| |
| |||||||
Log-Analyse und Auswertung: Versende Spammails , Telekomaccount wird verändertWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
01.11.2015, 09:39
| #1 |
 |  Versende Spammails , Telekomaccount wird verändert Ich versende Spammails über mein Telekomaccount, auch ein Passwortwechsel brachte keine Lösung. Diese Daten werden im Account geändert : Emailanzeige Da stehen dann nicht mehr meine Angaben sondern Fakenamen Absendername Anastasia Lonely Absendername ändern Antwortadresse helenaranich@gmail.com Antwortadresse ändern Identisches Problem wie Thread: http://www.trojaner-board.de/171489-...-erhalten.html Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:31-10-2015
durchgeführt von Sabine (Administrator) auf BINE-PC (01-11-2015 07:41:39)
Gestartet von D:\Downloads
Geladene Profile: Sabine & (Verfügbare Profile: UpdatusUser & Sabine & NeroMediaHomeUser.4 & Dominik & Administrator & DefaultAppPool)
Platform: Windows 10 Home Insider Preview (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Emsisoft Ltd) C:\Program Files (x86)\Emsisoft Anti-Malware\a2service.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Nero AG) C:\Program Files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe
(devolo AG) C:\Program Files (x86)\devolo\dlan\devolonetsvc.exe
(Microsoft Corporation) C:\Windows\System32\mqsvc.exe
() C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
(VIA Technologies, Inc.) C:\Windows\System32\ViakaraokeSrv.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
() C:\Program Files (x86)\HTC\HTC Sync Manager\HTC Sync\adb.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
() C:\Program Files\WindowsApps\Microsoft.Messaging_1.10.28004.0_x86__8wekyb3d8bbwe\SkypeHost.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCui.exe
(A.Baumann IMU-BerliNet) C:\Program Files (x86)\Z-Cron\z-cron.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\ControlCenter4\BrCtrlCntr.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\Browny02\BrYNSvc.exe
(Renesas Electronics Corporation) C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\rusb3mon.exe
() C:\Windows\tsnpstd3.exe
() C:\Windows\FixCamera.exe
(NEC Electronics Corporation) C:\Program Files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
(Geek Software GmbH) C:\Program Files (x86)\PDF24\pdf24.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\ControlCenter4\BrCcUxSys.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(Emsisoft Ltd) C:\Program Files (x86)\Emsisoft Anti-Malware\a2guard.exe
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_2015.10.13.0_x64__8wekyb3d8bbwe\WinStore.Mobile.exe
(Microsoft Corporation) C:\Windows\System32\InstallAgent.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXE
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation) C:\Windows\splwow64.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\root\Office16\WINWORD.EXE
(Malwarebytes Corp.) D:\Downloads\mbar-1.09.3.1001.exe
(Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe
(Malwarebytes) C:\Users\Sabine\Desktop\mbar\mbar.exe
(Microsoft Corporation) C:\Windows\SysWOW64\SearchProtocolHost.exe
(Farbar) D:\Downloads\FRST64(1).exe
==================== Registry (Nicht auf der Ausnahmeliste) ===========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [WindowsDefender] => C:\Program Files\Windows Defender\MSASCui.exe [1333248 2015-10-20] (Microsoft Corporation)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [1797064 2014-03-20] (NVIDIA Corporation)
HKLM\...\Run: [Acronis Scheduler2 Service] => C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe [571192 2014-08-14] (Acronis)
HKLM\...\Run: [Windows Mobile Device Center] => C:\Windows\WindowsMobile\wmdc.exe [660360 2007-05-31] (Microsoft Corporation)
HKLM-x32\...\Run: [amd_dc_opt] => C:\Program Files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe [77824 2008-07-22] (AMD)
HKLM-x32\...\Run: [BrMfcWnd] => C:\Program Files (x86)\Brother\Brmfcmon\BRMFCWND.EXE [1159168 2009-05-26] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [ControlCenter4] => C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe [143360 2012-09-06] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [BrStsMon00] => C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe [3076096 2012-06-06] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [Nero MediaHome 4] => C:\Program Files (x86)\Nero\Nero MediaHome 4\NeroMediaHome.exe [5178664 2010-10-26] (Nero AG)
HKLM-x32\...\Run: [RUSB3MON] => C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\rusb3mon.exe [115048 2011-09-20] (Renesas Electronics Corporation)
HKLM-x32\...\Run: [tsnpstd3] => C:\WINDOWS\tsnpstd3.exe [356352 2009-07-08] ()
HKLM-x32\...\Run: [FixCamera] => C:\WINDOWS\FixCamera.exe [20480 2007-07-11] ()
HKLM-x32\...\Run: [snpstd3] => C:\WINDOWS\vsnpstd3.exe [835584 2007-05-10] ()
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1022152 2014-12-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [NUSB3MON] => C:\Program Files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [113296 2010-03-30] (NEC Electronics Corporation)
HKLM-x32\...\Run: [BlueStacks Agent] => C:\Program Files (x86)\BlueStacks\HD-Agent.exe
HKLM-x32\...\Run: [PDFPrint] => C:\Program Files (x86)\PDF24\pdf24.exe [217632 2015-07-21] (Geek Software GmbH)
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [36711472 2015-10-13] (Dropbox, Inc.)
HKLM-x32\...\Run: [emsisoft anti-malware] => c:\program files (x86)\emsisoft anti-malware\a2guard.exe [5836888 2015-09-30] (Emsisoft Ltd)
HKU\S-1-5-21-1505511330-1522540267-1352390042-1007-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [517632 2015-10-20] (Microsoft Corporation)
HKU\S-1-5-21-1505511330-1522540267-1352390042-1008\...\Run: [EADM] => C:\Program Files (x86)\Origin\Origin.exe [3632472 2015-06-29] (Electronic Arts)
HKU\S-1-5-21-1505511330-1522540267-1352390042-1008\...\Run: [Task- und Backup Scheduler] => C:\Program Files (x86)\Z-Cron\z-cron.exe [1081888 2014-10-28] (A.Baumann IMU-BerliNet)
HKU\S-1-5-21-1505511330-1522540267-1352390042-1008\...\Run: [EazyScheduler] => C:\Program Files (x86)\Eazy-Ware\ezSched.exe [980208 2013-04-20] (AJSystems.com Inc.)
HKU\S-1-5-21-1505511330-1522540267-1352390042-1008\...\Run: [Dropbox Update] => C:\Users\Sabine\AppData\Local\Dropbox\Update\DropboxUpdate.exe [134512 2015-06-17] (Dropbox, Inc.)
HKU\S-1-5-21-1505511330-1522540267-1352390042-1008\...\Run: [NETGEARGenie] => C:\Program Files (x86)\NETGEAR Genie\bin\NETGEARGenie.exe [602880 2015-06-02] (NETGEAR Inc.)
HKU\S-1-5-21-1505511330-1522540267-1352390042-1008\...\Policies\Explorer: [ NoStartMenuMFUprogramsList] 1
HKU\S-1-5-21-1505511330-1522540267-1352390042-1008-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [EADM] => C:\Program Files (x86)\Origin\Origin.exe [3632472 2015-06-29] (Electronic Arts)
HKU\S-1-5-21-1505511330-1522540267-1352390042-1008-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Task- und Backup Scheduler] => C:\Program Files (x86)\Z-Cron\z-cron.exe [1081888 2014-10-28] (A.Baumann IMU-BerliNet)
HKU\S-1-5-21-1505511330-1522540267-1352390042-1008-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [EazyScheduler] => C:\Program Files (x86)\Eazy-Ware\ezSched.exe [980208 2013-04-20] (AJSystems.com Inc.)
HKU\S-1-5-21-1505511330-1522540267-1352390042-1008-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Dropbox Update] => C:\Users\Sabine\AppData\Local\Dropbox\Update\DropboxUpdate.exe [134512 2015-06-17] (Dropbox, Inc.)
