 2.2.0.97 - WildTangent) Hidden
Wartung Samsung CLX-3180 Series (HKLM-x32\...\Samsung CLX-3180 Series) (Version: - Samsung Electronics Co., Ltd.)
WavePad Audio-Editor (HKLM-x32\...\WavePad) (Version: 6.12 - NCH Software)
Wedding Dash (x32 Version: 2.2.0.95 - WildTangent) Hidden
Welcome Center (HKLM-x32\...\Acer Welcome Center) (Version: 1.02.3504 - Acer Incorporated)
WildTangent Games App (x32 Version: 4.0.10.5 - WildTangent) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3538.0513 - Microsoft Corporation)
XMind 6 (v3.5.2) (HKLM-x32\...\XMind_is1) (Version: 3.5.2.201504270119 - XMind Ltd.)
Zuma Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
Συλλογή φωτογραφιών του Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Основные компоненты Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Почта Windows Live (x32 Version: 15.4.3502.0922 - Корпорация Майкрософт) Hidden
Фотоальбом Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Фотогалерия на Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
גלריית התמונות של Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
بريد Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
معرض صور Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
CustomCLSID: HKU\S-1-5-21-1577607291-3742472165-1464039351-1001_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Verena\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1577607291-3742472165-1464039351-1001_Classes\CLSID\{018D5C66-4533-4307-9B53-224DE2ED1FE6}\InprocServer32 -> C:\Windows\system32\shell32.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1577607291-3742472165-1464039351-1001_Classes\CLSID\{1BF42E4C-4AF4-4CFD-A1A0-CF2960B8F63E}\InprocServer32 -> C:\Users\Verena\AppData\Local\Microsoft\OneDrive\17.3.5930.0814\amd64\FileSyncShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1577607291-3742472165-1464039351-1001_Classes\CLSID\{5AB7172C-9C11-405C-8DD5-AF20F3606282}\InprocServer32 -> C:\Users\Verena\AppData\Local\Microsoft\OneDrive\17.3.5930.0814\amd64\FileSyncShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1577607291-3742472165-1464039351-1001_Classes\CLSID\{7AFDFDDB-F914-11E4-8377-6C3BE50D980C}\InprocServer32 -> C:\Users\Verena\AppData\Local\Microsoft\OneDrive\17.3.5930.0814\amd64\FileSyncShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1577607291-3742472165-1464039351-1001_Classes\CLSID\{82CA8DE3-01AD-4CEA-9D75-BE4C51810A9E}\InprocServer32 -> C:\Users\Verena\AppData\Local\Microsoft\OneDrive\17.3.5930.0814\amd64\FileSyncShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1577607291-3742472165-1464039351-1001_Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}\InprocServer32 -> C:\Users\Verena\AppData\Local\Microsoft\OneDrive\17.3.5930.0814\amd64\FileSyncShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1577607291-3742472165-1464039351-1001_Classes\CLSID\{A78ED123-AB77-406B-9962-2A5D9D2F7F30}\InprocServer32 -> C:\Users\Verena\AppData\Local\Microsoft\OneDrive\17.3.5930.0814\amd64\FileSyncShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1577607291-3742472165-1464039351-1001_Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}\InprocServer32 -> C:\Users\Verena\AppData\Local\Microsoft\OneDrive\17.3.5930.0814\amd64\FileSyncShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1577607291-3742472165-1464039351-1001_Classes\CLSID\{CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B}\InprocServer32 -> C:\Users\Verena\AppData\Local\Microsoft\OneDrive\17.3.5930.0814\amd64\FileSyncShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1577607291-3742472165-1464039351-1001_Classes\CLSID\{E31EA727-12ED-4702-820C-4B6445F28E1A}\InprocServer32 -> C:\Windows\system32\shell32.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1577607291-3742472165-1464039351-1001_Classes\CLSID\{E31EA727-12ED-4702-820C-4B6445F28E1B}\InprocServer32 -> C:\Windows\system32\shell32.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1577607291-3742472165-1464039351-1001_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\Verena\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1577607291-3742472165-1464039351-1001_Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}\InprocServer32 -> C:\Users\Verena\AppData\Local\Microsoft\OneDrive\17.3.5930.0814\amd64\FileSyncShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1577607291-3742472165-1464039351-1001_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\Verena\AppData\Local\Microsoft\OneDrive\17.3.5930.0814\amd64\FileSyncApi64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1577607291-3742472165-1464039351-1001_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Verena\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll Keine Datei
CustomCLSID: HKU\S-1-5-21-1577607291-3742472165-1464039351-1001_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Verena\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll Keine Datei
CustomCLSID: HKU\S-1-5-21-1577607291-3742472165-1464039351-1001_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Verena\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll Keine Datei
CustomCLSID: HKU\S-1-5-21-1577607291-3742472165-1464039351-1001_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Verena\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll Keine Datei
CustomCLSID: HKU\S-1-5-21-1577607291-3742472165-1464039351-1001_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Verena\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll Keine Datei
CustomCLSID: HKU\S-1-5-21-1577607291-3742472165-1464039351-1001_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Verena\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll Keine Datei
CustomCLSID: HKU\S-1-5-21-1577607291-3742472165-1464039351-1001_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Verena\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll Keine Datei
CustomCLSID: HKU\S-1-5-21-1577607291-3742472165-1464039351-1001_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Verena\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll Keine Datei
==================== Wiederherstellungspunkte =========================
02-09-2015 19:36:07 Configured NTI Media Maker 9
==================== Hosts Inhalt: ===============================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2009-07-14 04:34 - 2014-12-17 23:02 - 00000027 ____A C:\WINDOWS\system32\Drivers\etc\hosts
127.0.0.1 localhost
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {00EEBA9C-F9EF-4272-B793-C830FBADD359} - System32\Tasks\Microsoft\Windows\ApplicationData\DsSvcCleanup => C:\Windows\system32\dstokenclean.exe [2015-07-10] (Microsoft Corporation)
Task: {0461FC40-5C01-4789-8241-2C31A467AC27} - System32\Tasks\1a5e6f5d-2207-4995-9489-b84f694df449-5_user => C:\Program Files (x86)\System NotifierV02.09\1a5e6f5d-2207-4995-9489-b84f694df449-5.exe [2015-09-02] (HQ-VideoV02.09) <==== ACHTUNG
Task: {04A91446-1367-4BFD-8DF0-85627BEF5EFD} - System32\Tasks\575c0d94-4438-4047-8a05-41731250fe8c-5 => C:\Program Files (x86)\Ge-Force\575c0d94-4438-4047-8a05-41731250fe8c-5.exe [2015-09-03] (Webar) <==== ACHTUNG
Task: {0672E6FA-1C69-4B33-A882-BFBAD3DE7CAA} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {08FD90CF-23BC-4436-9B60-391D1A6CAE01} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\Windows\ehome\ehPrivJob.exe
Task: {0CCA7916-2916-4F12-BD32-1E3BE31E1269} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Device-Join => C:\Windows\System32\dsregcmd.exe [2015-07-10] (Microsoft Corporation)
Task: {0D604DD3-9CCE-4ACE-9736-4D2BC1DE90E9} - System32\Tasks\3bdeed13-2db0-4dc1-9605-22126b0b7b26-6 => C:\Program Files (x86)\CinemaPlus-3.2cV02.09\3bdeed13-2db0-4dc1-9605-22126b0b7b26-6.exe [2015-09-02] (Cinema PlusV02.09) <==== ACHTUNG
Task: {141D8AB0-9EED-4AC5-8169-CCB2620B63A3} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-1577607291-3742472165-1464039351-1001UA => C:\Users\Verena\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-19] (Dropbox, Inc.)
Task: {161EB941-8BBA-48DD-870A-9B6D2AA188B1} - System32\Tasks\RealDownloaderDownloaderScheduledTaskS-1-5-21-1577607291-3742472165-1464039351-1001 => C:\Program Files (x86)\RealNetworks\RealDownloader\recordingmanager.exe [2012-11-29] (RealNetworks, Inc.)
Task: {1654811D-89F1-4058-BFEC-453E75AE2319} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\Windows\ehome\ehPrivJob.exe
Task: {17DF6A43-B35F-424B-A368-C590A20802CC} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\Windows\ehome\ehPrivJob.exe
Task: {193BD2DD-40F9-486F-B84A-C3E6409C8732} - System32\Tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-1577607291-3742472165-1464039351-1001 => C:\Program Files (x86)\RealNetworks\RealDownloader\realupgrade.exe [2012-11-29] (RealNetworks, Inc.)
Task: {19865544-CE08-40BE-8B8C-87C47681433D} - System32\Tasks\Microsoft\Windows\WindowsUpdate\sihboot => C:\Windows\System32\sihclient.exe [2015-07-10] (Microsoft Corporation)
Task: {1AC488D5-C9BD-42DD-B6F0-41546BAFD464} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {1FE0E0A4-4CF8-4E17-97B7-57791F7914EC} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-08-13] (Adobe Systems Incorporated)
Task: {208FB049-E7AE-4CDA-AE45-B984248CBD94} - System32\Tasks\{CADFF3D7-DB59-4FA7-804F-68027FE700EA} => pcalua.exe -a C:\Users\Verena\AppData\Local\Temp\Temp1_rct187ge.zip\RCT-GE.exe
Task: {20D648DE-8367-4DE6-A3BF-8B439C8F8493} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Keine Datei <==== ACHTUNG
Task: {210C3455-F008-47B7-BCB1-B3A018FD8785} - System32\Tasks\RealUpgradeScheduledTaskS-1-5-21-1577607291-3742472165-1464039351-1001 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2012-11-30] (RealNetworks, Inc.)
Task: {21326EDB-5103-485F-B14F-9A1EE4DF8231} - System32\Tasks\SMW_UpdateTask_Time_323638343739373137382d3437415a556c2a3223346c41 => Wscript.exe //B "C:\ProgramData\SearchModule\smhe.js" smu.exe /invoke /f:check_services /l:0 <==== ACHTUNG
Task: {23567429-EC4C-4C41-B2C5-95AEDDBD4ACC} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\Windows\ehome\ehPrivJob.exe
Task: {24CD6853-562F-401A-8B7A-BE8470E5CC7A} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Keine Datei <==== ACHTUNG
Task: {2931DC67-9851-407C-82A2-E7A83AF7C58B} - System32\Tasks\SmartWeb Upgrade Trigger Task => C:\Users\Verena\AppData\Local\SmartWeb\SmartWebHelper.exe <==== ACHTUNG
Task: {2E763251-42A3-4595-8A1F-332A2AB54930} - System32\Tasks\575c0d94-4438-4047-8a05-41731250fe8c-6 => C:\Program Files (x86)\Ge-Force\575c0d94-4438-4047-8a05-41731250fe8c-6.exe [2015-09-02] (Webar) <==== ACHTUNG
Task: {3125D755-E523-4620-A4EE-2E34C6870ED0} - System32\Tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-1577607291-3742472165-1464039351-1001 => C:\Program Files (x86)\RealNetworks\RealDownloader\realupgrade.exe [2012-11-29] (RealNetworks, Inc.)
Task: {344F258C-1AC4-4A64-8DBF-3E58B265CA0B} - System32\Tasks\RealUpgradeLogonTaskS-1-5-21-1577607291-3742472165-1464039351-1001 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2012-11-30] (RealNetworks, Inc.)
Task: {36DE8B76-C0F7-4A4C-974C-C3554F6C500E} - System32\Tasks\globalUpdateUpdateTaskMachineUA => C:\Program Files (x86)\globalUpdate\Update\globalupdate.exe [2015-09-03] (globalUpdate) <==== ACHTUNG
Task: {36FBA23E-2549-4BEC-8642-F0AB222B885E} - System32\Tasks\575c0d94-4438-4047-8a05-41731250fe8c-1-7 => C:\Program Files (x86)\Ge-Force\575c0d94-4438-4047-8a05-41731250fe8c-1-7.exe [2015-09-03] (Webar) <==== ACHTUNG
Task: {37E3DFEB-2227-437F-B522-7361C97C09B9} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-1577607291-3742472165-1464039351-1001Core => C:\Users\Verena\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-19] (Dropbox, Inc.)
Task: {3C98912A-8D6E-4AD6-BC8A-A38C5E4AE0F2} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\Windows\ehome\MCUpdate.exe
Task: {3CF51B65-8794-4689-8A4F-02740A134D8D} - System32\Tasks\3bdeed13-2db0-4dc1-9605-22126b0b7b26-13 => C:\Program Files (x86)\CinemaPlus-3.2cV02.09\3bdeed13-2db0-4dc1-9605-22126b0b7b26-13.exe [2015-09-02] (Cinema PlusV02.09) <==== ACHTUNG
Task: {3DDAA998-E058-4238-9DBE-8072ABB1AB8C} - System32\Tasks\updateTask => c:\task.vbs
Task: {3DF8CF97-2828-41E8-8FFE-EBDDB6AF7805} - System32\Tasks\3bdeed13-2db0-4dc1-9605-22126b0b7b26-1-6 => C:\Program Files (x86)\CinemaPlus-3.2cV02.09\3bdeed13-2db0-4dc1-9605-22126b0b7b26-1-6.exe [2015-09-02] (Cinema PlusV02.09) <==== ACHTUNG
Task: {3E7AD090-26DC-4CE8-9FD9-335BBDE9FA28} - System32\Tasks\APSnotifierPP3 => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe [2015-09-06] (AnyProtect.com) <==== ACHTUNG
Task: {3EC9E715-C82F-4ED8-8ADB-265E11C86A34} - System32\Tasks\lI6qhaY => C:\Users\Verena\AppData\Roaming\lI6qhaY.exe [2015-04-20] () <==== ACHTUNG
Task: {3F6E048D-6404-433B-8F5F-CFF4D89BF89E} - System32\Tasks\Microsoft\Windows\Application Experience\Microsoft Compatibility Appraiser => Rundll32.exe generaltel.dll,RunTelemetryW
Task: {41160EA0-208B-4C3E-B4DB-805BBABC6B93} - System32\Tasks\Microsoft\Windows\Feedback\Siuf\DmClient => C:\Windows\system32\dmclient.exe [2015-07-10] (Microsoft Corporation)
Task: {44305DA8-438E-43E1-B2C6-AA6DC18653DC} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\Windows\ehome\ehrec.exe
Task: {46F6AE9B-2B50-48E6-B191-E9E17947D3D8} - System32\Tasks\Crossbrowse => C:\Program Files (x86)\Crossbrowse\Crossbrowse\Application\utility.exe [2015-09-03] () <==== ACHTUNG
Task: {479715DA-8C91-4167-9ECD-BF0CDB2198F5} - System32\Tasks\3bdeed13-2db0-4dc1-9605-22126b0b7b26-7 => C:\Program Files (x86)\CinemaPlus-3.2cV02.09\3bdeed13-2db0-4dc1-9605-22126b0b7b26-7.exe [2015-09-03] (Cinema PlusV02.09) <==== ACHTUNG
Task: {4C93BB30-E7C4-4771-8332-16599C187163} - System32\Tasks\SPBIW_UpdateTask_Time_323638343739373137382d505b2d34454137455a5a786c => Wscript.exe //B "C:\ProgramData\ShopperPro\spbihe.js" spbiu.exe /invoke /f:check_services /l:0 <==== ACHTUNG
Task: {4E96B5DD-D83A-4AE6-82C0-68F9F296A6A6} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Keine Datei <==== ACHTUNG
Task: {4F72F9DD-9D46-4788-B439-AAA79E1BC904} - System32\Tasks\Microsoft\Windows\Media Center\StartRecording => C:\Windows\ehome\ehrec.exe
Task: {53AD5418-3187-42DB-A06F-CCF620E65ABA} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-27] (Google Inc.)
Task: {5489A12A-B30A-4B07-8EF3-77B00F743164} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {63B791DF-388B-4259-95E6-B9BCF55D82B7} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {64E6D106-58D7-4860-AC33-7439BCFFA4D6} - System32\Tasks\Inst_Rep => C:\Users\Verena\AppData\Local\Installer\Install_9223\DCytdkietut_tutdk_setup.exe [2015-09-03] ()
Task: {65CD29F5-9AA5-4F25-8151-735CBC1ACB82} - System32\Tasks\CreateChoiceProcessTask => C:\Windows\System32\browserchoice.exe
Task: {6D0834BB-426F-4940-A023-896FF67976B6} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\Windows\ehome\ehPrivJob.exe
Task: {6D0F2D2D-0A1F-4879-BD69-37CC7369EDCC} - System32\Tasks\{65C1EE69-71E9-4DD4-927C-D14FC54A6C7D} => pcalua.exe -a "C:\Program Files (x86)\Uninstall Information\97\4450\uninstall.exe" -c /PUninstall="HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\PC Performer_is1" /reg=32 /cid=97
Task: {7079A0EF-9DEA-41B9-B0AB-B8A8913DF002} - System32\Tasks\575c0d94-4438-4047-8a05-41731250fe8c-1-6 => C:\Program Files (x86)\Ge-Force\575c0d94-4438-4047-8a05-41731250fe8c-1-6.exe [2015-09-02] (Webar) <==== ACHTUNG
Task: {73551810-E5F4-433E-9494-0D00B55C855E} - System32\Tasks\Microsoft\Windows\Maps\MapsToastTask
Task: {770B87FF-9679-4D3A-B5B5-2DFFBF5BD064} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-07-07] (Adobe Systems Incorporated)
Task: {7775F202-3928-49CC-A056-A0516F7C5DCC} - System32\Tasks\hZXISqFX => C:\Users\Verena\AppData\Roaming\hZXISqFX.exe [2015-04-20] () <==== ACHTUNG
Task: {77B72D11-3F3A-4DC4-91C1-1D7B13A6C968} - System32\Tasks\Jissifsefaieg => C:\ProgramData\Jissifsefaieg\1.0.5.1\wsiuuenw.exe [2015-09-03] ()
Task: {78B77FA3-9D97-441D-97B6-68CEA40B4F74} - System32\Tasks\Microsoft\Windows\Application Experience\ProgramDataUpdater => Rundll32.exe generaltel.dll,RunTelemetry -maintenance
Task: {78D12D5D-99FA-498C-ACA2-564EB1C826EC} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\Windows\ehome\ehPrivJob.exe
Task: {7B3326E6-7A8C-4CBE-BBDB-F878B9FFF310} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> Keine Datei <==== ACHTUNG
Task: {7D44DE17-21C4-4BF9-AC16-BAA516BD59B0} - System32\Tasks\globalUpdateUpdateTaskMachineCore => C:\Program Files (x86)\globalUpdate\Update\globalupdate.exe [2015-09-03] (globalUpdate) <==== ACHTUNG
Task: {836A1FB0-5DDD-41D9-AF3D-DD5B38128E6C} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Keine Datei <==== ACHTUNG
Task: {841D1752-19B8-4C3D-AF70-B0DB0AAAC6F7} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Keine Datei <==== ACHTUNG
Task: {847A6DBE-7CE3-4FBA-AA08-B50CBA672F2D} - System32\Tasks\1a5e6f5d-2207-4995-9489-b84f694df449-10_user => C:\Program Files (x86)\System NotifierV02.09\1a5e6f5d-2207-4995-9489-b84f694df449-10.exe [2015-09-02] (HQ-VideoV02.09) <==== ACHTUNG
Task: {84BDCD06-B850-4BC3-9130-21ED22A366FA} - System32\Tasks\575c0d94-4438-4047-8a05-41731250fe8c-10_user => C:\Program Files (x86)\Ge-Force\575c0d94-4438-4047-8a05-41731250fe8c-10.exe [2015-09-02] (Webar) <==== ACHTUNG
Task: {8C549382-E91D-4938-9A1C-6D6B80B226B9} - System32\Tasks\3bdeed13-2db0-4dc1-9605-22126b0b7b26-5 => C:\Program Files (x86)\CinemaPlus-3.2cV02.09\3bdeed13-2db0-4dc1-9605-22126b0b7b26-5.exe [2015-09-03] (Cinema PlusV02.09) <==== ACHTUNG
Task: {8DF84CB3-D8E0-4307-A35B-CA74E21786DB} - System32\Tasks\Microsoft\Windows\Clip\License Validation => C:\Windows\system32\ClipUp.exe [2015-09-01] (Microsoft Corporation)
Task: {935C3062-949C-4AC2-AE15-838DC520C8C0} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Keine Datei <==== ACHTUNG
Task: {98F3A76D-FBBB-4773-8DF9-A601FB1BFE3D} - System32\Tasks\HztSu0wh4JrtyLfcXxrV => C:\Users\Verena\AppData\Roaming\HztSu0wh4JrtyLfcXxrV.exe [2015-04-20] () <==== ACHTUNG
Task: {9B583E90-4B95-4E09-9782-084596C2805B} - System32\Tasks\ShopperProJSUpd => C:\Program Files (x86)\ShopperPro\updater.exe <==== ACHTUNG
Task: {9E0E25F7-83A3-47B5-96B9-450DE068ED56} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\Windows\ehome\ehPrivJob.exe
Task: {9EA675B7-EC8E-4283-9D20-649BBF83E788} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\Windows\ehome\ehPrivJob.exe
Task: {A5B2AA3B-BAA0-4747-8024-0F75758C6B37} - System32\Tasks\b6TtfCU4fgZ9RE6NnSqEJ1 => C:\Users\Verena\AppData\Roaming\b6TtfCU4fgZ9RE6NnSqEJ1.exe [2015-04-20] () <==== ACHTUNG
Task: {A5B6CD85-1B57-49B9-BA80-5D5D65F02826} - System32\Tasks\Microsoft\Windows\AppID\EDP Policy Manager
Task: {A60EF002-0BFE-4B93-A6CB-D242E5249400} - System32\Tasks\APSnotifierPP1 => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe [2015-09-06] (AnyProtect.com) <==== ACHTUNG
Task: {A7371276-FF76-4F55-8403-011C50B707BD} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\Windows\ehome\mcupdate.exe
Task: {AB109530-6CFC-41AE-A876-796ED621C3BA} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\Windows\ehome\mcupdate.exe
Task: {AF7DA1F5-67BA-44A7-9B01-D3EC1AE36FA4} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\Windows\ehome\ehPrivJob.exe
Task: {B125997C-5018-4565-AD4F-6B187F34BC40} - System32\Tasks\575c0d94-4438-4047-8a05-41731250fe8c-7 => C:\Program Files (x86)\Ge-Force\575c0d94-4438-4047-8a05-41731250fe8c-7.exe [2015-09-03] (Webar) <==== ACHTUNG
Task: {B1A8CFAA-93C1-4DB0-BA8A-75B898C50389} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\Windows\ehome\ehPrivJob.exe
Task: {B3E1C1D3-9482-4594-B6B9-4A7D4E2995F0} - System32\Tasks\3bdeed13-2db0-4dc1-9605-22126b0b7b26-4 => C:\Program Files (x86)\CinemaPlus-3.2cV02.09\3bdeed13-2db0-4dc1-9605-22126b0b7b26-4.exe [2015-09-02] (Cinema PlusV02.09) <==== ACHTUNG
Task: {B698C101-1625-4600-99F9-1610A1888435} - System32\Tasks\SPBIW_UpdateTask_Time_323638343739373137382d3437415a556c2a3223346c41 => Wscript.exe //B "C:\ProgramData\ShopperPro\spbihe.js" spbiu.exe /invoke /f:check_services /l:0 <==== ACHTUNG
Task: {BE7B849C-0DD3-49E7-843F-FC622F4AB08F} - System32\Tasks\Microsoft\Windows\RetailDemo\CleanupOfflineContent
Task: {BF5404EE-C6EB-4097-8546-1B57C5C4A324} - System32\Tasks\APSnotifierPP2 => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe [2015-09-06] (AnyProtect.com) <==== ACHTUNG
Task: {C479A38C-6B12-4B72-9253-D2AA6BB2B1BF} - System32\Tasks\runTask => %TEMP%/Updater.exe
Task: {C56AFFD3-06B8-4A16-AF7E-F7A6EB3FAE9E} - System32\Tasks\Microsoft\Windows\TPM\Tpm-HASCertRetr
Task: {C5EE2EA2-5312-4D1F-B9D0-41B18DF31B78} - System32\Tasks\Microsoft\Windows\WindowsUpdate\sih => C:\Windows\System32\sihclient.exe [2015-07-10] (Microsoft Corporation)
Task: {C6AF9F15-C0AF-48C1-A9C6-541EA44F55D8} - System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-1577607291-3742472165-1464039351-1001 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2012-11-30] (RealNetworks, Inc.)
Task: {C76441D4-9C12-4640-8D83-0D09A23C982D} - System32\Tasks\3bdeed13-2db0-4dc1-9605-22126b0b7b26-5_user => C:\Program Files (x86)\CinemaPlus-3.2cV02.09\3bdeed13-2db0-4dc1-9605-22126b0b7b26-5.exe [2015-09-03] (Cinema PlusV02.09) <==== ACHTUNG
Task: {C7A236B2-12E1-46DC-9501-3B1B0209CC09} - System32\Tasks\Microsoft\Windows\Location\WindowsActionDialog => C:\Windows\System32\WindowsActionDialog.exe [2015-07-10] (Microsoft Corporation)
Task: {D0AE160D-F5EA-4ADA-8C71-F9659614EFE4} - System32\Tasks\575c0d94-4438-4047-8a05-41731250fe8c-4 => C:\Program Files (x86)\Ge-Force\575c0d94-4438-4047-8a05-41731250fe8c-4.exe [2015-09-02] (Webar) <==== ACHTUNG
Task: {D17C25C6-442A-47DC-BAE4-1335B54675FE} - System32\Tasks\3bdeed13-2db0-4dc1-9605-22126b0b7b26-14 => C:\Program Files (x86)\CinemaPlus-3.2cV02.09\3bdeed13-2db0-4dc1-9605-22126b0b7b26-14.exe [2015-09-02] (Cinema PlusV02.09) <==== ACHTUNG
Task: {DA09DB85-989E-43AF-B342-19683EECA7CB} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\Windows\ehome\ehPrivJob.exe
Task: {DDA3F5E2-A250-4830-9725-21E97CD2E795} - System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-1577607291-3742472165-1464039351-1001 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2012-11-30] (RealNetworks, Inc.)
Task: {DFE9DF9C-538A-49B5-8181-C0FB89C12625} - System32\Tasks\3bdeed13-2db0-4dc1-9605-22126b0b7b26-10_user => C:\Program Files (x86)\CinemaPlus-3.2cV02.09\3bdeed13-2db0-4dc1-9605-22126b0b7b26-10.exe [2015-09-02] (Cinema PlusV02.09) <==== ACHTUNG
Task: {E0666760-CF82-4721-BA2E-E8C505A6CE2E} - System32\Tasks\IyEFViIqK8st2WX35 => C:\Users\Verena\AppData\Roaming\IyEFViIqK8st2WX35.exe [2015-04-20] () <==== ACHTUNG
Task: {E1249649-C32D-4211-BF3A-7E01AF8A14B1} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Keine Datei <==== ACHTUNG
Task: {E589B19A-05CB-4AF0-BFF8-78273228597E} - System32\Tasks\3bdeed13-2db0-4dc1-9605-22126b0b7b26-3 => C:\Program Files (x86)\CinemaPlus-3.2cV02.09\3bdeed13-2db0-4dc1-9605-22126b0b7b26-3.exe [2015-09-03] (Cinema PlusV02.09) <==== ACHTUNG
Task: {E5D928B0-0088-47C0-89AE-60928E386504} - System32\Tasks\575c0d94-4438-4047-8a05-41731250fe8c-5_user => C:\Program Files (x86)\Ge-Force\575c0d94-4438-4047-8a05-41731250fe8c-5.exe [2015-09-03] (Webar) <==== ACHTUNG
Task: {E8C593D7-E485-46F0-B995-3CB7A860306B} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\Windows\ehome\ehPrivJob.exe
Task: {EC85003D-F22D-4DA5-B78C-BA413D2CC368} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Keine Datei <==== ACHTUNG
Task: {EF3C61D8-165A-4383-B9E8-F654D04F8B98} - System32\Tasks\3bdeed13-2db0-4dc1-9605-22126b0b7b26-1-7 => C:\Program Files (x86)\CinemaPlus-3.2cV02.09\3bdeed13-2db0-4dc1-9605-22126b0b7b26-1-7.exe [2015-09-03] (Cinema PlusV02.09) <==== ACHTUNG
Task: {F27F3302-1C28-4868-835B-10D26237C550} - System32\Tasks\Microsoft\Windows\SetupSQMTask => C:\WINDOWS\SYSTEM32\OOBE\SETUPSQM.EXE [2015-07-10] (Microsoft Corporation)
Task: {F2A3D28E-684F-472A-AC29-40C256938FE2} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Keine Datei <==== ACHTUNG
Task: {F3735033-676F-4D42-8757-A11345969128} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\Windows\ehome\mcupdate.exe
Task: {F53A2557-3A1A-4622-BA88-CF1BAB5A122C} - System32\Tasks\1a5e6f5d-2207-4995-9489-b84f694df449-5 => C:\Program Files (x86)\System NotifierV02.09\1a5e6f5d-2207-4995-9489-b84f694df449-5.exe [2015-09-02] (HQ-VideoV02.09) <==== ACHTUNG
Task: {F7DACD90-9792-4635-AE30-5DE6A1501237} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Keine Datei <==== ACHTUNG
Task: {F886D7FB-69BB-48EB-82AC-C5CFB11966B1} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\Windows\ehome\ehPrivJob.exe
Task: {FC7EEAFB-A9FE-4758-840C-E0D0CE0EBA6D} - System32\Tasks\Norton Security Scan for Verena => C:\Program Files (x86)\Norton Security Scan\Engine\4.1.0.28\Nss.exe [2014-01-27] (Symantec Corporation)
Task: {FC99122A-3C3C-4CFA-9073-13A897D83B54} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-27] (Google Inc.)