HKU\S-1-5-21-1505511330-1522540267-1352390042-1008-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [NETGEARGenie] => C:\Program Files (x86)\NETGEAR Genie\bin\NETGEARGenie.exe [602880 2015-06-02] (NETGEAR Inc.)
HKU\S-1-5-21-1505511330-1522540267-1352390042-1008-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Policies\Explorer: [ NoStartMenuMFUprogramsList] 1
HKU\S-1-5-21-1505511330-1522540267-1352390042-1011-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [517632 2015-10-20] (Microsoft Corporation)
HKU\S-1-5-21-1505511330-1522540267-1352390042-1017-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [517632 2015-10-20] (Microsoft Corporation)
HKU\S-1-5-21-1505511330-1522540267-1352390042-500-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [OscarEditor] => C:\Program Files (x86)\OSCAR Editor\OscarEditor.exe [2865152 2008-07-30] ()
HKU\S-1-5-21-1505511330-1522540267-1352390042-500-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [2892992 2015-06-04] (Valve Corporation)
HKU\S-1-5-21-1505511330-1522540267-1352390042-500-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [517632 2015-10-20] (Microsoft Corporation)
HKU\S-1-5-82-3006700770-424185619-1745488364-794895919-4004696415-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [517632 2015-10-20] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ 00BitrixShellExt] -> {A11A1EE5-F9F8-4BE0-907F-D74A49CC506B} => Keine Datei
ShellIconOverlayIdentifiers: [ 00BitrixShellExt_C] -> {A11A1EE5-F9F8-4BE0-907F-D74A49CC506E} => C:\Program Files (x86)\Bitrix24\64\BitrixShellExt.dll Keine Datei
ShellIconOverlayIdentifiers: [ 00BitrixShellExt_E] -> {A11A1EE5-F9F8-4BE0-907F-D74A49CC506D} => C:\Program Files (x86)\Bitrix24\64\BitrixShellExt.dll Keine Datei
ShellIconOverlayIdentifiers: [ 00BitrixShellExt_S] -> {A11A1EE5-F9F8-4BE0-907F-D74A49CC506C} => C:\Program Files (x86)\Bitrix24\64\BitrixShellExt.dll Keine Datei
ShellIconOverlayIdentifiers: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.28.dll [2015-10-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.28.dll [2015-10-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.28.dll [2015-10-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.28.dll [2015-10-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.28.dll [2015-10-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.28.dll [2015-10-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.28.dll [2015-10-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.28.dll [2015-10-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Users\Sabine\AppData\Local\Microsoft\SkyDrive\17.3.1229.0918_1\amd64\SkyDriveShell64.dll [2015-01-21] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => Keine Datei
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => Keine Datei
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Users\Sabine\AppData\Local\Microsoft\SkyDrive\17.3.1229.0918_1\amd64\SkyDriveShell64.dll [2015-01-21] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Users\Sabine\AppData\Local\Microsoft\SkyDrive\17.3.1229.0918_1\amd64\SkyDriveShell64.dll [2015-01-21] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [000_OMHOverlayError] -> {6985F9D3-5A54-4C41-BABF-812F79A2B673} => C:\Users\Sabine\AppData\Local\BASE Cloud\overlay\x64\OMHOverlay.dll [2015-07-29] (TODO: <Company name>)
ShellIconOverlayIdentifiers: [001_OMHOverlayProg] -> {809D24D6-A067-4C51-BF0F-0A60CA722182} => C:\Users\Sabine\AppData\Local\BASE Cloud\overlay\x64\OMHOverlay.dll [2015-07-29] (TODO: <Company name>)
ShellIconOverlayIdentifiers: [002_OMHOverlayIcon] -> {0D077A21-3DB2-4955-A3AB-D623C9270D9C} => C:\Users\Sabine\AppData\Local\BASE Cloud\overlay\x64\OMHOverlay.dll [2015-07-29] (TODO: <Company name>)
ShellIconOverlayIdentifiers: [003_OMHOverlayExcl] -> {37FC1C76-E238-4779-B2AC-68DCEA8253C5} => C:\Users\Sabine\AppData\Local\BASE Cloud\overlay\x64\OMHOverlay.dll [2015-07-29] (TODO: <Company name>)
ShellIconOverlayIdentifiers: [01Mediencenter_InSync] -> {77BC4082-DB5F-439A-8DC8-F9E24A63B0DE} => C:\Users\Sabine\AppData\Roaming\Telekom\MediencenterSync\DTAG.Mediencenter.IconOverlayHandler.dll [2014-06-12] (Deutsche Telekom AG)
ShellIconOverlayIdentifiers: [02Mediencenter_ToSync] -> {528EE335-5034-4EFC-834E-63E5F02D2BC2} => C:\Users\Sabine\AppData\Roaming\Telekom\MediencenterSync\DTAG.Mediencenter.IconOverlayHandler.dll [2014-06-12] (Deutsche Telekom AG)
ShellIconOverlayIdentifiers: [03Mediencenter_Failed] -> {6066ADF0-9EB0-43E5-ADB6-990F5A3B979C} => C:\Users\Sabine\AppData\Roaming\Telekom\MediencenterSync\DTAG.Mediencenter.IconOverlayHandler.dll [2014-06-12] (Deutsche Telekom AG)
ShellIconOverlayIdentifiers-x32: [ 00BitrixShellExt] -> {A11A1EE5-F9F8-4BE0-907F-D74A49CC506B} => Keine Datei
ShellIconOverlayIdentifiers-x32: [ 00BitrixShellExt_C] -> {A11A1EE5-F9F8-4BE0-907F-D74A49CC506E} => C:\Program Files (x86)\Bitrix24\32\BitrixShellExt.dll Keine Datei
ShellIconOverlayIdentifiers-x32: [ 00BitrixShellExt_E] -> {A11A1EE5-F9F8-4BE0-907F-D74A49CC506D} => C:\Program Files (x86)\Bitrix24\32\BitrixShellExt.dll Keine Datei
ShellIconOverlayIdentifiers-x32: [ 00BitrixShellExt_S] -> {A11A1EE5-F9F8-4BE0-907F-D74A49CC506C} => C:\Program Files (x86)\Bitrix24\32\BitrixShellExt.dll Keine Datei
ShellIconOverlayIdentifiers-x32: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-10-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-10-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-10-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-10-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-10-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-10-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-10-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-10-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => Keine Datei
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => Keine Datei
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => Keine Datei
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => Keine Datei
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => Keine Datei
ShellIconOverlayIdentifiers-x32: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => Keine Datei
ShellIconOverlayIdentifiers-x32: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => Keine Datei
ShellIconOverlayIdentifiers-x32: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => Keine Datei
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Dyn Updater.lnk [2014-10-15]
ShortcutTarget: Dyn Updater.lnk -> C:\Program Files (x86)\Dyn\Updater\dyn_updater.exe (Dyn)
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{18e4ae9b-0dfe-4057-9e64-35cd76117a89}: [DhcpNameServer] 192.168.2.1 192.168.2.1
Tcpip\..\Interfaces\{1f292503-77c0-4bc3-a086-550f699a3d70}: [DhcpNameServer] 192.168.2.1 192.168.2.1
Tcpip\..\Interfaces\{43ac5576-acf5-4381-83a2-15e57dd8ac75}: [DhcpNameServer] 192.168.2.1 192.168.2.1
Tcpip\..\Interfaces\{4edcebb6-5382-4b51-976e-33f7ef294563}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{6ec7f814-5ce6-4e88-9f0e-5e6b42d06e02}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{72980638-9B24-4FB7-B2CB-06B3DB9DCBB8}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{76096d5b-61da-4094-baee-33ebe90d34a9}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{7d10a7e4-b037-42fd-9e51-397318721c98}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{82ed05d8-96ce-4d1c-8baf-17f847238cfb}: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{bd9fd0ed-8eae-41c2-bf4e-bec95a10711e}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{bf801d8e-6530-4d50-b48d-25e9f58ae74d}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{d7566adb-a290-44cf-aa72-07b4f4b8d797}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{ea51a1f7-42d8-4fea-81ff-4cd478d65557}: [DhcpNameServer] 192.168.1.1
Internet Explorer:
==================
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-1505511330-1522540267-1352390042-1008\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-1505511330-1522540267-1352390042-1008-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-1505511330-1522540267-1352390042-500-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
HKU\S-1-5-21-1505511330-1522540267-1352390042-500-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.google.de/ie
SearchScopes: HKU\S-1-5-21-1505511330-1522540267-1352390042-1008 -> DefaultScope {8FF6198C-184C-437B-AA18-94C0F0381A96} URL = hxxps://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-1505511330-1522540267-1352390042-1008 -> {8FF6198C-184C-437B-AA18-94C0F0381A96} URL = hxxps://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-1505511330-1522540267-1352390042-1008-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> DefaultScope {8FF6198C-184C-437B-AA18-94C0F0381A96} URL = hxxps://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-1505511330-1522540267-1352390042-1008-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> {8FF6198C-184C-437B-AA18-94C0F0381A96} URL = hxxps://www.google.com/search?q={searchTerms}
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2015-10-30] (Microsoft Corporation)
BHO: LastPass Vault -> {95D9ECF5-2A4D-4550-BE49-70D42F71296E} -> C:\Program Files (x86)\LastPass\LPToolbar_x64.dll [2013-12-06] (LastPass)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\GROOVEEX.DLL [2015-10-30] (Microsoft Corporation)
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-09-23] (Adobe Systems Incorporated)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\ssv.dll [2015-04-20] (Oracle Corporation)
BHO-x32: LastPass Vault -> {95D9ECF5-2A4D-4550-BE49-70D42F71296E} -> C:\Program Files (x86)\LastPass\LPToolbar.dll [2013-12-06] (LastPass)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\jp2ssv.dll [2015-04-20] (Oracle Corporation)
Toolbar: HKLM - LastPass Toolbar - {9f6b5cc3-5c7b-4b5c-97af-19dec1e380e5} - C:\Program Files (x86)\LastPass\LPToolbar_x64.dll [2013-12-06] (LastPass)
Toolbar: HKLM-x32 - LastPass Toolbar - {9f6b5cc3-5c7b-4b5c-97af-19dec1e380e5} - C:\Program Files (x86)\LastPass\LPToolbar.dll [2013-12-06] (LastPass)
Toolbar: HKU\.DEFAULT -> Kein Name - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - Keine Datei
Toolbar: HKU\S-1-5-21-1505511330-1522540267-1352390042-1008 -> Kein Name - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - Keine Datei
Toolbar: HKU\S-1-5-21-1505511330-1522540267-1352390042-1008-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> Kein Name - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - Keine Datei
Toolbar: HKU\S-1-5-21-1505511330-1522540267-1352390042-500-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> Kein Name - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - Keine Datei
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2015-10-30] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2015-10-30] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2015-10-30] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2015-10-30] (Microsoft Corporation)
Handler: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\System32\tbauth.dll [2015-10-20] (Microsoft Corporation)
Handler-x32: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll [2015-10-20] (Microsoft Corporation)
FireFox:
========
FF ProfilePath: C:\Users\Sabine\AppData\Roaming\Mozilla\Firefox\Profiles\1zeoos5x.default-1351749639854
FF NewTab: file:///C:/Users/Sabine/Desktop/_Browserstart/index.html
FF DefaultSearchUrl:
FF Homepage: file:///C:/Users/Sabine/Desktop/_Browserstart/index.html
FF Session Restore: -> ist aktiviert.
FF NetworkProxy: "autoconfig_url", "data:text/javascript,function%20FindProxyForURL(url%2C%20host)%20%7Bif%20(shExpMatch(url%2C%20'http%3A%2F%2Fgrooveshark.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fretro.grooveshark.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fhtml5.grooveshark.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Flisten.grooveshark.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fwww.grooveshark.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fpreview.grooveshark.com*')%20%7C%7C%20url.indexOf('discoverymedia.com')%20!%3D%20-1%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fdsc.discovery.com%2F*')%20%7C%7C%20host%20%3D%3D%20's.hulu.com'%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fwww.last.fm*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fext.last.fm*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fwww.iheart.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fwww.crunchyroll.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fsongza.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fnew.songza.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fplay.spotify.com*')%20%7C%7C%20shExpMatch(url%2C%20'https%3A%2F%2Fplay.spotify.com*')%20%7C%7C%20shExpMatch(url%2C%20'https%3A%2F%2Fwww.spotify.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fwww.spotify.com*')%20%7C%7C%20url.indexOf('vevo.com')%20!%3D%20-1%20%7C%7C%20shExpMatch(url%2C%20'https%3A%2F%2Faccount.beatsmusic.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fwww.beatsmusic.com*')%20%7C%7C%20url.indexOf('play.google.com')%20!%3D%20-1%20%7C%7C%20(url.indexOf('youtube.com%2Fvideoplayback')%20!%3D%20-1%20%26%26%20url.indexOf('%26gcr%3Dus')%20!%3D%20-1%20%26%26%20url.indexOf('%26ptchn')%20!%3D%20-1)%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fwww.rdio.com*')%20%7C%7C%20url.indexOf('southparkstudios.com')%20!%3D%20-1%20%7C%7C%20(url.indexOf('proxmate%3Dactive')%20!%3D%20-1%20%26%26%20url.indexOf('amazonaws.com')%20%3D%3D%20-1)%20%7C%7C%20(url.indexOf('proxmate%3Dus')%20!%3D%20-1)%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fpiki.fm*')%20%7C%7C%20shExpMatch(url%2C%20'https%3A%2F%2Fpiki.fm*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fwww.funimation.com*')%20%7C%7C%20shExpMatch(url%2C%20'https%3A%2F%2Fsecure.funimation.com*')%20%7C%7C%20host%20%3D%3D%20'www.pandora.com'%20%7C%7C%20shExpMatch(url%2C%20'https%3A%2F%2Fwww.daisuki.net*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fwww.mtv.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fmedia.mtvnservices.com*'))%20%7B%20return%20'PROXY%20us04.sq.proxmate.me%3A8000%3B%20PROXY%20us01.sq.proxmate.me%3A8000%3B%20PROXY%20us11.sq.proxmate.me%3A8000%3B%20PROXY%20us03.sq.proxmate.me%3A8000%3B%20PROXY%20us05.sq.proxmate.me%3A8000%3B%20PROXY%20us10.sq.proxmate.me%3A8000%3B%20PROXY%20us08.sq.proxmate.me%3A8000%3B%20PROXY%20us06.sq.proxmate.me%3A8000%3B%20PROXY%20us07.sq.proxmate.me%3A8000%3B%20PROXY%20us09.sq.proxmate.me%3A8000%3B%20PROXY%20us02.sq.proxmate.me%3A8000'%3B%7D%20%20else%20%7B%20return%20'DIRECT'%3B%20%7D%7D"
FF NetworkProxy: "type", 2
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_19_0_0_226.dll [2015-10-23] ()
FF Plugin: @java.com/DTPlugin,version=10.10.2 -> C:\Windows\system32\npDeployJava1.dll [2012-12-20] (Oracle Corporation)
FF Plugin: @lastpass.com/NPLastPass -> C:\Program Files (x86)\LastPass\nplastpass64.dll [2013-11-09] (LastPass)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [Keine Datei]
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_19_0_0_226.dll [2015-10-23] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1210150.dll [2014-03-11] (Adobe Systems, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=11.45.2 -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\dtplugin\npDeployJava1.dll [2015-04-20] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.45.2 -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\plugin2\npjp2.dll [2015-04-20] (Oracle Corporation)
FF Plugin-x32: @lastpass.com/NPLastPass -> C:\Program Files (x86)\LastPass\nplastpass.dll [2013-11-09] (LastPass)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2015-10-30] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [Keine Datei]
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [Keine Datei]
FF Plugin-x32: @Nero.com/KM -> C:\PROGRA~2\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL [2015-04-10] (Nero AG)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll [Keine Datei]
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-09-27] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\np-mswmp.dll [2007-04-10] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll [2014-08-16] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll [2014-08-16] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll [2014-08-16] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll [2014-08-16] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll [2014-08-16] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin6.dll [2014-08-16] (Apple Inc.)