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
Task: C:\WINDOWS\Tasks\1a5e6f5d-2207-4995-9489-b84f694df449-10_user.job => C:\Program Files (x86)\System NotifierV02.09\1a5e6f5d-2207-4995-9489-b84f694df449-10.exe <==== ACHTUNG
Task: C:\WINDOWS\Tasks\1a5e6f5d-2207-4995-9489-b84f694df449-5.job => C:\Program Files (x86)\System NotifierV02.09\1a5e6f5d-2207-4995-9489-b84f694df449-5.exe <==== ACHTUNG
Task: C:\WINDOWS\Tasks\1a5e6f5d-2207-4995-9489-b84f694df449-5_user.job => C:\Program Files (x86)\System NotifierV02.09\1a5e6f5d-2207-4995-9489-b84f694df449-5.exe <==== ACHTUNG
Task: C:\WINDOWS\Tasks\3bdeed13-2db0-4dc1-9605-22126b0b7b26-1-6.job => C:\Program Files (x86)\CinemaPlus-3.2cV02.09\3bdeed13-2db0-4dc1-9605-22126b0b7b26-1-6.exe <==== ACHTUNG
Task: C:\WINDOWS\Tasks\3bdeed13-2db0-4dc1-9605-22126b0b7b26-1-7.job => C:\Program Files (x86)\CinemaPlus-3.2cV02.09\3bdeed13-2db0-4dc1-9605-22126b0b7b26-1-7.exe <==== ACHTUNG
Task: C:\WINDOWS\Tasks\3bdeed13-2db0-4dc1-9605-22126b0b7b26-10_user.job => C:\Program Files (x86)\CinemaPlus-3.2cV02.09\3bdeed13-2db0-4dc1-9605-22126b0b7b26-10.exe <==== ACHTUNG
Task: C:\WINDOWS\Tasks\3bdeed13-2db0-4dc1-9605-22126b0b7b26-13.job => C:\Program Files (x86)\CinemaPlus-3.2cV02.09\3bdeed13-2db0-4dc1-9605-22126b0b7b26-13.exe <==== ACHTUNG
Task: C:\WINDOWS\Tasks\3bdeed13-2db0-4dc1-9605-22126b0b7b26-14.job => C:\Program Files (x86)\CinemaPlus-3.2cV02.09\3bdeed13-2db0-4dc1-9605-22126b0b7b26-14.exe <==== ACHTUNG
Task: C:\WINDOWS\Tasks\3bdeed13-2db0-4dc1-9605-22126b0b7b26-3.job => C:\Program Files (x86)\CinemaPlus-3.2cV02.09\3bdeed13-2db0-4dc1-9605-22126b0b7b26-3.exe <==== ACHTUNG
Task: C:\WINDOWS\Tasks\3bdeed13-2db0-4dc1-9605-22126b0b7b26-4.job => C:\Program Files (x86)\CinemaPlus-3.2cV02.09\3bdeed13-2db0-4dc1-9605-22126b0b7b26-4.exe <==== ACHTUNG
Task: C:\WINDOWS\Tasks\3bdeed13-2db0-4dc1-9605-22126b0b7b26-5.job => C:\Program Files (x86)\CinemaPlus-3.2cV02.09\3bdeed13-2db0-4dc1-9605-22126b0b7b26-5.exe <==== ACHTUNG
Task: C:\WINDOWS\Tasks\3bdeed13-2db0-4dc1-9605-22126b0b7b26-5_user.job => C:\Program Files (x86)\CinemaPlus-3.2cV02.09\3bdeed13-2db0-4dc1-9605-22126b0b7b26-5.exe <==== ACHTUNG
Task: C:\WINDOWS\Tasks\3bdeed13-2db0-4dc1-9605-22126b0b7b26-6.job => C:\Program Files (x86)\CinemaPlus-3.2cV02.09\3bdeed13-2db0-4dc1-9605-22126b0b7b26-6.exe <==== ACHTUNG
Task: C:\WINDOWS\Tasks\3bdeed13-2db0-4dc1-9605-22126b0b7b26-7.job => C:\Program Files (x86)\CinemaPlus-3.2cV02.09\3bdeed13-2db0-4dc1-9605-22126b0b7b26-7.exe <==== ACHTUNG
Task: C:\WINDOWS\Tasks\575c0d94-4438-4047-8a05-41731250fe8c-1-6.job => C:\Program Files (x86)\Ge-Force\575c0d94-4438-4047-8a05-41731250fe8c-1-6.exe <==== ACHTUNG
Task: C:\WINDOWS\Tasks\575c0d94-4438-4047-8a05-41731250fe8c-1-7.job => C:\Program Files (x86)\Ge-Force\575c0d94-4438-4047-8a05-41731250fe8c-1-7.exe <==== ACHTUNG
Task: C:\WINDOWS\Tasks\575c0d94-4438-4047-8a05-41731250fe8c-10_user.job => C:\Program Files (x86)\Ge-Force\575c0d94-4438-4047-8a05-41731250fe8c-10.exe <==== ACHTUNG
Task: C:\WINDOWS\Tasks\575c0d94-4438-4047-8a05-41731250fe8c-4.job => C:\Program Files (x86)\Ge-Force\575c0d94-4438-4047-8a05-41731250fe8c-4.exe <==== ACHTUNG
Task: C:\WINDOWS\Tasks\575c0d94-4438-4047-8a05-41731250fe8c-5.job => C:\Program Files (x86)\Ge-Force\575c0d94-4438-4047-8a05-41731250fe8c-5.exe <==== ACHTUNG
Task: C:\WINDOWS\Tasks\575c0d94-4438-4047-8a05-41731250fe8c-5_user.job => C:\Program Files (x86)\Ge-Force\575c0d94-4438-4047-8a05-41731250fe8c-5.exe <==== ACHTUNG
Task: C:\WINDOWS\Tasks\575c0d94-4438-4047-8a05-41731250fe8c-6.job => C:\Program Files (x86)\Ge-Force\575c0d94-4438-4047-8a05-41731250fe8c-6.exe <==== ACHTUNG
Task: C:\WINDOWS\Tasks\575c0d94-4438-4047-8a05-41731250fe8c-7.job => C:\Program Files (x86)\Ge-Force\575c0d94-4438-4047-8a05-41731250fe8c-7.exe <==== ACHTUNG
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\APSnotifierPP1.job => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe <==== ACHTUNG
Task: C:\WINDOWS\Tasks\APSnotifierPP2.job => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe <==== ACHTUNG
Task: C:\WINDOWS\Tasks\APSnotifierPP3.job => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe <==== ACHTUNG
Task: C:\WINDOWS\Tasks\b6TtfCU4fgZ9RE6NnSqEJ1.job => C:\Users\Verena\AppData\Roaming\b6TtfCU4fgZ9RE6NnSqEJ1.exe <==== ACHTUNG
Task: C:\WINDOWS\Tasks\Crossbrowse.job => C:\Program Files (x86)\Crossbrowse\Crossbrowse\Application\utility.exe <==== ACHTUNG
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-1577607291-3742472165-1464039351-1001Core.job => C:\Users\Verena\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-1577607291-3742472165-1464039351-1001UA.job => C:\Users\Verena\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\globalUpdateUpdateTaskMachineCore.job => C:\Program Files (x86)\globalUpdate\Update\globalupdate.exe <==== ACHTUNG
Task: C:\WINDOWS\Tasks\globalUpdateUpdateTaskMachineUA.job => C:\Program Files (x86)\globalUpdate\Update\globalupdate.exe <==== ACHTUNG
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\HztSu0wh4JrtyLfcXxrV.job => C:\Users\Verena\AppData\Roaming\HztSu0wh4JrtyLfcXxrV.exe <==== ACHTUNG
Task: C:\WINDOWS\Tasks\hZXISqFX.job => C:\Users\Verena\AppData\Roaming\hZXISqFX.exe <==== ACHTUNG
Task: C:\WINDOWS\Tasks\IyEFViIqK8st2WX35.job => C:\Users\Verena\AppData\Roaming\IyEFViIqK8st2WX35.exe <==== ACHTUNG
Task: C:\WINDOWS\Tasks\lI6qhaY.job => C:\Users\Verena\AppData\Roaming\lI6qhaY.exe <==== ACHTUNG
Task: C:\WINDOWS\Tasks\Norton Security Scan for Verena.job => C:\PROGRA~2\NORTON~2\Engine\410~1.28\Nss.exe
==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
2015-09-01 10:26 - 2015-09-01 10:26 - 00032768 _____ () C:\WINDOWS\SYSTEM32\licensemanagerapi.dll
2015-09-01 09:37 - 2015-07-13 19:37 - 00116552 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2012-04-15 12:31 - 2011-06-22 09:14 - 00034304 _____ () C:\WINDOWS\System32\sst2cl6.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00403968 _____ () C:\WINDOWS\System32\diagtrack_wininternal.dll
2015-09-02 18:30 - 2015-09-02 18:30 - 00227328 _____ () C:\Program Files (x86)\8CBD48C6-1441211369-E111-9306-DC0EA11C2A46\jnsq4F6D.tmp
2012-11-29 21:31 - 2012-11-29 21:31 - 00038608 _____ () C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe
2015-09-02 18:30 - 2015-09-02 18:30 - 00137728 _____ () C:\Program Files (x86)\8CBD48C6-1441211369-E111-9306-DC0EA11C2A46\hnsa67D9.tmp
2015-09-01 10:26 - 2015-09-01 10:26 - 02498808 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 02498808 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
2013-09-05 01:17 - 2013-09-05 01:17 - 04300456 _____ () C:\Program Files\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
2009-01-21 17:45 - 2009-01-21 17:45 - 01401856 _____ () C:\Program Files (x86)\EgisTec MyWinLocker\x64\LIBEAY32.dll
2015-07-10 12:59 - 2015-07-10 12:59 - 00429056 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll
2015-07-10 12:59 - 2015-07-10 12:59 - 00143360 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\XamlTileRendering.dll
2015-06-01 21:00 - 2015-06-01 21:00 - 00102912 _____ () C:\Windows\System32\IccLibDll_x64.dll
2015-09-03 08:43 - 2015-09-03 08:43 - 00158720 _____ () C:\ProgramData\Jissifsefaieg\1.0.5.1\wsiuuenw.exe
2012-04-15 12:30 - 2011-07-06 14:17 - 00688128 _____ () C:\Windows\Samsung\PanelMgr\SSMMgr.exe
2012-04-15 12:32 - 2011-04-29 09:58 - 01990144 _____ () C:\Windows\twain_32\Samsung\CLX3180\Scan2Pc.exe
2012-04-15 12:30 - 2009-09-29 11:47 - 00306688 _____ () C:\Windows\Samsung\PanelMgr\caller64.exe
2015-07-13 20:45 - 2015-07-13 20:45 - 00011920 _____ () C:\Program Files\NVIDIA Corporation\CoProcManager\detoured.dll
2015-09-02 07:09 - 2015-09-02 07:09 - 01684480 _____ () C:\Program Files\Common Files\ShopperPro\spbici64.dll
2015-09-03 08:45 - 2015-09-02 10:49 - 03314832 _____ () C:\Users\Verena\AppData\Local\gmsd_de_005010078\upgmsd_de_005010078.exe
2015-09-03 08:45 - 2015-09-02 10:49 - 03984528 _____ () C:\Program Files (x86)\gmsd_de_005010078\gmsd_de_005010078.exe
2015-09-01 10:26 - 2015-09-01 10:26 - 06576640 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2015-07-10 13:00 - 2015-07-10 18:45 - 00471040 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 01806848 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 02274816 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2015-07-10 13:00 - 2015-07-10 18:45 - 00210432 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.ProxyStub.dll
2015-09-04 20:49 - 2015-09-05 09:59 - 00082696 _____ () C:\ProgramData\Radio\prompt.exe
2015-09-05 17:11 - 2015-09-05 17:11 - 01380864 _____ () C:\Program Files (x86)\8CBD48C6-1441211369-E111-9306-DC0EA11C2A46\knsw2829.tmp
2015-09-05 22:12 - 2015-09-05 22:12 - 01381888 _____ () C:\Program Files (x86)\8CBD48C6-1441211369-E111-9306-DC0EA11C2A46\knsc4FD1.tmp
2014-03-12 22:53 - 2014-03-12 22:53 - 00063376 _____ () C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\zlib1.dll
2011-04-24 03:29 - 2011-04-24 03:29 - 00465640 _____ () C:\Program Files (x86)\NTI\Acer Backup Manager\sqlite3.dll
2011-04-24 03:29 - 2011-04-24 03:29 - 00125760 _____ () C:\Program Files (x86)\NTI\Acer Backup Manager\MailConverter32.dll
2011-04-24 03:29 - 2011-04-24 03:29 - 01081664 _____ () C:\Program Files (x86)\NTI\Acer Backup Manager\ACE.dll
2015-07-13 20:45 - 2015-07-13 20:45 - 00011920 _____ () C:\Program Files (x86)\NVIDIA Corporation\CoProcManager\detoured.dll
2012-04-15 12:32 - 2009-10-31 15:42 - 01384520 _____ () C:\Windows\twain_32\Samsung\CLX3180\ssole.dll
2011-10-14 05:15 - 2011-04-30 09:28 - 00059904 _____ () C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IsdiInterop.dll
2015-09-02 07:08 - 2015-09-02 07:08 - 01333760 _____ () C:\Program Files\Common Files\ShopperPro\spbici32.dll
2015-09-02 18:45 - 2015-09-03 08:46 - 00187472 _____ () C:\Program Files (x86)\CinemaPlus-3.2cV02.09\8f42ee40-8d1b-442c-ba22-b2c043612221.dll
2015-09-02 18:56 - 2015-09-03 09:01 - 00194048 _____ () C:\Program Files (x86)\Ge-Force\84166bbf-1b79-419b-a07e-3505734ffe47.dll
2015-08-23 10:47 - 2015-08-18 07:23 - 01405768 _____ () C:\Program Files (x86)\Google\Chrome\Application\44.0.2403.157\libglesv2.dll
2015-08-23 10:47 - 2015-08-18 07:23 - 00081224 _____ () C:\Program Files (x86)\Google\Chrome\Application\44.0.2403.157\libegl.dll
2015-08-23 10:47 - 2015-08-18 07:23 - 00310088 _____ () C:\Program Files (x86)\Google\Chrome\Application\44.0.2403.157\libexif.dll
2015-09-05 15:04 - 2015-09-05 15:04 - 00071168 _____ () c:\users\verena\appdata\local\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpek2sng.dll
2015-03-04 23:45 - 2015-08-05 07:26 - 00012800 _____ () C:\Users\Verena\AppData\Roaming\Dropbox\bin\QtQuick.2\qtquick2plugin.dll
2015-03-04 23:45 - 2015-08-05 07:26 - 00779776 _____ () C:\Users\Verena\AppData\Roaming\Dropbox\bin\QtQuick\Controls\qtquickcontrolsplugin.dll
2015-07-31 10:25 - 2015-08-05 07:26 - 00056320 _____ () C:\Users\Verena\AppData\Roaming\Dropbox\bin\QtQuick\Layouts\qquicklayoutsplugin.dll
2015-03-04 23:45 - 2015-08-05 07:26 - 00012288 _____ () C:\Users\Verena\AppData\Roaming\Dropbox\bin\QtQuick\Window.2\windowplugin.dll
2013-09-05 01:14 - 2013-09-05 01:14 - 04300456 _____ () C:\Program Files (x86)\Common Files\Microsoft Shared\office14\Cultures\office.odf
2013-02-14 16:46 - 2013-02-14 16:46 - 01044048 _____ () C:\Program Files (x86)\Microsoft Office\Office14\ADDINS\UmOutlookAddin.dll
2015-09-02 18:43 - 2015-05-12 07:14 - 01070592 _____ () C:\Program Files (x86)\Crossbrowse\Crossbrowse\Application\39.6.2171.95\libglesv2.dll
2015-09-02 18:43 - 2015-05-12 07:14 - 00204800 _____ () C:\Program Files (x86)\Crossbrowse\Crossbrowse\Application\39.6.2171.95\libegl.dll
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Ahcache.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CoreMessagingRegistrar => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\StateRepository => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TileDataModelSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\UserManager => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Ahcache.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CoreMessagingRegistrar => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\StateRepository => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TileDataModelSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\UserManager => ""="Service"
==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
==================== Andere Bereiche ============================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-1577607291-3742472165-1464039351-1000\Control Panel\Desktop\\Wallpaper ->
HKU\S-1-5-21-1577607291-3742472165-1464039351-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Verena\AppData\Roaming\Microsoft\Internet Explorer\Internet Explorer Wallpaper.bmp
DNS Servers: 192.168.178.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
MSCONFIG\startupreg: Skype => "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
MSCONFIG\startupreg: TkBellExe => "C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe" -osboot
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [MSMQ-In-TCP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-Out-TCP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-In-UDP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-Out-UDP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [WCF-NetTcpActivator-In-TCP-64bit] => (Allow) LPort=808
FirewallRules: [UDP Query User{817CD93C-5541-41B7-ADB5-7800FF4DC736}C:\windows\syswow64\rundll32.exe] => (Block) C:\windows\syswow64\rundll32.exe
FirewallRules: [TCP Query User{C544608D-BCFA-4458-8C62-35A95C8258DF}C:\windows\syswow64\rundll32.exe] => (Block) C:\windows\syswow64\rundll32.exe
FirewallRules: [UDP Query User{0D7627EA-7552-4FAB-A691-2C8DA7E8078F}C:\windows\syswow64\rundll32.exe] => (Block) C:\windows\syswow64\rundll32.exe
FirewallRules: [TCP Query User{180DA49D-8665-4610-982A-372F52F794AB}C:\windows\syswow64\rundll32.exe] => (Block) C:\windows\syswow64\rundll32.exe
FirewallRules: [UDP Query User{8491CC15-3937-406C-A7CA-CA4513A4E75F}C:\users\verena\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\verena\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [TCP Query User{772A6D45-6328-48E9-AD6F-B52BBD65B0F0}C:\users\verena\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\verena\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [{5195A2DB-3968-453D-8169-36B9D24FA949}] => (Allow) C:\Users\Verena\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{74227E0D-6270-4E49-A087-757C0E04A20F}] => (Allow) C:\Users\Verena\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [UDP Query User{D310F394-F424-4392-AF84-2B115F86546E}C:\program files (x86)\internet explorer\iexplore.exe] => (Allow) C:\program files (x86)\internet explorer\iexplore.exe
FirewallRules: [TCP Query User{8B25BF0B-FAD0-4956-992C-1DCF01B22CF9}C:\program files (x86)\internet explorer\iexplore.exe] => (Allow) C:\program files (x86)\internet explorer\iexplore.exe
FirewallRules: [{B8C99453-77C1-4769-A473-B3A889583263}] => (Allow) C:\Windows\SysWOW64\ARFC\wrtc.exe
FirewallRules: [{D7505A39-5E8E-425A-992F-082F0704BEAB}] => (Allow) C:\Windows\SysWOW64\ARFC\wrtc.exe
FirewallRules: [{6C046754-3316-4CFF-801B-56CC116A4910}] => (Allow) C:\Windows\SysWOW64\ARFC\wrtc.exe
FirewallRules: [{6850F816-379B-4943-B544-63E8E6058412}] => (Allow) C:\Windows\SysWOW64\ARFC\wrtc.exe
FirewallRules: [{3A72D3FB-7ED0-4063-AD1C-E56230284394}] => (Allow) C:\Windows\System32\ARFC\wrtc.exe
FirewallRules: [{6A9933BB-82DC-4073-9EF5-66D8F96EF488}] => (Allow) C:\Windows\System32\ARFC\wrtc.exe
FirewallRules: [{083AF78D-E8B0-4719-947B-3EC490BD4F25}] => (Allow) C:\Windows\System32\dmwu.exe
FirewallRules: [{7D0CB4C6-11C0-44CC-92F5-A4DD836ABDE3}] => (Allow) C:\Windows\System32\dmwu.exe
FirewallRules: [{1DE09899-9B4B-44C7-B904-3C2632861D06}] => (Allow) C:\Program Files (x86)\Iminent\Iminent.Messengers.exe
FirewallRules: [{3CC6E039-4019-46EB-AA4B-0D5D0F14EAAD}] => (Allow) C:\Program Files (x86)\Iminent\Iminent.exe
FirewallRules: [UDP Query User{CA84EE65-D577-4994-BF11-52A8B45D7DEA}C:\program files\internet explorer\iexplore.exe] => (Allow) C:\program files\internet explorer\iexplore.exe
FirewallRules: [TCP Query User{2AFABCAC-046D-4151-A83B-3AF75AA524BE}C:\program files\internet explorer\iexplore.exe] => (Allow) C:\program files\internet explorer\iexplore.exe
FirewallRules: [{C10E8B57-002C-4CB5-B3C1-4DF9E2044125}] => (Allow) C:\Program Files (x86)\GoforFiles\GoforFiles.exe
FirewallRules: [{98E1F91F-0CF1-429A-8051-1561681F1567}] => (Allow) C:\Program Files (x86)\GoforFiles\GoforFiles.exe
FirewallRules: [{56C45C94-025F-4211-B2DE-3C8D21DBDAA8}] => (Allow) C:\Program Files (x86)\GoforFiles\goforfilesdl.exe
FirewallRules: [{B794915C-447D-4923-9912-D18B6E370F87}] => (Allow) C:\Program Files (x86)\GoforFiles\goforfilesdl.exe
FirewallRules: [{016E2359-1B8B-4347-9610-D7D9724E0B14}] => (Allow) C:\Windows\System32\ARFC\wrtc.exe
FirewallRules: [{B2C03DFA-991C-4BDA-9A6B-8929D1CB483D}] => (Allow) C:\Windows\System32\ARFC\wrtc.exe
FirewallRules: [{991E7931-BBE5-49A8-A2BA-F2933BCF971D}] => (Allow) C:\Windows\System32\dmwu.exe
FirewallRules: [{BA3F3898-ECEF-4200-B02D-C7B2DA06BA6D}] => (Allow) C:\Windows\System32\dmwu.exe
FirewallRules: [{0B2A108E-48B4-4941-A22B-ACF65FCFBBB7}] => (Allow) D:\fsetup.exe
FirewallRules: [{9278B5F4-D069-499F-8C51-1CFE0725CDB9}] => (Allow) D:\fsetup.exe
FirewallRules: [{5AEAFCC3-D74C-4627-81E1-665665458A55}] => (Allow) C:\Program Files (x86)\Scan Assistant\USDAgent.exe
FirewallRules: [{9A252121-4A23-4A1F-8236-D22B1E2C29D3}] => (Allow) C:\Program Files (x86)\Scan Assistant\USDAgent.exe
FirewallRules: [{6BAA177D-5302-4F40-88C2-6C737203529D}] => (Allow) C:\Windows\twain_32\Samsung\CLX3180\Sscan2io.exe
FirewallRules: [{81AC6008-2689-424B-AED8-55FBDF282CED}] => (Allow) C:\Windows\twain_32\Samsung\CLX3180\Sscan2io.exe
FirewallRules: [{175EDB07-0F40-44DF-B23D-1EBE7D39987C}] => (Allow) C:\Windows\twain_32\Samsung\CLX3180\Scan2Pc.exe
FirewallRules: [{5EF47076-919E-4A75-8166-5C861CA5785E}] => (Allow) C:\Windows\twain_32\Samsung\CLX3180\Scan2Pc.exe
FirewallRules: [{17F94A5D-A61B-4399-866E-D8EC281BAEB5}] => (Allow) C:\Windows\twain_32\Samsung\ScanMgr.exe
FirewallRules: [{3D76A3D0-E4FB-483C-97B1-5E8C188455F1}] => (Allow) C:\Windows\twain_32\Samsung\ScanMgr.exe
FirewallRules: [{40527AB0-3472-4764-9A89-D762493464B0}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
FirewallRules: [{97D4BE80-5063-42F0-932B-520C8FD1745A}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
FirewallRules: [{C407B10B-9E15-43CD-9CCA-0A77FEFF35EA}] => (Allow) C:\Program Files (x86)\Windows Live\Mesh\MOE.exe
FirewallRules: [{D8D32C3D-32F1-47AE-9D28-F84A5385BC91}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [{9A897406-C7D7-4615-9854-73243580C038}] => (Allow) LPort=1900
FirewallRules: [{B8CDFDC7-42EF-4F22-80D8-DBEF0E755A42}] => (Allow) LPort=2869
FirewallRules: [{DE95CA4D-BCB8-4E06-A316-C4605710831C}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{B45F0231-5782-482A-B38F-98B997F32F0B}] => (Allow) C:\Program Files\Common Files\mcafee\mcsvchost\McSvHost.exe
FirewallRules: [{882E5E7F-5BDC-48A0-9C8C-5AD506CC40B3}] => (Allow) C:\Program Files\Common Files\mcafee\mcsvchost\McSvHost.exe
FirewallRules: [{660B551C-5B55-4417-ADA5-FB670E0987DA}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{2D3C25FC-ABF0-442D-B74E-E8C3DC9E1B12}] => (Allow) C:\Program Files (x86)\Crossbrowse\Crossbrowse\Application\crossbrowse.exe
FirewallRules: [{241530B5-832D-40D6-B680-CFA9DEC69468}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Fehlerhafte Geräte im Gerätemanager =============
Name: Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows x64
Description: Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows x64
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Cisco Systems
Service: vpnva
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
Name: Basissystemgerät
Description: Basissystemgerät
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name: Basissystemgerät
Description: Basissystemgerät
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
==================== Fehlereinträge in der Ereignisanzeige: =========================
Applikationsfehler:
==================
Error: (09/06/2015 11:31:38 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Verena-PC)
Description: Bei der Aktivierung der App „Microsoft.MicrosoftOfficeHub_8wekyb3d8bbwe!Microsoft.MicrosoftOfficeHub“ ist folgender Fehler aufgetreten: -2144927141. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.
Error: (09/05/2015 09:01:34 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: spbia.exe, Version: 1.0.0.4, Zeitstempel: 0x55e68498
Name des fehlerhaften Moduls: spbia.exe, Version: 1.0.0.4, Zeitstempel: 0x55e68498
Ausnahmecode: 0xc0000005
Fehleroffset: 0x000000000000a746
ID des fehlerhaften Prozesses: 0x2d14
Startzeit der fehlerhaften Anwendung: 0xspbia.exe0
Pfad der fehlerhaften Anwendung: spbia.exe1
Pfad des fehlerhaften Moduls: spbia.exe2
Berichtskennung: spbia.exe3
Vollständiger Name des fehlerhaften Pakets: spbia.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: spbia.exe5
Error: (09/05/2015 03:03:28 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Verena-PC)
Description: Bei der Aktivierung der App „Microsoft.MicrosoftOfficeHub_8wekyb3d8bbwe!Microsoft.MicrosoftOfficeHub“ ist folgender Fehler aufgetreten: -2147023170. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.
Error: (09/05/2015 09:59:20 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Verena-PC)
Description: Bei der Aktivierung der App „Microsoft.LockApp_cw5n1h2txyewy!WindowsDefaultLockScreen“ ist folgender Fehler aufgetreten: -2147023170. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.
Error: (09/05/2015 09:59:02 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 2484) (User: Verena-PC)
Description: Das Paket „Microsoft.LockApp_10.0.10240.16384_neutral__cw5n1h2txyewy+WindowsDefaultLockScreen“ wurde beendet, da das Anhalten zu lange dauerte.
Error: (09/04/2015 11:11:53 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Verena-PC)
Description: Bei der Aktivierung der App „Microsoft.MicrosoftEdge_8wekyb3d8bbwe!MicrosoftEdge“ ist folgender Fehler aufgetreten: -2144980991. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.
Error: (09/04/2015 09:10:10 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: SystemSettings.exe, Version: 10.0.10240.16384, Zeitstempel: 0x559f39ae
Name des fehlerhaften Moduls: SettingsHandlers_StorageSense.dll, Version: 10.0.10240.16384, Zeitstempel: 0x559f3d87
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00000000000174b9
ID des fehlerhaften Prozesses: 0x1948
Startzeit der fehlerhaften Anwendung: 0xSystemSettings.exe0
Pfad der fehlerhaften Anwendung: SystemSettings.exe1
Pfad des fehlerhaften Moduls: SystemSettings.exe2
Berichtskennung: SystemSettings.exe3
Vollständiger Name des fehlerhaften Pakets: SystemSettings.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: SystemSettings.exe5
Error: (09/04/2015 08:50:42 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: spbia.exe, Version: 1.0.0.4, Zeitstempel: 0x55e68498
Name des fehlerhaften Moduls: spbia.exe, Version: 1.0.0.4, Zeitstempel: 0x55e68498
Ausnahmecode: 0xc0000005
Fehleroffset: 0x000000000000a746
ID des fehlerhaften Prozesses: 0x2044
Startzeit der fehlerhaften Anwendung: 0xspbia.exe0
Pfad der fehlerhaften Anwendung: spbia.exe1
Pfad des fehlerhaften Moduls: spbia.exe2
Berichtskennung: spbia.exe3
Vollständiger Name des fehlerhaften Pakets: spbia.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: spbia.exe5
Error: (09/04/2015 08:50:08 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Verena-PC)
Description: Bei der Aktivierung der App „Microsoft.MicrosoftOfficeHub_8wekyb3d8bbwe!Microsoft.MicrosoftOfficeHub“ ist folgender Fehler aufgetreten: -2147023170. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.
Error: (09/03/2015 12:52:28 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: SystemSettings.exe, Version: 10.0.10240.16384, Zeitstempel: 0x559f39ae
Name des fehlerhaften Moduls: SettingsHandlers_StorageSense.dll, Version: 10.0.10240.16384, Zeitstempel: 0x559f3d87
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00000000000174b9
ID des fehlerhaften Prozesses: 0x24c4
Startzeit der fehlerhaften Anwendung: 0xSystemSettings.exe0
Pfad der fehlerhaften Anwendung: SystemSettings.exe1
Pfad des fehlerhaften Moduls: SystemSettings.exe2
Berichtskennung: SystemSettings.exe3
Vollständiger Name des fehlerhaften Pakets: SystemSettings.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: SystemSettings.exe5
Systemfehler:
=============
Error: (09/06/2015 11:31:38 AM) (Source: DCOM) (EventID: 10010) (User: Verena-PC)
Description: Microsoft.MicrosoftOfficeHub.AppXrqs94aemecwbtd1veqtvyn34m9ks80g7.mca
Error: (09/05/2015 11:03:31 PM) (Source: nvlddmkm) (EventID: 13) (User: )
Description: \Device\Video4Variable String to Large
Error: (09/05/2015 11:03:31 PM) (Source: nvlddmkm) (EventID: 13) (User: )
Description: \Device\Video4NVRM: Graphics TEX Exception on (GPC 0, TPC 1): TEX NACK / Page Fault
Error: (09/05/2015 11:03:31 PM) (Source: nvlddmkm) (EventID: 13) (User: )
Description: \Device\Video4NVRM: Graphics TEX Exception on (GPC 0, TPC 1): TEX LAYOUT
Error: (09/05/2015 11:03:31 PM) (Source: nvlddmkm) (EventID: 13) (User: )
Description: \Device\Video4Variable String to Large
Error: (09/05/2015 11:03:31 PM) (Source: nvlddmkm) (EventID: 13) (User: )
Description: \Device\Video4NVRM: Graphics TEX Exception on (GPC 0, TPC 0): TEX NACK / Page Fault
Error: (09/05/2015 11:03:31 PM) (Source: nvlddmkm) (EventID: 13) (User: )
Description: \Device\Video4NVRM: Graphics TEX Exception on (GPC 0, TPC 0): TEX LAYOUT
Error: (09/05/2015 03:02:32 PM) (Source: nvlddmkm) (EventID: 13) (User: )
Description: \Device\Video4Variable String to Large
Error: (09/05/2015 03:02:32 PM) (Source: nvlddmkm) (EventID: 13) (User: )
Description: \Device\Video4NVRM: Graphics TEX Exception on (GPC 0, TPC 1): TEX NACK / Page Fault
Error: (09/05/2015 03:02:32 PM) (Source: nvlddmkm) (EventID: 13) (User: )
Description: \Device\Video4NVRM: Graphics TEX Exception on (GPC 0, TPC 1): TEX LAYOUT
Microsoft Office:
=========================
Error: (09/06/2015 11:31:38 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Verena-PC)
Description: Microsoft.MicrosoftOfficeHub_8wekyb3d8bbwe!Microsoft.MicrosoftOfficeHub-2144927141
Error: (09/05/2015 09:01:34 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: spbia.exe1.0.0.455e68498spbia.exe1.0.0.455e68498c0000005000000000000a7462d1401d0e80d1e4bc8e4C:\Program Files\Common Files\ShopperPro\spbia.exeC:\Program Files\Common Files\ShopperPro\spbia.exe3e1836d8-6d54-4617-8c67-28768c4441c1
Error: (09/05/2015 03:03:28 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Verena-PC)
Description: Microsoft.MicrosoftOfficeHub_8wekyb3d8bbwe!Microsoft.MicrosoftOfficeHub-2147023170
Error: (09/05/2015 09:59:20 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Verena-PC)
Description: Microsoft.LockApp_cw5n1h2txyewy!WindowsDefaultLockScreen-2147023170
Error: (09/05/2015 09:59:02 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 2484) (User: Verena-PC)
Description: Microsoft.LockApp_10.0.10240.16384_neutral__cw5n1h2txyewy+WindowsDefaultLockScreen
Error: (09/04/2015 11:11:53 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Verena-PC)
Description: Microsoft.MicrosoftEdge_8wekyb3d8bbwe!MicrosoftEdge-2144980991
Error: (09/04/2015 09:10:10 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: SystemSettings.exe10.0.10240.16384559f39aeSettingsHandlers_StorageSense.dll10.0.10240.16384559f3d87c000000500000000000174b9194801d0e744a32bc8cbC:\WINDOWS\ImmersiveControlPanel\SystemSettings.exeC:\Windows\System32\SettingsHandlers_StorageSense.dll03bb3059-0cdc-425b-9906-05f298070df9windows.immersivecontrolpanel_6.2.0.0_neutral_neutral_cw5n1h2txyewymicrosoft.windows.immersivecontrolpanel
Error: (09/04/2015 08:50:42 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: spbia.exe1.0.0.455e68498spbia.exe1.0.0.455e68498c0000005000000000000a746204401d0e7426c97c8beC:\Program Files\Common Files\ShopperPro\spbia.exeC:\Program Files\Common Files\ShopperPro\spbia.exed7f19193-4bc5-46d4-9c9e-1c984454309f
Error: (09/04/2015 08:50:08 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Verena-PC)
Description: Microsoft.MicrosoftOfficeHub_8wekyb3d8bbwe!Microsoft.MicrosoftOfficeHub-2147023170
Error: (09/03/2015 12:52:28 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: SystemSettings.exe10.0.10240.16384559f39aeSettingsHandlers_StorageSense.dll10.0.10240.16384559f3d87c000000500000000000174b924c401d0e6367c8a83b0C:\WINDOWS\ImmersiveControlPanel\SystemSettings.exeC:\Windows\System32\SettingsHandlers_StorageSense.dllf4b5d94f-3947-4af7-85ea-ddfe69f933bewindows.immersivecontrolpanel_6.2.0.0_neutral_neutral_cw5n1h2txyewymicrosoft.windows.immersivecontrolpanel
CodeIntegrity:
===================================
Date: 2015-09-06 12:04:12.686
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2015-09-06 12:04:12.545
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2015-09-06 12:04:11.738
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2015-09-06 12:04:11.582
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2015-09-06 12:04:10.907
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2015-09-06 12:04:10.690
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2015-09-06 12:04:01.241
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2015-09-06 12:04:01.117
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2015-09-06 12:04:00.399
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2015-09-06 12:04:00.260
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
==================== Speicherinformationen ===========================
Prozessor: Intel(R) Core(TM) i5-2450M CPU @ 2.50GHz
Prozentuale Nutzung des RAM: 47%
Installierter physikalischer RAM: 8043.86 MB
Verfügbarer physikalischer RAM: 4204.76 MB
Summe virtueller Speicher: 16235.86 MB
Verfügbarer virtueller Speicher: 11960.55 MB
==================== Laufwerke ================================
Drive c: (Acer) (Fixed) (Total:578.07 GB) (Free:379.99 GB) NTFS
==================== MBR & Partitionstabelle ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 596.2 GB) (Disk ID: 17332B7C)
Partition 1: (Not Active) - (Size=18 GB) - (Type=27)
Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=578.1 GB) - (Type=07 NTFS)
==================== Ende von Addition.txt ============================
|
|
07.09.2015, 08:54
| #8 |
| /// the machine /// TB-Ausbilder | Reimage Repair Lade Dir bitte von hier  Revo Uninstaller (alternativ portable Revo Uninstaller) herunter.
Downloade Dir bitte  Malwarebytes Anti-Malware
Downloade Dir bitte  AdwCleaner auf deinen Desktop.
Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
und ein frisches FRST log bitte.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
09.09.2015, 20:39
| #9 |
| | Reimage Repair Hallo! Hier das von MBAM: Code:
ATTFilter Malwarebytes Anti-Malware www.malwarebytes.org Error, 08.09.2015 21:22, SYSTEM, VERENA-PC, Update, Bad md5 or size: akadomains, 11, Error, 08.09.2015 21:22, SYSTEM, VERENA-PC, Update, Bad md5 or size: akaips, 11, Update, 08.09.2015 21:22, SYSTEM, VERENA-PC, Manual, Remediation Database, 2015.5.13.1, 2015.8.28.2, Update, 08.09.2015 21:22, SYSTEM, VERENA-PC, Manual, IP Database, 0.0.0.0, 2015.7.24.3, Update, 08.09.2015 21:22, SYSTEM, VERENA-PC, Manual, Rootkit Database, 2015.6.2.1, 2015.8.16.1, Update, 08.09.2015 21:22, SYSTEM, VERENA-PC, Manual, Domain Database, 0.0.0.0, 2015.7.24.2, Update, 08.09.2015 21:22, SYSTEM, VERENA-PC, Manual, AKA IP Database, 0.0.0.0, 2015.9.7.1, Update, 08.09.2015 21:22, SYSTEM, VERENA-PC, Manual, AKA Domain Database, 0.0.0.0, 2015.9.8.1, Update, 08.09.2015 21:22, SYSTEM, VERENA-PC, Manual, Malware Database, 2015.6.3.3, 2015.9.8.5, (end) Code:
ATTFilter # AdwCleaner v5.007 - Bericht erstellt am 09/09/2015 um 20:45:29
# Aktualisiert am 08/09/2015 von Xplode
# Datenbank : 2015-09-08.2 [Server]
# Betriebssystem : Windows 10 Home (x64)
# Benutzername : Verena - VERENA-PC
# Gestartet von : C:\Users\Verena\Downloads\AdwCleaner_5.007.exe
# Option : Löschen
# Unterstützung : hxxp://toolslib.net/forum
***** [ Dienste ] *****
[-] Dienst Gelöscht : BrsHelper
[-] Dienst Gelöscht : sbmntr
***** [ Ordner ] *****
[-] Ordner Gelöscht : C:\TVTime
[-] Ordner Gelöscht : C:\Program Files (x86)\globalUpdate
[-] Ordner Gelöscht : C:\Program Files (x86)\predm
[-] Ordner Gelöscht : C:\Program Files (x86)\YTDownloader
[-] Ordner Gelöscht : C:\Program Files (x86)\Ge-Force
[-] Ordner Gelöscht : C:\Program Files (x86)\Crossbrowse
[-] Ordner Gelöscht : C:\Program Files (x86)\DailyPcClean Support
[-] Ordner Gelöscht : C:\Program Files (x86)\8CBD48C6-1441211369-E111-9306-DC0EA11C2A46
[-] Ordner Gelöscht : C:\Program Files (x86)\PhraseProfessor_1.10.0.24
[!] Ordner Nicht Gelöscht : C:\Program Files (x86)\Crossbrowse
[!] Ordner Nicht Gelöscht : C:\Program Files (x86)\Ge-Force
[-] Ordner Gelöscht : C:\Program Files (x86)\System NotifierV02.09
[-] Ordner Gelöscht : C:\Program Files (x86)\gmsd_de_005010081
[-] Ordner Gelöscht : C:\Program Files (x86)\Common Files\DVDVideoSoft\AskTB
[-] Ordner Gelöscht : C:\Program Files\Common Files\Goobzo
[-] Ordner Gelöscht : C:\Program Files\Common Files\ShopperPro
[-] Ordner Gelöscht : C:\ProgramData\Browser
[-] Ordner Gelöscht : C:\ProgramData\{C4ABDBC8-1C81-42C9-BFFC-4A68511E9E4F}
[-] Ordner Gelöscht : C:\ProgramData\{FE8D473A-6F06-4F99-B5F4-BED72B2A038C}
[-] Ordner Gelöscht : C:\ProgramData\Microsoft\Windows\Start Menu\goforfiles
[-] Ordner Gelöscht : C:\Users\Public\Documents\ShopperPro
[-] Ordner Gelöscht : C:\Users\Verena\AppData\Local\globalUpdate
[-] Ordner Gelöscht : C:\Users\Verena\AppData\Local\SmartWeb
[-] Ordner Gelöscht : C:\Users\Verena\AppData\Local\BrowserHelper
[-] Ordner Gelöscht : C:\Users\Verena\AppData\Local\Crossbrowse
[-] Ordner Gelöscht : C:\Users\Verena\AppData\Local\DeskBar
[!] Ordner Nicht Gelöscht : C:\Users\Verena\AppData\Local\Crossbrowse
[-] Ordner Gelöscht : C:\Users\Verena\AppData\Local\gmsd_de_005010081
[-] Ordner Gelöscht : C:\Users\Verena\AppData\Local\Google\Chrome\User Data\Default\simple_new_tab
[-] Ordner Gelöscht : C:\Users\Verena\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\YTDownloader
***** [ Dateien ] *****
[-] Datei Gelöscht : C:\Program Files\Common Files\System\SysMenu.dll
[-] Datei Gelöscht : C:\Program Files\Common Files\System\SysMenu64.dll
[-] Datei Gelöscht : C:\Users\Verena\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_gbmdkmlcnbapgegninelmjbfibaghdmk_0.localstorage
[-] Datei Gelöscht : C:\Users\Verena\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_pmgkeimkiojpjcoiiipekfjaopchhjga_0.localstorage
[-] Datei Gelöscht : C:\Users\Verena\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_jfenflmklmpohipcckmagnmbmbibnolo_0.localstorage
[-] Datei Gelöscht : C:\Users\Verena\AppData\Roaming\Mozilla\Firefox\Profiles\fpx32vvt.default-1374689957011\invalidprefs.js
[-] Datei Gelöscht : C:\Users\Verena\AppData\Roaming\Mozilla\Firefox\Profiles\fpx32vvt.default-1374689957011\searchplugins\yahoo-msd.xml
[-] Datei Gelöscht : C:\Users\Verena\Desktop\YTDownloader.lnk
[-] Datei Gelöscht : C:\WINDOWS\Sysnative\drivers\ppfd_vw_1_10_0_22.sys
[-] Datei Gelöscht : C:\WINDOWS\Sysnative\drivers\ppfd_vw_1_10_0_24.sys
[-] Datei Gelöscht : C:\WINDOWS\Sysnative\drivers\wsafd_1_10_0_19.sys
[-] Datei Gelöscht : C:\WINDOWS\Sysnative\drivers\wsfd_vw_1_10_0_20.sys
***** [ Verknüpfungen ] *****
***** [ Geplante Tasks ] *****
[-] Task Gelöscht : APSnotifierPP3
[-] Task Gelöscht : ShopperProJSUpd
[-] Task Gelöscht : SmartWeb Upgrade Trigger Task
[-] Task Gelöscht : Smp
[-] Task Gelöscht : YTDownloader
[-] Task Gelöscht : YTDownloaderUpd
[-] Task Gelöscht : runTask
[-] Task Gelöscht : updateTask
***** [ Registrierungsdatenbank ] *****
[-] Wert Gelöscht : HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [YTDownloader]
[-] Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [YTDownloader]
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\YTDownloader.exe
[-] Schlüssel Gelöscht : HKLM\SYSTEM\CurrentControlSet\Control\Class\{0014298C-A9BA-440D-AAA8-AD12C7010EE5}
[-] Schlüssel Gelöscht : HKLM\SYSTEM\CurrentControlSet\Control\Class\{181A06EA-B82C-47DE-B851-E20FD0E1CC7D}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\SDP
[-] Wert Gelöscht : HKLM\SOFTWARE\Classes\.xht\OpenWithProgIDs [CRSBRWSHTML]
[-] Wert Gelöscht : HKLM\SOFTWARE\Classes\.webp\OpenWithProgIDs [CRSBRWSHTML]
[-] Wert Gelöscht : HKLM\SOFTWARE\Classes\.shtml\OpenWithProgIDs [CRSBRWSHTML]
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\smu.exe
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\84166bbf-1b79-419b-a07e-3505734ffe47
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\8f42ee40-8d1b-442c-ba22-b2c043612221
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{3278F5CF-48F3-4253-A6BB-004CE84AF492}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{577975B8-C40E-43E6-B0DE-4C6B44088B52}
[-] Schlüssel Gelöscht : HKCU\Software\Classes\CLSID\{9C4EFBD5-1ADF-41E6-BE26-AF44326E30E4}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{3278F5CF-48F3-4253-A6BB-004CE84AF492}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{3B5702BA-7F4C-4D1A-B026-1E9A01D43978}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{577975B8-C40E-43E6-B0DE-4C6B44088B52}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{5E89ACE9-E16B-499A-87B4-0DBF742404C1}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{69F256DF-BA98-45E9-86EA-FC3CFECF9D30}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{6E87FC94-9866-49B9-8E93-5736D6DE3DD7}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{7E49F793-B3CD-4BF7-8419-B34B8BD30E61}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{834469E3-CA2B-4F21-A5CA-4F6F4DBCDE87}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{8529FAA3-5BFD-43C1-AB35-B53C4B96C6E5}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{ADBC39BE-3D20-4333-8D99-E91EB1B62474}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{E06CA7F5-BA34-4FF6-8D24-B1BDC594D91F}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{F6421EE5-A5BE-4D31-81D5-C16B7BF48E4C}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{FD8E81D0-F5FE-4CB1-9AEA-1E163D2BAB78}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{9C4EFBD5-1ADF-41E6-BE26-AF44326E30E4}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{6EDBF8C0-C94C-4A13-956F-E393BCA5BA4B}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{61AB12E1-A5FF-11D1-B2E9-444553540000}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{82351441-9094-11D1-A24B-00A0C932C7DF}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{82351433-9094-11D1-A24B-00A0C932C7DF}
[-] Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID [{58124A0B-DC32-4180-9BFF-E0E21AE34026}]
[-] Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID [{977AE9CC-AF83-45E8-9E03-E2798216E2D5}]
[-] Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID [{A09AB6EB-31B5-454C-97EC-9B294D92EE2A}]
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5E89ACE9-E16B-499A-87B4-0DBF742404C1}
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{9C4EFBD5-1ADF-41E6-BE26-AF44326E30E4}
[-] Schlüssel Gelöscht : HKU\.DEFAULT\Software\IM
[-] Schlüssel Gelöscht : HKU\.DEFAULT\Software\ImInstaller
[-] Schlüssel Gelöscht : HKU\.DEFAULT\Software\AppDataLow\{5F189DF5-2D05-472B-9091-84D9848AE48B}
[-] Schlüssel Gelöscht : HKCU\Software\APN PIP
[-] Schlüssel Gelöscht : HKCU\Software\GlobalUpdate
[-] Schlüssel Gelöscht : HKCU\Software\InstalledBrowserExtensions
[-] Schlüssel Gelöscht : HKCU\Software\OCS
[-] Schlüssel Gelöscht : HKCU\Software\YTDownloader
[-] Schlüssel Gelöscht : HKCU\Software\Ge-Force
[-] Schlüssel Gelöscht : HKCU\Software\DAILYPCCLEAN
[-] Schlüssel Gelöscht : HKCU\Software\DeskBar
[!] Schlüssel Nicht Gelöscht : HKCU\Software\Ge-Force
[-] Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\SmartWeb
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\AppDataLow\SOFTWARE\_CrossriderRegNamePlaceHolder_
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\GlobalUpdate
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\InstalledBrowserExtensions
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\YTDownloader
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\SearchModule
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\YTDownloader
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{EE171732-BEB4-4576-887D-CB62727F01CA}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Ge-Force
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{7ADF667E-E14D-4D2C-827C-B0108F0D93BC}
[!] Schlüssel Nicht Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Ge-Force
[!] Schlüssel Nicht Gelöscht : [x64] HKCU\Software\APN PIP
[!] Schlüssel Nicht Gelöscht : [x64] HKCU\Software\GlobalUpdate
[!] Schlüssel Nicht Gelöscht : [x64] HKCU\Software\InstalledBrowserExtensions
[!] Schlüssel Nicht Gelöscht : [x64] HKCU\Software\OCS
[!] Schlüssel Nicht Gelöscht : [x64] HKCU\Software\YTDownloader
[!] Schlüssel Nicht Gelöscht : [x64] HKCU\Software\Ge-Force
[!] Schlüssel Nicht Gelöscht : [x64] HKCU\Software\DAILYPCCLEAN
[!] Schlüssel Nicht Gelöscht : [x64] HKCU\Software\DeskBar
[!] Schlüssel Nicht Gelöscht : [x64] HKCU\Software\Ge-Force
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\InstalledBrowserExtensions
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\ShopperPro
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\SearchModule
[!] Schlüssel Nicht Gelöscht : HKU\S-1-5-21-1577607291-3742472165-1464039351-1001\Software\AppDataLow\Software\SmartWeb
***** [ Internetbrowser ] *****
[-] [C:\Users\Verena\AppData\Roaming\Mozilla\Firefox\Profiles\fpx32vvt.default-1374689957011\prefs.js] [Preference] Gelöscht : user_pref("extensions.aTTSD90021300PYDKGV101145942com70881.70881.internaldb.Resources_meta.value", "%7B%22handlebars.js%22%3A%7B%22id%22%3A1002241%2C%22ver%22%3A1%2C%22status%22%3A1%2C%22name%22%3A%22[...]
[-] [C:\Users\Verena\AppData\Roaming\Mozilla\Firefox\Profiles\fpx32vvt.default-1374689957011\prefs.js] [Preference] Gelöscht : user_pref("extensions.aTTSD90021300PYDKGV101145942com70881.70881.internaldb.Resources_resource_1002250.value", "%22function%20startAskCom%28e%2Ct%2Cr%29%7Bfunction%20a%28e%29%7Bvar%20t%3Dnew%20RegExp%[...]
[-] [C:\Users\Verena\AppData\Roaming\Mozilla\Firefox\Profiles\fpx32vvt.default-1374689957011\prefs.js] [Preference] Gelöscht : user_pref("extensions.aTTSD90021300PYDKGV101145942com70881.70881.internaldb.monetization_plugin_bundledUrls.value", "%7B%22dealply_s%22%3A%7B%22urls%22%3A%5B%22ssfiles.com%22%5D%7D%2C%22dealply_p%22%3[...]
[-] [C:\Users\Verena\AppData\Roaming\Mozilla\Firefox\Profiles\fpx32vvt.default-1374689957011\prefs.js] [Preference] Gelöscht : user_pref("extensions.ad4db60df25f14dae9dd18185c395f9e794c9ab86be3ebcom72893.72893.internaldb.monetization_plugin_bundledUrls.value", "%7B%22dealply_s%22%3A%7B%22urls%22%3A%5B%22ssfiles.com%22%5D%7D%2[...]
[-] [C:\Users\Verena\AppData\Local\Google\Chrome\User Data\Default\Web Data] [Search Provider] Gelöscht : golsearch.com
[-] [C:\Users\Verena\AppData\Local\Google\Chrome\User Data\Default\Web Data] [Search Provider] Gelöscht : www-searching.com_
[-] [C:\Users\Verena\AppData\Local\Google\Chrome\User Data\Default\Web Data] [Search Provider] Gelöscht : www-searching.com
[-] [C:\Users\Verena\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Default_Search_Provider_Data] Gelöscht : hxxp://www-searching.com/search.aspx?site=shyos&prd=set&q={searchTerms}&s=F98ztutdk0004,39b220ee-7f81-41d4-977e-9f430f7a124b
[-] [C:\Users\Verena\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Extension] Gelöscht : papbadoldddalgcjcicnikcfenodpghp
[-] [C:\Users\Verena\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Homepage] Gelöscht : hxxp://www-searching.com/?pid=s&s=F98ztutdk0004,39b220ee-7f81-41d4-977e-9f430f7a124b&vp=ch&prd=set
*************************
:: Proxy Einstellungen zurückgesetzt
:: Winsock Einstellungen zurückgesetzt
:: Chrome Richtlinien gelöscht
########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt - [12678 Bytes] ##########
Code:
ATTFilter ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 7.6.1 (09.08.2015:1)
OS: Windows 10 Home x64
Ran by Verena on 09.09.2015 at 20:57:14,18
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Tasks
~~~ Registry Values
Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search\\SearchAssistant
~~~ Registry Keys
~~~ Files
Successfully disinfected: [Shortcut] C:\ProgramData\Microsoft\windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk
Successfully disinfected: [Shortcut] C:\Users\Verena\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
Successfully disinfected: [Shortcut] C:\Users\Verena\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Internet-Explorer.lnk
Successfully disinfected: [Shortcut] C:\Users\Verena\desktop\(.)\Neuer Ordner\Google Chrome.lnk
~~~ Folders
Successfully deleted: [Empty Folder] C:\Users\Verena\Appdata\Local\{40308CEC-FDFF-4F5E-9B8F-97FCCD4C8DC8}
Successfully deleted: [Folder] C:\Users\Verena\Appdata\Local\crashrpt
Successfully deleted: [Folder] C:\Users\Verena\Appdata\Local\installer
~~~ Chrome
[C:\Users\Verena\Appdata\Local\Google\Chrome\User Data\Default\Preferences] - default search provider reset
[C:\Users\Verena\Appdata\Local\Google\Chrome\User Data\Default\Preferences] - Extensions Deleted:
papbadoldddalgcjcicnikcfenodpghp
[C:\Users\Verena\Appdata\Local\Google\Chrome\User Data\Default\Secure Preferences] - default search provider reset
[C:\Users\Verena\Appdata\Local\Google\Chrome\User Data\Default\Secure Preferences] - Extensions Deleted:
[]
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 09.09.2015 at 21:08:41,54
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:07-09-2015
durchgeführt von Verena (Administrator) auf VERENA-PC (09-09-2015 21:24:12)
Gestartet von C:\Users\Verena\Downloads
Geladene Profile: Verena (Verfügbare Profile: UpdatusUser & Verena)
Platform: Windows 10 Home (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: Edge)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Cisco Systems, Inc.) C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe
(Samsung Electronics Co., Ltd.) C:\Windows\System32\spool\drivers\x64\3\NetFaxServer64.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\dsiwmis.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMutilps32.exe
(Microsoft Corporation) C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Microsoft Corporation) C:\Windows\System32\mqsvc.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
(Microsoft Corporation) C:\Windows\System32\browser_broker.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Farbar) C:\Users\Verena\Downloads\FRST64 (1).exe
==================== Registry (Nicht auf der Ausnahmeliste) ===========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13885696 2015-06-24] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1402624 2015-06-24] (Realtek Semiconductor)
HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [3233976 2015-09-01] (ELAN Microelectronics Corp.)
HKLM\...\Run: [IntelTBRunOnce] => wscript.exe //b //nologo "C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs"
HKLM\...\Run: [Power Management] => C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe [1831016 2011-08-02] (Acer Incorporated)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
HKLM-x32\...\Run: [BackupManagerTray] => C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe [297280 2011-04-24] (NTI Corporation)
HKLM-x32\...\Run: [LManager] => C:\Program Files (x86)\Launch Manager\LManager.exe [1103440 2011-07-01] (Dritek System Inc.)
HKLM-x32\...\Run: [Dolby Advanced Audio v2] => C:\Dolby PCEE4\pcee4.exe [506712 2011-06-01] (Dolby Laboratories Inc.)
HKLM-x32\...\Run: [SuiteTray] => C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe [341360 2011-09-20] (Egis Technology Inc.)
HKLM-x32\...\Run: [BrStsWnd] => C:\Program Files (x86)\Brownie\BrstsW64.exe [3695984 2011-03-25] (brother)
HKLM-x32\...\Run: [Samsung PanelMgr] => C:\Windows\Samsung\PanelMgr\SSMMgr.exe [688128 2011-07-06] ()
HKLM-x32\...\Run: [CLX3180_Scan2Pc] => C:\Windows\Twain_32\Samsung\CLX3180\Scan2pc.exe [1990144 2011-04-29] ()
HKLM-x32\...\Run: [3180 Scan2PC] => C:\Windows\twain_32\Samsung\CLX3180\Scan2Pc.exe [1990144 2011-04-29] ()
HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation)
HKLM-x32\...\Run: [Cisco AnyConnect Secure Mobility Agent for Windows] => C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe [707472 2014-03-12] (Cisco Systems, Inc.)
HKLM-x32\...\Run: [TkBellExe] => C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe [295072 2012-12-16] (RealNetworks, Inc.)
Winlogon\Notify\igfxcui: C:\WINDOWS\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-1577607291-3742472165-1464039351-1001\...\Run: [Dropbox Update] => C:\Users\Verena\AppData\Local\Dropbox\Update\DropboxUpdate.exe [134512 2015-06-19] (Dropbox, Inc.)
HKU\S-1-5-21-1577607291-3742472165-1464039351-1001\...\Run: [OneDrive] => C:\Users\Verena\AppData\Local\Microsoft\OneDrive\OneDrive.exe [404064 2015-09-02] (Microsoft Corporation)
AppInit_DLLs: c:\Windows\System32\nvinitx.dll => c:\Windows\System32\nvinitx.dll [177088 2015-07-13] (NVIDIA Corporation)
AppInit_DLLs: ,C:\WINDOWS\system32\nvinitx.dll => C:\WINDOWS\system32\nvinitx.dll [177088 2015-07-13] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\WINDOWS\SysWOW64\nvinit.dll => C:\WINDOWS\SysWOW64\nvinit.dll [155280 2015-07-13] (NVIDIA Corporation)
ShellIconOverlayIdentifiers: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Verena\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll Keine Datei
ShellIconOverlayIdentifiers: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Verena\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll Keine Datei
ShellIconOverlayIdentifiers: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Verena\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll Keine Datei
ShellIconOverlayIdentifiers: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Verena\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll Keine Datei
ShellIconOverlayIdentifiers: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Verena\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll Keine Datei
ShellIconOverlayIdentifiers: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Verena\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll Keine Datei
ShellIconOverlayIdentifiers: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Verena\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll Keine Datei
ShellIconOverlayIdentifiers: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Verena\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll Keine Datei
Startup: C:\Users\Verena\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2014-11-02]
ShortcutTarget: Dropbox.lnk -> C:\Users\Verena\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\Users\Verena\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2010 Bildschirmausschnitt- und Startprogramm.lnk [2012-04-15]
ShortcutTarget: OneNote 2010 Bildschirmausschnitt- und Startprogramm.lnk -> C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE (Microsoft Corporation)
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt..)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{3b7f2f84-982a-49ea-9368-45fb5bc144d9}: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{b0d6ddbf-db99-4fd2-9675-c35ced802d52}: [DhcpNameServer] 192.168.178.1
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617910&ResetID=130856855472853968&GUID=72A09B6E-8225-4B37-94F8-E33EAFCC85C1
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-1577607291-3742472165-1464039351-1001\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-1577607291-3742472165-1464039351-1001\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com/ie
HKU\S-1-5-21-1577607291-3742472165-1464039351-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617910&ResetID=130862133690298002&GUID=72A09B6E-8225-4B37-94F8-E33EAFCC85C1
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-1577607291-3742472165-1464039351-1001 -> DefaultScope {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKU\S-1-5-21-1577607291-3742472165-1464039351-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-1577607291-3742472165-1464039351-1001 -> {2A44F415-BC14-4AC0-AF6C-0D89E7908512} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKU\S-1-5-21-1577607291-3742472165-1464039351-1001 -> {4B0B64FD-EC90-484B-A3F3-3997730B5B73} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKU\S-1-5-21-1577607291-3742472165-1464039351-1001 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKU\S-1-5-21-1577607291-3742472165-1464039351-1001 -> {BB1C9FE6-A25C-4D5D-9631-59F983A1351B} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
BHO: Citavi Picker -> {609D670F-B735-4da7-AC6D-F3BD358E325E} -> C:\WINDOWS\system32\mscoree.dll [2015-07-10] (Microsoft Corporation)
BHO: Adblock IE -> {667BEE43-20BD-4CE3-94AC-E63E04D4B191} -> C:\Program Files\MGTEK\Adblock IE\adblockie.dll [2013-05-08] (MGTEK)
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: RealNetworks Download and Record Plugin for Internet Explorer -> {3049C3E9-B461-4BC5-8870-4C09146192CA} -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll [2012-11-29] (RealDownloader)
BHO-x32: Citavi Picker -> {609D670F-B735-4da7-AC6D-F3BD358E325E} -> C:\WINDOWS\SysWOW64\mscoree.dll [2015-07-10] (Microsoft Corporation)
BHO-x32: Adblock IE -> {667BEE43-20BD-4CE3-94AC-E63E04D4B191} -> C:\Program Files (x86)\MGTEK\Adblock IE\adblockie.dll [2013-05-08] (MGTEK)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
DPF: HKLM {166B1BCA-3F9C-11CF-8075-444553540000} hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: HKLM {233C1507-6A77-46A4-9443-F871F945D258} hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Technologies)
FireFox:
========
FF ProfilePath: C:\Users\Verena\AppData\Roaming\Mozilla\Firefox\Profiles\fpx32vvt.default-1374689957011
FF DefaultSearchEngine: Search Module
FF SelectedSearchEngine: Yahoo DE
FF Homepage: hxxps://www.malwarebytes.org/restorebrowser//?type=hp&ts=1441213265&z=ca518fbf7d0208bbd6016degfz1z6g1o2g5c1g8cbw&from=cmi&uid=WDCXWD6400BPVT-22HXZT3_WD-WX91A91P5075P5075
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_18_0_0_232.dll [2015-08-13] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_232.dll [2015-08-13] ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2013-10-07] (Google)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2014-01-06] (Google, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=10.5.1 -> C:\Windows\SysWOW64\npDeployJava1.dll [2012-07-05] (Oracle Corporation)
FF Plugin-x32: @mcafee.com/SAFFPlugin -> C:\Program Files (x86)\McAfee\SiteAdvisor\npmcffplg32.dll [Keine Datei]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~4\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2011-05-14] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2011-05-14] (Microsoft Corporation)
FF Plugin-x32: @real.com/nppl3260;version=16.0.0.282 -> c:\program files (x86)\real\realplayer\Netscape6\nppl3260.dll [2012-12-16] (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprndlchromebrowserrecordext;version=1.3.0 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll [2012-11-29] (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprndlhtml5videoshim;version=1.3.0 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll [2012-11-29] (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprndlpepperflashvideoshim;version=1.3.0 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll [2012-11-29] (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpplugin;version=16.0.0.282 -> c:\program files (x86)\real\realplayer\Netscape6\nprpplugin.dll [2012-12-16] (RealPlayer)
FF Plugin-x32: @realnetworks.com/npdlplugin;version=1 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll [2012-11-29] (RealDownloader)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.13\npGoogleUpdate3.dll [2015-08-27] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.13\npGoogleUpdate3.dll [2015-08-27] (Google Inc.)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\4\NP_wtapp.dll [2012-12-19] ()
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-06-29] (Adobe Systems Inc.)
FF Extension: Amazon-Icon - C:\Users\Verena\AppData\Roaming\Mozilla\Firefox\Profiles\fpx32vvt.default-1374689957011\Extensions\amazon-icon@giga.de [2014-11-01]
FF Extension: Foxi Security - C:\Users\Verena\AppData\Roaming\Mozilla\Firefox\Profiles\fpx32vvt.default-1374689957011\Extensions\foxi@securitii-dhfjs.com [2014-11-01]
FF Extension: Simple New Tab - C:\Users\Verena\AppData\Roaming\Mozilla\Firefox\Profiles\fpx32vvt.default-1374689957011\Extensions\snt@dotlabs.co [2013-11-28]
FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor
FF HKLM-x32\...\Firefox\Extensions: [{34712C68-7391-4c47-94F3-8F88D49AD632}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
FF Extension: RealDownloader - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext [2012-12-16]
FF HKLM-x32\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
FF HKLM-x32\...\Firefox\Extensions: [{8AA36F4F-6DC7-4c06-77AF-5035170634FE}] - C:\ProgramData\Swiss Academic Software\Citavi Picker\Firefox
FF Extension: Citavi Picker - C:\ProgramData\Swiss Academic Software\Citavi Picker\Firefox [2015-04-27]
FF Extension: Kein Name - C:\Users\Verena\AppData\Roaming\Mozilla\Firefox\Profiles\fpx32vvt.default-1374689957011\extensions\d4db60df25f14dae9dd18@185c395f9e794c9ab86be3eb.com [nicht gefunden]
FF Extension: Kein Name - C:\Users\Verena\AppData\Roaming\Mozilla\Firefox\Profiles\fpx32vvt.default-1374689957011\extensions\TTSD90021300@PYDKGV101145942.com [nicht gefunden]
FF ExtraCheck: C:\Program Files (x86)\mozilla firefox\firefox.cfg [2015-09-01] <==== ACHTUNG
Chrome:
=======
CHR dev: Chrome dev build erkannt! <======= ACHTUNG
CHR HomePage: Default -> hxxp://www.google.com/
CHR StartupUrls: Default -> "https://www.malwarebytes.org/restorebrowser/"
CHR DefaultSearchURL: Default -> hxxp://www-searching.com/search.aspx?site=shdefault&prd=smw&pid=s&shr=d&q={searchTerms}&s=Unknown
CHR DefaultSearchKeyword: Default -> www-searching.com
CHR DefaultSuggestURL: Default -> hxxp://api.searchpredict.com/api/?rqtype=ffplugin&siteID=8661&dbCode=1&command={searchTerms}
CHR Profile: C:\Users\Verena\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Docs) - C:\Users\Verena\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-06-08]
CHR Extension: (RealDownloader) - C:\Users\Verena\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhngdhcfkoamngbedgpaokgjbnpdiji [2013-05-02]
CHR HKU\S-1-5-21-1577607291-3742472165-1464039351-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [jlcgehabolcakkjhgmgpkagpolbjlhfa] - https://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [idhngdhcfkoamngbedgpaokgjbnpdiji] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Chrome\Ext\realdownloader.crx [2012-11-29]
CHR HKLM-x32\...\Chrome\Extension: [ohgndokldibnndfnjnagojmheejlengn] - https://clients2.google.com/service/update2/crx
==================== Dienste (Nicht auf der Ausnahmeliste) ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
S2 ETDService; C:\Program Files\Elantech\ETDService.exe [135352 2015-09-01] (ELAN Microelectronics Corp.)
S2 Freemake Improver; C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe [108032 2014-02-04] (Freemake) [Datei ist nicht signiert]
S2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1133880 2015-06-18] (Malwarebytes Corporation)
R2 MSMQ; C:\Windows\system32\mqsvc.exe [26112 2015-09-01] (Microsoft Corporation)
S2 NTI IScheduleSvc; C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe [256832 2011-04-24] (NTI Corporation)
S2 RealNetworks Downloader Resolver Service; C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe [38608 2012-11-29] ()
R2 Samsung Network Fax Server; C:\Windows\system32\spool\drivers\x64\3\NetFaxServer64.exe [229888 2011-04-28] (Samsung Electronics Co., Ltd.) [Datei ist nicht signiert]
S3 w3logsvc; C:\Windows\system32\inetsrv\w3logsvc.dll [84480 2015-09-01] (Microsoft Corporation)
R2 W3SVC; C:\Windows\system32\inetsrv\iisw3adm.dll [578560 2015-09-01] (Microsoft Corporation)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [362928 2015-07-10] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-07-10] (Microsoft Corporation)
===================== Treiber (Nicht auf der Ausnahmeliste) ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R3 BCM43XX; C:\Windows\system32\DRIVERS\bcmwl63a.sys [7593176 2015-07-10] (Broadcom Corporation)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [498512 2015-08-18] (Symantec Corporation)
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25816 2015-06-18] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [64216 2015-06-18] (Malwarebytes Corporation)
R3 MQAC; C:\Windows\System32\drivers\mqac.sys [175104 2015-09-01] (Microsoft Corporation)
S3 UdeCx; C:\Windows\System32\drivers\udecx.sys [44032 2015-07-10] ()
S3 vpnva; C:\Windows\System32\drivers\vpnva64-6.sys [52592 2014-03-12] (Cisco Systems, Inc.)
S0 WdBoot; C:\Windows\System32\drivers\WdBoot.sys [44568 2015-07-10] (Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [291680 2015-07-10] (Microsoft Corporation)
R2 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [119648 2015-07-10] (Microsoft Corporation)
U3 idsvc; kein ImagePath
S1 occjncgy; \??\C:\WINDOWS\system32\drivers\occjncgy.sys [X]
S3 wfpcapture; \SystemRoot\System32\drivers\wfpcapture.sys [X]
U3 wpcsvc; kein ImagePath
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat: Erstellte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2015-09-09 21:23 - 2015-09-09 21:23 - 02190336 _____ (Farbar) C:\Users\Verena\Downloads\FRST64 (1).exe
2015-09-09 21:08 - 2015-09-09 21:08 - 00001962 _____ C:\Users\Verena\Desktop\JRT.txt
2015-09-09 20:56 - 2015-09-09 20:11 - 01800104 _____ (Malwarebytes Corporation) C:\Users\Verena\Desktop\JRT.exe
2015-09-09 20:55 - 2015-09-09 20:56 - 01799392 _____ (Malwarebytes Corporation) C:\Users\Verena\Downloads\JRT_7600.exe
2015-09-09 20:49 - 2015-09-09 20:49 - 00016148 _____ C:\WINDOWS\system32\VERENA-PC_Verena_HistoryPrediction.bin
2015-09-09 20:38 - 2015-09-09 20:45 - 00000000 ____D C:\AdwCleaner
2015-09-09 20:37 - 2015-09-09 20:37 - 01660416 _____ C:\Users\Verena\Downloads\AdwCleaner_5.007.exe
2015-09-09 20:35 - 2015-09-09 20:35 - 00000902 _____ C:\mbam.txt
2015-09-09 08:38 - 2015-09-09 08:39 - 00310848 _____ C:\WINDOWS\Minidump\090915-45578-01.dmp
2015-09-08 22:51 - 2015-09-08 22:51 - 00310704 _____ C:\WINDOWS\Minidump\090815-61921-01.dmp
2015-09-08 22:51 - 2015-09-08 22:51 - 00000000 ____D C:\WINDOWS\Minidump
2015-09-08 21:27 - 2015-09-08 22:41 - 00000000 ____D C:\Program Files (x86)\c342c41b-1227-4b5c-a118-c3fb81b76308
2015-09-08 21:19 - 2015-09-08 21:20 - 24345872 _____ (Malwarebytes Corporation ) C:\Users\Verena\Downloads\mbam-setup-2.1.8.1057.exe
2015-09-08 20:52 - 2015-09-08 20:52 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\Verena\Downloads\revosetup95 (1).exe
2015-09-06 12:24 - 2015-09-06 12:24 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_WpdFs_01_11_00.Wdf
2015-09-06 11:57 - 2015-09-06 12:05 - 00081202 _____ C:\Users\Verena\Downloads\Addition.txt
2015-09-06 11:40 - 2015-09-09 21:24 - 00022559 _____ C:\Users\Verena\Downloads\FRST.txt
2015-09-06 11:39 - 2015-09-09 21:25 - 00000000 ____D C:\FRST
2015-09-06 11:39 - 2015-09-06 11:39 - 02188800 _____ (Farbar) C:\Users\Verena\Downloads\FRST64.exe
2015-09-05 15:04 - 2015-09-05 15:04 - 00000000 ____D C:\Users\Verena\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2015-09-03 08:47 - 2015-09-09 21:00 - 00001010 _____ C:\WINDOWS\Tasks\lI6qhaY.job
2015-09-03 08:47 - 2015-09-03 08:47 - 00004132 _____ C:\WINDOWS\System32\Tasks\lI6qhaY
2015-09-02 19:55 - 2015-09-09 20:49 - 00001040 _____ C:\WINDOWS\Tasks\b6TtfCU4fgZ9RE6NnSqEJ1.job
2015-09-02 19:55 - 2015-09-09 20:49 - 00001030 _____ C:\WINDOWS\Tasks\IyEFViIqK8st2WX35.job
2015-09-02 19:55 - 2015-09-02 19:55 - 00004190 _____ C:\WINDOWS\System32\Tasks\b6TtfCU4fgZ9RE6NnSqEJ1
2015-09-02 19:55 - 2015-09-02 19:55 - 00004172 _____ C:\WINDOWS\System32\Tasks\IyEFViIqK8st2WX35
2015-09-02 19:41 - 2015-09-02 19:43 - 00000000 ____D C:\Users\Verena\AppData\Local\Comms
2015-09-02 19:29 - 2015-09-08 22:41 - 00000000 ____D C:\ProgramData\Jissifsefaieg
2015-09-02 19:29 - 2015-09-08 20:44 - 00003526 _____ C:\WINDOWS\System32\Tasks\Jissifsefaieg
2015-09-02 19:25 - 2015-09-02 21:58 - 00000000 ____D C:\Users\Verena\AppData\Roaming\Opera Software
2015-09-02 19:25 - 2015-09-02 21:58 - 00000000 ____D C:\Users\Verena\AppData\Local\Opera Software
2015-09-02 19:23 - 2015-09-08 22:41 - 00000000 ____D C:\ProgramData\ewWhKiM
2015-09-02 19:23 - 2015-09-02 21:58 - 00000000 ____D C:\Program Files (x86)\Opera
2015-09-02 18:56 - 2015-09-08 22:41 - 00000000 ____D C:\Program Files (x86)\b6380599-0a17-4fd7-a1e1-22ec41b6723e
2015-09-02 18:46 - 2015-09-09 20:49 - 00001036 _____ C:\WINDOWS\Tasks\HztSu0wh4JrtyLfcXxrV.job
2015-09-02 18:46 - 2015-09-09 20:49 - 00001012 _____ C:\WINDOWS\Tasks\hZXISqFX.job
2015-09-02 18:46 - 2015-09-02 18:46 - 00004182 _____ C:\WINDOWS\System32\Tasks\HztSu0wh4JrtyLfcXxrV
2015-09-02 18:46 - 2015-09-02 18:46 - 00004136 _____ C:\WINDOWS\System32\Tasks\hZXISqFX
2015-09-02 18:45 - 2015-09-08 22:41 - 00000000 ____D C:\Program Files (x86)\66a92713-39e9-42fe-a45a-0a3d741309a9
2015-09-02 18:45 - 2015-09-08 22:25 - 00000004 _____ C:\WINDOWS\SysWOW64\029B560A371F4E00AB32838EBC01B9E7
2015-09-02 18:35 - 2015-09-08 20:51 - 00004162 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{46D6A097-0CD4-4543-91CE-773F04323F0F}
2015-09-02 18:30 - 2015-09-02 18:30 - 00000000 ____D C:\Users\Verena\AppData\Roaming\dlg
2015-09-02 18:30 - 2014-12-17 23:02 - 00000027 _____ C:\WINDOWS\system32\Drivers\etc\hp.bak
2015-09-01 13:38 - 2015-09-01 13:38 - 00000000 ____D C:\Users\Verena\AppData\Local\NetworkTiles
2015-09-01 11:15 - 2015-09-01 11:15 - 00000000 ____D C:\Users\Verena\AppData\Local\MicrosoftEdge
2015-09-01 11:11 - 2015-09-02 11:11 - 00002404 _____ C:\Users\Verena\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2015-09-01 11:11 - 2015-09-02 11:11 - 00000000 ___RD C:\Users\Verena\OneDrive
2015-09-01 11:09 - 2015-09-01 11:09 - 00047288 _____ (ELAN Microelectronics Corp.) C:\WINDOWS\system32\ETDCoInstaller01000.dll
2015-09-01 11:09 - 2015-09-01 11:09 - 00001337 _____ C:\Users\Verena\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Realtek HD Audio-Manager.lnk
2015-09-01 11:09 - 2015-09-01 11:09 - 00001055 _____ C:\Users\Verena\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Optionale Features.lnk
2015-09-01 11:09 - 2015-09-01 11:09 - 00000000 ____D C:\ProgramData\Microsoft OneDrive
2015-09-01 11:09 - 2015-07-09 20:25 - 16736256 _____ (Microsoft Corporation) C:\WINDOWS\system32\prm0001.dll
2015-09-01 11:07 - 2015-09-01 11:07 - 00000000 ____D C:\Users\Verena\AppData\Local\Publishers
2015-09-01 11:05 - 2015-09-02 19:41 - 00000000 ____D C:\Users\Verena\AppData\Local\Packages
2015-09-01 11:05 - 2015-09-01 11:05 - 00000020 ___SH C:\Users\Verena\ntuser.ini
2015-09-01 11:05 - 2015-09-01 11:05 - 00000000 ____D C:\Users\Verena\AppData\Local\TileDataLayer
2015-09-01 10:30 - 2015-09-01 11:04 - 00000000 ___DC C:\WINDOWS\Panther
2015-09-01 10:27 - 2015-09-01 10:27 - 00000000 ____D C:\Windows.old
2015-09-01 10:26 - 2015-09-01 10:26 - 24591872 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 22320576 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 21873152 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 20854232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 19333632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 18810368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 16710144 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 14241792 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 13024256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 12589056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 12502016 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 11552768 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 11260928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 09885184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 08020832 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2015-09-01 10:26 - 2015-09-01 10:26 - 07569408 _____ (Microsoft Corporation) C:\WINDOWS\system32\mos.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 07523328 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 07051264 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 06488312 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 06305792 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Search.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 06101504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mos.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 05454848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 05118024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 05076480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingMaps.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 04791296 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 04760576 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExplorerFrame.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 04611584 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 04532304 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2015-09-01 10:26 - 2015-09-01 10:26 - 04398080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Search.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 04350464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExplorerFrame.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 04169728 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIRibbon.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 04047288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2015-09-01 10:26 - 2015-09-01 10:26 - 03780096 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 03687936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 03620736 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 03589632 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2015-09-01 10:26 - 2015-09-01 10:26 - 03579904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 03443200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIRibbon.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 03362816 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 03248640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 03248128 _____ (Microsoft Corporation) C:\WINDOWS\system32\msftedit.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 02878000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 02741760 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 02661376 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 02646528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 02606080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msftedit.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 02558976 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 02498808 _____ C:\WINDOWS\system32\CoreUIComponents.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 02462136 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 02446336 _____ C:\WINDOWS\system32\InputService.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 02416640 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 02415616 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 02235904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 02224128 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 02207744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 02178560 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 02150696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 02147592 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d9.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 02125824 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.appcore.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 02116960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2015-09-01 10:26 - 2015-09-01 10:26 - 02112512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 01985024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWrite.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 01983328 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2015-09-01 10:26 - 2015-09-01 10:26 - 01964544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssrch.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 01914880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 01890304 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 01867672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d9.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 01823232 _____ C:\WINDOWS\SysWOW64\InputService.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 01822280 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 01820672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Logon.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 01793024 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 01773056 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 01769568 _____ C:\WINDOWS\SysWOW64\CoreUIComponents.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 01714176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.appcore.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 01680896 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 01643872 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 01611264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 01602560 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 01601024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Speech.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 01593856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 01591856 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 01562968 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpmde.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 01561360 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmde.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 01533496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 01521664 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActiveSyncProvider.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 01420288 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataService.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 01418240 _____ (Microsoft Corporation) C:\WINDOWS\system32\RecoveryDrive.exe
2015-09-01 10:26 - 2015-09-01 10:26 - 01417216 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 01411072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Editing.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 01396576 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 01382912 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2015-09-01 10:26 - 2015-09-01 10:26 - 01380864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 01365072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 01356368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmde.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 01334784 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAutomationCore.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 01294352 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2015-09-01 10:26 - 2015-09-01 10:26 - 01290752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Shell.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 01274880 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifinetworkmanager.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 01203200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Bluetooth.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 01203200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Unistore.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 01201664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Cred.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 01177600 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 01169408 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 01168736 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2015-09-01 10:26 - 2015-09-01 10:26 - 01161728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Speech.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 01135312 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipUp.exe
2015-09-01 10:26 - 2015-09-01 10:26 - 01123400 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2015-09-01 10:26 - 2015-09-01 10:26 - 01112064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIAutomationCore.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 01101792 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmCoreR.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 01085776 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 01067520 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 01061888 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 01043968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Editing.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 01031680 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorDataService.exe
2015-09-01 10:26 - 2015-09-01 10:26 - 01018568 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2015-09-01 10:26 - 2015-09-01 10:26 - 00991584 _____ (Microsoft Corporation) C:\WINDOWS\system32\ReAgent.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00988672 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXService.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00980832 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2015-09-01 10:26 - 2015-09-01 10:26 - 00966424 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.appcore.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00962400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00934752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\refsv1.sys
2015-09-01 10:26 - 2015-09-01 10:26 - 00925696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Unistore.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00916800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00911360 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedStartModel.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00902656 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchIndexer.exe
2015-09-01 10:26 - 2015-09-01 10:26 - 00872448 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntshrui.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00869376 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapControlCore.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00858624 _____ (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00858408 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2015-09-01 10:26 - 2015-09-01 10:26 - 00856064 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContactApis.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00855552 _____ (Microsoft Corporation) C:\WINDOWS\system32\winhttp.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00850432 _____ (Microsoft Corporation) C:\WINDOWS\system32\comdlg32.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00846336 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpncore.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00845664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ReAgent.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00841728 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Import.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00832512 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsStore.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00828416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Bluetooth.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00823336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MrmCoreR.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00816576 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00808856 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00801632 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
2015-09-01 10:26 - 2015-09-01 10:26 - 00799232 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpccpl.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00798208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntshrui.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00783872 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00783112 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00777728 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00762896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.appcore.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00754688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Cred.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00752640 _____ (Microsoft Corporation) C:\WINDOWS\system32\efscore.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00750592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comdlg32.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00713312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00712192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchIndexer.exe
2015-09-01 10:26 - 2015-09-01 10:26 - 00700256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe
2015-09-01 10:26 - 2015-09-01 10:26 - 00695136 _____ (Microsoft Corporation) C:\WINDOWS\system32\wimgapi.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00680448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.Connectivity.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00679424 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppContracts.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00677888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00670208 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00667136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winhttp.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00658568 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipSVC.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00643616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00632168 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00630160 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00623616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ContactApis.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00607008 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00606392 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2015-09-01 10:26 - 2015-09-01 10:26 - 00601344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2015-09-01 10:26 - 2015-09-01 10:26 - 00594472 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Shell.Broker.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00593920 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmsvc.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00590336 _____ (Microsoft Corporation) C:\WINDOWS\system32\MessagingDataModel2.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00589824 _____ (Microsoft Corporation) C:\WINDOWS\system32\uxtheme.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00589312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\efscore.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00585728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00584704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIRibbonRes.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00584704 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Sensors.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00584704 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIRibbonRes.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00584544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wimgapi.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00578048 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2015-09-01 10:26 - 2015-09-01 10:26 - 00575488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Import.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00575488 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00573440 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Cortana.Desktop.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00569344 _____ (Microsoft Corporation) C:\WINDOWS\system32\MCRecvSrc.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00565088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\acpi.sys
2015-09-01 10:26 - 2015-09-01 10:26 - 00562688 _____ (Microsoft Corporation) C:\WINDOWS\system32\MbaeApi.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00553472 _____ (Microsoft Corporation) C:\WINDOWS\system32\GamePanel.exe
2015-09-01 10:26 - 2015-09-01 10:26 - 00542720 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFolder.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00539216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2015-09-01 10:26 - 2015-09-01 10:26 - 00527952 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00521568 _____ (Microsoft Corporation) C:\WINDOWS\system32\wimserv.exe
2015-09-01 10:26 - 2015-09-01 10:26 - 00520704 _____ (Microsoft Corporation) C:\WINDOWS\system32\PsmServiceExtHost.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00518144 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationController.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00516960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS
2015-09-01 10:26 - 2015-09-01 10:26 - 00510976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00507696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxgi.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00505696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2015-09-01 10:26 - 2015-09-01 10:26 - 00505344 _____ C:\WINDOWS\system32\EditionUpgradeManagerObj.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00503808 _____ (Microsoft Corporation) C:\WINDOWS\system32\tileobjserver.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00503296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.Connectivity.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00501008 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00498016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbhub.sys
2015-09-01 10:26 - 2015-09-01 10:26 - 00485888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.BlockedShutdown.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00480256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MCRecvSrc.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00477696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LogonController.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00465920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MessagingDataModel2.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00458752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\uxtheme.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00452608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchFolder.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00448512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MbaeApi.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00446976 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapConfiguration.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00445240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioEng.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00441344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppContracts.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00437248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Sensors.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00430592 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppcomapi.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00425824 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00421888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Bluetooth.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00420352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GamePanel.exe
2015-09-01 10:26 - 2015-09-01 10:26 - 00416256 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcdedit.exe
2015-09-01 10:26 - 2015-09-01 10:26 - 00414720 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.BioFeedback.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00412672 _____ C:\WINDOWS\system32\diagtrack_win.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00407616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00406528 _____ (Microsoft Corporation) C:\WINDOWS\system32\CredProvDataModel.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00403968 _____ C:\WINDOWS\system32\diagtrack_wininternal.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00384000 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppBroker.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00366592 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00365056 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00359936 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncsi.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00356352 _____ (Microsoft Corporation) C:\WINDOWS\system32\stobject.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00343040 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00342528 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvr.exe
2015-09-01 10:26 - 2015-09-01 10:26 - 00335248 _____ (Microsoft Corporation) C:\WINDOWS\system32\wintrust.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00334848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CredProvDataModel.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00329728 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00328704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapConfiguration.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00325984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys
2015-09-01 10:26 - 2015-09-01 10:26 - 00324096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00322048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.BlockedShutdown.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00322048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\stobject.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00316928 _____ (Microsoft Corporation) C:\WINDOWS\system32\ConhostV2.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00311808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LockAppBroker.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00310784 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsApi.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00303616 _____ (Microsoft Corporation) C:\WINDOWS\system32\MBMediaManager.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00303104 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00296960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Bluetooth.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00294912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00291840 _____ (Microsoft Corporation) C:\WINDOWS\system32\systemcpl.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00290312 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininit.exe
2015-09-01 10:26 - 2015-09-01 10:26 - 00289248 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppHost.exe
2015-09-01 10:26 - 2015-09-01 10:26 - 00286208 _____ (Microsoft Corporation) C:\WINDOWS\system32\provhandlers.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00283648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.BioFeedback.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00282112 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEEventDispatcher.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00279552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\systemcpl.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00279552 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00275456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcastdvr.exe
2015-09-01 10:26 - 2015-09-01 10:26 - 00271872 _____ (Microsoft Corporation) C:\WINDOWS\system32\ConsoleLogon.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00267776 _____ (Microsoft Corporation) C:\WINDOWS\system32\provengine.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00265480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wintrust.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00263168 _____ (Microsoft Corporation) C:\WINDOWS\system32\DisplayManager.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00253440 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_UserAccount.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00251392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SensorsApi.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00247808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00243760 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00242264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LockAppHost.exe