FF SearchPlugin: C:\Users\Sabine\AppData\Roaming\Mozilla\Firefox\Profiles\1zeoos5x.default-1351749639854\searchplugins\firefox-add-ons.xml [2015-03-06]
FF SearchPlugin: C:\Users\Sabine\AppData\Roaming\Mozilla\Firefox\Profiles\1zeoos5x.default-1351749639854\searchplugins\google-images.xml [2014-08-20]
FF SearchPlugin: C:\Users\Sabine\AppData\Roaming\Mozilla\Firefox\Profiles\1zeoos5x.default-1351749639854\searchplugins\google-maps.xml [2014-08-20]
FF SearchPlugin: C:\Users\Sabine\AppData\Roaming\Mozilla\Firefox\Profiles\1zeoos5x.default-1351749639854\searchplugins\google-play.xml [2015-03-06]
FF SearchPlugin: C:\Users\Sabine\AppData\Roaming\Mozilla\Firefox\Profiles\1zeoos5x.default-1351749639854\searchplugins\youtube.xml [2015-03-06]
FF Extension: Fire IE - C:\Users\Sabine\AppData\Roaming\Mozilla\Firefox\Profiles\1zeoos5x.default-1351749639854\Extensions\fireie@fireie.org [2015-06-07]
FF Extension: LastPass - C:\Users\Sabine\AppData\Roaming\Mozilla\Firefox\Profiles\1zeoos5x.default-1351749639854\Extensions\support@lastpass.com [2015-09-26]
FF Extension: Bitdefender QuickScan - C:\Users\Sabine\AppData\Roaming\Mozilla\Firefox\Profiles\1zeoos5x.default-1351749639854\Extensions\{e001c731-5e37-4538-a5cb-8168736a2360} [2015-10-30]
FF Extension: ProxMate - C:\Users\Sabine\AppData\Roaming\Mozilla\Firefox\Profiles\1zeoos5x.default-1351749639854\Extensions\jid1-QpHD8URtZWJC2A@jetpack.xpi [2015-05-29]
FF Extension: New Tab Override (browser.newtab.url replacement for Fx 41+) - C:\Users\Sabine\AppData\Roaming\Mozilla\Firefox\Profiles\1zeoos5x.default-1351749639854\Extensions\newtaboverride@agenedia.com.xpi [2015-10-28]
FF Extension: PAYBACK Toolbar - C:\Users\Sabine\AppData\Roaming\Mozilla\Firefox\Profiles\1zeoos5x.default-1351749639854\Extensions\toolbar-ff@payback.de.xpi [2015-10-08]
FF Extension: Session Manager - C:\Users\Sabine\AppData\Roaming\Mozilla\Firefox\Profiles\1zeoos5x.default-1351749639854\Extensions\{1280606b-2510-4fe0-97ef-9b5a22eafe30}.xpi [2015-10-31]
FF Extension: Adblock Plus - C:\Users\Sabine\AppData\Roaming\Mozilla\Firefox\Profiles\1zeoos5x.default-1351749639854\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-09-24]
FF Extension: QuickJava - C:\Users\Sabine\AppData\Roaming\Mozilla\Firefox\Profiles\1zeoos5x.default-1351749639854\Extensions\{E6C1199F-E687-42da-8C24-E7770CC3AE66}.xpi [2015-05-29]
FF Extension: Anti-Banner - C:\Program Files (x86)\Mozilla Firefox\extensions\KavAntiBanner@kaspersky.ru_bak [2015-10-16] [ist nicht signiert]
FF Extension: Anti-Banner - C:\Program Files (x86)\Mozilla Firefox\extensions\KavAntiBanner@kaspersky.ru_bak2 [2015-10-16] [ist nicht signiert]
FF Extension: Modul zur Link-Untersuchung - C:\Program Files (x86)\Mozilla Firefox\extensions\linkfilter@kaspersky.ru_bak [2015-10-16] [ist nicht signiert]
FF Extension: Modul zur Link-Untersuchung - C:\Program Files (x86)\Mozilla Firefox\extensions\linkfilter@kaspersky.ru_bak2 [2015-10-16] [ist nicht signiert]
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} [2015-10-16] [ist nicht signiert]
FF HKLM-x32\...\Firefox\Extensions: [virtualKeyboard@kaspersky.ru] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\FFExt\virtualKeyboard@kaspersky.ru => nicht gefunden
FF HKU\S-1-5-21-1505511330-1522540267-1352390042-1008\...\Firefox\Extensions: [cliqz@cliqz.com] - C:\Users\Sabine\AppData\Roaming\Mozilla\Firefox\Profiles\1zeoos5x.default-1351749639854\extensions\cliqz@cliqz.com => nicht gefunden
FF HKU\S-1-5-21-1505511330-1522540267-1352390042-1008-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Firefox\Extensions: [cliqz@cliqz.com] - C:\Users\Sabine\AppData\Roaming\Mozilla\Firefox\Profiles\1zeoos5x.default-1351749639854\extensions\cliqz@cliqz.com => nicht gefunden
FF ExtraCheck: C:\Program Files (x86)\mozilla firefox\firefox.cfg [2013-03-13] <==== ACHTUNG
==================== Dienste (Nicht auf der Ausnahmeliste) ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R2 a2AntiMalware; C:\Program Files (x86)\Emsisoft Anti-Malware\a2service.exe [7084784 2015-09-30] (Emsisoft Ltd)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77104 2015-09-02] (Apple Inc.)
R3 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [266240 2012-06-05] (Brother Industries, Ltd.) [Datei ist nicht signiert]
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [2856632 2015-10-15] (Microsoft Corporation)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [136048 2015-08-05] (Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [136048 2015-08-05] (Dropbox, Inc.)
R2 DevoloNetworkService; C:\Program Files (x86)\devolo\dlan\devolonetsvc.exe [3304768 2010-12-23] (devolo AG)
S2 DynUpdater; C:\Program Files (x86)\Dyn\Updater\dyn_updater.exe [1639216 2014-09-25] (Dyn)
R2 HTCMonitorService; C:\Program Files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe [87368 2014-04-02] (Nero AG)
S3 MessagingService; C:\Windows\System32\MessagingService.dll [52736 2015-10-20] (Microsoft Corporation)
S3 MessagingService_22c21; C:\WINDOWS\system32\svchost.exe [44088 2015-10-20] (Microsoft Corporation)
S3 MessagingService_22c21; C:\WINDOWS\SysWOW64\svchost.exe [37392 2015-10-20] (Microsoft Corporation)
U3 MessagingService_469e37; C:\WINDOWS\system32\svchost.exe [44088 2015-10-20] (Microsoft Corporation)
U3 MessagingService_469e37; C:\WINDOWS\SysWOW64\svchost.exe [37392 2015-10-20] (Microsoft Corporation)
U3 MessagingService_53f04; C:\WINDOWS\system32\svchost.exe [44088 2015-10-20] (Microsoft Corporation)
U3 MessagingService_53f04; C:\WINDOWS\SysWOW64\svchost.exe [37392 2015-10-20] (Microsoft Corporation)
R2 MSMQ; C:\Windows\system32\mqsvc.exe [26624 2015-10-30] (Microsoft Corporation)
S2 NeroMediaHomeService.4; C:\Program Files (x86)\Nero\Nero MediaHome 4\NMMediaServerService.exe [517416 2010-10-26] (Nero AG)
R2 OneSyncSvc_22c21; C:\WINDOWS\system32\svchost.exe [44088 2015-10-20] (Microsoft Corporation)
R2 OneSyncSvc_22c21; C:\WINDOWS\SysWOW64\svchost.exe [37392 2015-10-20] (Microsoft Corporation)
U2 OneSyncSvc_469e37; C:\WINDOWS\system32\svchost.exe [44088 2015-10-20] (Microsoft Corporation)
U2 OneSyncSvc_469e37; C:\WINDOWS\SysWOW64\svchost.exe [37392 2015-10-20] (Microsoft Corporation)
U2 OneSyncSvc_53f04; C:\WINDOWS\system32\svchost.exe [44088 2015-10-20] (Microsoft Corporation)
U2 OneSyncSvc_53f04; C:\WINDOWS\SysWOW64\svchost.exe [37392 2015-10-20] (Microsoft Corporation)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [1997168 2015-06-29] (Electronic Arts)
R2 PassThru Service; C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [166912 2013-10-17] () [Datei ist nicht signiert]
R3 PimIndexMaintenanceSvc_22c21; C:\WINDOWS\system32\svchost.exe [44088 2015-10-20] (Microsoft Corporation)
R3 PimIndexMaintenanceSvc_22c21; C:\WINDOWS\SysWOW64\svchost.exe [37392 2015-10-20] (Microsoft Corporation)
U3 PimIndexMaintenanceSvc_469e37; C:\WINDOWS\system32\svchost.exe [44088 2015-10-20] (Microsoft Corporation)
U3 PimIndexMaintenanceSvc_469e37; C:\WINDOWS\SysWOW64\svchost.exe [37392 2015-10-20] (Microsoft Corporation)
U3 PimIndexMaintenanceSvc_53f04; C:\WINDOWS\system32\svchost.exe [44088 2015-10-20] (Microsoft Corporation)
U3 PimIndexMaintenanceSvc_53f04; C:\WINDOWS\SysWOW64\svchost.exe [37392 2015-10-20] (Microsoft Corporation)
S3 rpcapd; C:\Program Files (x86)\WinPcap\rpcapd.exe [118520 2013-03-01] (Riverbed Technology, Inc.)
S3 TieringEngineService; C:\Windows\system32\TieringEngineService.exe [290304 2015-10-20] (Microsoft Corporation)
S3 tzautoupdate; C:\Windows\system32\tzautoupdate.dll [87040 2015-10-20] (Microsoft Corporation)
R3 UnistoreSvc_22c21; C:\WINDOWS\System32\svchost.exe [44088 2015-10-20] (Microsoft Corporation)
R3 UnistoreSvc_22c21; C:\WINDOWS\SysWOW64\svchost.exe [37392 2015-10-20] (Microsoft Corporation)
U3 UnistoreSvc_469e37; C:\WINDOWS\System32\svchost.exe [44088 2015-10-20] (Microsoft Corporation)
U3 UnistoreSvc_469e37; C:\WINDOWS\SysWOW64\svchost.exe [37392 2015-10-20] (Microsoft Corporation)
U3 UnistoreSvc_53f04; C:\WINDOWS\System32\svchost.exe [44088 2015-10-20] (Microsoft Corporation)
U3 UnistoreSvc_53f04; C:\WINDOWS\SysWOW64\svchost.exe [37392 2015-10-20] (Microsoft Corporation)
R3 UserDataSvc_22c21; C:\WINDOWS\system32\svchost.exe [44088 2015-10-20] (Microsoft Corporation)
R3 UserDataSvc_22c21; C:\WINDOWS\SysWOW64\svchost.exe [37392 2015-10-20] (Microsoft Corporation)
U3 UserDataSvc_469e37; C:\WINDOWS\system32\svchost.exe [44088 2015-10-20] (Microsoft Corporation)
U3 UserDataSvc_469e37; C:\WINDOWS\SysWOW64\svchost.exe [37392 2015-10-20] (Microsoft Corporation)
U3 UserDataSvc_53f04; C:\WINDOWS\system32\svchost.exe [44088 2015-10-20] (Microsoft Corporation)
U3 UserDataSvc_53f04; C:\WINDOWS\SysWOW64\svchost.exe [37392 2015-10-20] (Microsoft Corporation)
R2 VIAKaraokeService; C:\Windows\system32\viakaraokesrv.exe [36504 2015-06-24] (VIA Technologies, Inc.)
S3 w3logsvc; C:\Windows\system32\inetsrv\w3logsvc.dll [84480 2015-10-30] (Microsoft Corporation)
R2 W3SVC; C:\Windows\system32\inetsrv\iisw3adm.dll [579072 2015-10-30] (Microsoft Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [354928 2015-10-20] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [17232 2015-10-20] (Microsoft Corporation)
===================== Treiber (Nicht auf der Ausnahmeliste) ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
S3 bcmfn; C:\Windows\System32\drivers\bcmfn.sys [9728 2015-10-20] (Windows (R) Win 7 DDK provider)
R3 BthHFAud; C:\Windows\system32\DRIVERS\BthHfAud.sys [36864 2015-10-20] (Microsoft Corporation)
R1 epp64; C:\PROGRAM FILES (X86)\EMSISOFT ANTI-MALWARE\epp64.sys [138504 2015-09-30] (Emsisoft GmbH)
S3 iai2c; C:\Windows\System32\drivers\iai2c.sys [81408 2015-10-20] (Intel(R) Corporation)
S3 iaLPSS2i_I2C; C:\Windows\System32\drivers\iaLPSS2i_I2C.sys [165888 2015-10-20] (Intel Corporation)
R3 mbamchameleon; C:\WINDOWS\system32\drivers\mbamchameleon.sys [109272 2015-11-01] (Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [192216 2015-11-01] (Malwarebytes)
S3 MEMSWEEP2; C:\Windows\system32\EAC3.tmp [6144 2009-06-18] (Sophos Plc) [Datei ist nicht signiert]
R3 MQAC; C:\Windows\System32\drivers\mqac.sys [175616 2015-10-30] (Microsoft Corporation)
R3 MTsensor; C:\Windows\system32\DRIVERS\ASACPI.sys [17280 2015-01-29] ()
S3 NPF; C:\Windows\System32\drivers\NPF.sys [36600 2013-03-01] (Riverbed Technology, Inc.)