2015-09-01 10:26 - 2015-09-01 10:26 - 00242176 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00235008 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Notifications.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00232960 _____ (Microsoft Corporation) C:\WINDOWS\system32\DevicesFlowBroker.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00229376 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorService.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00217088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VEEventDispatcher.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00208736 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00208384 _____ (Microsoft Corporation) C:\WINDOWS\system32\srumsvc.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00204288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmcsp.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00204288 _____ (Microsoft Corporation) C:\WINDOWS\system32\OmaDmAgent.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00193536 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedStartModelShim.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00193024 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseModernAppMgmtCSP.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00191488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DisplayManager.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00190464 _____ (Microsoft Corporation) C:\WINDOWS\system32\ReInfo.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00187904 _____ (Microsoft Corporation) C:\WINDOWS\system32\provisioningcsp.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00186880 _____ (Microsoft Corporation) C:\WINDOWS\system32\BootMenuUX.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00185856 _____ (Microsoft Corporation) C:\WINDOWS\system32\psmsrv.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00185344 _____ (Microsoft Corporation) C:\WINDOWS\system32\cloudAP.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00181760 _____ (Microsoft Corporation) C:\WINDOWS\system32\shutdownux.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00181088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxAllUserStore.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00179712 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_SignInOptions.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00179200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\srumsvc.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00176640 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcdboot.exe
2015-09-01 10:26 - 2015-09-01 10:26 - 00169984 _____ (Microsoft Corporation) C:\WINDOWS\system32\storewuauth.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00168960 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe
2015-09-01 10:26 - 2015-09-01 10:26 - 00167424 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Privacy.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00162304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ReInfo.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00162304 _____ (Microsoft Corporation) C:\WINDOWS\system32\SubscriptionMgr.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00151040 _____ (Microsoft Corporation) C:\WINDOWS\system32\TabSvc.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00150528 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2015-09-01 10:26 - 2015-09-01 10:26 - 00148992 _____ (Microsoft Corporation) C:\WINDOWS\system32\tetheringservice.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00137216 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEStoreEventHandlers.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00123392 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00120832 _____ (Microsoft Corporation) C:\WINDOWS\system32\omadmclient.exe
2015-09-01 10:26 - 2015-09-01 10:26 - 00116736 _____ (Microsoft Corporation) C:\WINDOWS\system32\sendmail.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00107520 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmapi.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00104960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sendmail.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00097128 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcd.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00093696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmapi.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00084480 _____ (Microsoft Corporation) C:\WINDOWS\system32\spbcd.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00082616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcd.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\system32\setbcdlocale.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00069120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\spbcd.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00068096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Cortana.ProxyStub.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00067072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbser.sys
2015-09-01 10:26 - 2015-09-01 10:26 - 00065536 _____ (Microsoft Corporation) C:\WINDOWS\system32\msiexec.exe
2015-09-01 10:26 - 2015-09-01 10:26 - 00064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\unenrollhook.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00061280 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dam.sys
2015-09-01 10:26 - 2015-09-01 10:26 - 00060928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Cortana.OneCore.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00058368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msiexec.exe
2015-09-01 10:26 - 2015-09-01 10:26 - 00057856 _____ (Microsoft Corporation) C:\WINDOWS\system32\hmkd.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00056320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Cortana.PAL.Desktop.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00053248 _____ (Microsoft Corporation) C:\WINDOWS\system32\omadmprc.exe
2015-09-01 10:26 - 2015-09-01 10:26 - 00046080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\UcmUcsi.sys
2015-09-01 10:26 - 2015-09-01 10:26 - 00045568 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00045056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hmkd.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00037376 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00032768 _____ C:\WINDOWS\system32\LicenseManagerApi.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00032768 _____ (Microsoft Corporation) C:\WINDOWS\system32\calc.exe
2015-09-01 10:26 - 2015-09-01 10:26 - 00031232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\calc.exe
2015-09-01 10:26 - 2015-09-01 10:26 - 00028672 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationControllerPS.dll
2015-09-01 10:24 - 2015-09-01 10:24 - 00008192 _____ C:\WINDOWS\system32\config\userdiff
2015-09-01 10:21 - 2015-09-01 10:21 - 00000000 ____D C:\WINDOWS\SysWOW64\XPSViewer
2015-09-01 10:21 - 2015-09-01 10:21 - 00000000 ____D C:\WINDOWS\SysWOW64\BestPractices
2015-09-01 10:21 - 2015-09-01 10:21 - 00000000 ____D C:\WINDOWS\system32\msmq
2015-09-01 10:21 - 2015-09-01 10:21 - 00000000 ____D C:\WINDOWS\system32\BestPractices
2015-09-01 10:21 - 2015-09-01 10:21 - 00000000 ____D C:\Program Files\Reference Assemblies
2015-09-01 10:21 - 2015-09-01 10:21 - 00000000 ____D C:\Program Files\MSBuild
2015-09-01 10:21 - 2015-09-01 10:21 - 00000000 ____D C:\Program Files (x86)\Reference Assemblies
2015-09-01 10:21 - 2015-09-01 10:21 - 00000000 ____D C:\inetpub
2015-09-01 10:21 - 2015-09-01 09:51 - 00000000 ____D C:\Program Files (x86)\MSBuild
2015-09-01 10:20 - 2015-06-17 19:10 - 01166520 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationNative_v0300.dll
2015-09-01 10:20 - 2015-06-17 19:10 - 00124112 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2015-09-01 10:20 - 2015-06-17 19:10 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe
2015-09-01 10:20 - 2015-05-29 22:07 - 00778936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationNative_v0300.dll
2015-09-01 10:20 - 2015-05-29 22:07 - 00102608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2015-09-01 10:20 - 2015-05-29 22:07 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TsWpfWrp.exe
2015-09-01 10:07 - 2015-09-01 10:07 - 00000000 _SHDL C:\Users\Default\Vorlagen
2015-09-01 10:07 - 2015-09-01 10:07 - 00000000 _SHDL C:\Users\Default\Startmenü
2015-09-01 10:07 - 2015-09-01 10:07 - 00000000 _SHDL C:\Users\Default\Netzwerkumgebung
2015-09-01 10:07 - 2015-09-01 10:07 - 00000000 _SHDL C:\Users\Default\Lokale Einstellungen
2015-09-01 10:07 - 2015-09-01 10:07 - 00000000 _SHDL C:\Users\Default\Eigene Dateien
2015-09-01 10:07 - 2015-09-01 10:07 - 00000000 _SHDL C:\Users\Default\Druckumgebung
2015-09-01 10:07 - 2015-09-01 10:07 - 00000000 _SHDL C:\Users\Default\Documents\Eigene Musik
2015-09-01 10:07 - 2015-09-01 10:07 - 00000000 _SHDL C:\Users\Default\Documents\Eigene Bilder
2015-09-01 10:07 - 2015-09-01 10:07 - 00000000 _SHDL C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2015-09-01 10:07 - 2015-09-01 10:07 - 00000000 _SHDL C:\Users\Default\AppData\Local\Verlauf
2015-09-01 10:07 - 2015-09-01 10:07 - 00000000 _SHDL C:\Users\Default\AppData\Local\Anwendungsdaten
2015-09-01 10:07 - 2015-09-01 10:07 - 00000000 _SHDL C:\Users\Default\Anwendungsdaten
2015-09-01 10:07 - 2015-09-01 10:07 - 00000000 _SHDL C:\Users\Default User\Documents\Eigene Musik
2015-09-01 10:07 - 2015-09-01 10:07 - 00000000 _SHDL C:\Users\Default User\Documents\Eigene Bilder
2015-09-01 10:07 - 2015-09-01 10:07 - 00000000 _SHDL C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2015-09-01 10:07 - 2015-09-01 10:07 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Verlauf
2015-09-01 10:07 - 2015-09-01 10:07 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Anwendungsdaten
2015-09-01 10:07 - 2015-09-01 10:07 - 00000000 __SHD C:\Recovery
2015-09-01 10:04 - 2015-09-01 10:04 - 00022960 _____ C:\WINDOWS\system32\emptyregdb.dat
2015-09-01 10:00 - 2015-09-01 10:00 - 00000020 ___SH C:\Users\UpdatusUser\ntuser.ini
2015-09-01 09:57 - 2015-07-10 12:59 - 02718208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2015-09-01 09:50 - 2015-09-01 09:50 - 00001576 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2015-09-01 09:50 - 2015-09-01 09:50 - 00000000 ____D C:\Users\Default\AppData\Roaming\Macromedia
2015-09-01 09:50 - 2015-09-01 09:50 - 00000000 ____D C:\Users\Default\AppData\Local\Microsoft Help
2015-09-01 09:50 - 2015-09-01 09:50 - 00000000 ____D C:\Users\Default User\AppData\Roaming\Macromedia
2015-09-01 09:50 - 2015-09-01 09:50 - 00000000 ____D C:\Users\Default User\AppData\Local\Microsoft Help
2015-09-01 09:44 - 2015-09-01 09:44 - 00000000 ____D C:\Program Files\Common Files\SpeechEngines
2015-09-01 09:41 - 2015-09-09 20:46 - 00000000 ____D C:\Users\Verena
2015-09-01 09:41 - 2015-09-02 19:51 - 00000000 ___RD C:\Users\Verena\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-09-01 09:41 - 2015-09-01 09:42 - 00000000 ___RD C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-09-01 09:41 - 2015-09-01 09:41 - 00000000 _SHDL C:\Users\Verena\Vorlagen
2015-09-01 09:41 - 2015-09-01 09:41 - 00000000 _SHDL C:\Users\Verena\Startmenü
2015-09-01 09:41 - 2015-09-01 09:41 - 00000000 _SHDL C:\Users\Verena\Netzwerkumgebung
2015-09-01 09:41 - 2015-09-01 09:41 - 00000000 _SHDL C:\Users\Verena\Lokale Einstellungen
2015-09-01 09:41 - 2015-09-01 09:41 - 00000000 _SHDL C:\Users\Verena\Eigene Dateien
2015-09-01 09:41 - 2015-09-01 09:41 - 00000000 _SHDL C:\Users\Verena\Druckumgebung
2015-09-01 09:41 - 2015-09-01 09:41 - 00000000 _SHDL C:\Users\Verena\Documents\Eigene Musik
2015-09-01 09:41 - 2015-09-01 09:41 - 00000000 _SHDL C:\Users\Verena\Documents\Eigene Bilder
2015-09-01 09:41 - 2015-09-01 09:41 - 00000000 _SHDL C:\Users\Verena\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2015-09-01 09:41 - 2015-09-01 09:41 - 00000000 _SHDL C:\Users\Verena\AppData\Local\Verlauf
2015-09-01 09:41 - 2015-09-01 09:41 - 00000000 _SHDL C:\Users\Verena\AppData\Local\Anwendungsdaten
2015-09-01 09:41 - 2015-09-01 09:41 - 00000000 _SHDL C:\Users\Verena\Anwendungsdaten
2015-09-01 09:41 - 2015-09-01 09:41 - 00000000 _SHDL C:\Users\UpdatusUser\Vorlagen
2015-09-01 09:41 - 2015-09-01 09:41 - 00000000 _SHDL C:\Users\UpdatusUser\Startmenü
2015-09-01 09:41 - 2015-09-01 09:41 - 00000000 _SHDL C:\Users\UpdatusUser\Netzwerkumgebung
2015-09-01 09:41 - 2015-09-01 09:41 - 00000000 _SHDL C:\Users\UpdatusUser\Lokale Einstellungen
2015-09-01 09:41 - 2015-09-01 09:41 - 00000000 _SHDL C:\Users\UpdatusUser\Eigene Dateien
2015-09-01 09:41 - 2015-09-01 09:41 - 00000000 _SHDL C:\Users\UpdatusUser\Druckumgebung
2015-09-01 09:41 - 2015-09-01 09:41 - 00000000 _SHDL C:\Users\UpdatusUser\Documents\Eigene Musik
2015-09-01 09:41 - 2015-09-01 09:41 - 00000000 _SHDL C:\Users\UpdatusUser\Documents\Eigene Bilder
2015-09-01 09:41 - 2015-09-01 09:41 - 00000000 _SHDL C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2015-09-01 09:41 - 2015-09-01 09:41 - 00000000 _SHDL C:\Users\UpdatusUser\AppData\Local\Verlauf
2015-09-01 09:41 - 2015-09-01 09:41 - 00000000 _SHDL C:\Users\UpdatusUser\AppData\Local\Anwendungsdaten
2015-09-01 09:41 - 2015-09-01 09:41 - 00000000 _SHDL C:\Users\UpdatusUser\Anwendungsdaten
2015-09-01 09:41 - 2015-07-10 13:04 - 00000000 __RSD C:\Users\Verena\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell
2015-09-01 09:41 - 2015-07-10 13:04 - 00000000 __RSD C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell
2015-09-01 09:41 - 2015-07-10 13:04 - 00000000 ___RD C:\Users\Verena\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-09-01 09:41 - 2015-07-10 13:04 - 00000000 ___RD C:\Users\Verena\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2015-09-01 09:41 - 2015-07-10 13:04 - 00000000 ___RD C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-09-01 09:41 - 2015-07-10 13:04 - 00000000 ___RD C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2015-09-01 09:41 - 2015-07-10 13:04 - 00000000 ____D C:\Users\Verena\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2015-09-01 09:41 - 2015-07-10 13:04 - 00000000 ____D C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2015-09-01 09:39 - 2015-09-06 12:26 - 02085726 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2015-09-01 09:39 - 2015-09-01 09:40 - 00021209 _____ C:\WINDOWS\iis.log
2015-09-01 09:39 - 2015-09-01 09:39 - 01980268 _____ C:\WINDOWS\SysWOW64\PerfStringBackup.INI
2015-09-01 09:37 - 2015-09-01 09:54 - 00000000 ____D C:\WINDOWS\SysWOW64\NV
2015-09-01 09:37 - 2015-09-01 09:52 - 00000000 ____D C:\WINDOWS\system32\NV
2015-09-01 09:37 - 2015-09-01 09:44 - 00000000 ____D C:\ProgramData\NVIDIA
2015-09-01 09:37 - 2015-09-01 09:37 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2015-09-01 09:37 - 2015-07-13 19:37 - 06873744 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2015-09-01 09:37 - 2015-07-13 19:37 - 03493008 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc64.dll
2015-09-01 09:37 - 2015-07-13 19:37 - 02558792 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll
2015-09-01 09:37 - 2015-07-13 19:37 - 01059984 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshext.dll
2015-09-01 09:37 - 2015-07-13 19:37 - 00937616 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvvsvc.exe
2015-09-01 09:37 - 2015-07-13 19:37 - 00385168 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmctray.dll
2015-09-01 09:37 - 2015-07-13 19:37 - 00075080 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshextr.dll
2015-09-01 09:37 - 2015-07-13 19:37 - 00062792 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll
2015-09-01 09:37 - 2015-07-13 18:28 - 05096627 _____ C:\WINDOWS\system32\nvcoproc.bin
2015-09-01 09:36 - 2015-09-01 15:29 - 00000000 ____D C:\Program Files\Elantech
2015-09-01 09:36 - 2015-09-01 09:44 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2015-09-01 09:36 - 2015-09-01 09:44 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2015-09-01 09:36 - 2015-09-01 09:36 - 00000000 ____H C:\ProgramData\DP45977C.lfl
2015-09-01 09:36 - 2015-09-01 09:36 - 00000000 ____D C:\WINDOWS\SysWOW64\RTCOM
2015-09-01 09:36 - 2015-09-01 09:36 - 00000000 ____D C:\Program Files\Realtek
2015-09-01 09:32 - 2015-09-01 09:33 - 00028116 _____ C:\WINDOWS\system32\NetSetupMig.log
2015-09-01 09:31 - 2015-09-08 22:43 - 00035972 _____ C:\WINDOWS\PFRO.log
2015-09-01 09:04 - 2015-09-01 10:05 - 00006593 _____ C:\WINDOWS\comsetup.log
2015-09-01 09:01 - 2015-09-01 10:06 - 00014259 _____ C:\WINDOWS\diagerr.xml
2015-09-01 09:01 - 2015-09-01 10:06 - 00013338 _____ C:\WINDOWS\diagwrn.xml
2015-09-01 08:54 - 2015-09-02 21:29 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2015-08-25 15:04 - 2015-09-01 09:52 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Exact Audio Copy
2015-08-25 15:04 - 2015-08-25 15:04 - 00001078 _____ C:\Users\Public\Desktop\Exact Audio Copy.lnk
2015-08-25 15:04 - 2015-08-25 15:04 - 00000000 ____D C:\Users\Verena\AppData\Roaming\EAC
2015-08-25 15:04 - 2015-08-25 15:04 - 00000000 ____D C:\Program Files (x86)\Exact Audio Copy
2015-08-18 10:46 - 2015-09-01 09:52 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton Security Scan
2015-08-18 10:46 - 2015-08-18 10:46 - 00001461 _____ C:\Users\Public\Desktop\Norton Security Scan.LNK
2015-08-18 10:46 - 2015-08-18 10:46 - 00000000 ____D C:\WINDOWS\system32\Drivers\NSSx64
2015-08-18 10:46 - 2015-08-18 10:46 - 00000000 ____D C:\Program Files (x86)\Norton Security Scan
2015-08-16 21:02 - 2015-08-16 21:02 - 00012136 _____ C:\Users\Verena\Downloads\nr1.xwd
2015-08-16 21:00 - 2015-08-16 21:00 - 00037376 _____ C:\Users\Verena\Downloads\XWord Rätsel (2).svg
2015-08-16 20:56 - 2015-08-16 20:56 - 00037376 _____ C:\Users\Verena\Downloads\XWord Rätsel (1).svg
2015-08-16 20:52 - 2015-08-16 20:52 - 00037376 _____ C:\Users\Verena\Downloads\XWord.svg
2015-08-13 18:20 - 2015-07-20 20:12 - 00012288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wu.upgrade.ps.dll
2015-08-13 18:20 - 2015-07-16 22:12 - 00968704 _____ (Microsoft Corporation) C:\WINDOWS\system32\MsSpellCheckingFacility.exe
2015-08-13 18:20 - 2015-07-16 21:33 - 01359360 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmlmedia.dll
2015-08-13 18:20 - 2015-07-16 21:05 - 01155072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmlmedia.dll
==================== Ein Monat: Geänderte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2015-09-09 21:14 - 2013-11-05 17:20 - 00000000 ____D C:\Users\Verena\Documents\Outlook-Dateien
2015-09-09 21:11 - 2015-06-19 09:45 - 00001228 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-1577607291-3742472165-1464039351-1001UA.job
2015-09-09 21:01 - 2015-07-10 12:55 - 00000000 ____D C:\WINDOWS\CbsTemp
2015-09-09 21:01 - 2012-08-27 21:13 - 00000884 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2015-09-09 20:59 - 2014-12-18 22:28 - 00113880 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2015-09-09 20:59 - 2012-05-07 18:32 - 00001106 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2015-09-09 20:55 - 2014-01-26 17:00 - 00003612 _____ C:\WINDOWS\System32\Tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-1577607291-3742472165-1464039351-1001
2015-09-09 20:55 - 2014-01-26 17:00 - 00003552 _____ C:\WINDOWS\System32\Tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-1577607291-3742472165-1464039351-1001
2015-09-09 20:53 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\system32\sru
2015-09-09 20:53 - 2014-11-02 18:04 - 00000000 ___RD C:\Users\Verena\Dropbox
2015-09-09 20:52 - 2014-11-02 18:02 - 00000000 ____D C:\Users\Verena\AppData\Roaming\Dropbox
2015-09-09 20:52 - 2012-04-15 12:24 - 00000603 _____ C:\WINDOWS\Brownie.ini
2015-09-09 20:49 - 2015-07-10 14:22 - 00000275 _____ C:\WINDOWS\WindowsUpdate.log
2015-09-09 20:47 - 2015-07-10 14:21 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2015-09-09 20:46 - 2015-07-10 11:05 - 00262144 ___SH C:\WINDOWS\system32\config\BBI
2015-09-09 20:45 - 2015-07-10 13:04 - 00000000 ____D C:\Program Files\Common Files\System
2015-09-09 20:19 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\AppReadiness
2015-09-09 08:38 - 2014-03-03 11:20 - 528220818 _____ C:\WINDOWS\MEMORY.DMP
2015-09-08 22:41 - 2011-10-14 05:32 - 00000000 ____D C:\Program Files (x86)\Acer
2015-09-08 21:21 - 2014-12-18 22:28 - 00001179 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2015-09-08 21:21 - 2014-12-18 22:28 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware
2015-09-08 21:21 - 2014-12-18 22:28 - 00000000 ____D C:\Program Files (x86)\ Malwarebytes Anti-Malware
2015-09-08 20:53 - 2014-12-17 22:02 - 00001345 _____ C:\Users\Verena\Desktop\Revo Uninstaller.lnk
2015-09-08 20:53 - 2014-12-17 22:02 - 00000000 ____D C:\Program Files (x86)\VS Revo Group
2015-09-06 12:26 - 2015-07-10 18:34 - 00888476 _____ C:\WINDOWS\system32\perfh007.dat
2015-09-06 12:26 - 2015-07-10 18:34 - 00197074 _____ C:\WINDOWS\system32\perfc007.dat
2015-09-06 12:24 - 2015-07-10 14:20 - 00018341 _____ C:\WINDOWS\setupact.log
2015-09-02 20:44 - 2015-02-13 21:59 - 00001045 _____ C:\WINDOWS\wininit.ini
2015-09-02 19:58 - 2012-04-13 16:58 - 00000000 ____D C:\Users\Verena\AppData\Local\VirtualStore
2015-09-02 19:41 - 2011-10-14 05:15 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2015-09-02 19:40 - 2011-12-02 12:10 - 00001024 ___RH C:\Users\Public\Documents\NTIMMV9Acer.dll
2015-09-02 19:40 - 2011-10-14 05:50 - 00000000 ____D C:\Program Files (x86)\NTI
2015-09-02 19:36 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\system32\restore
2015-09-02 18:03 - 2015-07-15 10:33 - 00000000 ____D C:\Users\Verena\Documents\Deutschkurs
2015-09-02 17:11 - 2015-06-19 09:45 - 00001176 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-1577607291-3742472165-1464039351-1001Core.job
2015-09-02 11:14 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\appcompat
2015-09-01 15:34 - 2015-07-10 14:20 - 00424008 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2015-09-01 11:09 - 2011-10-14 05:55 - 00428216 _____ (ELAN Microelectronics Corp.) C:\WINDOWS\system32\Drivers\ETD.sys
2015-09-01 11:06 - 2015-07-10 13:04 - 00000000 ___RD C:\WINDOWS\PurchaseDialog
2015-09-01 11:06 - 2015-07-10 13:04 - 00000000 ___RD C:\WINDOWS\PrintDialog
2015-09-01 11:06 - 2015-07-10 13:04 - 00000000 ___RD C:\WINDOWS\MiracastView
2015-09-01 11:05 - 2015-07-10 13:04 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2015-09-01 10:30 - 2015-07-10 13:04 - 00028672 _____ C:\WINDOWS\system32\config\BCD-Template
2015-09-01 10:27 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\SysWOW64\oobe
2015-09-01 10:27 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2015-09-01 10:27 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\system32\appraiser
2015-09-01 10:27 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\Provisioning
2015-09-01 10:27 - 2015-07-10 11:05 - 00000000 ____D C:\WINDOWS\SysWOW64\Dism
2015-09-01 10:27 - 2015-07-10 11:05 - 00000000 ____D C:\WINDOWS\system32\Dism
2015-09-01 10:26 - 2015-07-10 13:06 - 00792568 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2015-09-01 10:26 - 2015-07-10 13:06 - 00178168 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2015-09-01 10:21 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\SysWOW64\MUI
2015-09-01 10:21 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\SysWOW64\inetsrv
2015-09-01 10:21 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\system32\MUI
2015-09-01 10:21 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\system32\inetsrv
2015-09-01 10:21 - 2015-07-10 13:01 - 00635904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqsnap.dll
2015-09-01 10:21 - 2015-07-10 13:01 - 00265728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqoa.dll
2015-09-01 10:21 - 2015-07-10 13:01 - 00168960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iisRtl.dll
2015-09-01 10:21 - 2015-07-10 13:01 - 00096768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqoa.tlb
2015-09-01 10:21 - 2015-07-10 13:01 - 00091136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqoa30.tlb
2015-09-01 10:21 - 2015-07-10 13:01 - 00055808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqoa20.tlb
2015-09-01 10:21 - 2015-07-10 13:01 - 00050688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\admwprox.dll
2015-09-01 10:21 - 2015-07-10 13:01 - 00037376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqoa10.tlb
2015-09-01 10:21 - 2015-07-10 13:01 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ahadmin.dll
2015-09-01 10:21 - 2015-07-10 13:01 - 00016896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iisreset.exe
2015-09-01 10:21 - 2015-07-10 13:01 - 00014848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqcertui.dll
2015-09-01 10:21 - 2015-07-10 13:01 - 00011264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wamregps.dll
2015-09-01 10:21 - 2015-07-10 13:01 - 00010240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iisrstap.dll
2015-09-01 10:21 - 2015-07-10 13:01 - 00009096 _____ C:\WINDOWS\SysWOW64\msmqtrc.mof
2015-09-01 10:21 - 2015-07-10 13:00 - 00229888 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqrt.dll
2015-09-01 10:21 - 2015-07-10 13:00 - 00202240 _____ (Microsoft Corporation) C:\WINDOWS\system32\iisRtl.dll
2015-09-01 10:21 - 2015-07-10 13:00 - 00175104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mqac.sys
2015-09-01 10:21 - 2015-07-10 13:00 - 00055808 _____ (Microsoft Corporation) C:\WINDOWS\system32\admwprox.dll
2015-09-01 10:21 - 2015-07-10 13:00 - 00053248 _____ (Microsoft Corporation) C:\WINDOWS\system32\ahadmin.dll
2015-09-01 10:21 - 2015-07-10 13:00 - 00018432 _____ (Microsoft Corporation) C:\WINDOWS\system32\iisreset.exe
2015-09-01 10:21 - 2015-07-10 13:00 - 00015360 _____ (Microsoft Corporation) C:\WINDOWS\system32\wamregps.dll
2015-09-01 10:21 - 2015-07-10 13:00 - 00013312 _____ (Microsoft Corporation) C:\WINDOWS\system32\iisrstap.dll
2015-09-01 10:20 - 2015-07-10 13:01 - 00562176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqutil.dll
2015-09-01 10:20 - 2015-07-10 13:01 - 00161792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqrt.dll
2015-09-01 10:20 - 2015-07-10 13:00 - 01417728 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqqm.dll
2015-09-01 10:20 - 2015-07-10 13:00 - 00813056 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqsnap.dll
2015-09-01 10:20 - 2015-07-10 13:00 - 00564224 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqutil.dll
2015-09-01 10:20 - 2015-07-10 13:00 - 00316928 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqoa.dll
2015-09-01 10:20 - 2015-07-10 13:00 - 00130048 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqlogmgr.dll
2015-09-01 10:20 - 2015-07-10 13:00 - 00096768 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqoa.tlb
2015-09-01 10:20 - 2015-07-10 13:00 - 00091136 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqoa30.tlb
2015-09-01 10:20 - 2015-07-10 13:00 - 00055808 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqoa20.tlb
2015-09-01 10:20 - 2015-07-10 13:00 - 00052736 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqbkup.exe
2015-09-01 10:20 - 2015-07-10 13:00 - 00037376 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqoa10.tlb
2015-09-01 10:20 - 2015-07-10 13:00 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqsvc.exe
2015-09-01 10:20 - 2015-07-10 13:00 - 00018944 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqcertui.dll
2015-09-01 10:20 - 2015-07-10 13:00 - 00009096 _____ C:\WINDOWS\system32\msmqtrc.mof
2015-09-01 10:17 - 2012-12-24 09:56 - 00000454 ____H C:\WINDOWS\Tasks\Norton Security Scan for Verena.job
2015-09-01 10:10 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\rescache
2015-09-01 10:07 - 2015-07-10 13:04 - 00000000 ____D C:\Program Files\Windows NT
2015-09-01 10:07 - 2015-07-10 11:05 - 00000000 __RHD C:\Users\Default
2015-09-01 10:05 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\Registration
2015-09-01 10:05 - 2015-06-19 09:45 - 00004310 _____ C:\WINDOWS\System32\Tasks\DropboxUpdateTaskUserS-1-5-21-1577607291-3742472165-1464039351-1001UA
2015-09-01 10:05 - 2015-06-19 09:45 - 00003914 _____ C:\WINDOWS\System32\Tasks\DropboxUpdateTaskUserS-1-5-21-1577607291-3742472165-1464039351-1001Core
2015-09-01 10:05 - 2015-01-07 09:37 - 00003996 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task
2015-09-01 10:05 - 2014-05-09 09:58 - 00003528 _____ C:\WINDOWS\System32\Tasks\{65C1EE69-71E9-4DD4-927C-D14FC54A6C7D}
2015-09-01 10:05 - 2014-01-18 18:32 - 00003538 _____ C:\WINDOWS\System32\Tasks\RealDownloaderDownloaderScheduledTaskS-1-5-21-1577607291-3742472165-1464039351-1001
2015-09-01 10:05 - 2013-10-13 16:18 - 00003278 _____ C:\WINDOWS\System32\Tasks\{CADFF3D7-DB59-4FA7-804F-68027FE700EA}
2015-09-01 10:05 - 2012-12-24 09:56 - 00003726 _____ C:\WINDOWS\System32\Tasks\Norton Security Scan for Verena
2015-09-01 10:05 - 2012-12-16 15:04 - 00003496 _____ C:\WINDOWS\System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-1577607291-3742472165-1464039351-1001
2015-09-01 10:05 - 2012-12-16 15:04 - 00003364 _____ C:\WINDOWS\System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-1577607291-3742472165-1464039351-1001
2015-09-01 10:05 - 2012-08-27 21:13 - 00003932 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2015-09-01 10:05 - 2012-07-23 09:07 - 00003650 _____ C:\WINDOWS\System32\Tasks\CreateChoiceProcessTask
2015-09-01 10:05 - 2012-05-07 18:33 - 00003496 _____ C:\WINDOWS\System32\Tasks\RealUpgradeScheduledTaskS-1-5-21-1577607291-3742472165-1464039351-1001
2015-09-01 10:05 - 2012-05-07 18:33 - 00003364 _____ C:\WINDOWS\System32\Tasks\RealUpgradeLogonTaskS-1-5-21-1577607291-3742472165-1464039351-1001
2015-09-01 10:05 - 2012-05-07 18:32 - 00004216 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2015-09-01 10:05 - 2012-05-07 18:32 - 00003964 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2015-09-01 10:04 - 2015-07-10 13:04 - 00000000 __RSD C:\WINDOWS\Media
2015-09-01 10:04 - 2015-07-10 13:04 - 00000000 __RHD C:\Users\Public\Libraries
2015-09-01 10:00 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\system32\spool
2015-09-01 09:52 - 2015-07-10 18:46 - 00000000 ____D C:\WINDOWS\ShellNew
2015-09-01 09:52 - 2015-07-10 13:04 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
2015-09-01 09:52 - 2015-05-15 12:42 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XMind
2015-09-01 09:52 - 2015-04-27 22:55 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Citavi 5
2015-09-01 09:52 - 2015-04-26 15:41 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NCH Software Produktpalette
2015-09-01 09:52 - 2015-04-26 15:41 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Audioverwandte Programme
2015-09-01 09:52 - 2014-11-30 16:26 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MuseScore
2015-09-01 09:52 - 2014-11-30 16:21 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PriMusFree
2015-09-01 09:52 - 2014-11-30 14:38 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\capella-software
2015-09-01 09:52 - 2014-04-06 19:23 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Freemake
2015-09-01 09:52 - 2014-01-23 21:52 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Defraggler
2015-09-01 09:52 - 2013-12-13 21:00 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth
2015-09-01 09:52 - 2013-03-20 14:09 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2015-09-01 09:52 - 2012-12-16 15:02 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RealNetworks
2015-09-01 09:52 - 2012-10-13 21:00 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FRITZ!Box
2015-09-01 09:52 - 2012-09-06 09:23 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ALDI Bestellsoftware
2015-09-01 09:52 - 2012-07-24 22:10 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-09-01 09:52 - 2012-07-05 18:01 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Picasa 3
2015-09-01 09:52 - 2012-05-07 18:28 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft
2015-09-01 09:52 - 2012-04-15 12:57 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SharePoint
2015-09-01 09:52 - 2012-04-15 12:57 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
2015-09-01 09:52 - 2012-04-13 16:58 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Family Protection
2015-09-01 09:52 - 2011-12-02 12:09 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EgisTec
2015-09-01 09:52 - 2011-12-02 12:02 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dolby
2015-09-01 09:52 - 2011-12-02 11:49 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AcerSystem
2015-09-01 09:52 - 2011-10-14 05:50 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acer Backup Manager
2015-09-01 09:52 - 2011-10-14 05:42 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live
2015-09-01 09:52 - 2011-10-14 05:42 - 00000000 ____D C:\WINDOWS\tr
2015-09-01 09:52 - 2011-10-14 05:42 - 00000000 ____D C:\WINDOWS\th
2015-09-01 09:52 - 2011-10-14 05:42 - 00000000 ____D C:\WINDOWS\sv
2015-09-01 09:52 - 2011-10-14 05:42 - 00000000 ____D C:\WINDOWS\sl
2015-09-01 09:52 - 2011-10-14 05:42 - 00000000 ____D C:\WINDOWS\sk
2015-09-01 09:52 - 2011-10-14 05:42 - 00000000 ____D C:\WINDOWS\ca
2015-09-01 09:52 - 2011-10-14 05:41 - 00000000 ____D C:\WINDOWS\ru
2015-09-01 09:52 - 2011-10-14 05:41 - 00000000 ____D C:\WINDOWS\ro
2015-09-01 09:52 - 2011-10-14 05:41 - 00000000 ____D C:\WINDOWS\pl
2015-09-01 09:52 - 2011-10-14 05:41 - 00000000 ____D C:\WINDOWS\no
2015-09-01 09:52 - 2011-10-14 05:41 - 00000000 ____D C:\WINDOWS\nl
2015-09-01 09:52 - 2011-10-14 05:41 - 00000000 ____D C:\WINDOWS\it
2015-09-01 09:52 - 2011-10-14 05:41 - 00000000 ____D C:\WINDOWS\hu
2015-09-01 09:52 - 2011-10-14 05:41 - 00000000 ____D C:\WINDOWS\hr
2015-09-01 09:52 - 2011-10-14 05:41 - 00000000 ____D C:\WINDOWS\he
2015-09-01 09:52 - 2011-10-14 05:41 - 00000000 ____D C:\WINDOWS\fr
2015-09-01 09:52 - 2011-10-14 05:41 - 00000000 ____D C:\WINDOWS\fi
2015-09-01 09:52 - 2011-10-14 05:41 - 00000000 ____D C:\WINDOWS\es
2015-09-01 09:52 - 2011-10-14 05:41 - 00000000 ____D C:\WINDOWS\en
2015-09-01 09:52 - 2011-10-14 05:41 - 00000000 ____D C:\WINDOWS\el
2015-09-01 09:52 - 2011-10-14 05:41 - 00000000 ____D C:\WINDOWS\de
2015-09-01 09:52 - 2011-10-14 05:41 - 00000000 ____D C:\WINDOWS\da
2015-09-01 09:52 - 2011-10-14 05:40 - 00000000 ____D C:\WINDOWS\cs
2015-09-01 09:52 - 2011-10-14 05:40 - 00000000 ____D C:\WINDOWS\bg
2015-09-01 09:52 - 2011-10-14 05:40 - 00000000 ____D C:\WINDOWS\ar
2015-09-01 09:52 - 2011-10-14 05:32 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acer
2015-09-01 09:52 - 2011-10-14 05:16 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel
2015-09-01 09:52 - 2009-07-14 07:32 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2015-09-01 09:51 - 2015-07-10 11:05 - 00032768 ___SH C:\WINDOWS\system32\config\ELAM
2015-09-01 09:51 - 2014-01-10 23:44 - 00000000 ____D C:\Users\Verena\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google+ Auto Backup
2015-09-01 09:51 - 2013-05-30 22:44 - 00000000 ____D C:\Users\Verena\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ahnenblatt
2015-09-01 09:51 - 2013-01-15 21:46 - 00000000 ____D C:\Users\Verena\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\The KMPlayer
2015-09-01 09:51 - 2012-10-22 13:09 - 00000000 ____D C:\Users\Verena\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
2015-09-01 09:50 - 2015-07-10 13:05 - 00004362 _____ C:\WINDOWS\DtcInstall.log
2015-09-01 09:50 - 2015-07-10 13:04 - 00000000 ___RD C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-09-01 09:50 - 2015-07-10 13:04 - 00000000 ___RD C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-09-01 09:50 - 2009-07-14 05:20 - 00000000 ____D C:\Users\Default.migrated
2015-09-01 09:47 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\SysWOW64\zh-HK
2015-09-01 09:47 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\SysWOW64\tr-TR
2015-09-01 09:46 - 2015-07-10 18:34 - 00000000 ____D C:\WINDOWS\SysWOW64\sysprep
2015-09-01 09:46 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\SysWOW64\migwiz
2015-09-01 09:46 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\SysWOW64\Macromed
2015-09-01 09:46 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\SysWOW64\IME
2015-09-01 09:46 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\system32\zh-HK
2015-09-01 09:46 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2015-09-01 09:46 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\system32\tr-TR
2015-09-01 09:46 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\system32\oobe
2015-09-01 09:46 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\system32\NDF
2015-09-01 09:46 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\system32\IME
2015-09-01 09:46 - 2013-08-01 14:25 - 00000000 ____D C:\WINDOWS\system32\MRT
2015-09-01 09:46 - 2012-11-27 20:23 - 00000000 ____D C:\WINDOWS\SysWOW64\Adobe
2015-09-01 09:45 - 2015-07-10 15:19 - 00000000 ____D C:\WINDOWS\DigitalLocker
2015-09-01 09:45 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\schemas
2015-09-01 09:45 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\LiveKernelReports
2015-09-01 09:45 - 2010-11-21 09:16 - 00000000 ___RD C:\Users\Public\Recorded TV
2015-09-01 09:44 - 2015-07-10 13:04 - 00000000 __SHD C:\Program Files\Windows Sidebar
2015-09-01 09:44 - 2015-07-10 13:04 - 00000000 __SHD C:\Program Files (x86)\Windows Sidebar
2015-09-01 09:44 - 2015-07-10 13:04 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2015-09-01 09:44 - 2014-12-17 21:04 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2015-09-01 09:44 - 2014-10-11 23:36 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AnyMP4
2015-09-01 09:44 - 2014-08-25 17:19 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cisco
2015-09-01 09:44 - 2013-01-24 20:39 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EA GAMES
2015-09-01 09:44 - 2012-11-18 20:01 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Citavi 3
2015-09-01 09:44 - 2012-10-22 12:56 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Infogrames
2015-09-01 09:44 - 2012-04-15 12:35 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\I.R.I.S. Anwendungen
2015-09-01 09:44 - 2012-04-15 12:31 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung Printers
2015-09-01 09:44 - 2012-04-15 12:24 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Brother
2015-09-01 09:44 - 2011-10-14 05:31 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Evernote
2015-09-01 09:44 - 2009-07-14 07:32 - 00000000 ____D C:\Program Files\Microsoft Games
2015-09-01 09:44 - 2009-07-14 07:32 - 00000000 ____D C:\Program Files\DVD Maker
2015-09-01 09:43 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\system32\Recovery
2015-09-01 09:42 - 2014-04-06 19:23 - 00000000 ____D C:\Users\Verena\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Freemake
2015-09-01 09:39 - 2015-07-10 11:05 - 00000000 ____D C:\WINDOWS\system32\Sysprep
2015-09-01 09:37 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\Help
2015-09-01 09:11 - 2011-12-02 11:47 - 01185518 _____ C:\WINDOWS\WindowsUpdate (1).log
2015-09-01 09:11 - 2009-07-14 06:45 - 00024400 ____H C:\WINDOWS\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-09-01 09:11 - 2009-07-14 06:45 - 00024400 ____H C:\WINDOWS\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-09-01 09:01 - 2015-07-10 19:28 - 00000000 ___HD C:\$Windows.~BT
2015-08-28 09:23 - 2012-04-15 12:24 - 00000432 _____ C:\WINDOWS\BRWMARK.INI
2015-08-27 16:08 - 2012-05-07 18:32 - 00001110 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2015-08-24 10:51 - 2015-04-27 22:57 - 00000000 ____D C:\Users\Verena\Documents\Citavi 5
2015-08-18 10:46 - 2012-12-24 09:56 - 00000000 ____D C:\ProgramData\Norton
2015-08-16 11:32 - 2009-07-14 07:09 - 00000000 ____D C:\WINDOWS\System32\Tasks\WPD
2015-08-16 11:27 - 2013-03-20 14:07 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2015-08-16 11:27 - 2013-03-20 14:07 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2015-08-16 11:04 - 2012-04-15 12:54 - 00000000 ____D C:\ProgramData\Microsoft Help
2015-08-16 10:57 - 2009-07-14 04:34 - 00000510 _____ C:\WINDOWS\win.ini
2015-08-16 10:33 - 2012-08-03 09:45 - 132483416 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======
2015-04-14 18:28 - 2015-04-14 18:28 - 0004387 _____ () C:\Users\Verena\AppData\Roaming\b6TtfCU4fgZ9RE6NnSqEJ1
2015-04-19 14:20 - 2015-04-19 14:20 - 0005872 _____ () C:\Users\Verena\AppData\Roaming\HztSu0wh4JrtyLfcXxrV
2015-04-14 18:28 - 2015-04-14 18:28 - 0004387 _____ () C:\Users\Verena\AppData\Roaming\hZXISqFX
2015-04-19 14:20 - 2015-04-19 14:20 - 0005872 _____ () C:\Users\Verena\AppData\Roaming\IyEFViIqK8st2WX35
2015-04-19 14:20 - 2015-04-19 14:20 - 0005872 _____ () C:\Users\Verena\AppData\Roaming\lI6qhaY
2012-04-15 12:36 - 2012-04-15 12:36 - 0011837 _____ () C:\Users\Verena\AppData\Roaming\SmarThruOptions.xml
2014-01-20 12:34 - 2014-01-24 02:32 - 0000178 _____ () C:\Users\Verena\AppData\Roaming\WB.CFG
2014-01-20 12:34 - 2014-01-24 02:32 - 0000005 _____ () C:\Users\Verena\AppData\Roaming\WBPU-TTL.DAT
2013-07-05 17:40 - 2013-07-05 17:40 - 0008704 _____ () C:\Users\Verena\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-02-25 14:49 - 2015-04-19 10:48 - 0004096 ____H () C:\Users\Verena\AppData\Local\keyfile3.drm
2014-05-30 17:57 - 2014-05-30 17:57 - 0000000 _____ () C:\Users\Verena\AppData\Local\{54D355D5-865D-4B3D-83C0-DE7941F04EAD}
2015-03-10 15:59 - 2015-03-10 15:59 - 0000000 _____ () C:\Users\Verena\AppData\Local\{6237EEC7-5F06-48E9-A7FC-52B62BAF932A}
2015-03-26 12:24 - 2015-03-26 12:24 - 0000000 _____ () C:\Users\Verena\AppData\Local\{6C2D1742-245D-4886-BE82-50CCBD5F2F7C}
2011-12-02 12:14 - 2011-12-02 12:16 - 0015230 _____ () C:\ProgramData\ArcadeDeluxe5.log
2015-09-01 09:36 - 2015-09-01 09:36 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2013-12-27 21:46 - 2013-12-27 21:46 - 0000032 _____ () C:\ProgramData\PS.log
2013-09-26 23:11 - 2013-09-26 23:11 - 3855413 _____ () C:\ProgramData\SamPCFax00001FF80002
2013-09-26 23:11 - 2013-09-26 23:11 - 0000004 _____ () C:\ProgramData\SamPCFax00001FF80003
2013-09-26 23:11 - 2013-09-26 23:11 - 0000064 _____ () C:\ProgramData\SamPCFax000021C40001
2013-10-11 12:27 - 2013-10-11 12:27 - 0000032 _____ () C:\ProgramData\Temp.log
Einige Dateien in TEMP:
====================
C:\Users\Verena\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpfmyyen.dll
C:\Users\Verena\AppData\Local\Temp\FBS566.exe
C:\Users\Verena\AppData\Local\Temp\FBSA93E.exe
C:\Users\Verena\AppData\Local\Temp\sqlite3.dll
C:\Users\Verena\AppData\Local\Temp\Uninstall.exe
C:\Users\Verena\AppData\Local\Temp\UninstallModule.exe
==================== Bamital & volsnap =================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert
LastRegBack: 2015-09-01 09:31
==================== Ende von FRST.txt ============================
|
|
10.09.2015, 19:18
| #10 |
| /// the machine /// TB-Ausbilder | Reimage RepairESET Online Scanner
Downloade Dir bitte  SecurityCheck und:
und ein frisches FRST log bitte. Noch Probleme?
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
12.09.2015, 21:15
| #11 |
| | Reimage Repair Hallo! Das von ESET: Code:
ATTFilter ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=01e9f29a08c00e41aea3a9362d02e152
# end=init
# utc_time=2015-09-10 09:18:12
# local_time=2015-09-10 11:18:12 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# osver=6.2.9200 NT
Update Init
Update Download
Update Finalize
Updated modules version: 25702
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=01e9f29a08c00e41aea3a9362d02e152
# end=updated
# utc_time=2015-09-10 09:20:44
# local_time=2015-09-10 11:20:44 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# osver=6.2.9200 NT
ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=01e9f29a08c00e41aea3a9362d02e152
# end=init
# utc_time=2015-09-12 07:16:57
# local_time=2015-09-12 09:16:57 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# osver=6.2.9200 NT
Update Init
Update Download
Update Finalize
Updated modules version: 25732
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=01e9f29a08c00e41aea3a9362d02e152
# end=updated
# utc_time=2015-09-12 07:18:36
# local_time=2015-09-12 09:18:36 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# osver=6.2.9200 NT
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7777
# api_version=3.1.1
# EOSSerial=01e9f29a08c00e41aea3a9362d02e152
# engine=25732
# end=stopped
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2015-09-12 07:50:37
# local_time=2015-09-12 09:50:37 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1031
# osver=6.2.9200 NT
# compatibility_mode_1=''
# compatibility_mode=5893 16776573 100 94 3446 5561449 0 0
# scanned=18850
# found=11
# cleaned=0
# scan_time=1920
sh=9C61B57BFD65F017038DF61F589CAB85DFE32426 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.J evtl. unerwünschte Anwendung" ac=I fn="C:\$RECYCLE.BIN\S-1-5-21-1577607291-3742472165-1464039351-1001\$R8EVWTJ.xpi"
sh=00BF883F44CF8D33D6DCDFE635F49387B23F39C4 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.J evtl. unerwünschte Anwendung" ac=I fn="C:\$RECYCLE.BIN\S-1-5-21-1577607291-3742472165-1464039351-1001\$RL7EOMS.xpi"
sh=CC9EE3C0198D19AF7E19F5CE136CC60C47349418 ft=1 fh=c84d9186460108c8 vn="Variante von Win32/Toolbar.CrossRider.CU evtl. unerwünschte Anwendung" ac=I fn="C:\$RECYCLE.BIN\S-1-5-21-1577607291-3742472165-1464039351-1001\$RMB5LO7.exe"
sh=DA1B2B6BBF2D086DE3CCAF232C3117E9A9718EE0 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.E evtl. unerwünschte Anwendung" ac=I fn="C:\$RECYCLE.BIN\S-1-5-21-1577607291-3742472165-1464039351-1001\$RTRAFTD.crx"
sh=FD8E2D2C36FE240B0A170F4CF1BA8A587BC955F7 ft=1 fh=eea5e6100c4f772a vn="Variante von Win32/Toolbar.CrossRider.CU evtl. unerwünschte Anwendung" ac=I fn="C:\$RECYCLE.BIN\S-1-5-21-1577607291-3742472165-1464039351-1001\$RVGFT4A.exe"
sh=4AC15D00534D30BB79F54E9E890C7846AF0EBF5E ft=1 fh=68a43dc4f9008c24 vn="Variante von Win32/SpeedBit.F evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files\Common Files\System\SysMenu.dll.vir"
sh=7506AB06FF47152673F8791F8AA8620C541AD8E6 ft=1 fh=1341832cfcc127e2 vn="Variante von Win32/SBWatchman.F evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\YTDownloader\BrowserHelperSrv.exe.vir"
sh=16A612EFABDD24382268A9625A4FB99224325A61 ft=1 fh=ca34bf55150bfd7f vn="Variante von Win32/SpeedBit.F evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\YTDownloader\DownloadAPI.dll.vir"
sh=4A059700725B5B636CAFC956767C7DA73C4CBA10 ft=1 fh=5ecda210681d1b43 vn="Variante von Win32/ShopperPro.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\YTDownloader\Updater.exe.vir"
sh=BA88401C1A854AAAA4F317774760A23295D454E5 ft=1 fh=c288acd7d745cd83 vn="Variante von Win32/SBWatchman.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\YTDownloader\YTDownloader.exe.vir"
sh=4835AAAC6E6474D4DA1DD2A2DFF3AD60D7A0C022 ft=1 fh=a3eaa32e97253e77 vn="Variante von Win32/SpeedBit.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\YTDownloader\YTDUninstall.exe.vir"
Code:
ATTFilter Results of screen317's Security Check version 1.008
x64 (UAC is enabled)
Internet Explorer 11
``````````````Antivirus/Firewall Check:``````````````
Windows Defender
WMI entry may not exist for antivirus; attempting automatic update.