R2 NPF_devolo; C:\Windows\sysWOW64\drivers\npf_devolo.sys [34048 2010-06-10] (CACE Technologies)
R3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [589824 2015-10-20] (Realtek )
S3 UdeCx; C:\Windows\System32\drivers\udecx.sys [45056 2015-10-20] (Microsoft Corporation)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [45064 2015-10-20] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [293352 2015-10-20] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [119784 2015-10-20] (Microsoft Corporation)
U3 idsvc; kein ImagePath
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat: Erstellte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2015-11-01 07:39 - 2015-11-01 07:39 - 00000000 _____ C:\Users\Sabine\defogger_reenable
2015-10-31 17:57 - 2015-10-31 17:57 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2015-10-31 17:19 - 2015-10-31 17:20 - 00852720 _____ C:\Users\Sabine\Desktop\SecurityCheck.exe
2015-10-31 17:05 - 2015-10-31 17:05 - 00000008 __RSH C:\ProgramData\ntuser.pol
2015-10-31 16:59 - 2015-10-31 16:59 - 00000000 ____D C:\ProgramData\AppData\Roaming\Dyn
2015-10-31 16:10 - 2015-11-01 07:26 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2015-10-31 16:09 - 2015-11-01 07:25 - 00000000 ____D C:\Users\Sabine\Desktop\mbar
2015-10-31 15:58 - 2015-10-31 15:58 - 00000000 ____D C:\Program Files (x86)\ESET
2015-10-31 05:37 - 2015-11-01 07:41 - 00000000 ____D C:\FRST
2015-10-31 05:31 - 2015-10-31 05:31 - 00001348 _____ C:\Users\Sabine\Desktop\Revo Uninstaller.lnk
2015-10-31 05:27 - 2015-10-31 05:27 - 00000761 _____ C:\Users\Sabine\Desktop\JRT.txt
2015-10-31 05:03 - 2015-10-31 16:57 - 00003708 _____ C:\WINDOWS\PFRO.log
2015-10-30 20:54 - 2015-10-31 17:04 - 00000000 ____D C:\AdwCleaner
2015-10-30 16:09 - 2015-10-30 16:09 - 00000020 ___SH C:\Users\Sabine\ntuser.ini
2015-10-30 16:08 - 2015-10-30 16:08 - 00000000 _SHDL C:\Users\Default\Vorlagen
2015-10-30 16:08 - 2015-10-30 16:08 - 00000000 _SHDL C:\Users\Default\Startmenü
2015-10-30 16:08 - 2015-10-30 16:08 - 00000000 _SHDL C:\Users\Default\Netzwerkumgebung
2015-10-30 16:08 - 2015-10-30 16:08 - 00000000 _SHDL C:\Users\Default\Lokale Einstellungen
2015-10-30 16:08 - 2015-10-30 16:08 - 00000000 _SHDL C:\Users\Default\Eigene Dateien
2015-10-30 16:08 - 2015-10-30 16:08 - 00000000 _SHDL C:\Users\Default\Druckumgebung
2015-10-30 16:08 - 2015-10-30 16:08 - 00000000 _SHDL C:\Users\Default\Documents\Eigene Musik
2015-10-30 16:08 - 2015-10-30 16:08 - 00000000 _SHDL C:\Users\Default\Documents\Eigene Bilder
2015-10-30 16:08 - 2015-10-30 16:08 - 00000000 _SHDL C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2015-10-30 16:08 - 2015-10-30 16:08 - 00000000 _SHDL C:\Users\Default\AppData\Local\Verlauf
2015-10-30 16:08 - 2015-10-30 16:08 - 00000000 _SHDL C:\Users\Default\AppData\Local\Anwendungsdaten
2015-10-30 16:08 - 2015-10-30 16:08 - 00000000 _SHDL C:\Users\Default\Anwendungsdaten
2015-10-30 16:08 - 2015-10-30 16:08 - 00000000 _SHDL C:\Users\Default User\Documents\Eigene Musik
2015-10-30 16:08 - 2015-10-30 16:08 - 00000000 _SHDL C:\Users\Default User\Documents\Eigene Bilder
2015-10-30 16:08 - 2015-10-30 16:08 - 00000000 _SHDL C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2015-10-30 16:08 - 2015-10-30 16:08 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Verlauf
2015-10-30 16:08 - 2015-10-30 16:08 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Anwendungsdaten
2015-10-30 16:03 - 2015-10-31 17:06 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2015-10-30 16:03 - 2015-10-30 16:03 - 00002354 _____ C:\WINDOWS\System32\Tasks\SpeechRuntimeTask
2015-10-30 15:51 - 2015-10-30 15:51 - 00000020 ___SH C:\Users\NeroMediaHomeUser.4\ntuser.ini
2015-10-30 15:45 - 2015-10-30 15:45 - 00001576 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2015-10-30 15:45 - 2015-10-30 15:45 - 00000000 ____D C:\Users\Default\AppData\Roaming\Macromedia
2015-10-30 15:45 - 2015-10-30 15:45 - 00000000 ____D C:\Users\Default\3D Objects
2015-10-30 15:45 - 2015-10-30 15:45 - 00000000 ____D C:\Users\Default User\AppData\Roaming\Macromedia
2015-10-30 15:37 - 2015-10-30 15:37 - 00000000 ____D C:\Program Files\Common Files\SpeechEngines
2015-10-30 15:36 - 2015-10-30 15:48 - 00000000 ____D C:\WINDOWS\system32\config\bbimigrate
2015-10-30 15:30 - 2015-11-01 07:39 - 00000000 ____D C:\Users\Sabine
2015-10-30 15:30 - 2015-10-30 16:09 - 00000000 ___RD C:\Users\Sabine\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-10-30 15:30 - 2015-10-30 15:58 - 00000000 ____D C:\Users\Dominik.BINE-PC
2015-10-30 15:30 - 2015-10-30 15:58 - 00000000 ____D C:\Users\DefaultAppPool
2015-10-30 15:30 - 2015-10-30 15:58 - 00000000 ____D C:\Users\Administrator
2015-10-30 15:30 - 2015-10-30 15:54 - 00000000 ____D C:\Users\NeroMediaHomeUser.4
2015-10-30 15:30 - 2015-10-30 15:36 - 00000000 ___RD C:\Users\Dominik.BINE-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-10-30 15:30 - 2015-10-30 15:36 - 00000000 ___RD C:\Users\Dominik.BINE-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-10-30 15:30 - 2015-10-30 15:35 - 00000000 ___RD C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-10-30 15:30 - 2015-10-30 15:35 - 00000000 ___RD C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2015-10-30 15:30 - 2015-10-30 15:35 - 00000000 ___RD C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-10-30 15:30 - 2015-10-30 15:35 - 00000000 ___RD C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-10-30 15:30 - 2015-10-30 15:35 - 00000000 ___RD C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2015-10-30 15:30 - 2015-10-30 15:35 - 00000000 ___RD C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-10-30 15:30 - 2015-10-30 15:35 - 00000000 ___RD C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-10-30 15:30 - 2015-10-30 15:35 - 00000000 ___RD C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2015-10-30 15:30 - 2015-10-30 15:35 - 00000000 ____D C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2015-10-30 15:30 - 2015-10-30 15:35 - 00000000 ____D C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2015-10-30 15:30 - 2015-10-30 15:35 - 00000000 ____D C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2015-10-30 15:30 - 2015-10-30 15:34 - 00000000 ___RD C:\Users\Sabine\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-10-30 15:30 - 2015-10-30 15:34 - 00000000 ___RD C:\Users\Sabine\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2015-10-30 15:30 - 2015-10-30 15:34 - 00000000 ____D C:\Users\Sabine\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2015-10-30 15:30 - 2015-10-30 15:31 - 00000000 ___RD C:\Users\NeroMediaHomeUser.4\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-10-30 15:30 - 2015-10-30 15:31 - 00000000 ___RD C:\Users\NeroMediaHomeUser.4\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-10-30 15:30 - 2015-10-30 15:31 - 00000000 ___RD C:\Users\NeroMediaHomeUser.4\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2015-10-30 15:30 - 2015-10-30 15:31 - 00000000 ____D C:\Users\NeroMediaHomeUser.4\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2015-10-30 15:30 - 2015-10-30 15:30 - 00000000 _SHDL C:\Users\UpdatusUser\Vorlagen