`````````Anti-malware/Other Utilities Check:`````````
Adobe Flash Player 18.0.0.232
Adobe Reader XI
Google Chrome (44.0.2403.157)
Google Chrome (45.0.2454.85)
````````Process Check: objlist.exe by Laurent````````
Windows Defender MSMpEng.exe
Windows Defender MpCmdRun.exe
`````````````````System Health check`````````````````
Total Fragmentation on Drive C: %
````````````````````End of Log``````````````````````
Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:12-09-2015
durchgeführt von Verena (Administrator) auf VERENA-PC (12-09-2015 22:02:29)
Gestartet von C:\Users\Verena\Downloads
Geladene Profile: UpdatusUser & Verena (Verfügbare Profile: UpdatusUser & Verena)
Platform: Windows 10 Home (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: Edge)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Cisco Systems, Inc.) C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\dsiwmis.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Registration\GREGsvc.exe
(Microsoft Corporation) C:\Windows\System32\mqsvc.exe
(NTI Corporation) C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Updater\UpdaterService.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMutilps32.exe
(Samsung Electronics Co., Ltd.) C:\Windows\System32\spool\drivers\x64\3\NetFaxServer64.exe
() C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(Microsoft Corporation) C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Microsoft Corporation) C:\Users\Verena\AppData\Local\Microsoft\OneDrive\OneDrive.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerEvent.exe
(Dropbox, Inc.) C:\Users\Verena\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE
(NTI Corporation) C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LManager.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMworker.exe
() C:\Windows\Samsung\PanelMgr\SSMMgr.exe
() C:\Windows\Samsung\PanelMgr\caller64.exe
() C:\Windows\twain_32\Samsung\CLX3180\Scan2Pc.exe
(Cisco Systems, Inc.) C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
() C:\Program Files\WindowsApps\Microsoft.Windows.Photos_15.827.16340.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
(RealNetworks, Inc.) C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
(Microsoft Corporation) C:\Windows\System32\browser_broker.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
() C:\Users\Verena\Downloads\SecurityCheck.exe
(Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe
(Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Farbar) C:\Users\Verena\Downloads\FRST64 (3).exe
==================== Registry (Nicht auf der Ausnahmeliste) ===========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13885696 2015-06-24] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1402624 2015-06-24] (Realtek Semiconductor)
HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [3233976 2015-09-01] (ELAN Microelectronics Corp.)
HKLM\...\Run: [IntelTBRunOnce] => wscript.exe //b //nologo "C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs"
HKLM\...\Run: [Power Management] => C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe [1831016 2011-08-02] (Acer Incorporated)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
HKLM-x32\...\Run: [BackupManagerTray] => C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe [297280 2011-04-24] (NTI Corporation)
HKLM-x32\...\Run: [LManager] => C:\Program Files (x86)\Launch Manager\LManager.exe [1103440 2011-07-01] (Dritek System Inc.)
HKLM-x32\...\Run: [Dolby Advanced Audio v2] => C:\Dolby PCEE4\pcee4.exe [506712 2011-06-01] (Dolby Laboratories Inc.)
HKLM-x32\...\Run: [SuiteTray] => C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe [341360 2011-09-20] (Egis Technology Inc.)
HKLM-x32\...\Run: [BrStsWnd] => C:\Program Files (x86)\Brownie\BrstsW64.exe [3695984 2011-03-25] (brother)
HKLM-x32\...\Run: [Samsung PanelMgr] => C:\Windows\Samsung\PanelMgr\SSMMgr.exe [688128 2011-07-06] ()
HKLM-x32\...\Run: [CLX3180_Scan2Pc] => C:\Windows\Twain_32\Samsung\CLX3180\Scan2pc.exe [1990144 2011-04-29] ()
HKLM-x32\...\Run: [3180 Scan2PC] => C:\Windows\twain_32\Samsung\CLX3180\Scan2Pc.exe [1990144 2011-04-29] ()
HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation)
HKLM-x32\...\Run: [Cisco AnyConnect Secure Mobility Agent for Windows] => C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe [707472 2014-03-12] (Cisco Systems, Inc.)
HKLM-x32\...\Run: [TkBellExe] => c:\program files (x86)\real\realplayer\update\realsched.exe [295072 2012-12-16] (RealNetworks, Inc.)
Winlogon\Notify\igfxcui: C:\WINDOWS\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-1577607291-3742472165-1464039351-1000\...\Run: [Sidebar] => %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun
HKU\S-1-5-21-1577607291-3742472165-1464039351-1000\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [517632 2015-07-10] (Microsoft Corporation)
HKU\S-1-5-21-1577607291-3742472165-1464039351-1001\...\Run: [Dropbox Update] => C:\Users\Verena\AppData\Local\Dropbox\Update\DropboxUpdate.exe [134512 2015-06-19] (Dropbox, Inc.)
HKU\S-1-5-21-1577607291-3742472165-1464039351-1001\...\Run: [OneDrive] => C:\Users\Verena\AppData\Local\Microsoft\OneDrive\OneDrive.exe [404064 2015-09-02] (Microsoft Corporation)
AppInit_DLLs: c:\Windows\System32\nvinitx.dll => c:\Windows\System32\nvinitx.dll [177088 2015-07-13] (NVIDIA Corporation)
AppInit_DLLs: ,C:\WINDOWS\system32\nvinitx.dll => C:\WINDOWS\system32\nvinitx.dll [177088 2015-07-13] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\WINDOWS\SysWOW64\nvinit.dll => C:\WINDOWS\SysWOW64\nvinit.dll [155280 2015-07-13] (NVIDIA Corporation)
ShellIconOverlayIdentifiers: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Verena\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll Keine Datei
ShellIconOverlayIdentifiers: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Verena\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll Keine Datei
ShellIconOverlayIdentifiers: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Verena\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll Keine Datei
ShellIconOverlayIdentifiers: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Verena\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll Keine Datei
ShellIconOverlayIdentifiers: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Verena\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll Keine Datei
ShellIconOverlayIdentifiers: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Verena\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll Keine Datei
ShellIconOverlayIdentifiers: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Verena\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll Keine Datei
ShellIconOverlayIdentifiers: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Verena\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll Keine Datei
Startup: C:\Users\Verena\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2014-11-02]
ShortcutTarget: Dropbox.lnk -> C:\Users\Verena\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\Users\Verena\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2010 Bildschirmausschnitt- und Startprogramm.lnk [2012-04-15]
ShortcutTarget: OneNote 2010 Bildschirmausschnitt- und Startprogramm.lnk -> C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE (Microsoft Corporation)
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt..)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{3b7f2f84-982a-49ea-9368-45fb5bc144d9}: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{b0d6ddbf-db99-4fd2-9675-c35ced802d52}: [DhcpNameServer] 192.168.178.1
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617910&ResetID=130856855472853968&GUID=72A09B6E-8225-4B37-94F8-E33EAFCC85C1
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-1577607291-3742472165-1464039351-1001\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-1577607291-3742472165-1464039351-1001\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com/ie
HKU\S-1-5-21-1577607291-3742472165-1464039351-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617910&ResetID=130862133690298002&GUID=72A09B6E-8225-4B37-94F8-E33EAFCC85C1
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-1577607291-3742472165-1464039351-1000 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-1577607291-3742472165-1464039351-1001 -> DefaultScope {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKU\S-1-5-21-1577607291-3742472165-1464039351-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-1577607291-3742472165-1464039351-1001 -> {2A44F415-BC14-4AC0-AF6C-0D89E7908512} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKU\S-1-5-21-1577607291-3742472165-1464039351-1001 -> {4B0B64FD-EC90-484B-A3F3-3997730B5B73} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKU\S-1-5-21-1577607291-3742472165-1464039351-1001 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKU\S-1-5-21-1577607291-3742472165-1464039351-1001 -> {BB1C9FE6-A25C-4D5D-9631-59F983A1351B} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
BHO: Citavi Picker -> {609D670F-B735-4da7-AC6D-F3BD358E325E} -> C:\WINDOWS\system32\mscoree.dll [2015-07-10] (Microsoft Corporation)
BHO: Adblock IE -> {667BEE43-20BD-4CE3-94AC-E63E04D4B191} -> C:\Program Files\MGTEK\Adblock IE\adblockie.dll [2013-05-08] (MGTEK)
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: RealNetworks Download and Record Plugin for Internet Explorer -> {3049C3E9-B461-4BC5-8870-4C09146192CA} -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll [2012-11-29] (RealDownloader)
BHO-x32: Citavi Picker -> {609D670F-B735-4da7-AC6D-F3BD358E325E} -> C:\WINDOWS\SysWOW64\mscoree.dll [2015-07-10] (Microsoft Corporation)
BHO-x32: Adblock IE -> {667BEE43-20BD-4CE3-94AC-E63E04D4B191} -> C:\Program Files (x86)\MGTEK\Adblock IE\adblockie.dll [2013-05-08] (MGTEK)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
DPF: HKLM {166B1BCA-3F9C-11CF-8075-444553540000} hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: HKLM {233C1507-6A77-46A4-9443-F871F945D258} hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Technologies)
FireFox:
========
FF ProfilePath: C:\Users\Verena\AppData\Roaming\Mozilla\Firefox\Profiles\fpx32vvt.default-1374689957011
FF DefaultSearchEngine: Search Module
FF SelectedSearchEngine: Yahoo DE
FF Homepage: hxxps://www.malwarebytes.org/restorebrowser//?type=hp&ts=1441213265&z=ca518fbf7d0208bbd6016degfz1z6g1o2g5c1g8cbw&from=cmi&uid=WDCXWD6400BPVT-22HXZT3_WD-WX91A91P5075P5075
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_18_0_0_232.dll [2015-08-13] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_232.dll [2015-08-13] ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2013-10-07] (Google)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2014-01-06] (Google, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=10.5.1 -> C:\Windows\SysWOW64\npDeployJava1.dll [2012-07-05] (Oracle Corporation)
FF Plugin-x32: @mcafee.com/SAFFPlugin -> C:\Program Files (x86)\McAfee\SiteAdvisor\npmcffplg32.dll [Keine Datei]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~4\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2011-05-14] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2011-05-14] (Microsoft Corporation)
FF Plugin-x32: @real.com/nppl3260;version=16.0.0.282 -> c:\program files (x86)\real\realplayer\Netscape6\nppl3260.dll [2012-12-16] (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprndlchromebrowserrecordext;version=1.3.0 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll [2012-11-29] (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprndlhtml5videoshim;version=1.3.0 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll [2012-11-29] (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprndlpepperflashvideoshim;version=1.3.0 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll [2012-11-29] (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpplugin;version=16.0.0.282 -> c:\program files (x86)\real\realplayer\Netscape6\nprpplugin.dll [2012-12-16] (RealPlayer)
FF Plugin-x32: @realnetworks.com/npdlplugin;version=1 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll [2012-11-29] (RealDownloader)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.13\npGoogleUpdate3.dll [2015-08-27] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.13\npGoogleUpdate3.dll [2015-08-27] (Google Inc.)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\4\NP_wtapp.dll [2012-12-19] ()
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-06-29] (Adobe Systems Inc.)
FF Extension: Amazon-Icon - C:\Users\Verena\AppData\Roaming\Mozilla\Firefox\Profiles\fpx32vvt.default-1374689957011\Extensions\amazon-icon@giga.de [2014-11-01]
FF Extension: Foxi Security - C:\Users\Verena\AppData\Roaming\Mozilla\Firefox\Profiles\fpx32vvt.default-1374689957011\Extensions\foxi@securitii-dhfjs.com [2014-11-01]
FF Extension: Simple New Tab - C:\Users\Verena\AppData\Roaming\Mozilla\Firefox\Profiles\fpx32vvt.default-1374689957011\Extensions\snt@dotlabs.co [2013-11-28]
FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor
FF HKLM-x32\...\Firefox\Extensions: [{34712C68-7391-4c47-94F3-8F88D49AD632}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
FF Extension: RealDownloader - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext [2012-12-16]
FF HKLM-x32\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
FF HKLM-x32\...\Firefox\Extensions: [{8AA36F4F-6DC7-4c06-77AF-5035170634FE}] - C:\ProgramData\Swiss Academic Software\Citavi Picker\Firefox
FF Extension: Citavi Picker - C:\ProgramData\Swiss Academic Software\Citavi Picker\Firefox [2015-04-27]
FF Extension: Kein Name - C:\Users\Verena\AppData\Roaming\Mozilla\Firefox\Profiles\fpx32vvt.default-1374689957011\extensions\d4db60df25f14dae9dd18@185c395f9e794c9ab86be3eb.com [nicht gefunden]
FF Extension: Kein Name - C:\Users\Verena\AppData\Roaming\Mozilla\Firefox\Profiles\fpx32vvt.default-1374689957011\extensions\TTSD90021300@PYDKGV101145942.com [nicht gefunden]
FF ExtraCheck: C:\Program Files (x86)\mozilla firefox\firefox.cfg [2015-09-01] <==== ACHTUNG
Chrome:
=======
CHR dev: Chrome dev build erkannt! <======= ACHTUNG
CHR HomePage: Default -> hxxp://www.google.com/
CHR StartupUrls: Default -> "hxxps://www.malwarebytes.org/restorebrowser/"
CHR DefaultSearchURL: Default -> hxxp://www-searching.com/search.aspx?site=shdefault&prd=smw&pid=s&shr=d&q={searchTerms}&s=Unknown
CHR DefaultSearchKeyword: Default -> www-searching.com
CHR DefaultSuggestURL: Default -> hxxp://api.searchpredict.com/api/?rqtype=ffplugin&siteID=8661&dbCode=1&command={searchTerms}
CHR Profile: C:\Users\Verena\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Docs) - C:\Users\Verena\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-06-08]
CHR Extension: (RealDownloader) - C:\Users\Verena\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhngdhcfkoamngbedgpaokgjbnpdiji [2013-05-02]
CHR HKU\S-1-5-21-1577607291-3742472165-1464039351-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [jlcgehabolcakkjhgmgpkagpolbjlhfa] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [idhngdhcfkoamngbedgpaokgjbnpdiji] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Chrome\Ext\realdownloader.crx [2012-11-29]
CHR HKLM-x32\...\Chrome\Extension: [ohgndokldibnndfnjnagojmheejlengn] - hxxps://clients2.google.com/service/update2/crx
==================== Dienste (Nicht auf der Ausnahmeliste) ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R2 ETDService; C:\Program Files\Elantech\ETDService.exe [135352 2015-09-01] (ELAN Microelectronics Corp.)
S2 Freemake Improver; C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe [108032 2014-02-04] (Freemake) [Datei ist nicht signiert]
S2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1133880 2015-06-18] (Malwarebytes Corporation)
R2 MSMQ; C:\Windows\system32\mqsvc.exe [26112 2015-09-01] (Microsoft Corporation)
R2 NTI IScheduleSvc; C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe [256832 2011-04-24] (NTI Corporation)
R2 RealNetworks Downloader Resolver Service; C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe [38608 2012-11-29] ()
R2 Samsung Network Fax Server; C:\Windows\system32\spool\drivers\x64\3\NetFaxServer64.exe [229888 2011-04-28] (Samsung Electronics Co., Ltd.) [Datei ist nicht signiert]
S3 w3logsvc; C:\Windows\system32\inetsrv\w3logsvc.dll [84480 2015-09-01] (Microsoft Corporation)
R2 W3SVC; C:\Windows\system32\inetsrv\iisw3adm.dll [578560 2015-09-01] (Microsoft Corporation)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [362928 2015-07-10] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-07-10] (Microsoft Corporation)
===================== Treiber (Nicht auf der Ausnahmeliste) ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R3 BCM43XX; C:\Windows\system32\DRIVERS\bcmwl63a.sys [7593176 2015-07-10] (Broadcom Corporation)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [498512 2015-08-18] (Symantec Corporation)
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25816 2015-06-18] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [64216 2015-06-18] (Malwarebytes Corporation)
R3 MQAC; C:\Windows\System32\drivers\mqac.sys [175104 2015-09-01] (Microsoft Corporation)
S3 UdeCx; C:\Windows\System32\drivers\udecx.sys [44032 2015-07-10] ()
S3 vpnva; C:\Windows\System32\drivers\vpnva64-6.sys [52592 2014-03-12] (Cisco Systems, Inc.)
S0 WdBoot; C:\Windows\System32\drivers\WdBoot.sys [44568 2015-07-10] (Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [291680 2015-07-10] (Microsoft Corporation)
R2 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [119648 2015-07-10] (Microsoft Corporation)
U3 idsvc; kein ImagePath
S1 occjncgy; \??\C:\WINDOWS\system32\drivers\occjncgy.sys [X]
S3 wfpcapture; \SystemRoot\System32\drivers\wfpcapture.sys [X]
U3 wpcsvc; kein ImagePath
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat: Erstellte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2015-09-12 22:08 - 2015-09-12 22:08 - 00016148 _____ C:\WINDOWS\system32\VERENA-PC_Verena_HistoryPrediction.bin
2015-09-12 22:01 - 2015-09-12 22:01 - 02190848 _____ (Farbar) C:\Users\Verena\Downloads\FRST64 (3).exe
2015-09-12 22:00 - 2015-09-12 22:00 - 02190848 _____ (Farbar) C:\Users\Verena\Downloads\FRST64 (2).exe
2015-09-12 21:56 - 2015-09-12 21:56 - 00852704 _____ C:\Users\Verena\Downloads\SecurityCheck.exe
2015-09-12 21:14 - 2015-09-12 21:16 - 02870984 _____ (ESET) C:\Users\Verena\Downloads\esetsmartinstaller_deu (1).exe
2015-09-11 19:18 - 2015-09-11 19:18 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2015-09-11 18:44 - 2015-09-12 20:50 - 00003622 _____ C:\WINDOWS\System32\Tasks\ReclaimerUpdateXML_Verena
2015-09-11 18:44 - 2015-09-11 18:44 - 00003764 _____ C:\WINDOWS\System32\Tasks\RNUpgradeHelperResumePrompt_Verena
2015-09-11 18:44 - 2015-09-11 18:44 - 00003632 _____ C:\WINDOWS\System32\Tasks\ReclaimerUpdateFiles_Verena
2015-09-11 18:44 - 2015-09-11 18:44 - 00003352 _____ C:\WINDOWS\System32\Tasks\RNUpgradeHelperLogonPrompt_Verena
2015-09-10 23:18 - 2015-09-10 23:18 - 00000000 ____D C:\Program Files (x86)\ESET
2015-09-10 23:17 - 2015-09-10 23:17 - 02870984 _____ (ESET) C:\Users\Verena\Downloads\esetsmartinstaller_deu.exe
2015-09-09 21:23 - 2015-09-09 21:23 - 02190336 _____ (Farbar) C:\Users\Verena\Downloads\FRST64 (1).exe
2015-09-09 21:08 - 2015-09-09 21:08 - 00001962 _____ C:\Users\Verena\Desktop\JRT.txt
2015-09-09 20:56 - 2015-09-09 20:11 - 01800104 _____ (Malwarebytes Corporation) C:\Users\Verena\Desktop\JRT.exe
2015-09-09 20:55 - 2015-09-09 20:56 - 01799392 _____ (Malwarebytes Corporation) C:\Users\Verena\Downloads\JRT_7600.exe
2015-09-09 20:38 - 2015-09-09 20:45 - 00000000 ____D C:\AdwCleaner
2015-09-09 20:37 - 2015-09-09 20:37 - 01660416 _____ C:\Users\Verena\Downloads\AdwCleaner_5.007.exe
2015-09-09 20:35 - 2015-09-09 20:35 - 00000902 _____ C:\mbam.txt
2015-09-09 08:38 - 2015-09-09 08:39 - 00310848 _____ C:\WINDOWS\Minidump\090915-45578-01.dmp
2015-09-08 22:51 - 2015-09-09 08:38 - 00000000 ____D C:\WINDOWS\Minidump
2015-09-08 22:51 - 2015-09-08 22:51 - 00310704 _____ C:\WINDOWS\Minidump\090815-61921-01.dmp
2015-09-08 21:27 - 2015-09-08 22:41 - 00000000 ____D C:\Program Files (x86)\c342c41b-1227-4b5c-a118-c3fb81b76308
2015-09-08 21:19 - 2015-09-08 21:20 - 24345872 _____ (Malwarebytes Corporation ) C:\Users\Verena\Downloads\mbam-setup-2.1.8.1057.exe
2015-09-08 20:52 - 2015-09-08 20:52 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\Verena\Downloads\revosetup95 (1).exe
2015-09-06 12:24 - 2015-09-06 12:24 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_WpdFs_01_11_00.Wdf
2015-09-06 11:57 - 2015-09-06 12:05 - 00081202 _____ C:\Users\Verena\Downloads\Addition.txt
2015-09-06 11:40 - 2015-09-12 22:02 - 00025719 _____ C:\Users\Verena\Downloads\FRST.txt
2015-09-06 11:39 - 2015-09-12 22:04 - 00000000 ____D C:\FRST
2015-09-06 11:39 - 2015-09-06 11:39 - 02188800 _____ (Farbar) C:\Users\Verena\Downloads\FRST64.exe
2015-09-05 15:04 - 2015-09-05 15:04 - 00000000 ____D C:\Users\Verena\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2015-09-03 08:47 - 2015-09-12 21:00 - 00001010 _____ C:\WINDOWS\Tasks\lI6qhaY.job
2015-09-03 08:47 - 2015-09-03 08:47 - 00004132 _____ C:\WINDOWS\System32\Tasks\lI6qhaY
2015-09-02 19:55 - 2015-09-11 15:37 - 00001040 _____ C:\WINDOWS\Tasks\b6TtfCU4fgZ9RE6NnSqEJ1.job
2015-09-02 19:55 - 2015-09-11 15:37 - 00001030 _____ C:\WINDOWS\Tasks\IyEFViIqK8st2WX35.job
2015-09-02 19:55 - 2015-09-02 19:55 - 00004190 _____ C:\WINDOWS\System32\Tasks\b6TtfCU4fgZ9RE6NnSqEJ1
2015-09-02 19:55 - 2015-09-02 19:55 - 00004172 _____ C:\WINDOWS\System32\Tasks\IyEFViIqK8st2WX35
2015-09-02 19:41 - 2015-09-02 19:43 - 00000000 ____D C:\Users\Verena\AppData\Local\Comms
2015-09-02 19:29 - 2015-09-08 22:41 - 00000000 ____D C:\ProgramData\Jissifsefaieg
2015-09-02 19:29 - 2015-09-08 20:44 - 00003526 _____ C:\WINDOWS\System32\Tasks\Jissifsefaieg
2015-09-02 19:25 - 2015-09-02 21:58 - 00000000 ____D C:\Users\Verena\AppData\Roaming\Opera Software
2015-09-02 19:25 - 2015-09-02 21:58 - 00000000 ____D C:\Users\Verena\AppData\Local\Opera Software
2015-09-02 19:23 - 2015-09-08 22:41 - 00000000 ____D C:\ProgramData\ewWhKiM
2015-09-02 19:23 - 2015-09-02 21:58 - 00000000 ____D C:\Program Files (x86)\Opera
2015-09-02 18:56 - 2015-09-08 22:41 - 00000000 ____D C:\Program Files (x86)\b6380599-0a17-4fd7-a1e1-22ec41b6723e
2015-09-02 18:46 - 2015-09-11 18:46 - 00001036 _____ C:\WINDOWS\Tasks\HztSu0wh4JrtyLfcXxrV.job
2015-09-02 18:46 - 2015-09-11 18:46 - 00001012 _____ C:\WINDOWS\Tasks\hZXISqFX.job
2015-09-02 18:46 - 2015-09-02 18:46 - 00004182 _____ C:\WINDOWS\System32\Tasks\HztSu0wh4JrtyLfcXxrV
2015-09-02 18:46 - 2015-09-02 18:46 - 00004136 _____ C:\WINDOWS\System32\Tasks\hZXISqFX
2015-09-02 18:45 - 2015-09-08 22:41 - 00000000 ____D C:\Program Files (x86)\66a92713-39e9-42fe-a45a-0a3d741309a9
2015-09-02 18:45 - 2015-09-08 22:25 - 00000004 _____ C:\WINDOWS\SysWOW64\029B560A371F4E00AB32838EBC01B9E7
2015-09-02 18:35 - 2015-09-12 22:07 - 00004162 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{46D6A097-0CD4-4543-91CE-773F04323F0F}
2015-09-02 18:30 - 2015-09-02 18:30 - 00000000 ____D C:\Users\Verena\AppData\Roaming\dlg
2015-09-02 18:30 - 2014-12-17 23:02 - 00000027 _____ C:\WINDOWS\system32\Drivers\etc\hp.bak
2015-09-02 11:23 - 2015-08-19 06:50 - 00609592 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2015-09-01 13:38 - 2015-09-01 13:38 - 00000000 ____D C:\Users\Verena\AppData\Local\NetworkTiles
2015-09-01 11:15 - 2015-09-01 11:15 - 00000000 ____D C:\Users\Verena\AppData\Local\MicrosoftEdge
2015-09-01 11:11 - 2015-09-02 11:11 - 00002404 _____ C:\Users\Verena\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2015-09-01 11:11 - 2015-09-02 11:11 - 00000000 ___RD C:\Users\Verena\OneDrive
2015-09-01 11:09 - 2015-09-01 11:09 - 00047288 _____ (ELAN Microelectronics Corp.) C:\WINDOWS\system32\ETDCoInstaller01000.dll
2015-09-01 11:09 - 2015-09-01 11:09 - 00001337 _____ C:\Users\Verena\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Realtek HD Audio-Manager.lnk
2015-09-01 11:09 - 2015-09-01 11:09 - 00001055 _____ C:\Users\Verena\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Optionale Features.lnk
2015-09-01 11:09 - 2015-09-01 11:09 - 00000000 ____D C:\ProgramData\Microsoft OneDrive
2015-09-01 11:09 - 2015-07-09 20:25 - 16736256 _____ (Microsoft Corporation) C:\WINDOWS\system32\prm0001.dll
2015-09-01 11:07 - 2015-09-01 11:07 - 00000000 ____D C:\Users\Verena\AppData\Local\Publishers
2015-09-01 11:05 - 2015-09-10 23:52 - 00000000 ____D C:\Users\Verena\AppData\Local\Packages
2015-09-01 11:05 - 2015-09-01 11:05 - 00000020 ___SH C:\Users\Verena\ntuser.ini
2015-09-01 11:05 - 2015-09-01 11:05 - 00000000 ____D C:\Users\Verena\AppData\Local\TileDataLayer
2015-09-01 10:30 - 2015-09-01 11:04 - 00000000 ___DC C:\WINDOWS\Panther
2015-09-01 10:27 - 2015-09-01 10:27 - 00000000 ____D C:\Windows.old
2015-09-01 10:26 - 2015-09-01 10:26 - 24591872 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 22320576 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 21873152 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 20854232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 19333632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 18810368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 16710144 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 14241792 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 13024256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 12589056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 12502016 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 11552768 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 11260928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 09885184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 08020832 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2015-09-01 10:26 - 2015-09-01 10:26 - 07569408 _____ (Microsoft Corporation) C:\WINDOWS\system32\mos.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 07523328 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 07051264 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 06488312 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 06305792 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Search.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 06101504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mos.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 05454848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 05118024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 05076480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingMaps.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 04791296 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 04760576 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExplorerFrame.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 04611584 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 04532304 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2015-09-01 10:26 - 2015-09-01 10:26 - 04398080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Search.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 04350464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExplorerFrame.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 04169728 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIRibbon.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 04047288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2015-09-01 10:26 - 2015-09-01 10:26 - 03780096 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 03687936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 03620736 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 03589632 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2015-09-01 10:26 - 2015-09-01 10:26 - 03579904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 03443200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIRibbon.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 03362816 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 03248640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 03248128 _____ (Microsoft Corporation) C:\WINDOWS\system32\msftedit.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 02878000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 02741760 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 02661376 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 02646528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 02606080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msftedit.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 02558976 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 02498808 _____ C:\WINDOWS\system32\CoreUIComponents.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 02462136 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 02446336 _____ C:\WINDOWS\system32\InputService.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 02416640 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 02415616 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 02235904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 02224128 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 02207744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 02178560 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 02150696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 02147592 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d9.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 02125824 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.appcore.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 02116960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2015-09-01 10:26 - 2015-09-01 10:26 - 02112512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 01985024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWrite.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 01983328 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2015-09-01 10:26 - 2015-09-01 10:26 - 01964544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssrch.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 01914880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 01890304 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 01867672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d9.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 01823232 _____ C:\WINDOWS\SysWOW64\InputService.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 01822280 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 01820672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Logon.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 01793024 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 01773056 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 01769568 _____ C:\WINDOWS\SysWOW64\CoreUIComponents.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 01714176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.appcore.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 01680896 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 01643872 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 01611264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 01602560 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 01601024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Speech.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 01593856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 01591856 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 01562968 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpmde.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 01561360 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmde.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 01533496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 01521664 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActiveSyncProvider.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 01420288 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataService.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 01418240 _____ (Microsoft Corporation) C:\WINDOWS\system32\RecoveryDrive.exe
2015-09-01 10:26 - 2015-09-01 10:26 - 01417216 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 01411072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Editing.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 01396576 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 01382912 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2015-09-01 10:26 - 2015-09-01 10:26 - 01380864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 01365072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 01356368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmde.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 01334784 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAutomationCore.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 01294352 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2015-09-01 10:26 - 2015-09-01 10:26 - 01290752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Shell.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 01274880 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifinetworkmanager.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 01203200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Bluetooth.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 01203200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Unistore.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 01201664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Cred.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 01177600 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 01169408 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 01168736 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2015-09-01 10:26 - 2015-09-01 10:26 - 01161728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Speech.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 01135312 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipUp.exe
2015-09-01 10:26 - 2015-09-01 10:26 - 01123400 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2015-09-01 10:26 - 2015-09-01 10:26 - 01112064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIAutomationCore.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 01101792 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmCoreR.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 01085776 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 01067520 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 01061888 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 01043968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Editing.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 01031680 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorDataService.exe
2015-09-01 10:26 - 2015-09-01 10:26 - 01018568 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2015-09-01 10:26 - 2015-09-01 10:26 - 00991584 _____ (Microsoft Corporation) C:\WINDOWS\system32\ReAgent.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00988672 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXService.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00980832 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2015-09-01 10:26 - 2015-09-01 10:26 - 00966424 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.appcore.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00962400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00934752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\refsv1.sys
2015-09-01 10:26 - 2015-09-01 10:26 - 00925696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Unistore.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00916800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00911360 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedStartModel.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00902656 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchIndexer.exe
2015-09-01 10:26 - 2015-09-01 10:26 - 00872448 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntshrui.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00869376 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapControlCore.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00858624 _____ (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00858408 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2015-09-01 10:26 - 2015-09-01 10:26 - 00856064 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContactApis.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00855552 _____ (Microsoft Corporation) C:\WINDOWS\system32\winhttp.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00850432 _____ (Microsoft Corporation) C:\WINDOWS\system32\comdlg32.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00846336 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpncore.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00845664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ReAgent.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00841728 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Import.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00832512 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsStore.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00828416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Bluetooth.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00823336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MrmCoreR.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00816576 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00808856 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00801632 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
2015-09-01 10:26 - 2015-09-01 10:26 - 00799232 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpccpl.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00798208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntshrui.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00783872 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00783112 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00777728 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00762896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.appcore.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00754688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Cred.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00752640 _____ (Microsoft Corporation) C:\WINDOWS\system32\efscore.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00750592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comdlg32.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00713312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00712192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchIndexer.exe
2015-09-01 10:26 - 2015-09-01 10:26 - 00700256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe
2015-09-01 10:26 - 2015-09-01 10:26 - 00695136 _____ (Microsoft Corporation) C:\WINDOWS\system32\wimgapi.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00680448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.Connectivity.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00679424 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppContracts.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00677888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00670208 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00667136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winhttp.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00658568 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipSVC.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00643616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00632168 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00630160 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00623616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ContactApis.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00606392 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2015-09-01 10:26 - 2015-09-01 10:26 - 00601344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2015-09-01 10:26 - 2015-09-01 10:26 - 00594472 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Shell.Broker.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00593920 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmsvc.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00590336 _____ (Microsoft Corporation) C:\WINDOWS\system32\MessagingDataModel2.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00589824 _____ (Microsoft Corporation) C:\WINDOWS\system32\uxtheme.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00589312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\efscore.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00585728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00584704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIRibbonRes.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00584704 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Sensors.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00584704 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIRibbonRes.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00584544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wimgapi.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00578048 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2015-09-01 10:26 - 2015-09-01 10:26 - 00575488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Import.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00575488 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00573440 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Cortana.Desktop.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00569344 _____ (Microsoft Corporation) C:\WINDOWS\system32\MCRecvSrc.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00565088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\acpi.sys
2015-09-01 10:26 - 2015-09-01 10:26 - 00562688 _____ (Microsoft Corporation) C:\WINDOWS\system32\MbaeApi.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00553472 _____ (Microsoft Corporation) C:\WINDOWS\system32\GamePanel.exe
2015-09-01 10:26 - 2015-09-01 10:26 - 00542720 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFolder.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00539216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2015-09-01 10:26 - 2015-09-01 10:26 - 00527952 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00521568 _____ (Microsoft Corporation) C:\WINDOWS\system32\wimserv.exe
2015-09-01 10:26 - 2015-09-01 10:26 - 00520704 _____ (Microsoft Corporation) C:\WINDOWS\system32\PsmServiceExtHost.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00518144 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationController.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00516960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS
2015-09-01 10:26 - 2015-09-01 10:26 - 00510976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00507696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxgi.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00505696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2015-09-01 10:26 - 2015-09-01 10:26 - 00505344 _____ C:\WINDOWS\system32\EditionUpgradeManagerObj.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00503808 _____ (Microsoft Corporation) C:\WINDOWS\system32\tileobjserver.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00503296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.Connectivity.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00501008 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00498016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbhub.sys
2015-09-01 10:26 - 2015-09-01 10:26 - 00485888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.BlockedShutdown.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00480256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MCRecvSrc.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00477696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LogonController.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00465920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MessagingDataModel2.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00458752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\uxtheme.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00452608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchFolder.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00448512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MbaeApi.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00446976 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapConfiguration.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00445240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioEng.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00441344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppContracts.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00437248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Sensors.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00430592 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppcomapi.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00425824 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00421888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Bluetooth.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00420352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GamePanel.exe
2015-09-01 10:26 - 2015-09-01 10:26 - 00416256 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcdedit.exe
2015-09-01 10:26 - 2015-09-01 10:26 - 00414720 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.BioFeedback.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00412672 _____ C:\WINDOWS\system32\diagtrack_win.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00407616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00406528 _____ (Microsoft Corporation) C:\WINDOWS\system32\CredProvDataModel.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00403968 _____ C:\WINDOWS\system32\diagtrack_wininternal.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00384000 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppBroker.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00366592 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00365056 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00359936 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncsi.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00356352 _____ (Microsoft Corporation) C:\WINDOWS\system32\stobject.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00343040 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00342528 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvr.exe
2015-09-01 10:26 - 2015-09-01 10:26 - 00335248 _____ (Microsoft Corporation) C:\WINDOWS\system32\wintrust.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00334848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CredProvDataModel.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00329728 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00328704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapConfiguration.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00325984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys
2015-09-01 10:26 - 2015-09-01 10:26 - 00324096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00322048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.BlockedShutdown.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00322048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\stobject.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00316928 _____ (Microsoft Corporation) C:\WINDOWS\system32\ConhostV2.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00311808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LockAppBroker.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00310784 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsApi.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00303616 _____ (Microsoft Corporation) C:\WINDOWS\system32\MBMediaManager.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00303104 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00296960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Bluetooth.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00294912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00291840 _____ (Microsoft Corporation) C:\WINDOWS\system32\systemcpl.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00290312 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininit.exe