2015-10-30 15:30 - 2015-10-30 15:30 - 00000000 _SHDL C:\Users\UpdatusUser\Startmenü
2015-10-30 15:30 - 2015-10-30 15:30 - 00000000 _SHDL C:\Users\UpdatusUser\Netzwerkumgebung
2015-10-30 15:30 - 2015-10-30 15:30 - 00000000 _SHDL C:\Users\UpdatusUser\Lokale Einstellungen
2015-10-30 15:30 - 2015-10-30 15:30 - 00000000 _SHDL C:\Users\UpdatusUser\Eigene Dateien
2015-10-30 15:30 - 2015-10-30 15:30 - 00000000 _SHDL C:\Users\UpdatusUser\Druckumgebung
2015-10-30 15:30 - 2015-10-30 15:30 - 00000000 _SHDL C:\Users\UpdatusUser\Documents\Eigene Musik
2015-10-30 15:30 - 2015-10-30 15:30 - 00000000 _SHDL C:\Users\UpdatusUser\Documents\Eigene Bilder
2015-10-30 15:30 - 2015-10-30 15:30 - 00000000 _SHDL C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2015-10-30 15:30 - 2015-10-30 15:30 - 00000000 _SHDL C:\Users\UpdatusUser\AppData\Local\Verlauf
2015-10-30 15:30 - 2015-10-30 15:30 - 00000000 _SHDL C:\Users\UpdatusUser\AppData\Local\Anwendungsdaten
2015-10-30 15:30 - 2015-10-30 15:30 - 00000000 _SHDL C:\Users\UpdatusUser\Anwendungsdaten
2015-10-30 15:30 - 2015-10-30 15:30 - 00000000 _SHDL C:\Users\Sabine\Vorlagen
2015-10-30 15:30 - 2015-10-30 15:30 - 00000000 _SHDL C:\Users\Sabine\Startmenü
2015-10-30 15:30 - 2015-10-30 15:30 - 00000000 _SHDL C:\Users\Sabine\Netzwerkumgebung
2015-10-30 15:30 - 2015-10-30 15:30 - 00000000 _SHDL C:\Users\Sabine\Lokale Einstellungen
2015-10-30 15:30 - 2015-10-30 15:30 - 00000000 _SHDL C:\Users\Sabine\Eigene Dateien
2015-10-30 15:30 - 2015-10-30 15:30 - 00000000 _SHDL C:\Users\Sabine\Druckumgebung
2015-10-30 15:30 - 2015-10-30 15:30 - 00000000 _SHDL C:\Users\Sabine\Documents\Eigene Musik
2015-10-30 15:30 - 2015-10-30 15:30 - 00000000 _SHDL C:\Users\Sabine\Documents\Eigene Bilder
2015-10-30 15:30 - 2015-10-30 15:30 - 00000000 _SHDL C:\Users\Sabine\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2015-10-30 15:30 - 2015-10-30 15:30 - 00000000 _SHDL C:\Users\Sabine\AppData\Local\Verlauf
2015-10-30 15:30 - 2015-10-30 15:30 - 00000000 _SHDL C:\Users\Sabine\AppData\Local\Anwendungsdaten
2015-10-30 15:30 - 2015-10-30 15:30 - 00000000 _SHDL C:\Users\Sabine\Anwendungsdaten
2015-10-30 15:30 - 2015-10-30 15:30 - 00000000 _SHDL C:\Users\NeroMediaHomeUser.4\Vorlagen
2015-10-30 15:30 - 2015-10-30 15:30 - 00000000 _SHDL C:\Users\NeroMediaHomeUser.4\Startmenü
2015-10-30 15:30 - 2015-10-30 15:30 - 00000000 _SHDL C:\Users\NeroMediaHomeUser.4\Netzwerkumgebung
2015-10-30 15:30 - 2015-10-30 15:30 - 00000000 _SHDL C:\Users\NeroMediaHomeUser.4\Lokale Einstellungen
2015-10-30 15:30 - 2015-10-30 15:30 - 00000000 _SHDL C:\Users\NeroMediaHomeUser.4\Eigene Dateien
2015-10-30 15:30 - 2015-10-30 15:30 - 00000000 _SHDL C:\Users\NeroMediaHomeUser.4\Druckumgebung
2015-10-30 15:30 - 2015-10-30 15:30 - 00000000 _SHDL C:\Users\NeroMediaHomeUser.4\Documents\Eigene Musik
2015-10-30 15:30 - 2015-10-30 15:30 - 00000000 _SHDL C:\Users\NeroMediaHomeUser.4\Documents\Eigene Bilder
2015-10-30 15:30 - 2015-10-30 15:30 - 00000000 _SHDL C:\Users\NeroMediaHomeUser.4\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2015-10-30 15:30 - 2015-10-30 15:30 - 00000000 _SHDL C:\Users\NeroMediaHomeUser.4\AppData\Local\Verlauf
2015-10-30 15:30 - 2015-10-30 15:30 - 00000000 _SHDL C:\Users\NeroMediaHomeUser.4\AppData\Local\Anwendungsdaten
2015-10-30 15:30 - 2015-10-30 15:30 - 00000000 _SHDL C:\Users\NeroMediaHomeUser.4\Anwendungsdaten
2015-10-30 15:30 - 2015-10-30 15:30 - 00000000 _SHDL C:\Users\Dominik.BINE-PC\Vorlagen
2015-10-30 15:30 - 2015-10-30 15:30 - 00000000 _SHDL C:\Users\Dominik.BINE-PC\Startmenü
2015-10-30 15:30 - 2015-10-30 15:30 - 00000000 _SHDL C:\Users\Dominik.BINE-PC\Netzwerkumgebung
2015-10-30 15:30 - 2015-10-30 15:30 - 00000000 _SHDL C:\Users\Dominik.BINE-PC\Lokale Einstellungen
2015-10-30 15:30 - 2015-10-30 15:30 - 00000000 _SHDL C:\Users\Dominik.BINE-PC\Eigene Dateien
2015-10-30 15:30 - 2015-10-30 15:30 - 00000000 _SHDL C:\Users\Dominik.BINE-PC\Druckumgebung
2015-10-30 15:30 - 2015-10-30 15:30 - 00000000 _SHDL C:\Users\Dominik.BINE-PC\Documents\Eigene Musik
2015-10-30 15:30 - 2015-10-30 15:30 - 00000000 _SHDL C:\Users\Dominik.BINE-PC\Documents\Eigene Bilder
2015-10-30 15:30 - 2015-10-30 15:30 - 00000000 _SHDL C:\Users\Dominik.BINE-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2015-10-30 15:30 - 2015-10-30 15:30 - 00000000 _SHDL C:\Users\Dominik.BINE-PC\AppData\Local\Verlauf
2015-10-30 15:30 - 2015-10-30 15:30 - 00000000 _SHDL C:\Users\Dominik.BINE-PC\AppData\Local\Anwendungsdaten
2015-10-30 15:30 - 2015-10-30 15:30 - 00000000 _SHDL C:\Users\Dominik.BINE-PC\Anwendungsdaten
2015-10-30 15:30 - 2015-10-30 15:30 - 00000000 _SHDL C:\Users\DefaultAppPool\Vorlagen
2015-10-30 15:30 - 2015-10-30 15:30 - 00000000 _SHDL C:\Users\DefaultAppPool\Startmenü
2015-10-30 15:30 - 2015-10-30 15:30 - 00000000 _SHDL C:\Users\DefaultAppPool\Netzwerkumgebung
2015-10-30 15:30 - 2015-10-30 15:30 - 00000000 _SHDL C:\Users\DefaultAppPool\Lokale Einstellungen
2015-10-30 15:30 - 2015-10-30 15:30 - 00000000 _SHDL C:\Users\DefaultAppPool\Eigene Dateien
2015-10-30 15:30 - 2015-10-30 15:30 - 00000000 _SHDL C:\Users\DefaultAppPool\Druckumgebung
2015-10-30 15:30 - 2015-10-30 15:30 - 00000000 _SHDL C:\Users\DefaultAppPool\Documents\Eigene Musik
2015-10-30 15:30 - 2015-10-30 15:30 - 00000000 _SHDL C:\Users\DefaultAppPool\Documents\Eigene Bilder