2015-09-01 10:26 - 2015-09-01 10:26 - 00289248 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppHost.exe
2015-09-01 10:26 - 2015-09-01 10:26 - 00286208 _____ (Microsoft Corporation) C:\WINDOWS\system32\provhandlers.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00283648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.BioFeedback.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00282112 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEEventDispatcher.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00279552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\systemcpl.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00279552 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00275456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcastdvr.exe
2015-09-01 10:26 - 2015-09-01 10:26 - 00271872 _____ (Microsoft Corporation) C:\WINDOWS\system32\ConsoleLogon.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00267776 _____ (Microsoft Corporation) C:\WINDOWS\system32\provengine.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00265480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wintrust.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00263168 _____ (Microsoft Corporation) C:\WINDOWS\system32\DisplayManager.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00253440 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_UserAccount.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00251392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SensorsApi.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00247808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00243760 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00242264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LockAppHost.exe
2015-09-01 10:26 - 2015-09-01 10:26 - 00242176 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00235008 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Notifications.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00232960 _____ (Microsoft Corporation) C:\WINDOWS\system32\DevicesFlowBroker.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00229376 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorService.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00217088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VEEventDispatcher.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00208736 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00208384 _____ (Microsoft Corporation) C:\WINDOWS\system32\srumsvc.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00204288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmcsp.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00204288 _____ (Microsoft Corporation) C:\WINDOWS\system32\OmaDmAgent.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00193536 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedStartModelShim.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00193024 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseModernAppMgmtCSP.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00191488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DisplayManager.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00190464 _____ (Microsoft Corporation) C:\WINDOWS\system32\ReInfo.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00187904 _____ (Microsoft Corporation) C:\WINDOWS\system32\provisioningcsp.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00186880 _____ (Microsoft Corporation) C:\WINDOWS\system32\BootMenuUX.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00185856 _____ (Microsoft Corporation) C:\WINDOWS\system32\psmsrv.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00185344 _____ (Microsoft Corporation) C:\WINDOWS\system32\cloudAP.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00181760 _____ (Microsoft Corporation) C:\WINDOWS\system32\shutdownux.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00181088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxAllUserStore.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00179712 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_SignInOptions.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00179200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\srumsvc.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00176640 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcdboot.exe
2015-09-01 10:26 - 2015-09-01 10:26 - 00169984 _____ (Microsoft Corporation) C:\WINDOWS\system32\storewuauth.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00168960 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe
2015-09-01 10:26 - 2015-09-01 10:26 - 00167424 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Privacy.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00162304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ReInfo.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00162304 _____ (Microsoft Corporation) C:\WINDOWS\system32\SubscriptionMgr.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00151040 _____ (Microsoft Corporation) C:\WINDOWS\system32\TabSvc.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00150528 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2015-09-01 10:26 - 2015-09-01 10:26 - 00148992 _____ (Microsoft Corporation) C:\WINDOWS\system32\tetheringservice.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00137216 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEStoreEventHandlers.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00123392 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00120832 _____ (Microsoft Corporation) C:\WINDOWS\system32\omadmclient.exe
2015-09-01 10:26 - 2015-09-01 10:26 - 00116736 _____ (Microsoft Corporation) C:\WINDOWS\system32\sendmail.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00107520 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmapi.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00104960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sendmail.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00097128 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcd.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00093696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmapi.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00084480 _____ (Microsoft Corporation) C:\WINDOWS\system32\spbcd.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00082616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcd.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\system32\setbcdlocale.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00069120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\spbcd.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00068096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Cortana.ProxyStub.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00067072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbser.sys
2015-09-01 10:26 - 2015-09-01 10:26 - 00065536 _____ (Microsoft Corporation) C:\WINDOWS\system32\msiexec.exe
2015-09-01 10:26 - 2015-09-01 10:26 - 00064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\unenrollhook.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00061280 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dam.sys
2015-09-01 10:26 - 2015-09-01 10:26 - 00060928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Cortana.OneCore.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00058368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msiexec.exe
2015-09-01 10:26 - 2015-09-01 10:26 - 00057856 _____ (Microsoft Corporation) C:\WINDOWS\system32\hmkd.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00056320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Cortana.PAL.Desktop.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00053248 _____ (Microsoft Corporation) C:\WINDOWS\system32\omadmprc.exe
2015-09-01 10:26 - 2015-09-01 10:26 - 00046080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\UcmUcsi.sys
2015-09-01 10:26 - 2015-09-01 10:26 - 00045568 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00045056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hmkd.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00037376 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00032768 _____ C:\WINDOWS\system32\LicenseManagerApi.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00032768 _____ (Microsoft Corporation) C:\WINDOWS\system32\calc.exe
2015-09-01 10:26 - 2015-09-01 10:26 - 00031232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\calc.exe
2015-09-01 10:26 - 2015-09-01 10:26 - 00028672 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationControllerPS.dll
2015-09-01 10:24 - 2015-09-01 10:24 - 00008192 _____ C:\WINDOWS\system32\config\userdiff
2015-09-01 10:21 - 2015-09-01 10:21 - 00000000 ____D C:\WINDOWS\SysWOW64\XPSViewer
2015-09-01 10:21 - 2015-09-01 10:21 - 00000000 ____D C:\WINDOWS\SysWOW64\BestPractices
2015-09-01 10:21 - 2015-09-01 10:21 - 00000000 ____D C:\WINDOWS\system32\msmq
2015-09-01 10:21 - 2015-09-01 10:21 - 00000000 ____D C:\WINDOWS\system32\BestPractices
2015-09-01 10:21 - 2015-09-01 10:21 - 00000000 ____D C:\Program Files\Reference Assemblies
2015-09-01 10:21 - 2015-09-01 10:21 - 00000000 ____D C:\Program Files\MSBuild
2015-09-01 10:21 - 2015-09-01 10:21 - 00000000 ____D C:\Program Files (x86)\Reference Assemblies
2015-09-01 10:21 - 2015-09-01 10:21 - 00000000 ____D C:\inetpub
2015-09-01 10:21 - 2015-09-01 09:51 - 00000000 ____D C:\Program Files (x86)\MSBuild
2015-09-01 10:20 - 2015-06-17 19:10 - 01166520 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationNative_v0300.dll
2015-09-01 10:20 - 2015-06-17 19:10 - 00124112 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2015-09-01 10:20 - 2015-06-17 19:10 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe
2015-09-01 10:20 - 2015-05-29 22:07 - 00778936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationNative_v0300.dll
2015-09-01 10:20 - 2015-05-29 22:07 - 00102608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2015-09-01 10:20 - 2015-05-29 22:07 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TsWpfWrp.exe
2015-09-01 10:07 - 2015-09-01 10:07 - 00000000 _SHDL C:\Users\Default\Vorlagen
2015-09-01 10:07 - 2015-09-01 10:07 - 00000000 _SHDL C:\Users\Default\Startmenü
2015-09-01 10:07 - 2015-09-01 10:07 - 00000000 _SHDL C:\Users\Default\Netzwerkumgebung
2015-09-01 10:07 - 2015-09-01 10:07 - 00000000 _SHDL C:\Users\Default\Lokale Einstellungen
2015-09-01 10:07 - 2015-09-01 10:07 - 00000000 _SHDL C:\Users\Default\Eigene Dateien
2015-09-01 10:07 - 2015-09-01 10:07 - 00000000 _SHDL C:\Users\Default\Druckumgebung
2015-09-01 10:07 - 2015-09-01 10:07 - 00000000 _SHDL C:\Users\Default\Documents\Eigene Musik
2015-09-01 10:07 - 2015-09-01 10:07 - 00000000 _SHDL C:\Users\Default\Documents\Eigene Bilder
2015-09-01 10:07 - 2015-09-01 10:07 - 00000000 _SHDL C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2015-09-01 10:07 - 2015-09-01 10:07 - 00000000 _SHDL C:\Users\Default\AppData\Local\Verlauf
2015-09-01 10:07 - 2015-09-01 10:07 - 00000000 _SHDL C:\Users\Default\AppData\Local\Anwendungsdaten
2015-09-01 10:07 - 2015-09-01 10:07 - 00000000 _SHDL C:\Users\Default\Anwendungsdaten
2015-09-01 10:07 - 2015-09-01 10:07 - 00000000 _SHDL C:\Users\Default User\Documents\Eigene Musik
2015-09-01 10:07 - 2015-09-01 10:07 - 00000000 _SHDL C:\Users\Default User\Documents\Eigene Bilder
2015-09-01 10:07 - 2015-09-01 10:07 - 00000000 _SHDL C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2015-09-01 10:07 - 2015-09-01 10:07 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Verlauf
2015-09-01 10:07 - 2015-09-01 10:07 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Anwendungsdaten
2015-09-01 10:07 - 2015-09-01 10:07 - 00000000 __SHD C:\Recovery
2015-09-01 10:04 - 2015-09-01 10:04 - 00022960 _____ C:\WINDOWS\system32\emptyregdb.dat
2015-09-01 10:00 - 2015-09-01 10:00 - 00000020 ___SH C:\Users\UpdatusUser\ntuser.ini
2015-09-01 09:57 - 2015-07-10 12:59 - 02718208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2015-09-01 09:50 - 2015-09-01 09:50 - 00001576 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2015-09-01 09:50 - 2015-09-01 09:50 - 00000000 ____D C:\Users\Default\AppData\Roaming\Macromedia
2015-09-01 09:50 - 2015-09-01 09:50 - 00000000 ____D C:\Users\Default\AppData\Local\Microsoft Help
2015-09-01 09:50 - 2015-09-01 09:50 - 00000000 ____D C:\Users\Default User\AppData\Roaming\Macromedia
2015-09-01 09:50 - 2015-09-01 09:50 - 00000000 ____D C:\Users\Default User\AppData\Local\Microsoft Help
2015-09-01 09:44 - 2015-09-01 09:44 - 00000000 ____D C:\Program Files\Common Files\SpeechEngines
2015-09-01 09:41 - 2015-09-11 15:30 - 00000000 ____D C:\Users\Verena
2015-09-01 09:41 - 2015-09-02 19:51 - 00000000 ___RD C:\Users\Verena\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-09-01 09:41 - 2015-09-01 09:42 - 00000000 ___RD C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-09-01 09:41 - 2015-09-01 09:41 - 00000000 _SHDL C:\Users\Verena\Vorlagen
2015-09-01 09:41 - 2015-09-01 09:41 - 00000000 _SHDL C:\Users\Verena\Startmenü
2015-09-01 09:41 - 2015-09-01 09:41 - 00000000 _SHDL C:\Users\Verena\Netzwerkumgebung
2015-09-01 09:41 - 2015-09-01 09:41 - 00000000 _SHDL C:\Users\Verena\Lokale Einstellungen
2015-09-01 09:41 - 2015-09-01 09:41 - 00000000 _SHDL C:\Users\Verena\Eigene Dateien
2015-09-01 09:41 - 2015-09-01 09:41 - 00000000 _SHDL C:\Users\Verena\Druckumgebung
2015-09-01 09:41 - 2015-09-01 09:41 - 00000000 _SHDL C:\Users\Verena\Documents\Eigene Musik
2015-09-01 09:41 - 2015-09-01 09:41 - 00000000 _SHDL C:\Users\Verena\Documents\Eigene Bilder
2015-09-01 09:41 - 2015-09-01 09:41 - 00000000 _SHDL C:\Users\Verena\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2015-09-01 09:41 - 2015-09-01 09:41 - 00000000 _SHDL C:\Users\Verena\AppData\Local\Verlauf
2015-09-01 09:41 - 2015-09-01 09:41 - 00000000 _SHDL C:\Users\Verena\AppData\Local\Anwendungsdaten
2015-09-01 09:41 - 2015-09-01 09:41 - 00000000 _SHDL C:\Users\Verena\Anwendungsdaten
2015-09-01 09:41 - 2015-09-01 09:41 - 00000000 _SHDL C:\Users\UpdatusUser\Vorlagen
2015-09-01 09:41 - 2015-09-01 09:41 - 00000000 _SHDL C:\Users\UpdatusUser\Startmenü
2015-09-01 09:41 - 2015-09-01 09:41 - 00000000 _SHDL C:\Users\UpdatusUser\Netzwerkumgebung
2015-09-01 09:41 - 2015-09-01 09:41 - 00000000 _SHDL C:\Users\UpdatusUser\Lokale Einstellungen
2015-09-01 09:41 - 2015-09-01 09:41 - 00000000 _SHDL C:\Users\UpdatusUser\Eigene Dateien
2015-09-01 09:41 - 2015-09-01 09:41 - 00000000 _SHDL C:\Users\UpdatusUser\Druckumgebung
2015-09-01 09:41 - 2015-09-01 09:41 - 00000000 _SHDL C:\Users\UpdatusUser\Documents\Eigene Musik
2015-09-01 09:41 - 2015-09-01 09:41 - 00000000 _SHDL C:\Users\UpdatusUser\Documents\Eigene Bilder
2015-09-01 09:41 - 2015-09-01 09:41 - 00000000 _SHDL C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2015-09-01 09:41 - 2015-09-01 09:41 - 00000000 _SHDL C:\Users\UpdatusUser\AppData\Local\Verlauf
2015-09-01 09:41 - 2015-09-01 09:41 - 00000000 _SHDL C:\Users\UpdatusUser\AppData\Local\Anwendungsdaten
2015-09-01 09:41 - 2015-09-01 09:41 - 00000000 _SHDL C:\Users\UpdatusUser\Anwendungsdaten
2015-09-01 09:41 - 2015-07-10 13:04 - 00000000 __RSD C:\Users\Verena\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell
2015-09-01 09:41 - 2015-07-10 13:04 - 00000000 __RSD C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell
2015-09-01 09:41 - 2015-07-10 13:04 - 00000000 ___RD C:\Users\Verena\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-09-01 09:41 - 2015-07-10 13:04 - 00000000 ___RD C:\Users\Verena\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2015-09-01 09:41 - 2015-07-10 13:04 - 00000000 ___RD C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-09-01 09:41 - 2015-07-10 13:04 - 00000000 ___RD C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2015-09-01 09:41 - 2015-07-10 13:04 - 00000000 ____D C:\Users\Verena\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2015-09-01 09:41 - 2015-07-10 13:04 - 00000000 ____D C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2015-09-01 09:39 - 2015-09-06 12:26 - 02085726 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2015-09-01 09:39 - 2015-09-01 09:40 - 00021209 _____ C:\WINDOWS\iis.log
2015-09-01 09:39 - 2015-09-01 09:39 - 01980268 _____ C:\WINDOWS\SysWOW64\PerfStringBackup.INI
2015-09-01 09:37 - 2015-09-01 09:54 - 00000000 ____D C:\WINDOWS\SysWOW64\NV
2015-09-01 09:37 - 2015-09-01 09:52 - 00000000 ____D C:\WINDOWS\system32\NV
2015-09-01 09:37 - 2015-09-01 09:44 - 00000000 ____D C:\ProgramData\NVIDIA
2015-09-01 09:37 - 2015-09-01 09:37 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2015-09-01 09:37 - 2015-07-13 19:37 - 06873744 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2015-09-01 09:37 - 2015-07-13 19:37 - 03493008 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc64.dll
2015-09-01 09:37 - 2015-07-13 19:37 - 02558792 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll
2015-09-01 09:37 - 2015-07-13 19:37 - 01059984 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshext.dll
2015-09-01 09:37 - 2015-07-13 19:37 - 00937616 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvvsvc.exe
2015-09-01 09:37 - 2015-07-13 19:37 - 00385168 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmctray.dll
2015-09-01 09:37 - 2015-07-13 19:37 - 00075080 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshextr.dll
2015-09-01 09:37 - 2015-07-13 19:37 - 00062792 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll
2015-09-01 09:37 - 2015-07-13 18:28 - 05096627 _____ C:\WINDOWS\system32\nvcoproc.bin
2015-09-01 09:36 - 2015-09-01 15:29 - 00000000 ____D C:\Program Files\Elantech
2015-09-01 09:36 - 2015-09-01 09:44 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2015-09-01 09:36 - 2015-09-01 09:44 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2015-09-01 09:36 - 2015-09-01 09:36 - 00000000 ____H C:\ProgramData\DP45977C.lfl
2015-09-01 09:36 - 2015-09-01 09:36 - 00000000 ____D C:\WINDOWS\SysWOW64\RTCOM
2015-09-01 09:36 - 2015-09-01 09:36 - 00000000 ____D C:\Program Files\Realtek
2015-09-01 09:32 - 2015-09-01 09:33 - 00028116 _____ C:\WINDOWS\system32\NetSetupMig.log
2015-09-01 09:31 - 2015-09-08 22:43 - 00035972 _____ C:\WINDOWS\PFRO.log
2015-09-01 09:04 - 2015-09-01 10:05 - 00006593 _____ C:\WINDOWS\comsetup.log
2015-09-01 09:01 - 2015-09-01 10:06 - 00014259 _____ C:\WINDOWS\diagerr.xml
2015-09-01 09:01 - 2015-09-01 10:06 - 00013338 _____ C:\WINDOWS\diagwrn.xml
2015-09-01 08:54 - 2015-09-02 21:29 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2015-08-25 15:04 - 2015-09-01 09:52 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Exact Audio Copy
2015-08-25 15:04 - 2015-08-25 15:04 - 00001078 _____ C:\Users\Public\Desktop\Exact Audio Copy.lnk
2015-08-25 15:04 - 2015-08-25 15:04 - 00000000 ____D C:\Users\Verena\AppData\Roaming\EAC
2015-08-25 15:04 - 2015-08-25 15:04 - 00000000 ____D C:\Program Files (x86)\Exact Audio Copy
2015-08-18 10:46 - 2015-09-01 09:52 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton Security Scan
2015-08-18 10:46 - 2015-08-18 10:46 - 00001461 _____ C:\Users\Public\Desktop\Norton Security Scan.LNK
2015-08-18 10:46 - 2015-08-18 10:46 - 00000000 ____D C:\WINDOWS\system32\Drivers\NSSx64
2015-08-18 10:46 - 2015-08-18 10:46 - 00000000 ____D C:\Program Files (x86)\Norton Security Scan
2015-08-16 21:02 - 2015-08-16 21:02 - 00012136 _____ C:\Users\Verena\Downloads\nr1.xwd
2015-08-16 21:00 - 2015-08-16 21:00 - 00037376 _____ C:\Users\Verena\Downloads\XWord Rätsel (2).svg
2015-08-16 20:56 - 2015-08-16 20:56 - 00037376 _____ C:\Users\Verena\Downloads\XWord Rätsel (1).svg
2015-08-16 20:52 - 2015-08-16 20:52 - 00037376 _____ C:\Users\Verena\Downloads\XWord.svg
2015-08-13 18:20 - 2015-07-20 20:12 - 00012288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wu.upgrade.ps.dll
2015-08-13 18:20 - 2015-07-16 22:12 - 00968704 _____ (Microsoft Corporation) C:\WINDOWS\system32\MsSpellCheckingFacility.exe
2015-08-13 18:20 - 2015-07-16 21:33 - 01359360 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmlmedia.dll
2015-08-13 18:20 - 2015-07-16 21:05 - 01155072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmlmedia.dll
==================== Ein Monat: Geänderte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2015-09-12 22:11 - 2015-06-19 09:45 - 00001228 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-1577607291-3742472165-1464039351-1001UA.job
2015-09-12 22:01 - 2012-08-27 21:13 - 00000884 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2015-09-12 21:57 - 2013-11-05 17:20 - 00000000 ____D C:\Users\Verena\Documents\Outlook-Dateien
2015-09-12 21:56 - 2015-07-10 14:22 - 00000275 _____ C:\WINDOWS\WindowsUpdate.log
2015-09-12 21:48 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\system32\sru
2015-09-12 20:57 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\AppReadiness
2015-09-11 15:41 - 2014-01-26 17:00 - 00003612 _____ C:\WINDOWS\System32\Tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-1577607291-3742472165-1464039351-1001
2015-09-11 15:41 - 2014-01-26 17:00 - 00003552 _____ C:\WINDOWS\System32\Tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-1577607291-3742472165-1464039351-1001
2015-09-11 15:40 - 2014-11-02 18:04 - 00000000 ___RD C:\Users\Verena\Dropbox
2015-09-11 15:40 - 2014-11-02 18:02 - 00000000 ____D C:\Users\Verena\AppData\Roaming\Dropbox
2015-09-11 15:39 - 2012-04-15 12:24 - 00000603 _____ C:\WINDOWS\Brownie.ini
2015-09-11 15:37 - 2012-05-07 18:32 - 00001106 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2015-09-11 15:33 - 2015-07-10 14:21 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2015-09-11 15:27 - 2015-07-10 11:05 - 00262144 ___SH C:\WINDOWS\system32\config\BBI
2015-09-10 23:54 - 2012-04-15 12:54 - 00000000 ____D C:\ProgramData\Microsoft Help
2015-09-10 23:52 - 2015-07-10 12:55 - 00000000 ____D C:\WINDOWS\CbsTemp
2015-09-10 23:43 - 2009-07-14 04:34 - 00000510 _____ C:\WINDOWS\win.ini
2015-09-10 23:14 - 2013-08-01 14:25 - 00000000 ____D C:\WINDOWS\system32\MRT
2015-09-10 22:18 - 2015-07-10 14:20 - 00019310 _____ C:\WINDOWS\setupact.log
2015-09-09 20:59 - 2014-12-18 22:28 - 00113880 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2015-09-09 20:45 - 2015-07-10 13:04 - 00000000 ____D C:\Program Files\Common Files\System
2015-09-09 08:38 - 2014-03-03 11:20 - 528220818 _____ C:\WINDOWS\MEMORY.DMP
2015-09-08 22:41 - 2011-10-14 05:32 - 00000000 ____D C:\Program Files (x86)\Acer
2015-09-08 21:21 - 2014-12-18 22:28 - 00001179 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2015-09-08 21:21 - 2014-12-18 22:28 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware
2015-09-08 21:21 - 2014-12-18 22:28 - 00000000 ____D C:\Program Files (x86)\ Malwarebytes Anti-Malware
2015-09-08 20:53 - 2014-12-17 22:02 - 00001345 _____ C:\Users\Verena\Desktop\Revo Uninstaller.lnk
2015-09-08 20:53 - 2014-12-17 22:02 - 00000000 ____D C:\Program Files (x86)\VS Revo Group
2015-09-06 12:26 - 2015-07-10 18:34 - 00888476 _____ C:\WINDOWS\system32\perfh007.dat
2015-09-06 12:26 - 2015-07-10 18:34 - 00197074 _____ C:\WINDOWS\system32\perfc007.dat
2015-09-02 20:44 - 2015-02-13 21:59 - 00001045 _____ C:\WINDOWS\wininit.ini
2015-09-02 19:58 - 2012-04-13 16:58 - 00000000 ____D C:\Users\Verena\AppData\Local\VirtualStore
2015-09-02 19:41 - 2011-10-14 05:15 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2015-09-02 19:40 - 2011-12-02 12:10 - 00001024 ___RH C:\Users\Public\Documents\NTIMMV9Acer.dll
2015-09-02 19:40 - 2011-10-14 05:50 - 00000000 ____D C:\Program Files (x86)\NTI
2015-09-02 19:36 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\system32\restore
2015-09-02 18:03 - 2015-07-15 10:33 - 00000000 ____D C:\Users\Verena\Documents\Deutschkurs
2015-09-02 17:11 - 2015-06-19 09:45 - 00001176 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-1577607291-3742472165-1464039351-1001Core.job
2015-09-02 11:14 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\appcompat
2015-09-01 15:34 - 2015-07-10 14:20 - 00424008 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2015-09-01 11:09 - 2011-10-14 05:55 - 00428216 _____ (ELAN Microelectronics Corp.) C:\WINDOWS\system32\Drivers\ETD.sys
2015-09-01 11:06 - 2015-07-10 13:04 - 00000000 ___RD C:\WINDOWS\PurchaseDialog
2015-09-01 11:06 - 2015-07-10 13:04 - 00000000 ___RD C:\WINDOWS\PrintDialog
2015-09-01 11:06 - 2015-07-10 13:04 - 00000000 ___RD C:\WINDOWS\MiracastView
2015-09-01 11:05 - 2015-07-10 13:04 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2015-09-01 10:30 - 2015-07-10 13:04 - 00028672 _____ C:\WINDOWS\system32\config\BCD-Template
2015-09-01 10:27 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\SysWOW64\oobe
2015-09-01 10:27 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2015-09-01 10:27 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\system32\appraiser
2015-09-01 10:27 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\Provisioning
2015-09-01 10:27 - 2015-07-10 11:05 - 00000000 ____D C:\WINDOWS\SysWOW64\Dism
2015-09-01 10:27 - 2015-07-10 11:05 - 00000000 ____D C:\WINDOWS\system32\Dism
2015-09-01 10:21 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\SysWOW64\MUI
2015-09-01 10:21 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\SysWOW64\inetsrv
2015-09-01 10:21 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\system32\MUI
2015-09-01 10:21 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\system32\inetsrv
2015-09-01 10:21 - 2015-07-10 13:01 - 00635904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqsnap.dll
2015-09-01 10:21 - 2015-07-10 13:01 - 00265728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqoa.dll
2015-09-01 10:21 - 2015-07-10 13:01 - 00168960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iisRtl.dll
2015-09-01 10:21 - 2015-07-10 13:01 - 00096768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqoa.tlb
2015-09-01 10:21 - 2015-07-10 13:01 - 00091136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqoa30.tlb
2015-09-01 10:21 - 2015-07-10 13:01 - 00055808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqoa20.tlb
2015-09-01 10:21 - 2015-07-10 13:01 - 00050688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\admwprox.dll
2015-09-01 10:21 - 2015-07-10 13:01 - 00037376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqoa10.tlb
2015-09-01 10:21 - 2015-07-10 13:01 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ahadmin.dll
2015-09-01 10:21 - 2015-07-10 13:01 - 00016896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iisreset.exe
2015-09-01 10:21 - 2015-07-10 13:01 - 00014848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqcertui.dll
2015-09-01 10:21 - 2015-07-10 13:01 - 00011264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wamregps.dll
2015-09-01 10:21 - 2015-07-10 13:01 - 00010240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iisrstap.dll
2015-09-01 10:21 - 2015-07-10 13:01 - 00009096 _____ C:\WINDOWS\SysWOW64\msmqtrc.mof
2015-09-01 10:21 - 2015-07-10 13:00 - 00229888 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqrt.dll
2015-09-01 10:21 - 2015-07-10 13:00 - 00202240 _____ (Microsoft Corporation) C:\WINDOWS\system32\iisRtl.dll
2015-09-01 10:21 - 2015-07-10 13:00 - 00175104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mqac.sys
2015-09-01 10:21 - 2015-07-10 13:00 - 00055808 _____ (Microsoft Corporation) C:\WINDOWS\system32\admwprox.dll
2015-09-01 10:21 - 2015-07-10 13:00 - 00053248 _____ (Microsoft Corporation) C:\WINDOWS\system32\ahadmin.dll
2015-09-01 10:21 - 2015-07-10 13:00 - 00018432 _____ (Microsoft Corporation) C:\WINDOWS\system32\iisreset.exe
2015-09-01 10:21 - 2015-07-10 13:00 - 00015360 _____ (Microsoft Corporation) C:\WINDOWS\system32\wamregps.dll
2015-09-01 10:21 - 2015-07-10 13:00 - 00013312 _____ (Microsoft Corporation) C:\WINDOWS\system32\iisrstap.dll
2015-09-01 10:20 - 2015-07-10 13:01 - 00562176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqutil.dll
2015-09-01 10:20 - 2015-07-10 13:01 - 00161792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqrt.dll
2015-09-01 10:20 - 2015-07-10 13:00 - 01417728 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqqm.dll
2015-09-01 10:20 - 2015-07-10 13:00 - 00813056 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqsnap.dll
2015-09-01 10:20 - 2015-07-10 13:00 - 00564224 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqutil.dll
2015-09-01 10:20 - 2015-07-10 13:00 - 00316928 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqoa.dll
2015-09-01 10:20 - 2015-07-10 13:00 - 00130048 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqlogmgr.dll
2015-09-01 10:20 - 2015-07-10 13:00 - 00096768 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqoa.tlb
2015-09-01 10:20 - 2015-07-10 13:00 - 00091136 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqoa30.tlb
2015-09-01 10:20 - 2015-07-10 13:00 - 00055808 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqoa20.tlb
2015-09-01 10:20 - 2015-07-10 13:00 - 00052736 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqbkup.exe
2015-09-01 10:20 - 2015-07-10 13:00 - 00037376 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqoa10.tlb
2015-09-01 10:20 - 2015-07-10 13:00 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqsvc.exe
2015-09-01 10:20 - 2015-07-10 13:00 - 00018944 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqcertui.dll
2015-09-01 10:20 - 2015-07-10 13:00 - 00009096 _____ C:\WINDOWS\system32\msmqtrc.mof
2015-09-01 10:17 - 2012-12-24 09:56 - 00000454 ____H C:\WINDOWS\Tasks\Norton Security Scan for Verena.job
2015-09-01 10:10 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\rescache
2015-09-01 10:07 - 2015-07-10 13:04 - 00000000 ____D C:\Program Files\Windows NT
2015-09-01 10:07 - 2015-07-10 11:05 - 00000000 __RHD C:\Users\Default
2015-09-01 10:05 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\Registration
2015-09-01 10:05 - 2015-06-19 09:45 - 00004310 _____ C:\WINDOWS\System32\Tasks\DropboxUpdateTaskUserS-1-5-21-1577607291-3742472165-1464039351-1001UA
2015-09-01 10:05 - 2015-06-19 09:45 - 00003914 _____ C:\WINDOWS\System32\Tasks\DropboxUpdateTaskUserS-1-5-21-1577607291-3742472165-1464039351-1001Core
2015-09-01 10:05 - 2015-01-07 09:37 - 00003996 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task
2015-09-01 10:05 - 2014-05-09 09:58 - 00003528 _____ C:\WINDOWS\System32\Tasks\{65C1EE69-71E9-4DD4-927C-D14FC54A6C7D}
2015-09-01 10:05 - 2014-01-18 18:32 - 00003538 _____ C:\WINDOWS\System32\Tasks\RealDownloaderDownloaderScheduledTaskS-1-5-21-1577607291-3742472165-1464039351-1001
2015-09-01 10:05 - 2013-10-13 16:18 - 00003278 _____ C:\WINDOWS\System32\Tasks\{CADFF3D7-DB59-4FA7-804F-68027FE700EA}
2015-09-01 10:05 - 2012-12-24 09:56 - 00003726 _____ C:\WINDOWS\System32\Tasks\Norton Security Scan for Verena
2015-09-01 10:05 - 2012-12-16 15:04 - 00003496 _____ C:\WINDOWS\System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-1577607291-3742472165-1464039351-1001
2015-09-01 10:05 - 2012-12-16 15:04 - 00003364 _____ C:\WINDOWS\System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-1577607291-3742472165-1464039351-1001
2015-09-01 10:05 - 2012-08-27 21:13 - 00003932 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2015-09-01 10:05 - 2012-07-23 09:07 - 00003650 _____ C:\WINDOWS\System32\Tasks\CreateChoiceProcessTask
2015-09-01 10:05 - 2012-05-07 18:33 - 00003496 _____ C:\WINDOWS\System32\Tasks\RealUpgradeScheduledTaskS-1-5-21-1577607291-3742472165-1464039351-1001
2015-09-01 10:05 - 2012-05-07 18:33 - 00003364 _____ C:\WINDOWS\System32\Tasks\RealUpgradeLogonTaskS-1-5-21-1577607291-3742472165-1464039351-1001
2015-09-01 10:05 - 2012-05-07 18:32 - 00004216 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2015-09-01 10:05 - 2012-05-07 18:32 - 00003964 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2015-09-01 10:04 - 2015-07-10 13:04 - 00000000 __RSD C:\WINDOWS\Media
2015-09-01 10:04 - 2015-07-10 13:04 - 00000000 __RHD C:\Users\Public\Libraries
2015-09-01 10:00 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\system32\spool
2015-09-01 09:52 - 2015-07-10 18:46 - 00000000 ____D C:\WINDOWS\ShellNew
2015-09-01 09:52 - 2015-07-10 13:04 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
2015-09-01 09:52 - 2015-05-15 12:42 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XMind
2015-09-01 09:52 - 2015-04-27 22:55 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Citavi 5
2015-09-01 09:52 - 2015-04-26 15:41 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NCH Software Produktpalette
2015-09-01 09:52 - 2015-04-26 15:41 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Audioverwandte Programme
2015-09-01 09:52 - 2014-11-30 16:26 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MuseScore
2015-09-01 09:52 - 2014-11-30 16:21 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PriMusFree
2015-09-01 09:52 - 2014-11-30 14:38 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\capella-software
2015-09-01 09:52 - 2014-04-06 19:23 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Freemake
2015-09-01 09:52 - 2014-01-23 21:52 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Defraggler
2015-09-01 09:52 - 2013-12-13 21:00 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth
2015-09-01 09:52 - 2013-03-20 14:09 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2015-09-01 09:52 - 2012-12-16 15:02 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RealNetworks
2015-09-01 09:52 - 2012-10-13 21:00 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FRITZ!Box
2015-09-01 09:52 - 2012-09-06 09:23 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ALDI Bestellsoftware
2015-09-01 09:52 - 2012-07-24 22:10 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-09-01 09:52 - 2012-07-05 18:01 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Picasa 3
2015-09-01 09:52 - 2012-05-07 18:28 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft
2015-09-01 09:52 - 2012-04-15 12:57 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SharePoint
2015-09-01 09:52 - 2012-04-15 12:57 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
2015-09-01 09:52 - 2012-04-13 16:58 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Family Protection
2015-09-01 09:52 - 2011-12-02 12:09 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EgisTec
2015-09-01 09:52 - 2011-12-02 12:02 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dolby
2015-09-01 09:52 - 2011-12-02 11:49 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AcerSystem
2015-09-01 09:52 - 2011-10-14 05:50 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acer Backup Manager
2015-09-01 09:52 - 2011-10-14 05:42 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live
2015-09-01 09:52 - 2011-10-14 05:42 - 00000000 ____D C:\WINDOWS\tr
2015-09-01 09:52 - 2011-10-14 05:42 - 00000000 ____D C:\WINDOWS\th
2015-09-01 09:52 - 2011-10-14 05:42 - 00000000 ____D C:\WINDOWS\sv
2015-09-01 09:52 - 2011-10-14 05:42 - 00000000 ____D C:\WINDOWS\sl
2015-09-01 09:52 - 2011-10-14 05:42 - 00000000 ____D C:\WINDOWS\sk
2015-09-01 09:52 - 2011-10-14 05:42 - 00000000 ____D C:\WINDOWS\ca
2015-09-01 09:52 - 2011-10-14 05:41 - 00000000 ____D C:\WINDOWS\ru
2015-09-01 09:52 - 2011-10-14 05:41 - 00000000 ____D C:\WINDOWS\ro
2015-09-01 09:52 - 2011-10-14 05:41 - 00000000 ____D C:\WINDOWS\pl
2015-09-01 09:52 - 2011-10-14 05:41 - 00000000 ____D C:\WINDOWS\no
2015-09-01 09:52 - 2011-10-14 05:41 - 00000000 ____D C:\WINDOWS\nl
2015-09-01 09:52 - 2011-10-14 05:41 - 00000000 ____D C:\WINDOWS\it
2015-09-01 09:52 - 2011-10-14 05:41 - 00000000 ____D C:\WINDOWS\hu
2015-09-01 09:52 - 2011-10-14 05:41 - 00000000 ____D C:\WINDOWS\hr
2015-09-01 09:52 - 2011-10-14 05:41 - 00000000 ____D C:\WINDOWS\he
2015-09-01 09:52 - 2011-10-14 05:41 - 00000000 ____D C:\WINDOWS\fr
2015-09-01 09:52 - 2011-10-14 05:41 - 00000000 ____D C:\WINDOWS\fi
2015-09-01 09:52 - 2011-10-14 05:41 - 00000000 ____D C:\WINDOWS\es
2015-09-01 09:52 - 2011-10-14 05:41 - 00000000 ____D C:\WINDOWS\en
2015-09-01 09:52 - 2011-10-14 05:41 - 00000000 ____D C:\WINDOWS\el
2015-09-01 09:52 - 2011-10-14 05:41 - 00000000 ____D C:\WINDOWS\de
2015-09-01 09:52 - 2011-10-14 05:41 - 00000000 ____D C:\WINDOWS\da
2015-09-01 09:52 - 2011-10-14 05:40 - 00000000 ____D C:\WINDOWS\cs
2015-09-01 09:52 - 2011-10-14 05:40 - 00000000 ____D C:\WINDOWS\bg
2015-09-01 09:52 - 2011-10-14 05:40 - 00000000 ____D C:\WINDOWS\ar
2015-09-01 09:52 - 2011-10-14 05:32 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acer
2015-09-01 09:52 - 2011-10-14 05:16 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel
2015-09-01 09:52 - 2009-07-14 07:32 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2015-09-01 09:51 - 2015-07-10 11:05 - 00032768 ___SH C:\WINDOWS\system32\config\ELAM
2015-09-01 09:51 - 2014-01-10 23:44 - 00000000 ____D C:\Users\Verena\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google+ Auto Backup
2015-09-01 09:51 - 2013-05-30 22:44 - 00000000 ____D C:\Users\Verena\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ahnenblatt
2015-09-01 09:51 - 2013-01-15 21:46 - 00000000 ____D C:\Users\Verena\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\The KMPlayer
2015-09-01 09:51 - 2012-10-22 13:09 - 00000000 ____D C:\Users\Verena\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
2015-09-01 09:50 - 2015-07-10 13:05 - 00004362 _____ C:\WINDOWS\DtcInstall.log
2015-09-01 09:50 - 2015-07-10 13:04 - 00000000 ___RD C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-09-01 09:50 - 2015-07-10 13:04 - 00000000 ___RD C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-09-01 09:50 - 2009-07-14 05:20 - 00000000 ____D C:\Users\Default.migrated
2015-09-01 09:47 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\SysWOW64\zh-HK
2015-09-01 09:47 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\SysWOW64\tr-TR
2015-09-01 09:46 - 2015-07-10 18:34 - 00000000 ____D C:\WINDOWS\SysWOW64\sysprep
2015-09-01 09:46 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\SysWOW64\migwiz
2015-09-01 09:46 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\SysWOW64\Macromed
2015-09-01 09:46 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\SysWOW64\IME
2015-09-01 09:46 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\system32\zh-HK
2015-09-01 09:46 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2015-09-01 09:46 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\system32\tr-TR
2015-09-01 09:46 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\system32\oobe
2015-09-01 09:46 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\system32\NDF
2015-09-01 09:46 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\system32\IME
2015-09-01 09:46 - 2012-11-27 20:23 - 00000000 ____D C:\WINDOWS\SysWOW64\Adobe
2015-09-01 09:45 - 2015-07-10 15:19 - 00000000 ____D C:\WINDOWS\DigitalLocker
2015-09-01 09:45 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\schemas
2015-09-01 09:45 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\LiveKernelReports
2015-09-01 09:45 - 2010-11-21 09:16 - 00000000 ___RD C:\Users\Public\Recorded TV
2015-09-01 09:44 - 2015-07-10 13:04 - 00000000 __SHD C:\Program Files\Windows Sidebar
2015-09-01 09:44 - 2015-07-10 13:04 - 00000000 __SHD C:\Program Files (x86)\Windows Sidebar
2015-09-01 09:44 - 2015-07-10 13:04 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2015-09-01 09:44 - 2014-12-17 21:04 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2015-09-01 09:44 - 2014-10-11 23:36 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AnyMP4
2015-09-01 09:44 - 2014-08-25 17:19 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cisco
2015-09-01 09:44 - 2013-01-24 20:39 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EA GAMES
2015-09-01 09:44 - 2012-11-18 20:01 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Citavi 3
2015-09-01 09:44 - 2012-10-22 12:56 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Infogrames
2015-09-01 09:44 - 2012-04-15 12:35 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\I.R.I.S. Anwendungen
2015-09-01 09:44 - 2012-04-15 12:31 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung Printers
2015-09-01 09:44 - 2012-04-15 12:24 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Brother
2015-09-01 09:44 - 2011-10-14 05:31 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Evernote
2015-09-01 09:44 - 2009-07-14 07:32 - 00000000 ____D C:\Program Files\Microsoft Games
2015-09-01 09:44 - 2009-07-14 07:32 - 00000000 ____D C:\Program Files\DVD Maker
2015-09-01 09:43 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\system32\Recovery
2015-09-01 09:42 - 2014-04-06 19:23 - 00000000 ____D C:\Users\Verena\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Freemake
2015-09-01 09:39 - 2015-07-10 11:05 - 00000000 ____D C:\WINDOWS\system32\Sysprep
2015-09-01 09:37 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\Help
2015-09-01 09:11 - 2011-12-02 11:47 - 01185518 _____ C:\WINDOWS\WindowsUpdate (1).log
2015-09-01 09:11 - 2009-07-14 06:45 - 00024400 ____H C:\WINDOWS\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-09-01 09:11 - 2009-07-14 06:45 - 00024400 ____H C:\WINDOWS\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-09-01 09:01 - 2015-07-10 19:28 - 00000000 ___HD C:\$Windows.~BT
2015-08-28 09:23 - 2012-04-15 12:24 - 00000432 _____ C:\WINDOWS\BRWMARK.INI
2015-08-27 16:08 - 2012-05-07 18:32 - 00001110 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2015-08-26 18:37 - 2012-08-03 09:45 - 134753440 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2015-08-24 10:51 - 2015-04-27 22:57 - 00000000 ____D C:\Users\Verena\Documents\Citavi 5
2015-08-18 10:46 - 2012-12-24 09:56 - 00000000 ____D C:\ProgramData\Norton
2015-08-16 11:32 - 2009-07-14 07:09 - 00000000 ____D C:\WINDOWS\System32\Tasks\WPD
2015-08-16 11:27 - 2013-03-20 14:07 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2015-08-16 11:27 - 2013-03-20 14:07 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======
2015-04-14 18:28 - 2015-04-14 18:28 - 0004387 _____ () C:\Users\Verena\AppData\Roaming\b6TtfCU4fgZ9RE6NnSqEJ1
2015-04-19 14:20 - 2015-04-19 14:20 - 0005872 _____ () C:\Users\Verena\AppData\Roaming\HztSu0wh4JrtyLfcXxrV
2015-04-14 18:28 - 2015-04-14 18:28 - 0004387 _____ () C:\Users\Verena\AppData\Roaming\hZXISqFX
2015-04-19 14:20 - 2015-04-19 14:20 - 0005872 _____ () C:\Users\Verena\AppData\Roaming\IyEFViIqK8st2WX35
2015-04-19 14:20 - 2015-04-19 14:20 - 0005872 _____ () C:\Users\Verena\AppData\Roaming\lI6qhaY
2012-04-15 12:36 - 2012-04-15 12:36 - 0011837 _____ () C:\Users\Verena\AppData\Roaming\SmarThruOptions.xml
2014-01-20 12:34 - 2014-01-24 02:32 - 0000178 _____ () C:\Users\Verena\AppData\Roaming\WB.CFG
2014-01-20 12:34 - 2014-01-24 02:32 - 0000005 _____ () C:\Users\Verena\AppData\Roaming\WBPU-TTL.DAT
2013-07-05 17:40 - 2013-07-05 17:40 - 0008704 _____ () C:\Users\Verena\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-02-25 14:49 - 2015-04-19 10:48 - 0004096 ____H () C:\Users\Verena\AppData\Local\keyfile3.drm
2014-05-30 17:57 - 2014-05-30 17:57 - 0000000 _____ () C:\Users\Verena\AppData\Local\{54D355D5-865D-4B3D-83C0-DE7941F04EAD}
2015-03-10 15:59 - 2015-03-10 15:59 - 0000000 _____ () C:\Users\Verena\AppData\Local\{6237EEC7-5F06-48E9-A7FC-52B62BAF932A}
2015-03-26 12:24 - 2015-03-26 12:24 - 0000000 _____ () C:\Users\Verena\AppData\Local\{6C2D1742-245D-4886-BE82-50CCBD5F2F7C}
2011-12-02 12:14 - 2011-12-02 12:16 - 0015230 _____ () C:\ProgramData\ArcadeDeluxe5.log
2015-09-01 09:36 - 2015-09-01 09:36 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2013-12-27 21:46 - 2013-12-27 21:46 - 0000032 _____ () C:\ProgramData\PS.log
2013-09-26 23:11 - 2013-09-26 23:11 - 3855413 _____ () C:\ProgramData\SamPCFax00001FF80002
2013-09-26 23:11 - 2013-09-26 23:11 - 0000004 _____ () C:\ProgramData\SamPCFax00001FF80003
2013-09-26 23:11 - 2013-09-26 23:11 - 0000064 _____ () C:\ProgramData\SamPCFax000021C40001
2013-10-11 12:27 - 2013-10-11 12:27 - 0000032 _____ () C:\ProgramData\Temp.log
Einige Dateien in TEMP:
====================
C:\Users\Verena\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpe_q9wm.dll
C:\Users\Verena\AppData\Local\Temp\FBS566.exe
C:\Users\Verena\AppData\Local\Temp\FBSA93E.exe
C:\Users\Verena\AppData\Local\Temp\sqlite3.dll
C:\Users\Verena\AppData\Local\Temp\Uninstall.exe
C:\Users\Verena\AppData\Local\Temp\UninstallModule.exe
==================== Bamital & volsnap =================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert
LastRegBack: 2015-09-01 09:31
==================== Ende von FRST.txt ============================
|
|
12.09.2015, 21:15
| #12 |
| | Reimage Repair Und FRST: Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:12-09-2015
durchgeführt von Verena (Administrator) auf VERENA-PC (12-09-2015 22:02:29)
Gestartet von C:\Users\Verena\Downloads
Geladene Profile: UpdatusUser & Verena (Verfügbare Profile: UpdatusUser & Verena)
Platform: Windows 10 Home (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: Edge)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Cisco Systems, Inc.) C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\dsiwmis.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Registration\GREGsvc.exe
(Microsoft Corporation) C:\Windows\System32\mqsvc.exe
(NTI Corporation) C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Updater\UpdaterService.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMutilps32.exe
(Samsung Electronics Co., Ltd.) C:\Windows\System32\spool\drivers\x64\3\NetFaxServer64.exe
() C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(Microsoft Corporation) C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Microsoft Corporation) C:\Users\Verena\AppData\Local\Microsoft\OneDrive\OneDrive.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerEvent.exe
(Dropbox, Inc.) C:\Users\Verena\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE
(NTI Corporation) C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LManager.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMworker.exe
() C:\Windows\Samsung\PanelMgr\SSMMgr.exe
() C:\Windows\Samsung\PanelMgr\caller64.exe
() C:\Windows\twain_32\Samsung\CLX3180\Scan2Pc.exe
(Cisco Systems, Inc.) C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
() C:\Program Files\WindowsApps\Microsoft.Windows.Photos_15.827.16340.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
(RealNetworks, Inc.) C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
(Microsoft Corporation) C:\Windows\System32\browser_broker.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
() C:\Users\Verena\Downloads\SecurityCheck.exe
(Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe
(Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Farbar) C:\Users\Verena\Downloads\FRST64 (3).exe
==================== Registry (Nicht auf der Ausnahmeliste) ===========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13885696 2015-06-24] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1402624 2015-06-24] (Realtek Semiconductor)
HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [3233976 2015-09-01] (ELAN Microelectronics Corp.)
HKLM\...\Run: [IntelTBRunOnce] => wscript.exe //b //nologo "C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs"
HKLM\...\Run: [Power Management] => C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe [1831016 2011-08-02] (Acer Incorporated)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
HKLM-x32\...\Run: [BackupManagerTray] => C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe [297280 2011-04-24] (NTI Corporation)
HKLM-x32\...\Run: [LManager] => C:\Program Files (x86)\Launch Manager\LManager.exe [1103440 2011-07-01] (Dritek System Inc.)
HKLM-x32\...\Run: [Dolby Advanced Audio v2] => C:\Dolby PCEE4\pcee4.exe [506712 2011-06-01] (Dolby Laboratories Inc.)
HKLM-x32\...\Run: [SuiteTray] => C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe [341360 2011-09-20] (Egis Technology Inc.)
HKLM-x32\...\Run: [BrStsWnd] => C:\Program Files (x86)\Brownie\BrstsW64.exe [3695984 2011-03-25] (brother)
HKLM-x32\...\Run: [Samsung PanelMgr] => C:\Windows\Samsung\PanelMgr\SSMMgr.exe [688128 2011-07-06] ()
HKLM-x32\...\Run: [CLX3180_Scan2Pc] => C:\Windows\Twain_32\Samsung\CLX3180\Scan2pc.exe [1990144 2011-04-29] ()
HKLM-x32\...\Run: [3180 Scan2PC] => C:\Windows\twain_32\Samsung\CLX3180\Scan2Pc.exe [1990144 2011-04-29] ()
HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation)
HKLM-x32\...\Run: [Cisco AnyConnect Secure Mobility Agent for Windows] => C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe [707472 2014-03-12] (Cisco Systems, Inc.)
HKLM-x32\...\Run: [TkBellExe] => c:\program files (x86)\real\realplayer\update\realsched.exe [295072 2012-12-16] (RealNetworks, Inc.)
Winlogon\Notify\igfxcui: C:\WINDOWS\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-1577607291-3742472165-1464039351-1000\...\Run: [Sidebar] => %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun
HKU\S-1-5-21-1577607291-3742472165-1464039351-1000\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [517632 2015-07-10] (Microsoft Corporation)
HKU\S-1-5-21-1577607291-3742472165-1464039351-1001\...\Run: [Dropbox Update] => C:\Users\Verena\AppData\Local\Dropbox\Update\DropboxUpdate.exe [134512 2015-06-19] (Dropbox, Inc.)
HKU\S-1-5-21-1577607291-3742472165-1464039351-1001\...\Run: [OneDrive] => C:\Users\Verena\AppData\Local\Microsoft\OneDrive\OneDrive.exe [404064 2015-09-02] (Microsoft Corporation)
AppInit_DLLs: c:\Windows\System32\nvinitx.dll => c:\Windows\System32\nvinitx.dll [177088 2015-07-13] (NVIDIA Corporation)
AppInit_DLLs: ,C:\WINDOWS\system32\nvinitx.dll => C:\WINDOWS\system32\nvinitx.dll [177088 2015-07-13] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\WINDOWS\SysWOW64\nvinit.dll => C:\WINDOWS\SysWOW64\nvinit.dll [155280 2015-07-13] (NVIDIA Corporation)
ShellIconOverlayIdentifiers: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Verena\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll Keine Datei
ShellIconOverlayIdentifiers: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Verena\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll Keine Datei
ShellIconOverlayIdentifiers: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Verena\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll Keine Datei
ShellIconOverlayIdentifiers: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Verena\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll Keine Datei
ShellIconOverlayIdentifiers: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Verena\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll Keine Datei
ShellIconOverlayIdentifiers: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Verena\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll Keine Datei
ShellIconOverlayIdentifiers: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Verena\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll Keine Datei
ShellIconOverlayIdentifiers: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Verena\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll Keine Datei
Startup: C:\Users\Verena\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2014-11-02]
ShortcutTarget: Dropbox.lnk -> C:\Users\Verena\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\Users\Verena\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2010 Bildschirmausschnitt- und Startprogramm.lnk [2012-04-15]
ShortcutTarget: OneNote 2010 Bildschirmausschnitt- und Startprogramm.lnk -> C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE (Microsoft Corporation)
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt..)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{3b7f2f84-982a-49ea-9368-45fb5bc144d9}: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{b0d6ddbf-db99-4fd2-9675-c35ced802d52}: [DhcpNameServer] 192.168.178.1
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617910&ResetID=130856855472853968&GUID=72A09B6E-8225-4B37-94F8-E33EAFCC85C1
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-1577607291-3742472165-1464039351-1001\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-1577607291-3742472165-1464039351-1001\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com/ie
HKU\S-1-5-21-1577607291-3742472165-1464039351-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617910&ResetID=130862133690298002&GUID=72A09B6E-8225-4B37-94F8-E33EAFCC85C1
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-1577607291-3742472165-1464039351-1000 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-1577607291-3742472165-1464039351-1001 -> DefaultScope {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKU\S-1-5-21-1577607291-3742472165-1464039351-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-1577607291-3742472165-1464039351-1001 -> {2A44F415-BC14-4AC0-AF6C-0D89E7908512} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKU\S-1-5-21-1577607291-3742472165-1464039351-1001 -> {4B0B64FD-EC90-484B-A3F3-3997730B5B73} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKU\S-1-5-21-1577607291-3742472165-1464039351-1001 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKU\S-1-5-21-1577607291-3742472165-1464039351-1001 -> {BB1C9FE6-A25C-4D5D-9631-59F983A1351B} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
BHO: Citavi Picker -> {609D670F-B735-4da7-AC6D-F3BD358E325E} -> C:\WINDOWS\system32\mscoree.dll [2015-07-10] (Microsoft Corporation)
BHO: Adblock IE -> {667BEE43-20BD-4CE3-94AC-E63E04D4B191} -> C:\Program Files\MGTEK\Adblock IE\adblockie.dll [2013-05-08] (MGTEK)
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: RealNetworks Download and Record Plugin for Internet Explorer -> {3049C3E9-B461-4BC5-8870-4C09146192CA} -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll [2012-11-29] (RealDownloader)
BHO-x32: Citavi Picker -> {609D670F-B735-4da7-AC6D-F3BD358E325E} -> C:\WINDOWS\SysWOW64\mscoree.dll [2015-07-10] (Microsoft Corporation)
BHO-x32: Adblock IE -> {667BEE43-20BD-4CE3-94AC-E63E04D4B191} -> C:\Program Files (x86)\MGTEK\Adblock IE\adblockie.dll [2013-05-08] (MGTEK)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
DPF: HKLM {166B1BCA-3F9C-11CF-8075-444553540000} hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: HKLM {233C1507-6A77-46A4-9443-F871F945D258} hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Technologies)
FireFox:
========
FF ProfilePath: C:\Users\Verena\AppData\Roaming\Mozilla\Firefox\Profiles\fpx32vvt.default-1374689957011
FF DefaultSearchEngine: Search Module
FF SelectedSearchEngine: Yahoo DE
FF Homepage: hxxps://www.malwarebytes.org/restorebrowser//?type=hp&ts=1441213265&z=ca518fbf7d0208bbd6016degfz1z6g1o2g5c1g8cbw&from=cmi&uid=WDCXWD6400BPVT-22HXZT3_WD-WX91A91P5075P5075
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_18_0_0_232.dll [2015-08-13] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_232.dll [2015-08-13] ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2013-10-07] (Google)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2014-01-06] (Google, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=10.5.1 -> C:\Windows\SysWOW64\npDeployJava1.dll [2012-07-05] (Oracle Corporation)
FF Plugin-x32: @mcafee.com/SAFFPlugin -> C:\Program Files (x86)\McAfee\SiteAdvisor\npmcffplg32.dll [Keine Datei]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~4\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2011-05-14] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2011-05-14] (Microsoft Corporation)
FF Plugin-x32: @real.com/nppl3260;version=16.0.0.282 -> c:\program files (x86)\real\realplayer\Netscape6\nppl3260.dll [2012-12-16] (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprndlchromebrowserrecordext;version=1.3.0 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll [2012-11-29] (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprndlhtml5videoshim;version=1.3.0 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll [2012-11-29] (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprndlpepperflashvideoshim;version=1.3.0 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll [2012-11-29] (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpplugin;version=16.0.0.282 -> c:\program files (x86)\real\realplayer\Netscape6\nprpplugin.dll [2012-12-16] (RealPlayer)
FF Plugin-x32: @realnetworks.com/npdlplugin;version=1 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll [2012-11-29] (RealDownloader)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.13\npGoogleUpdate3.dll [2015-08-27] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.13\npGoogleUpdate3.dll [2015-08-27] (Google Inc.)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\4\NP_wtapp.dll [2012-12-19] ()
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-06-29] (Adobe Systems Inc.)
FF Extension: Amazon-Icon - C:\Users\Verena\AppData\Roaming\Mozilla\Firefox\Profiles\fpx32vvt.default-1374689957011\Extensions\amazon-icon@giga.de [2014-11-01]
FF Extension: Foxi Security - C:\Users\Verena\AppData\Roaming\Mozilla\Firefox\Profiles\fpx32vvt.default-1374689957011\Extensions\foxi@securitii-dhfjs.com [2014-11-01]
FF Extension: Simple New Tab - C:\Users\Verena\AppData\Roaming\Mozilla\Firefox\Profiles\fpx32vvt.default-1374689957011\Extensions\snt@dotlabs.co [2013-11-28]
FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor
FF HKLM-x32\...\Firefox\Extensions: [{34712C68-7391-4c47-94F3-8F88D49AD632}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
FF Extension: RealDownloader - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext [2012-12-16]
FF HKLM-x32\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
FF HKLM-x32\...\Firefox\Extensions: [{8AA36F4F-6DC7-4c06-77AF-5035170634FE}] - C:\ProgramData\Swiss Academic Software\Citavi Picker\Firefox
FF Extension: Citavi Picker - C:\ProgramData\Swiss Academic Software\Citavi Picker\Firefox [2015-04-27]
FF Extension: Kein Name - C:\Users\Verena\AppData\Roaming\Mozilla\Firefox\Profiles\fpx32vvt.default-1374689957011\extensions\d4db60df25f14dae9dd18@185c395f9e794c9ab86be3eb.com [nicht gefunden]
FF Extension: Kein Name - C:\Users\Verena\AppData\Roaming\Mozilla\Firefox\Profiles\fpx32vvt.default-1374689957011\extensions\TTSD90021300@PYDKGV101145942.com [nicht gefunden]
FF ExtraCheck: C:\Program Files (x86)\mozilla firefox\firefox.cfg [2015-09-01] <==== ACHTUNG
Chrome:
=======
CHR dev: Chrome dev build erkannt! <======= ACHTUNG
CHR HomePage: Default -> hxxp://www.google.com/
CHR StartupUrls: Default -> "hxxps://www.malwarebytes.org/restorebrowser/"
CHR DefaultSearchURL: Default -> hxxp://www-searching.com/search.aspx?site=shdefault&prd=smw&pid=s&shr=d&q={searchTerms}&s=Unknown
CHR DefaultSearchKeyword: Default -> www-searching.com
CHR DefaultSuggestURL: Default -> hxxp://api.searchpredict.com/api/?rqtype=ffplugin&siteID=8661&dbCode=1&command={searchTerms}
CHR Profile: C:\Users\Verena\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Docs) - C:\Users\Verena\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-06-08]
CHR Extension: (RealDownloader) - C:\Users\Verena\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhngdhcfkoamngbedgpaokgjbnpdiji [2013-05-02]
CHR HKU\S-1-5-21-1577607291-3742472165-1464039351-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [jlcgehabolcakkjhgmgpkagpolbjlhfa] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [idhngdhcfkoamngbedgpaokgjbnpdiji] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Chrome\Ext\realdownloader.crx [2012-11-29]
CHR HKLM-x32\...\Chrome\Extension: [ohgndokldibnndfnjnagojmheejlengn] - hxxps://clients2.google.com/service/update2/crx
==================== Dienste (Nicht auf der Ausnahmeliste) ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R2 ETDService; C:\Program Files\Elantech\ETDService.exe [135352 2015-09-01] (ELAN Microelectronics Corp.)
S2 Freemake Improver; C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe [108032 2014-02-04] (Freemake) [Datei ist nicht signiert]
S2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1133880 2015-06-18] (Malwarebytes Corporation)
R2 MSMQ; C:\Windows\system32\mqsvc.exe [26112 2015-09-01] (Microsoft Corporation)
R2 NTI IScheduleSvc; C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe [256832 2011-04-24] (NTI Corporation)
R2 RealNetworks Downloader Resolver Service; C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe [38608 2012-11-29] ()
R2 Samsung Network Fax Server; C:\Windows\system32\spool\drivers\x64\3\NetFaxServer64.exe [229888 2011-04-28] (Samsung Electronics Co., Ltd.) [Datei ist nicht signiert]
S3 w3logsvc; C:\Windows\system32\inetsrv\w3logsvc.dll [84480 2015-09-01] (Microsoft Corporation)
R2 W3SVC; C:\Windows\system32\inetsrv\iisw3adm.dll [578560 2015-09-01] (Microsoft Corporation)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [362928 2015-07-10] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-07-10] (Microsoft Corporation)
===================== Treiber (Nicht auf der Ausnahmeliste) ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R3 BCM43XX; C:\Windows\system32\DRIVERS\bcmwl63a.sys [7593176 2015-07-10] (Broadcom Corporation)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [498512 2015-08-18] (Symantec Corporation)
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25816 2015-06-18] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [64216 2015-06-18] (Malwarebytes Corporation)
R3 MQAC; C:\Windows\System32\drivers\mqac.sys [175104 2015-09-01] (Microsoft Corporation)
S3 UdeCx; C:\Windows\System32\drivers\udecx.sys [44032 2015-07-10] ()
S3 vpnva; C:\Windows\System32\drivers\vpnva64-6.sys [52592 2014-03-12] (Cisco Systems, Inc.)
S0 WdBoot; C:\Windows\System32\drivers\WdBoot.sys [44568 2015-07-10] (Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [291680 2015-07-10] (Microsoft Corporation)
R2 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [119648 2015-07-10] (Microsoft Corporation)
U3 idsvc; kein ImagePath
S1 occjncgy; \??\C:\WINDOWS\system32\drivers\occjncgy.sys [X]
S3 wfpcapture; \SystemRoot\System32\drivers\wfpcapture.sys [X]
U3 wpcsvc; kein ImagePath
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat: Erstellte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2015-09-12 22:08 - 2015-09-12 22:08 - 00016148 _____ C:\WINDOWS\system32\VERENA-PC_Verena_HistoryPrediction.bin
2015-09-12 22:01 - 2015-09-12 22:01 - 02190848 _____ (Farbar) C:\Users\Verena\Downloads\FRST64 (3).exe
2015-09-12 22:00 - 2015-09-12 22:00 - 02190848 _____ (Farbar) C:\Users\Verena\Downloads\FRST64 (2).exe
2015-09-12 21:56 - 2015-09-12 21:56 - 00852704 _____ C:\Users\Verena\Downloads\SecurityCheck.exe
2015-09-12 21:14 - 2015-09-12 21:16 - 02870984 _____ (ESET) C:\Users\Verena\Downloads\esetsmartinstaller_deu (1).exe
2015-09-11 19:18 - 2015-09-11 19:18 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2015-09-11 18:44 - 2015-09-12 20:50 - 00003622 _____ C:\WINDOWS\System32\Tasks\ReclaimerUpdateXML_Verena
2015-09-11 18:44 - 2015-09-11 18:44 - 00003764 _____ C:\WINDOWS\System32\Tasks\RNUpgradeHelperResumePrompt_Verena
2015-09-11 18:44 - 2015-09-11 18:44 - 00003632 _____ C:\WINDOWS\System32\Tasks\ReclaimerUpdateFiles_Verena
2015-09-11 18:44 - 2015-09-11 18:44 - 00003352 _____ C:\WINDOWS\System32\Tasks\RNUpgradeHelperLogonPrompt_Verena
2015-09-10 23:18 - 2015-09-10 23:18 - 00000000 ____D C:\Program Files (x86)\ESET
2015-09-10 23:17 - 2015-09-10 23:17 - 02870984 _____ (ESET) C:\Users\Verena\Downloads\esetsmartinstaller_deu.exe
2015-09-09 21:23 - 2015-09-09 21:23 - 02190336 _____ (Farbar) C:\Users\Verena\Downloads\FRST64 (1).exe
2015-09-09 21:08 - 2015-09-09 21:08 - 00001962 _____ C:\Users\Verena\Desktop\JRT.txt
2015-09-09 20:56 - 2015-09-09 20:11 - 01800104 _____ (Malwarebytes Corporation) C:\Users\Verena\Desktop\JRT.exe
2015-09-09 20:55 - 2015-09-09 20:56 - 01799392 _____ (Malwarebytes Corporation) C:\Users\Verena\Downloads\JRT_7600.exe
2015-09-09 20:38 - 2015-09-09 20:45 - 00000000 ____D C:\AdwCleaner
2015-09-09 20:37 - 2015-09-09 20:37 - 01660416 _____ C:\Users\Verena\Downloads\AdwCleaner_5.007.exe
2015-09-09 20:35 - 2015-09-09 20:35 - 00000902 _____ C:\mbam.txt
2015-09-09 08:38 - 2015-09-09 08:39 - 00310848 _____ C:\WINDOWS\Minidump\090915-45578-01.dmp
2015-09-08 22:51 - 2015-09-09 08:38 - 00000000 ____D C:\WINDOWS\Minidump
2015-09-08 22:51 - 2015-09-08 22:51 - 00310704 _____ C:\WINDOWS\Minidump\090815-61921-01.dmp
2015-09-08 21:27 - 2015-09-08 22:41 - 00000000 ____D C:\Program Files (x86)\c342c41b-1227-4b5c-a118-c3fb81b76308
2015-09-08 21:19 - 2015-09-08 21:20 - 24345872 _____ (Malwarebytes Corporation ) C:\Users\Verena\Downloads\mbam-setup-2.1.8.1057.exe
2015-09-08 20:52 - 2015-09-08 20:52 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\Verena\Downloads\revosetup95 (1).exe
2015-09-06 12:24 - 2015-09-06 12:24 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_WpdFs_01_11_00.Wdf
2015-09-06 11:57 - 2015-09-06 12:05 - 00081202 _____ C:\Users\Verena\Downloads\Addition.txt
2015-09-06 11:40 - 2015-09-12 22:02 - 00025719 _____ C:\Users\Verena\Downloads\FRST.txt
2015-09-06 11:39 - 2015-09-12 22:04 - 00000000 ____D C:\FRST
2015-09-06 11:39 - 2015-09-06 11:39 - 02188800 _____ (Farbar) C:\Users\Verena\Downloads\FRST64.exe
2015-09-05 15:04 - 2015-09-05 15:04 - 00000000 ____D C:\Users\Verena\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2015-09-03 08:47 - 2015-09-12 21:00 - 00001010 _____ C:\WINDOWS\Tasks\lI6qhaY.job
2015-09-03 08:47 - 2015-09-03 08:47 - 00004132 _____ C:\WINDOWS\System32\Tasks\lI6qhaY
2015-09-02 19:55 - 2015-09-11 15:37 - 00001040 _____ C:\WINDOWS\Tasks\b6TtfCU4fgZ9RE6NnSqEJ1.job
2015-09-02 19:55 - 2015-09-11 15:37 - 00001030 _____ C:\WINDOWS\Tasks\IyEFViIqK8st2WX35.job
2015-09-02 19:55 - 2015-09-02 19:55 - 00004190 _____ C:\WINDOWS\System32\Tasks\b6TtfCU4fgZ9RE6NnSqEJ1
2015-09-02 19:55 - 2015-09-02 19:55 - 00004172 _____ C:\WINDOWS\System32\Tasks\IyEFViIqK8st2WX35
2015-09-02 19:41 - 2015-09-02 19:43 - 00000000 ____D C:\Users\Verena\AppData\Local\Comms
2015-09-02 19:29 - 2015-09-08 22:41 - 00000000 ____D C:\ProgramData\Jissifsefaieg
2015-09-02 19:29 - 2015-09-08 20:44 - 00003526 _____ C:\WINDOWS\System32\Tasks\Jissifsefaieg
2015-09-02 19:25 - 2015-09-02 21:58 - 00000000 ____D C:\Users\Verena\AppData\Roaming\Opera Software
2015-09-02 19:25 - 2015-09-02 21:58 - 00000000 ____D C:\Users\Verena\AppData\Local\Opera Software
2015-09-02 19:23 - 2015-09-08 22:41 - 00000000 ____D C:\ProgramData\ewWhKiM
2015-09-02 19:23 - 2015-09-02 21:58 - 00000000 ____D C:\Program Files (x86)\Opera
2015-09-02 18:56 - 2015-09-08 22:41 - 00000000 ____D C:\Program Files (x86)\b6380599-0a17-4fd7-a1e1-22ec41b6723e
2015-09-02 18:46 - 2015-09-11 18:46 - 00001036 _____ C:\WINDOWS\Tasks\HztSu0wh4JrtyLfcXxrV.job
2015-09-02 18:46 - 2015-09-11 18:46 - 00001012 _____ C:\WINDOWS\Tasks\hZXISqFX.job
2015-09-02 18:46 - 2015-09-02 18:46 - 00004182 _____ C:\WINDOWS\System32\Tasks\HztSu0wh4JrtyLfcXxrV
2015-09-02 18:46 - 2015-09-02 18:46 - 00004136 _____ C:\WINDOWS\System32\Tasks\hZXISqFX
2015-09-02 18:45 - 2015-09-08 22:41 - 00000000 ____D C:\Program Files (x86)\66a92713-39e9-42fe-a45a-0a3d741309a9
2015-09-02 18:45 - 2015-09-08 22:25 - 00000004 _____ C:\WINDOWS\SysWOW64\029B560A371F4E00AB32838EBC01B9E7
2015-09-02 18:35 - 2015-09-12 22:07 - 00004162 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{46D6A097-0CD4-4543-91CE-773F04323F0F}
2015-09-02 18:30 - 2015-09-02 18:30 - 00000000 ____D C:\Users\Verena\AppData\Roaming\dlg
2015-09-02 18:30 - 2014-12-17 23:02 - 00000027 _____ C:\WINDOWS\system32\Drivers\etc\hp.bak
2015-09-02 11:23 - 2015-08-19 06:50 - 00609592 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2015-09-01 13:38 - 2015-09-01 13:38 - 00000000 ____D C:\Users\Verena\AppData\Local\NetworkTiles
2015-09-01 11:15 - 2015-09-01 11:15 - 00000000 ____D C:\Users\Verena\AppData\Local\MicrosoftEdge
2015-09-01 11:11 - 2015-09-02 11:11 - 00002404 _____ C:\Users\Verena\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2015-09-01 11:11 - 2015-09-02 11:11 - 00000000 ___RD C:\Users\Verena\OneDrive
2015-09-01 11:09 - 2015-09-01 11:09 - 00047288 _____ (ELAN Microelectronics Corp.) C:\WINDOWS\system32\ETDCoInstaller01000.dll
2015-09-01 11:09 - 2015-09-01 11:09 - 00001337 _____ C:\Users\Verena\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Realtek HD Audio-Manager.lnk
2015-09-01 11:09 - 2015-09-01 11:09 - 00001055 _____ C:\Users\Verena\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Optionale Features.lnk
2015-09-01 11:09 - 2015-09-01 11:09 - 00000000 ____D C:\ProgramData\Microsoft OneDrive
2015-09-01 11:09 - 2015-07-09 20:25 - 16736256 _____ (Microsoft Corporation) C:\WINDOWS\system32\prm0001.dll
2015-09-01 11:07 - 2015-09-01 11:07 - 00000000 ____D C:\Users\Verena\AppData\Local\Publishers
2015-09-01 11:05 - 2015-09-10 23:52 - 00000000 ____D C:\Users\Verena\AppData\Local\Packages
2015-09-01 11:05 - 2015-09-01 11:05 - 00000020 ___SH C:\Users\Verena\ntuser.ini
2015-09-01 11:05 - 2015-09-01 11:05 - 00000000 ____D C:\Users\Verena\AppData\Local\TileDataLayer
2015-09-01 10:30 - 2015-09-01 11:04 - 00000000 ___DC C:\WINDOWS\Panther
2015-09-01 10:27 - 2015-09-01 10:27 - 00000000 ____D C:\Windows.old
2015-09-01 10:26 - 2015-09-01 10:26 - 24591872 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 22320576 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 21873152 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 20854232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 19333632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 18810368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 16710144 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 14241792 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 13024256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 12589056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 12502016 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 11552768 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 11260928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 09885184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 08020832 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2015-09-01 10:26 - 2015-09-01 10:26 - 07569408 _____ (Microsoft Corporation) C:\WINDOWS\system32\mos.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 07523328 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 07051264 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 06488312 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 06305792 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Search.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 06101504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mos.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 05454848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 05118024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 05076480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingMaps.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 04791296 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 04760576 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExplorerFrame.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 04611584 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 04532304 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2015-09-01 10:26 - 2015-09-01 10:26 - 04398080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Search.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 04350464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExplorerFrame.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 04169728 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIRibbon.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 04047288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2015-09-01 10:26 - 2015-09-01 10:26 - 03780096 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 03687936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 03620736 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 03589632 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2015-09-01 10:26 - 2015-09-01 10:26 - 03579904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 03443200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIRibbon.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 03362816 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 03248640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 03248128 _____ (Microsoft Corporation) C:\WINDOWS\system32\msftedit.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 02878000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 02741760 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 02661376 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 02646528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 02606080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msftedit.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 02558976 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 02498808 _____ C:\WINDOWS\system32\CoreUIComponents.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 02462136 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 02446336 _____ C:\WINDOWS\system32\InputService.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 02416640 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 02415616 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 02235904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 02224128 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 02207744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 02178560 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 02150696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 02147592 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d9.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 02125824 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.appcore.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 02116960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2015-09-01 10:26 - 2015-09-01 10:26 - 02112512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 01985024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWrite.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 01983328 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2015-09-01 10:26 - 2015-09-01 10:26 - 01964544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssrch.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 01914880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 01890304 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 01867672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d9.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 01823232 _____ C:\WINDOWS\SysWOW64\InputService.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 01822280 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 01820672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Logon.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 01793024 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 01773056 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 01769568 _____ C:\WINDOWS\SysWOW64\CoreUIComponents.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 01714176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.appcore.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 01680896 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 01643872 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 01611264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 01602560 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 01601024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Speech.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 01593856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 01591856 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 01562968 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpmde.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 01561360 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmde.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 01533496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 01521664 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActiveSyncProvider.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 01420288 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataService.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 01418240 _____ (Microsoft Corporation) C:\WINDOWS\system32\RecoveryDrive.exe
2015-09-01 10:26 - 2015-09-01 10:26 - 01417216 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 01411072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Editing.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 01396576 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 01382912 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2015-09-01 10:26 - 2015-09-01 10:26 - 01380864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 01365072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 01356368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmde.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 01334784 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAutomationCore.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 01294352 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2015-09-01 10:26 - 2015-09-01 10:26 - 01290752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Shell.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 01274880 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifinetworkmanager.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 01203200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Bluetooth.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 01203200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Unistore.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 01201664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Cred.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 01177600 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 01169408 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 01168736 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2015-09-01 10:26 - 2015-09-01 10:26 - 01161728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Speech.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 01135312 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipUp.exe
2015-09-01 10:26 - 2015-09-01 10:26 - 01123400 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2015-09-01 10:26 - 2015-09-01 10:26 - 01112064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIAutomationCore.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 01101792 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmCoreR.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 01085776 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 01067520 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 01061888 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 01043968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Editing.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 01031680 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorDataService.exe
2015-09-01 10:26 - 2015-09-01 10:26 - 01018568 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2015-09-01 10:26 - 2015-09-01 10:26 - 00991584 _____ (Microsoft Corporation) C:\WINDOWS\system32\ReAgent.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00988672 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXService.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00980832 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2015-09-01 10:26 - 2015-09-01 10:26 - 00966424 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.appcore.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00962400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00934752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\refsv1.sys
2015-09-01 10:26 - 2015-09-01 10:26 - 00925696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Unistore.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00916800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00911360 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedStartModel.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00902656 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchIndexer.exe
2015-09-01 10:26 - 2015-09-01 10:26 - 00872448 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntshrui.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00869376 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapControlCore.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00858624 _____ (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00858408 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2015-09-01 10:26 - 2015-09-01 10:26 - 00856064 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContactApis.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00855552 _____ (Microsoft Corporation) C:\WINDOWS\system32\winhttp.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00850432 _____ (Microsoft Corporation) C:\WINDOWS\system32\comdlg32.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00846336 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpncore.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00845664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ReAgent.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00841728 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Import.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00832512 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsStore.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00828416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Bluetooth.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00823336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MrmCoreR.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00816576 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00808856 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00801632 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
2015-09-01 10:26 - 2015-09-01 10:26 - 00799232 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpccpl.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00798208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntshrui.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00783872 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00783112 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00777728 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00762896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.appcore.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00754688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Cred.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00752640 _____ (Microsoft Corporation) C:\WINDOWS\system32\efscore.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00750592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comdlg32.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00713312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00712192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchIndexer.exe
2015-09-01 10:26 - 2015-09-01 10:26 - 00700256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe
2015-09-01 10:26 - 2015-09-01 10:26 - 00695136 _____ (Microsoft Corporation) C:\WINDOWS\system32\wimgapi.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00680448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.Connectivity.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00679424 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppContracts.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00677888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00670208 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00667136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winhttp.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00658568 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipSVC.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00643616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00632168 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00630160 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00623616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ContactApis.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00606392 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2015-09-01 10:26 - 2015-09-01 10:26 - 00601344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2015-09-01 10:26 - 2015-09-01 10:26 - 00594472 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Shell.Broker.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00593920 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmsvc.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00590336 _____ (Microsoft Corporation) C:\WINDOWS\system32\MessagingDataModel2.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00589824 _____ (Microsoft Corporation) C:\WINDOWS\system32\uxtheme.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00589312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\efscore.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00585728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00584704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIRibbonRes.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00584704 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Sensors.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00584704 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIRibbonRes.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00584544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wimgapi.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00578048 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2015-09-01 10:26 - 2015-09-01 10:26 - 00575488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Import.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00575488 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00573440 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Cortana.Desktop.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00569344 _____ (Microsoft Corporation) C:\WINDOWS\system32\MCRecvSrc.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00565088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\acpi.sys
2015-09-01 10:26 - 2015-09-01 10:26 - 00562688 _____ (Microsoft Corporation) C:\WINDOWS\system32\MbaeApi.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00553472 _____ (Microsoft Corporation) C:\WINDOWS\system32\GamePanel.exe
2015-09-01 10:26 - 2015-09-01 10:26 - 00542720 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFolder.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00539216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2015-09-01 10:26 - 2015-09-01 10:26 - 00527952 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00521568 _____ (Microsoft Corporation) C:\WINDOWS\system32\wimserv.exe
2015-09-01 10:26 - 2015-09-01 10:26 - 00520704 _____ (Microsoft Corporation) C:\WINDOWS\system32\PsmServiceExtHost.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00518144 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationController.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00516960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS
2015-09-01 10:26 - 2015-09-01 10:26 - 00510976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00507696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxgi.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00505696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2015-09-01 10:26 - 2015-09-01 10:26 - 00505344 _____ C:\WINDOWS\system32\EditionUpgradeManagerObj.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00503808 _____ (Microsoft Corporation) C:\WINDOWS\system32\tileobjserver.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00503296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.Connectivity.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00501008 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00498016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbhub.sys
2015-09-01 10:26 - 2015-09-01 10:26 - 00485888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.BlockedShutdown.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00480256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MCRecvSrc.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00477696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LogonController.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00465920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MessagingDataModel2.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00458752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\uxtheme.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00452608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchFolder.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00448512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MbaeApi.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00446976 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapConfiguration.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00445240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioEng.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00441344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppContracts.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00437248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Sensors.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00430592 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppcomapi.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00425824 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00421888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Bluetooth.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00420352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GamePanel.exe
2015-09-01 10:26 - 2015-09-01 10:26 - 00416256 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcdedit.exe
2015-09-01 10:26 - 2015-09-01 10:26 - 00414720 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.BioFeedback.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00412672 _____ C:\WINDOWS\system32\diagtrack_win.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00407616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00406528 _____ (Microsoft Corporation) C:\WINDOWS\system32\CredProvDataModel.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00403968 _____ C:\WINDOWS\system32\diagtrack_wininternal.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00384000 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppBroker.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00366592 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00365056 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00359936 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncsi.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00356352 _____ (Microsoft Corporation) C:\WINDOWS\system32\stobject.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00343040 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00342528 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvr.exe
2015-09-01 10:26 - 2015-09-01 10:26 - 00335248 _____ (Microsoft Corporation) C:\WINDOWS\system32\wintrust.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00334848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CredProvDataModel.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00329728 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00328704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapConfiguration.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00325984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys
2015-09-01 10:26 - 2015-09-01 10:26 - 00324096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00322048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.BlockedShutdown.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00322048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\stobject.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00316928 _____ (Microsoft Corporation) C:\WINDOWS\system32\ConhostV2.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00311808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LockAppBroker.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00310784 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsApi.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00303616 _____ (Microsoft Corporation) C:\WINDOWS\system32\MBMediaManager.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00303104 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00296960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Bluetooth.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00294912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00291840 _____ (Microsoft Corporation) C:\WINDOWS\system32\systemcpl.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00290312 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininit.exe
2015-09-01 10:26 - 2015-09-01 10:26 - 00289248 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppHost.exe
2015-09-01 10:26 - 2015-09-01 10:26 - 00286208 _____ (Microsoft Corporation) C:\WINDOWS\system32\provhandlers.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00283648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.BioFeedback.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00282112 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEEventDispatcher.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00279552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\systemcpl.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00279552 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00275456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcastdvr.exe
2015-09-01 10:26 - 2015-09-01 10:26 - 00271872 _____ (Microsoft Corporation) C:\WINDOWS\system32\ConsoleLogon.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00267776 _____ (Microsoft Corporation) C:\WINDOWS\system32\provengine.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00265480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wintrust.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00263168 _____ (Microsoft Corporation) C:\WINDOWS\system32\DisplayManager.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00253440 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_UserAccount.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00251392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SensorsApi.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00247808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00243760 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00242264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LockAppHost.exe
2015-09-01 10:26 - 2015-09-01 10:26 - 00242176 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00235008 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Notifications.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00232960 _____ (Microsoft Corporation) C:\WINDOWS\system32\DevicesFlowBroker.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00229376 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorService.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00217088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VEEventDispatcher.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00208736 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00208384 _____ (Microsoft Corporation) C:\WINDOWS\system32\srumsvc.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00204288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmcsp.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00204288 _____ (Microsoft Corporation) C:\WINDOWS\system32\OmaDmAgent.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00193536 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedStartModelShim.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00193024 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseModernAppMgmtCSP.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00191488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DisplayManager.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00190464 _____ (Microsoft Corporation) C:\WINDOWS\system32\ReInfo.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00187904 _____ (Microsoft Corporation) C:\WINDOWS\system32\provisioningcsp.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00186880 _____ (Microsoft Corporation) C:\WINDOWS\system32\BootMenuUX.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00185856 _____ (Microsoft Corporation) C:\WINDOWS\system32\psmsrv.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00185344 _____ (Microsoft Corporation) C:\WINDOWS\system32\cloudAP.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00181760 _____ (Microsoft Corporation) C:\WINDOWS\system32\shutdownux.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00181088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxAllUserStore.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00179712 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_SignInOptions.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00179200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\srumsvc.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00176640 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcdboot.exe
2015-09-01 10:26 - 2015-09-01 10:26 - 00169984 _____ (Microsoft Corporation) C:\WINDOWS\system32\storewuauth.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00168960 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe
2015-09-01 10:26 - 2015-09-01 10:26 - 00167424 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Privacy.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00162304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ReInfo.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00162304 _____ (Microsoft Corporation) C:\WINDOWS\system32\SubscriptionMgr.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00151040 _____ (Microsoft Corporation) C:\WINDOWS\system32\TabSvc.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00150528 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2015-09-01 10:26 - 2015-09-01 10:26 - 00148992 _____ (Microsoft Corporation) C:\WINDOWS\system32\tetheringservice.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00137216 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEStoreEventHandlers.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00123392 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00120832 _____ (Microsoft Corporation) C:\WINDOWS\system32\omadmclient.exe
2015-09-01 10:26 - 2015-09-01 10:26 - 00116736 _____ (Microsoft Corporation) C:\WINDOWS\system32\sendmail.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00107520 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmapi.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00104960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sendmail.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00097128 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcd.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00093696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmapi.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00084480 _____ (Microsoft Corporation) C:\WINDOWS\system32\spbcd.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00082616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcd.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\system32\setbcdlocale.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00069120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\spbcd.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00068096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Cortana.ProxyStub.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00067072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbser.sys
2015-09-01 10:26 - 2015-09-01 10:26 - 00065536 _____ (Microsoft Corporation) C:\WINDOWS\system32\msiexec.exe
2015-09-01 10:26 - 2015-09-01 10:26 - 00064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\unenrollhook.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00061280 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dam.sys
2015-09-01 10:26 - 2015-09-01 10:26 - 00060928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Cortana.OneCore.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00058368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msiexec.exe
2015-09-01 10:26 - 2015-09-01 10:26 - 00057856 _____ (Microsoft Corporation) C:\WINDOWS\system32\hmkd.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00056320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Cortana.PAL.Desktop.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00053248 _____ (Microsoft Corporation) C:\WINDOWS\system32\omadmprc.exe
2015-09-01 10:26 - 2015-09-01 10:26 - 00046080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\UcmUcsi.sys
2015-09-01 10:26 - 2015-09-01 10:26 - 00045568 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00045056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hmkd.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00037376 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00032768 _____ C:\WINDOWS\system32\LicenseManagerApi.dll
2015-09-01 10:26 - 2015-09-01 10:26 - 00032768 _____ (Microsoft Corporation) C:\WINDOWS\system32\calc.exe
2015-09-01 10:26 - 2015-09-01 10:26 - 00031232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\calc.exe
2015-09-01 10:26 - 2015-09-01 10:26 - 00028672 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationControllerPS.dll
2015-09-01 10:24 - 2015-09-01 10:24 - 00008192 _____ C:\WINDOWS\system32\config\userdiff
2015-09-01 10:21 - 2015-09-01 10:21 - 00000000 ____D C:\WINDOWS\SysWOW64\XPSViewer
2015-09-01 10:21 - 2015-09-01 10:21 - 00000000 ____D C:\WINDOWS\SysWOW64\BestPractices
2015-09-01 10:21 - 2015-09-01 10:21 - 00000000 ____D C:\WINDOWS\system32\msmq
2015-09-01 10:21 - 2015-09-01 10:21 - 00000000 ____D C:\WINDOWS\system32\BestPractices
2015-09-01 10:21 - 2015-09-01 10:21 - 00000000 ____D C:\Program Files\Reference Assemblies
2015-09-01 10:21 - 2015-09-01 10:21 - 00000000 ____D C:\Program Files\MSBuild
2015-09-01 10:21 - 2015-09-01 10:21 - 00000000 ____D C:\Program Files (x86)\Reference Assemblies
2015-09-01 10:21 - 2015-09-01 10:21 - 00000000 ____D C:\inetpub
2015-09-01 10:21 - 2015-09-01 09:51 - 00000000 ____D C:\Program Files (x86)\MSBuild
2015-09-01 10:20 - 2015-06-17 19:10 - 01166520 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationNative_v0300.dll
2015-09-01 10:20 - 2015-06-17 19:10 - 00124112 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2015-09-01 10:20 - 2015-06-17 19:10 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe
2015-09-01 10:20 - 2015-05-29 22:07 - 00778936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationNative_v0300.dll
2015-09-01 10:20 - 2015-05-29 22:07 - 00102608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2015-09-01 10:20 - 2015-05-29 22:07 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TsWpfWrp.exe
2015-09-01 10:07 - 2015-09-01 10:07 - 00000000 _SHDL C:\Users\Default\Vorlagen
2015-09-01 10:07 - 2015-09-01 10:07 - 00000000 _SHDL C:\Users\Default\Startmenü
2015-09-01 10:07 - 2015-09-01 10:07 - 00000000 _SHDL C:\Users\Default\Netzwerkumgebung
2015-09-01 10:07 - 2015-09-01 10:07 - 00000000 _SHDL C:\Users\Default\Lokale Einstellungen
2015-09-01 10:07 - 2015-09-01 10:07 - 00000000 _SHDL C:\Users\Default\Eigene Dateien
2015-09-01 10:07 - 2015-09-01 10:07 - 00000000 _SHDL C:\Users\Default\Druckumgebung
2015-09-01 10:07 - 2015-09-01 10:07 - 00000000 _SHDL C:\Users\Default\Documents\Eigene Musik
2015-09-01 10:07 - 2015-09-01 10:07 - 00000000 _SHDL C:\Users\Default\Documents\Eigene Bilder
2015-09-01 10:07 - 2015-09-01 10:07 - 00000000 _SHDL C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2015-09-01 10:07 - 2015-09-01 10:07 - 00000000 _SHDL C:\Users\Default\AppData\Local\Verlauf
2015-09-01 10:07 - 2015-09-01 10:07 - 00000000 _SHDL C:\Users\Default\AppData\Local\Anwendungsdaten
2015-09-01 10:07 - 2015-09-01 10:07 - 00000000 _SHDL C:\Users\Default\Anwendungsdaten
2015-09-01 10:07 - 2015-09-01 10:07 - 00000000 _SHDL C:\Users\Default User\Documents\Eigene Musik
2015-09-01 10:07 - 2015-09-01 10:07 - 00000000 _SHDL C:\Users\Default User\Documents\Eigene Bilder
2015-09-01 10:07 - 2015-09-01 10:07 - 00000000 _SHDL C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2015-09-01 10:07 - 2015-09-01 10:07 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Verlauf
2015-09-01 10:07 - 2015-09-01 10:07 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Anwendungsdaten
2015-09-01 10:07 - 2015-09-01 10:07 - 00000000 __SHD C:\Recovery
2015-09-01 10:04 - 2015-09-01 10:04 - 00022960 _____ C:\WINDOWS\system32\emptyregdb.dat
2015-09-01 10:00 - 2015-09-01 10:00 - 00000020 ___SH C:\Users\UpdatusUser\ntuser.ini
2015-09-01 09:57 - 2015-07-10 12:59 - 02718208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2015-09-01 09:50 - 2015-09-01 09:50 - 00001576 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2015-09-01 09:50 - 2015-09-01 09:50 - 00000000 ____D C:\Users\Default\AppData\Roaming\Macromedia
2015-09-01 09:50 - 2015-09-01 09:50 - 00000000 ____D C:\Users\Default\AppData\Local\Microsoft Help
2015-09-01 09:50 - 2015-09-01 09:50 - 00000000 ____D C:\Users\Default User\AppData\Roaming\Macromedia
2015-09-01 09:50 - 2015-09-01 09:50 - 00000000 ____D C:\Users\Default User\AppData\Local\Microsoft Help
2015-09-01 09:44 - 2015-09-01 09:44 - 00000000 ____D C:\Program Files\Common Files\SpeechEngines
2015-09-01 09:41 - 2015-09-11 15:30 - 00000000 ____D C:\Users\Verena
2015-09-01 09:41 - 2015-09-02 19:51 - 00000000 ___RD C:\Users\Verena\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-09-01 09:41 - 2015-09-01 09:42 - 00000000 ___RD C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-09-01 09:41 - 2015-09-01 09:41 - 00000000 _SHDL C:\Users\Verena\Vorlagen
2015-09-01 09:41 - 2015-09-01 09:41 - 00000000 _SHDL C:\Users\Verena\Startmenü
2015-09-01 09:41 - 2015-09-01 09:41 - 00000000 _SHDL C:\Users\Verena\Netzwerkumgebung
2015-09-01 09:41 - 2015-09-01 09:41 - 00000000 _SHDL C:\Users\Verena\Lokale Einstellungen
2015-09-01 09:41 - 2015-09-01 09:41 - 00000000 _SHDL C:\Users\Verena\Eigene Dateien
2015-09-01 09:41 - 2015-09-01 09:41 - 00000000 _SHDL C:\Users\Verena\Druckumgebung
2015-09-01 09:41 - 2015-09-01 09:41 - 00000000 _SHDL C:\Users\Verena\Documents\Eigene Musik
2015-09-01 09:41 - 2015-09-01 09:41 - 00000000 _SHDL C:\Users\Verena\Documents\Eigene Bilder
2015-09-01 09:41 - 2015-09-01 09:41 - 00000000 _SHDL C:\Users\Verena\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2015-09-01 09:41 - 2015-09-01 09:41 - 00000000 _SHDL C:\Users\Verena\AppData\Local\Verlauf
2015-09-01 09:41 - 2015-09-01 09:41 - 00000000 _SHDL C:\Users\Verena\AppData\Local\Anwendungsdaten
2015-09-01 09:41 - 2015-09-01 09:41 - 00000000 _SHDL C:\Users\Verena\Anwendungsdaten
2015-09-01 09:41 - 2015-09-01 09:41 - 00000000 _SHDL C:\Users\UpdatusUser\Vorlagen
2015-09-01 09:41 - 2015-09-01 09:41 - 00000000 _SHDL C:\Users\UpdatusUser\Startmenü
2015-09-01 09:41 - 2015-09-01 09:41 - 00000000 _SHDL C:\Users\UpdatusUser\Netzwerkumgebung
2015-09-01 09:41 - 2015-09-01 09:41 - 00000000 _SHDL C:\Users\UpdatusUser\Lokale Einstellungen
2015-09-01 09:41 - 2015-09-01 09:41 - 00000000 _SHDL C:\Users\UpdatusUser\Eigene Dateien
2015-09-01 09:41 - 2015-09-01 09:41 - 00000000 _SHDL C:\Users\UpdatusUser\Druckumgebung
2015-09-01 09:41 - 2015-09-01 09:41 - 00000000 _SHDL C:\Users\UpdatusUser\Documents\Eigene Musik
2015-09-01 09:41 - 2015-09-01 09:41 - 00000000 _SHDL C:\Users\UpdatusUser\Documents\Eigene Bilder
2015-09-01 09:41 - 2015-09-01 09:41 - 00000000 _SHDL C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2015-09-01 09:41 - 2015-09-01 09:41 - 00000000 _SHDL C:\Users\UpdatusUser\AppData\Local\Verlauf
2015-09-01 09:41 - 2015-09-01 09:41 - 00000000 _SHDL C:\Users\UpdatusUser\AppData\Local\Anwendungsdaten
2015-09-01 09:41 - 2015-09-01 09:41 - 00000000 _SHDL C:\Users\UpdatusUser\Anwendungsdaten
2015-09-01 09:41 - 2015-07-10 13:04 - 00000000 __RSD C:\Users\Verena\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell
2015-09-01 09:41 - 2015-07-10 13:04 - 00000000 __RSD C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell
2015-09-01 09:41 - 2015-07-10 13:04 - 00000000 ___RD C:\Users\Verena\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-09-01 09:41 - 2015-07-10 13:04 - 00000000 ___RD C:\Users\Verena\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2015-09-01 09:41 - 2015-07-10 13:04 - 00000000 ___RD C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-09-01 09:41 - 2015-07-10 13:04 - 00000000 ___RD C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2015-09-01 09:41 - 2015-07-10 13:04 - 00000000 ____D C:\Users\Verena\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2015-09-01 09:41 - 2015-07-10 13:04 - 00000000 ____D C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2015-09-01 09:39 - 2015-09-06 12:26 - 02085726 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2015-09-01 09:39 - 2015-09-01 09:40 - 00021209 _____ C:\WINDOWS\iis.log
2015-09-01 09:39 - 2015-09-01 09:39 - 01980268 _____ C:\WINDOWS\SysWOW64\PerfStringBackup.INI
2015-09-01 09:37 - 2015-09-01 09:54 - 00000000 ____D C:\WINDOWS\SysWOW64\NV
2015-09-01 09:37 - 2015-09-01 09:52 - 00000000 ____D C:\WINDOWS\system32\NV
2015-09-01 09:37 - 2015-09-01 09:44 - 00000000 ____D C:\ProgramData\NVIDIA
2015-09-01 09:37 - 2015-09-01 09:37 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2015-09-01 09:37 - 2015-07-13 19:37 - 06873744 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2015-09-01 09:37 - 2015-07-13 19:37 - 03493008 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc64.dll
2015-09-01 09:37 - 2015-07-13 19:37 - 02558792 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll
2015-09-01 09:37 - 2015-07-13 19:37 - 01059984 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshext.dll
2015-09-01 09:37 - 2015-07-13 19:37 - 00937616 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvvsvc.exe
2015-09-01 09:37 - 2015-07-13 19:37 - 00385168 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmctray.dll
2015-09-01 09:37 - 2015-07-13 19:37 - 00075080 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshextr.dll
2015-09-01 09:37 - 2015-07-13 19:37 - 00062792 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll
2015-09-01 09:37 - 2015-07-13 18:28 - 05096627 _____ C:\WINDOWS\system32\nvcoproc.bin
2015-09-01 09:36 - 2015-09-01 15:29 - 00000000 ____D C:\Program Files\Elantech
2015-09-01 09:36 - 2015-09-01 09:44 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2015-09-01 09:36 - 2015-09-01 09:44 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2015-09-01 09:36 - 2015-09-01 09:36 - 00000000 ____H C:\ProgramData\DP45977C.lfl
2015-09-01 09:36 - 2015-09-01 09:36 - 00000000 ____D C:\WINDOWS\SysWOW64\RTCOM
2015-09-01 09:36 - 2015-09-01 09:36 - 00000000 ____D C:\Program Files\Realtek
2015-09-01 09:32 - 2015-09-01 09:33 - 00028116 _____ C:\WINDOWS\system32\NetSetupMig.log
2015-09-01 09:31 - 2015-09-08 22:43 - 00035972 _____ C:\WINDOWS\PFRO.log
2015-09-01 09:04 - 2015-09-01 10:05 - 00006593 _____ C:\WINDOWS\comsetup.log
2015-09-01 09:01 - 2015-09-01 10:06 - 00014259 _____ C:\WINDOWS\diagerr.xml
2015-09-01 09:01 - 2015-09-01 10:06 - 00013338 _____ C:\WINDOWS\diagwrn.xml
2015-09-01 08:54 - 2015-09-02 21:29 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2015-08-25 15:04 - 2015-09-01 09:52 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Exact Audio Copy
2015-08-25 15:04 - 2015-08-25 15:04 - 00001078 _____ C:\Users\Public\Desktop\Exact Audio Copy.lnk
2015-08-25 15:04 - 2015-08-25 15:04 - 00000000 ____D C:\Users\Verena\AppData\Roaming\EAC
2015-08-25 15:04 - 2015-08-25 15:04 - 00000000 ____D C:\Program Files (x86)\Exact Audio Copy
2015-08-18 10:46 - 2015-09-01 09:52 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton Security Scan
2015-08-18 10:46 - 2015-08-18 10:46 - 00001461 _____ C:\Users\Public\Desktop\Norton Security Scan.LNK
2015-08-18 10:46 - 2015-08-18 10:46 - 00000000 ____D C:\WINDOWS\system32\Drivers\NSSx64
2015-08-18 10:46 - 2015-08-18 10:46 - 00000000 ____D C:\Program Files (x86)\Norton Security Scan
2015-08-16 21:02 - 2015-08-16 21:02 - 00012136 _____ C:\Users\Verena\Downloads\nr1.xwd
2015-08-16 21:00 - 2015-08-16 21:00 - 00037376 _____ C:\Users\Verena\Downloads\XWord Rätsel (2).svg
2015-08-16 20:56 - 2015-08-16 20:56 - 00037376 _____ C:\Users\Verena\Downloads\XWord Rätsel (1).svg
2015-08-16 20:52 - 2015-08-16 20:52 - 00037376 _____ C:\Users\Verena\Downloads\XWord.svg
2015-08-13 18:20 - 2015-07-20 20:12 - 00012288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wu.upgrade.ps.dll
2015-08-13 18:20 - 2015-07-16 22:12 - 00968704 _____ (Microsoft Corporation) C:\WINDOWS\system32\MsSpellCheckingFacility.exe
2015-08-13 18:20 - 2015-07-16 21:33 - 01359360 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmlmedia.dll
2015-08-13 18:20 - 2015-07-16 21:05 - 01155072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmlmedia.dll
==================== Ein Monat: Geänderte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2015-09-12 22:11 - 2015-06-19 09:45 - 00001228 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-1577607291-3742472165-1464039351-1001UA.job
2015-09-12 22:01 - 2012-08-27 21:13 - 00000884 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2015-09-12 21:57 - 2013-11-05 17:20 - 00000000 ____D C:\Users\Verena\Documents\Outlook-Dateien
2015-09-12 21:56 - 2015-07-10 14:22 - 00000275 _____ C:\WINDOWS\WindowsUpdate.log
2015-09-12 21:48 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\system32\sru
2015-09-12 20:57 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\AppReadiness
2015-09-11 15:41 - 2014-01-26 17:00 - 00003612 _____ C:\WINDOWS\System32\Tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-1577607291-3742472165-1464039351-1001
2015-09-11 15:41 - 2014-01-26 17:00 - 00003552 _____ C:\WINDOWS\System32\Tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-1577607291-3742472165-1464039351-1001
2015-09-11 15:40 - 2014-11-02 18:04 - 00000000 ___RD C:\Users\Verena\Dropbox
2015-09-11 15:40 - 2014-11-02 18:02 - 00000000 ____D C:\Users\Verena\AppData\Roaming\Dropbox
2015-09-11 15:39 - 2012-04-15 12:24 - 00000603 _____ C:\WINDOWS\Brownie.ini
2015-09-11 15:37 - 2012-05-07 18:32 - 00001106 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2015-09-11 15:33 - 2015-07-10 14:21 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2015-09-11 15:27 - 2015-07-10 11:05 - 00262144 ___SH C:\WINDOWS\system32\config\BBI
2015-09-10 23:54 - 2012-04-15 12:54 - 00000000 ____D C:\ProgramData\Microsoft Help
2015-09-10 23:52 - 2015-07-10 12:55 - 00000000 ____D C:\WINDOWS\CbsTemp
2015-09-10 23:43 - 2009-07-14 04:34 - 00000510 _____ C:\WINDOWS\win.ini
2015-09-10 23:14 - 2013-08-01 14:25 - 00000000 ____D C:\WINDOWS\system32\MRT
2015-09-10 22:18 - 2015-07-10 14:20 - 00019310 _____ C:\WINDOWS\setupact.log
2015-09-09 20:59 - 2014-12-18 22:28 - 00113880 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2015-09-09 20:45 - 2015-07-10 13:04 - 00000000 ____D C:\Program Files\Common Files\System
2015-09-09 08:38 - 2014-03-03 11:20 - 528220818 _____ C:\WINDOWS\MEMORY.DMP
2015-09-08 22:41 - 2011-10-14 05:32 - 00000000 ____D C:\Program Files (x86)\Acer
2015-09-08 21:21 - 2014-12-18 22:28 - 00001179 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2015-09-08 21:21 - 2014-12-18 22:28 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware
2015-09-08 21:21 - 2014-12-18 22:28 - 00000000 ____D C:\Program Files (x86)\ Malwarebytes Anti-Malware
2015-09-08 20:53 - 2014-12-17 22:02 - 00001345 _____ C:\Users\Verena\Desktop\Revo Uninstaller.lnk
2015-09-08 20:53 - 2014-12-17 22:02 - 00000000 ____D C:\Program Files (x86)\VS Revo Group
2015-09-06 12:26 - 2015-07-10 18:34 - 00888476 _____ C:\WINDOWS\system32\perfh007.dat
2015-09-06 12:26 - 2015-07-10 18:34 - 00197074 _____ C:\WINDOWS\system32\perfc007.dat
2015-09-02 20:44 - 2015-02-13 21:59 - 00001045 _____ C:\WINDOWS\wininit.ini
2015-09-02 19:58 - 2012-04-13 16:58 - 00000000 ____D C:\Users\Verena\AppData\Local\VirtualStore
2015-09-02 19:41 - 2011-10-14 05:15 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2015-09-02 19:40 - 2011-12-02 12:10 - 00001024 ___RH C:\Users\Public\Documents\NTIMMV9Acer.dll
2015-09-02 19:40 - 2011-10-14 05:50 - 00000000 ____D C:\Program Files (x86)\NTI
2015-09-02 19:36 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\system32\restore
2015-09-02 18:03 - 2015-07-15 10:33 - 00000000 ____D C:\Users\Verena\Documents\Deutschkurs
2015-09-02 17:11 - 2015-06-19 09:45 - 00001176 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-1577607291-3742472165-1464039351-1001Core.job
2015-09-02 11:14 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\appcompat
2015-09-01 15:34 - 2015-07-10 14:20 - 00424008 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2015-09-01 11:09 - 2011-10-14 05:55 - 00428216 _____ (ELAN Microelectronics Corp.) C:\WINDOWS\system32\Drivers\ETD.sys
2015-09-01 11:06 - 2015-07-10 13:04 - 00000000 ___RD C:\WINDOWS\PurchaseDialog
2015-09-01 11:06 - 2015-07-10 13:04 - 00000000 ___RD C:\WINDOWS\PrintDialog
2015-09-01 11:06 - 2015-07-10 13:04 - 00000000 ___RD C:\WINDOWS\MiracastView
2015-09-01 11:05 - 2015-07-10 13:04 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2015-09-01 10:30 - 2015-07-10 13:04 - 00028672 _____ C:\WINDOWS\system32\config\BCD-Template
2015-09-01 10:27 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\SysWOW64\oobe
2015-09-01 10:27 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2015-09-01 10:27 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\system32\appraiser
2015-09-01 10:27 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\Provisioning
2015-09-01 10:27 - 2015-07-10 11:05 - 00000000 ____D C:\WINDOWS\SysWOW64\Dism
2015-09-01 10:27 - 2015-07-10 11:05 - 00000000 ____D C:\WINDOWS\system32\Dism
2015-09-01 10:21 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\SysWOW64\MUI
2015-09-01 10:21 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\SysWOW64\inetsrv
2015-09-01 10:21 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\system32\MUI
2015-09-01 10:21 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\system32\inetsrv
2015-09-01 10:21 - 2015-07-10 13:01 - 00635904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqsnap.dll
2015-09-01 10:21 - 2015-07-10 13:01 - 00265728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqoa.dll
2015-09-01 10:21 - 2015-07-10 13:01 - 00168960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iisRtl.dll
2015-09-01 10:21 - 2015-07-10 13:01 - 00096768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqoa.tlb
2015-09-01 10:21 - 2015-07-10 13:01 - 00091136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqoa30.tlb
2015-09-01 10:21 - 2015-07-10 13:01 - 00055808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqoa20.tlb
2015-09-01 10:21 - 2015-07-10 13:01 - 00050688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\admwprox.dll
2015-09-01 10:21 - 2015-07-10 13:01 - 00037376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqoa10.tlb
2015-09-01 10:21 - 2015-07-10 13:01 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ahadmin.dll
2015-09-01 10:21 - 2015-07-10 13:01 - 00016896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iisreset.exe
2015-09-01 10:21 - 2015-07-10 13:01 - 00014848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqcertui.dll
2015-09-01 10:21 - 2015-07-10 13:01 - 00011264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wamregps.dll
2015-09-01 10:21 - 2015-07-10 13:01 - 00010240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iisrstap.dll
2015-09-01 10:21 - 2015-07-10 13:01 - 00009096 _____ C:\WINDOWS\SysWOW64\msmqtrc.mof
2015-09-01 10:21 - 2015-07-10 13:00 - 00229888 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqrt.dll
2015-09-01 10:21 - 2015-07-10 13:00 - 00202240 _____ (Microsoft Corporation) C:\WINDOWS\system32\iisRtl.dll
2015-09-01 10:21 - 2015-07-10 13:00 - 00175104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mqac.sys
2015-09-01 10:21 - 2015-07-10 13:00 - 00055808 _____ (Microsoft Corporation) C:\WINDOWS\system32\admwprox.dll
2015-09-01 10:21 - 2015-07-10 13:00 - 00053248 _____ (Microsoft Corporation) C:\WINDOWS\system32\ahadmin.dll
2015-09-01 10:21 - 2015-07-10 13:00 - 00018432 _____ (Microsoft Corporation) C:\WINDOWS\system32\iisreset.exe
2015-09-01 10:21 - 2015-07-10 13:00 - 00015360 _____ (Microsoft Corporation) C:\WINDOWS\system32\wamregps.dll
2015-09-01 10:21 - 2015-07-10 13:00 - 00013312 _____ (Microsoft Corporation) C:\WINDOWS\system32\iisrstap.dll
2015-09-01 10:20 - 2015-07-10 13:01 - 00562176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqutil.dll
2015-09-01 10:20 - 2015-07-10 13:01 - 00161792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqrt.dll
2015-09-01 10:20 - 2015-07-10 13:00 - 01417728 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqqm.dll
2015-09-01 10:20 - 2015-07-10 13:00 - 00813056 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqsnap.dll
2015-09-01 10:20 - 2015-07-10 13:00 - 00564224 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqutil.dll
2015-09-01 10:20 - 2015-07-10 13:00 - 00316928 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqoa.dll
2015-09-01 10:20 - 2015-07-10 13:00 - 00130048 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqlogmgr.dll
2015-09-01 10:20 - 2015-07-10 13:00 - 00096768 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqoa.tlb
2015-09-01 10:20 - 2015-07-10 13:00 - 00091136 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqoa30.tlb
2015-09-01 10:20 - 2015-07-10 13:00 - 00055808 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqoa20.tlb
2015-09-01 10:20 - 2015-07-10 13:00 - 00052736 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqbkup.exe
2015-09-01 10:20 - 2015-07-10 13:00 - 00037376 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqoa10.tlb
2015-09-01 10:20 - 2015-07-10 13:00 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqsvc.exe
2015-09-01 10:20 - 2015-07-10 13:00 - 00018944 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqcertui.dll
2015-09-01 10:20 - 2015-07-10 13:00 - 00009096 _____ C:\WINDOWS\system32\msmqtrc.mof
2015-09-01 10:17 - 2012-12-24 09:56 - 00000454 ____H C:\WINDOWS\Tasks\Norton Security Scan for Verena.job
2015-09-01 10:10 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\rescache
2015-09-01 10:07 - 2015-07-10 13:04 - 00000000 ____D C:\Program Files\Windows NT
2015-09-01 10:07 - 2015-07-10 11:05 - 00000000 __RHD C:\Users\Default
2015-09-01 10:05 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\Registration
2015-09-01 10:05 - 2015-06-19 09:45 - 00004310 _____ C:\WINDOWS\System32\Tasks\DropboxUpdateTaskUserS-1-5-21-1577607291-3742472165-1464039351-1001UA
2015-09-01 10:05 - 2015-06-19 09:45 - 00003914 _____ C:\WINDOWS\System32\Tasks\DropboxUpdateTaskUserS-1-5-21-1577607291-3742472165-1464039351-1001Core
2015-09-01 10:05 - 2015-01-07 09:37 - 00003996 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task
2015-09-01 10:05 - 2014-05-09 09:58 - 00003528 _____ C:\WINDOWS\System32\Tasks\{65C1EE69-71E9-4DD4-927C-D14FC54A6C7D}
2015-09-01 10:05 - 2014-01-18 18:32 - 00003538 _____ C:\WINDOWS\System32\Tasks\RealDownloaderDownloaderScheduledTaskS-1-5-21-1577607291-3742472165-1464039351-1001
2015-09-01 10:05 - 2013-10-13 16:18 - 00003278 _____ C:\WINDOWS\System32\Tasks\{CADFF3D7-DB59-4FA7-804F-68027FE700EA}
2015-09-01 10:05 - 2012-12-24 09:56 - 00003726 _____ C:\WINDOWS\System32\Tasks\Norton Security Scan for Verena
2015-09-01 10:05 - 2012-12-16 15:04 - 00003496 _____ C:\WINDOWS\System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-1577607291-3742472165-1464039351-1001
2015-09-01 10:05 - 2012-12-16 15:04 - 00003364 _____ C:\WINDOWS\System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-1577607291-3742472165-1464039351-1001
2015-09-01 10:05 - 2012-08-27 21:13 - 00003932 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2015-09-01 10:05 - 2012-07-23 09:07 - 00003650 _____ C:\WINDOWS\System32\Tasks\CreateChoiceProcessTask
2015-09-01 10:05 - 2012-05-07 18:33 - 00003496 _____ C:\WINDOWS\System32\Tasks\RealUpgradeScheduledTaskS-1-5-21-1577607291-3742472165-1464039351-1001
2015-09-01 10:05 - 2012-05-07 18:33 - 00003364 _____ C:\WINDOWS\System32\Tasks\RealUpgradeLogonTaskS-1-5-21-1577607291-3742472165-1464039351-1001
2015-09-01 10:05 - 2012-05-07 18:32 - 00004216 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2015-09-01 10:05 - 2012-05-07 18:32 - 00003964 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2015-09-01 10:04 - 2015-07-10 13:04 - 00000000 __RSD C:\WINDOWS\Media
2015-09-01 10:04 - 2015-07-10 13:04 - 00000000 __RHD C:\Users\Public\Libraries
2015-09-01 10:00 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\system32\spool
2015-09-01 09:52 - 2015-07-10 18:46 - 00000000 ____D C:\WINDOWS\ShellNew
2015-09-01 09:52 - 2015-07-10 13:04 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
2015-09-01 09:52 - 2015-05-15 12:42 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XMind
2015-09-01 09:52 - 2015-04-27 22:55 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Citavi 5
2015-09-01 09:52 - 2015-04-26 15:41 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NCH Software Produktpalette
2015-09-01 09:52 - 2015-04-26 15:41 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Audioverwandte Programme
2015-09-01 09:52 - 2014-11-30 16:26 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MuseScore
2015-09-01 09:52 - 2014-11-30 16:21 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PriMusFree
2015-09-01 09:52 - 2014-11-30 14:38 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\capella-software
2015-09-01 09:52 - 2014-04-06 19:23 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Freemake
2015-09-01 09:52 - 2014-01-23 21:52 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Defraggler
2015-09-01 09:52 - 2013-12-13 21:00 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth
2015-09-01 09:52 - 2013-03-20 14:09 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2015-09-01 09:52 - 2012-12-16 15:02 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RealNetworks
2015-09-01 09:52 - 2012-10-13 21:00 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FRITZ!Box
2015-09-01 09:52 - 2012-09-06 09:23 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ALDI Bestellsoftware
2015-09-01 09:52 - 2012-07-24 22:10 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-09-01 09:52 - 2012-07-05 18:01 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Picasa 3
2015-09-01 09:52 - 2012-05-07 18:28 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft
2015-09-01 09:52 - 2012-04-15 12:57 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SharePoint
2015-09-01 09:52 - 2012-04-15 12:57 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
2015-09-01 09:52 - 2012-04-13 16:58 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Family Protection
2015-09-01 09:52 - 2011-12-02 12:09 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EgisTec
2015-09-01 09:52 - 2011-12-02 12:02 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dolby
2015-09-01 09:52 - 2011-12-02 11:49 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AcerSystem
2015-09-01 09:52 - 2011-10-14 05:50 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acer Backup Manager
2015-09-01 09:52 - 2011-10-14 05:42 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live
2015-09-01 09:52 - 2011-10-14 05:42 - 00000000 ____D C:\WINDOWS\tr
2015-09-01 09:52 - 2011-10-14 05:42 - 00000000 ____D C:\WINDOWS\th
2015-09-01 09:52 - 2011-10-14 05:42 - 00000000 ____D C:\WINDOWS\sv
2015-09-01 09:52 - 2011-10-14 05:42 - 00000000 ____D C:\WINDOWS\sl
2015-09-01 09:52 - 2011-10-14 05:42 - 00000000 ____D C:\WINDOWS\sk
2015-09-01 09:52 - 2011-10-14 05:42 - 00000000 ____D C:\WINDOWS\ca
2015-09-01 09:52 - 2011-10-14 05:41 - 00000000 ____D C:\WINDOWS\ru
2015-09-01 09:52 - 2011-10-14 05:41 - 00000000 ____D C:\WINDOWS\ro
2015-09-01 09:52 - 2011-10-14 05:41 - 00000000 ____D C:\WINDOWS\pl
2015-09-01 09:52 - 2011-10-14 05:41 - 00000000 ____D C:\WINDOWS\no
2015-09-01 09:52 - 2011-10-14 05:41 - 00000000 ____D C:\WINDOWS\nl
2015-09-01 09:52 - 2011-10-14 05:41 - 00000000 ____D C:\WINDOWS\it
2015-09-01 09:52 - 2011-10-14 05:41 - 00000000 ____D C:\WINDOWS\hu
2015-09-01 09:52 - 2011-10-14 05:41 - 00000000 ____D C:\WINDOWS\hr
2015-09-01 09:52 - 2011-10-14 05:41 - 00000000 ____D C:\WINDOWS\he
2015-09-01 09:52 - 2011-10-14 05:41 - 00000000 ____D C:\WINDOWS\fr
2015-09-01 09:52 - 2011-10-14 05:41 - 00000000 ____D C:\WINDOWS\fi
2015-09-01 09:52 - 2011-10-14 05:41 - 00000000 ____D C:\WINDOWS\es
2015-09-01 09:52 - 2011-10-14 05:41 - 00000000 ____D C:\WINDOWS\en
2015-09-01 09:52 - 2011-10-14 05:41 - 00000000 ____D C:\WINDOWS\el
2015-09-01 09:52 - 2011-10-14 05:41 - 00000000 ____D C:\WINDOWS\de
2015-09-01 09:52 - 2011-10-14 05:41 - 00000000 ____D C:\WINDOWS\da
2015-09-01 09:52 - 2011-10-14 05:40 - 00000000 ____D C:\WINDOWS\cs
2015-09-01 09:52 - 2011-10-14 05:40 - 00000000 ____D C:\WINDOWS\bg
2015-09-01 09:52 - 2011-10-14 05:40 - 00000000 ____D C:\WINDOWS\ar
2015-09-01 09:52 - 2011-10-14 05:32 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acer
2015-09-01 09:52 - 2011-10-14 05:16 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel
2015-09-01 09:52 - 2009-07-14 07:32 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2015-09-01 09:51 - 2015-07-10 11:05 - 00032768 ___SH C:\WINDOWS\system32\config\ELAM
2015-09-01 09:51 - 2014-01-10 23:44 - 00000000 ____D C:\Users\Verena\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google+ Auto Backup
2015-09-01 09:51 - 2013-05-30 22:44 - 00000000 ____D C:\Users\Verena\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ahnenblatt
2015-09-01 09:51 - 2013-01-15 21:46 - 00000000 ____D C:\Users\Verena\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\The KMPlayer
2015-09-01 09:51 - 2012-10-22 13:09 - 00000000 ____D C:\Users\Verena\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
2015-09-01 09:50 - 2015-07-10 13:05 - 00004362 _____ C:\WINDOWS\DtcInstall.log
2015-09-01 09:50 - 2015-07-10 13:04 - 00000000 ___RD C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-09-01 09:50 - 2015-07-10 13:04 - 00000000 ___RD C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-09-01 09:50 - 2009-07-14 05:20 - 00000000 ____D C:\Users\Default.migrated
2015-09-01 09:47 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\SysWOW64\zh-HK
2015-09-01 09:47 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\SysWOW64\tr-TR
2015-09-01 09:46 - 2015-07-10 18:34 - 00000000 ____D C:\WINDOWS\SysWOW64\sysprep
2015-09-01 09:46 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\SysWOW64\migwiz
2015-09-01 09:46 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\SysWOW64\Macromed
2015-09-01 09:46 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\SysWOW64\IME
2015-09-01 09:46 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\system32\zh-HK
2015-09-01 09:46 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2015-09-01 09:46 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\system32\tr-TR
2015-09-01 09:46 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\system32\oobe
2015-09-01 09:46 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\system32\NDF
2015-09-01 09:46 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\system32\IME
2015-09-01 09:46 - 2012-11-27 20:23 - 00000000 ____D C:\WINDOWS\SysWOW64\Adobe
2015-09-01 09:45 - 2015-07-10 15:19 - 00000000 ____D C:\WINDOWS\DigitalLocker
2015-09-01 09:45 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\schemas
2015-09-01 09:45 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\LiveKernelReports
2015-09-01 09:45 - 2010-11-21 09:16 - 00000000 ___RD C:\Users\Public\Recorded TV
2015-09-01 09:44 - 2015-07-10 13:04 - 00000000 __SHD C:\Program Files\Windows Sidebar
2015-09-01 09:44 - 2015-07-10 13:04 - 00000000 __SHD C:\Program Files (x86)\Windows Sidebar
2015-09-01 09:44 - 2015-07-10 13:04 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2015-09-01 09:44 - 2014-12-17 21:04 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2015-09-01 09:44 - 2014-10-11 23:36 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AnyMP4
2015-09-01 09:44 - 2014-08-25 17:19 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cisco
2015-09-01 09:44 - 2013-01-24 20:39 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EA GAMES
2015-09-01 09:44 - 2012-11-18 20:01 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Citavi 3
2015-09-01 09:44 - 2012-10-22 12:56 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Infogrames
2015-09-01 09:44 - 2012-04-15 12:35 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\I.R.I.S. Anwendungen
2015-09-01 09:44 - 2012-04-15 12:31 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung Printers
2015-09-01 09:44 - 2012-04-15 12:24 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Brother
2015-09-01 09:44 - 2011-10-14 05:31 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Evernote
2015-09-01 09:44 - 2009-07-14 07:32 - 00000000 ____D C:\Program Files\Microsoft Games
2015-09-01 09:44 - 2009-07-14 07:32 - 00000000 ____D C:\Program Files\DVD Maker
2015-09-01 09:43 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\system32\Recovery
2015-09-01 09:42 - 2014-04-06 19:23 - 00000000 ____D C:\Users\Verena\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Freemake
2015-09-01 09:39 - 2015-07-10 11:05 - 00000000 ____D C:\WINDOWS\system32\Sysprep
2015-09-01 09:37 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\Help
2015-09-01 09:11 - 2011-12-02 11:47 - 01185518 _____ C:\WINDOWS\WindowsUpdate (1).log
2015-09-01 09:11 - 2009-07-14 06:45 - 00024400 ____H C:\WINDOWS\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-09-01 09:11 - 2009-07-14 06:45 - 00024400 ____H C:\WINDOWS\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-09-01 09:01 - 2015-07-10 19:28 - 00000000 ___HD C:\$Windows.~BT
2015-08-28 09:23 - 2012-04-15 12:24 - 00000432 _____ C:\WINDOWS\BRWMARK.INI
2015-08-27 16:08 - 2012-05-07 18:32 - 00001110 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2015-08-26 18:37 - 2012-08-03 09:45 - 134753440 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2015-08-24 10:51 - 2015-04-27 22:57 - 00000000 ____D C:\Users\Verena\Documents\Citavi 5
2015-08-18 10:46 - 2012-12-24 09:56 - 00000000 ____D C:\ProgramData\Norton
2015-08-16 11:32 - 2009-07-14 07:09 - 00000000 ____D C:\WINDOWS\System32\Tasks\WPD
2015-08-16 11:27 - 2013-03-20 14:07 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2015-08-16 11:27 - 2013-03-20 14:07 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======
2015-04-14 18:28 - 2015-04-14 18:28 - 0004387 _____ () C:\Users\Verena\AppData\Roaming\b6TtfCU4fgZ9RE6NnSqEJ1
2015-04-19 14:20 - 2015-04-19 14:20 - 0005872 _____ () C:\Users\Verena\AppData\Roaming\HztSu0wh4JrtyLfcXxrV
2015-04-14 18:28 - 2015-04-14 18:28 - 0004387 _____ () C:\Users\Verena\AppData\Roaming\hZXISqFX
2015-04-19 14:20 - 2015-04-19 14:20 - 0005872 _____ () C:\Users\Verena\AppData\Roaming\IyEFViIqK8st2WX35
2015-04-19 14:20 - 2015-04-19 14:20 - 0005872 _____ () C:\Users\Verena\AppData\Roaming\lI6qhaY
2012-04-15 12:36 - 2012-04-15 12:36 - 0011837 _____ () C:\Users\Verena\AppData\Roaming\SmarThruOptions.xml
2014-01-20 12:34 - 2014-01-24 02:32 - 0000178 _____ () C:\Users\Verena\AppData\Roaming\WB.CFG
2014-01-20 12:34 - 2014-01-24 02:32 - 0000005 _____ () C:\Users\Verena\AppData\Roaming\WBPU-TTL.DAT
2013-07-05 17:40 - 2013-07-05 17:40 - 0008704 _____ () C:\Users\Verena\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-02-25 14:49 - 2015-04-19 10:48 - 0004096 ____H () C:\Users\Verena\AppData\Local\keyfile3.drm
2014-05-30 17:57 - 2014-05-30 17:57 - 0000000 _____ () C:\Users\Verena\AppData\Local\{54D355D5-865D-4B3D-83C0-DE7941F04EAD}
2015-03-10 15:59 - 2015-03-10 15:59 - 0000000 _____ () C:\Users\Verena\AppData\Local\{6237EEC7-5F06-48E9-A7FC-52B62BAF932A}
2015-03-26 12:24 - 2015-03-26 12:24 - 0000000 _____ () C:\Users\Verena\AppData\Local\{6C2D1742-245D-4886-BE82-50CCBD5F2F7C}
2011-12-02 12:14 - 2011-12-02 12:16 - 0015230 _____ () C:\ProgramData\ArcadeDeluxe5.log
2015-09-01 09:36 - 2015-09-01 09:36 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2013-12-27 21:46 - 2013-12-27 21:46 - 0000032 _____ () C:\ProgramData\PS.log
2013-09-26 23:11 - 2013-09-26 23:11 - 3855413 _____ () C:\ProgramData\SamPCFax00001FF80002
2013-09-26 23:11 - 2013-09-26 23:11 - 0000004 _____ () C:\ProgramData\SamPCFax00001FF80003
2013-09-26 23:11 - 2013-09-26 23:11 - 0000064 _____ () C:\ProgramData\SamPCFax000021C40001
2013-10-11 12:27 - 2013-10-11 12:27 - 0000032 _____ () C:\ProgramData\Temp.log
Einige Dateien in TEMP:
====================
C:\Users\Verena\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpe_q9wm.dll
C:\Users\Verena\AppData\Local\Temp\FBS566.exe
C:\Users\Verena\AppData\Local\Temp\FBSA93E.exe
C:\Users\Verena\AppData\Local\Temp\sqlite3.dll
C:\Users\Verena\AppData\Local\Temp\Uninstall.exe
C:\Users\Verena\AppData\Local\Temp\UninstallModule.exe
==================== Bamital & volsnap =================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert
LastRegBack: 2015-09-01 09:31
==================== Ende von FRST.txt ============================
|
|
13.09.2015, 09:39
| #13 |
| /// the machine /// TB-Ausbilder | Reimage Repair Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster. Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument Code:
ATTFilter C:\$RECYCLE.BIN
Emptytemp:
Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
Cleanup: (Die Reihenfolge ist hier entscheidend) Falls Defogger verwendet wurde: Erneut starten und auf Re-enable klicken. Falls Combofix verwendet wurde:  Combofix deinstallieren .
Alle Logs gepostet? Dann lade Dir bitte  DelFix herunter.
Hinweis: DelFix entfernt u.a. alle verwendeten Programme, die Quarantäne unserer Scanner, den Java-Cache und löscht sich abschließend selbst. Starte Deinen Rechner abschließend neu. Sollten jetzt noch Programme aus unserer Bereinigung übrig sein, kannst Du diese bedenkenlos löschen. Wenn Du möchtest, kannst Du hier sagen, ob Du mit mir und meiner Hilfe zufrieden warst...  und/oder das Forum mit einer kleinen Spende  unterstützen.   Absicherung:Beim Betriebsystem Windows die automatischen Updates aktivieren. Auch die sicherheitsrelevante Software sollte immer nur in der aktuellsten Version vorliegen: Browser Java Flash-Player PDF-Reader Sicherheitslücken in deren alten Versionen werden dazu ausgenutzt, um beim einfachen Besuch einer manipulierten Website per "Drive-by" Malware zu installieren. Ich empfehle z.B. die Verwendung von Mozilla Firefox statt des Internet Explorers. Zudem lassen sich mit dem Firefox auch PDF-Dokumente öffnen. Aktiviere eine Firewall. Die in Windows integrierte genügt im Normalfall völlig. Verwende ein Antivirusprogramm mit Echtzeitscanner und stets aktueller Signaturendatenbank. Meine Empfehlung:  Emsisoft Zusätzlich kannst Du Deinen PC regelmäßig mit Malwarebytes Anti-Malware und ESET scannen. Optional:  NoScript verhindert das Ausführen von aktiven Inhalten (Java, JavaScript, Flash,...) für sämtliche Websites. Man kann aber nach dem Prinzip einer Whitelist festlegen, auf welchen Seiten Scripts erlaubt werden sollen. Malwarebytes Anti Exploit: Schützt die Anwendungen des Computers vor der Ausnutzung bekannter Schwachstellen.Lade Software von einem sauberen Portal wie  .Wähle beim Installieren von Software immer die benutzerdefinierte Option und entferne den Haken bei allen optional angebotenen Toolbars oder sonstigen, fürs Programm, irrelevanten Ergänzungen. Um Adware wieder los zu werden, empfiehlt sich zunächst die Deinstallation sowie die anschließende Resteentfernung mit Adwarecleaner . Abschließend noch ein paar grundsätzliche Bemerkungen: Ändere regelmäßig Deine wichtigen Online-Passwörter und erstelle regelmäßig Backups Deiner wichtigen Dateien oder des Systems. Der Nutzen von Registry-Cleanern, Optimizern usw. zur Performancesteigerung ist umstritten. Ich empfehle deshalb, die Finger von der Registry zu lassen und lieber die windowseigene Datenträgerbereinigung zu verwenden.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
15.09.2015, 14:49
| #14 |
| | Reimage Repair Hallo! Fixlog: Code:
ATTFilter Entferungsergebnis von Farbar Recovery Scan Tool (x64) Version:14-09-2015
durchgeführt von Verena (2015-09-15 15:23:02) Run:1
Gestartet von C:\FRST
Geladene Profile: UpdatusUser & Verena (Verfügbare Profile: UpdatusUser & Verena)
Start-Modus: Normal
==============================================
fixlist Inhalt:
*****************
C:\$RECYCLE.BIN
Emptytemp:
*****************
C:\$RECYCLE.BIN => erfolgreich verschoben
EmptyTemp: => 397.9 MB temporäre Dateien entfernt.
Das System musste neu gestartet werden..
==== Ende von Fixlog 15:24:33 ====
Code:
ATTFilter # DelFix v1.011 - Datei am 15/09/2015 um 15:46:00 erstellt
# Aktualisiert am 18/08/2015 von Xplode
# Benutzer : Verena - VERENA-PC
# Betriebssystem : Windows 10 Home (64 bits)
~ Aktiviere die Benutzerkontensteuerung ... OK
~ Entferne die Bereinigungsprogramme ...
Gelöscht : C:\Combofix
Gelöscht : C:\FRST
Gelöscht : C:\AdwCleaner
Gelöscht : C:\Users\Verena\Desktop\JRT.exe
Gelöscht : C:\Users\Verena\Desktop\JRT.txt
Gelöscht : C:\Users\Verena\Downloads\SecurityCheck.exe
Gelöscht : C:\WINDOWS\NIRCMD.exe
Gelöscht : HKLM\SOFTWARE\AdwCleaner
~ Erstelle ein Backup der Registrierungsdatenbank ... OK
~ Lösche die Wiederherstellungspunkte ...
Gelöscht : RP #1 [Configured NTI Media Maker 9 | 09/02/2015 17:36:07]
Gelöscht : RP #2 [Windows Modules Installer | 09/08/2015 18:47:49]
Gelöscht : RP #3 [JRT Pre-Junkware Removal | 09/09/2015 18:57:42]
Gelöscht : RP #4 [Entfernt RollerCoaster Tycoon 2: Time Twister | 09/12/2015 20:37:07]
Ein neuer Wiederherstellungspunkt wurde erstellt !
~ Stelle die Systemeinstellungen wieder her ... OK
########## - EOF - ##########
|
|
16.09.2015, 06:18
| #15 |
| /// the machine /// TB-Ausbilder | Reimage Repair Gern Geschehen
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
| Themen zu Reimage Repair |
| access, browser, cross, deinstalliere, deinstallieren, desktop, gehören, hallo zusammen, hoffe, installier, installiert, liebe, lieben, nicht mehr, programme, reimage, reimage repair, remote, search, system, vuupc, wissen, zusammen, öffnet |
dann auf 
und dann auf 
. 
+ R Taste und schreibe Combofix /Uninstall in das 
Linear-Darstellung