2015-10-30 15:30 - 2015-10-30 15:30 - 00000000 _SHDL C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2015-10-30 15:30 - 2015-10-30 15:30 - 00000000 _SHDL C:\Users\DefaultAppPool\AppData\Local\Verlauf
2015-10-30 15:30 - 2015-10-30 15:30 - 00000000 _SHDL C:\Users\DefaultAppPool\AppData\Local\Anwendungsdaten
2015-10-30 15:30 - 2015-10-30 15:30 - 00000000 _SHDL C:\Users\DefaultAppPool\Anwendungsdaten
2015-10-30 15:30 - 2015-10-30 15:30 - 00000000 _SHDL C:\Users\Administrator\Vorlagen
2015-10-30 15:30 - 2015-10-30 15:30 - 00000000 _SHDL C:\Users\Administrator\Startmenü
2015-10-30 15:30 - 2015-10-30 15:30 - 00000000 _SHDL C:\Users\Administrator\Netzwerkumgebung
2015-10-30 15:30 - 2015-10-30 15:30 - 00000000 _SHDL C:\Users\Administrator\Lokale Einstellungen
2015-10-30 15:30 - 2015-10-30 15:30 - 00000000 _SHDL C:\Users\Administrator\Eigene Dateien
2015-10-30 15:30 - 2015-10-30 15:30 - 00000000 _SHDL C:\Users\Administrator\Druckumgebung
2015-10-30 15:30 - 2015-10-30 15:30 - 00000000 _SHDL C:\Users\Administrator\Documents\Eigene Musik
2015-10-30 15:30 - 2015-10-30 15:30 - 00000000 _SHDL C:\Users\Administrator\Documents\Eigene Bilder
2015-10-30 15:30 - 2015-10-30 15:30 - 00000000 _SHDL C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2015-10-30 15:30 - 2015-10-30 15:30 - 00000000 _SHDL C:\Users\Administrator\AppData\Local\Verlauf
2015-10-30 15:30 - 2015-10-30 15:30 - 00000000 _SHDL C:\Users\Administrator\AppData\Local\Anwendungsdaten
2015-10-30 15:30 - 2015-10-30 15:30 - 00000000 _SHDL C:\Users\Administrator\Anwendungsdaten
2015-10-30 15:30 - 2015-10-20 08:31 - 00000000 __RSD C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell
2015-10-30 15:30 - 2015-10-20 08:31 - 00000000 __RSD C:\Users\Sabine\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell
2015-10-30 15:30 - 2015-10-20 08:31 - 00000000 __RSD C:\Users\NeroMediaHomeUser.4\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell
2015-10-30 15:30 - 2015-10-20 08:31 - 00000000 __RSD C:\Users\Dominik.BINE-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell
2015-10-30 15:30 - 2015-10-20 08:31 - 00000000 __RSD C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell
2015-10-30 15:30 - 2015-10-20 08:31 - 00000000 __RSD C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell
2015-10-30 15:30 - 2015-10-20 08:31 - 00000000 ___RD C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-10-30 15:30 - 2015-10-20 08:31 - 00000000 ___RD C:\Users\Dominik.BINE-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2015-10-30 15:30 - 2015-10-20 08:31 - 00000000 ____D C:\Users\Dominik.BINE-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2015-10-30 15:29 - 2015-10-31 17:13 - 02091286 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2015-10-30 15:29 - 2015-10-30 15:29 - 01989310 _____ C:\WINDOWS\SysWOW64\PerfStringBackup.INI
2015-10-30 15:29 - 2015-10-30 15:29 - 00022108 _____ C:\WINDOWS\iis.log
2015-10-30 15:26 - 2015-10-30 15:38 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2015-10-30 15:26 - 2015-10-30 15:38 - 00000000 ____D C:\ProgramData\NVIDIA
2015-10-30 15:26 - 2015-10-30 15:37 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2015-10-30 15:26 - 2015-10-30 15:26 - 00000000 ____D C:\WINDOWS\system32\SRSLabs
2015-10-30 15:26 - 2015-10-30 15:26 - 00000000 ____D C:\Program Files\VIA
2015-10-30 15:26 - 2015-08-18 01:07 - 06783280 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2015-10-30 15:26 - 2015-08-18 01:07 - 03522168 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc64.dll
2015-10-30 15:26 - 2015-08-18 01:07 - 02558768 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll
2015-10-30 15:26 - 2015-08-18 01:07 - 00933168 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvvsvc.exe
2015-10-30 15:26 - 2015-08-18 01:07 - 00385144 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmctray.dll
2015-10-30 15:26 - 2015-08-18 01:07 - 00062768 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll
2015-10-30 15:26 - 2015-08-18 01:06 - 05147024 _____ C:\WINDOWS\system32\nvcoproc.bin
2015-10-30 15:25 - 2015-10-20 08:24 - 02718208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2015-10-30 15:23 - 2015-10-30 16:07 - 00021217 _____ C:\WINDOWS\setupact.log
2015-10-30 15:23 - 2015-10-30 15:23 - 00000000 _____ C:\WINDOWS\setuperr.log
2015-10-30 15:22 - 2015-10-31 16:58 - 05164848 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2015-10-30 15:22 - 2015-10-30 15:22 - 00160893 _____ C:\WINDOWS\system32\NetSetupMig.log
2015-10-30 15:21 - 2015-10-30 18:00 - 00000000 ___DC C:\WINDOWS\Panther
2015-10-30 15:21 - 2015-10-30 15:29 - 00000000 __SHD C:\Recovery
2015-10-30 15:18 - 2015-10-30 15:18 - 00000000 ____D C:\Windows.old
2015-10-30 15:13 - 2015-10-20 17:34 - 12039680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NlsLexicons0007.dll
2015-10-30 15:13 - 2015-10-20 17:23 - 00527360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSWB70011.dll
2015-10-30 15:13 - 2015-10-20 17:19 - 07338496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NL7Data0011.dll
2015-10-30 15:13 - 2015-10-20 17:19 - 01996800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NlsData0007.dll
2015-10-30 15:13 - 2015-10-20 17:15 - 02455040 _____ (Microsoft Corporation) C:\WINDOWS\system32\NL7Lexicons0011.dll
2015-10-30 15:13 - 2015-10-20 17:14 - 12039680 _____ (Microsoft Corporation) C:\WINDOWS\system32\NlsLexicons0007.dll
2015-10-30 15:13 - 2015-10-20 17:14 - 11602944 _____ (Microsoft Corporation) C:\WINDOWS\system32\prm0007.dll
2015-10-30 15:13 - 2015-10-20 17:14 - 07702528 _____ (Microsoft Corporation) C:\WINDOWS\system32\NL7Models0011.dll
2015-10-30 15:13 - 2015-10-20 17:04 - 00737280 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSWB70011.dll
2015-10-30 15:13 - 2015-10-20 17:00 - 07563264 _____ (Microsoft Corporation) C:\WINDOWS\system32\NL7Data0011.dll
2015-10-30 15:13 - 2015-10-20 16:59 - 02088960 _____ (Microsoft Corporation) C:\WINDOWS\system32\NlsData0007.dll
2015-10-30 15:13 - 2015-03-30 22:21 - 00002060 _____ C:\WINDOWS\system32\noise.jpn
2015-10-30 15:13 - 2015-03-30 20:23 - 00002060 _____ C:\WINDOWS\SysWOW64\noise.jpn
2015-10-30 15:12 - 2015-10-30 15:12 - 00008192 _____ C:\WINDOWS\system32\config\userdiff
2015-10-30 15:10 - 2015-10-30 15:10 - 00000000 ____D C:\WINDOWS\SysWOW64\BestPractices
2015-10-30 15:10 - 2015-10-30 15:10 - 00000000 ____D C:\WINDOWS\system32\msmq
2015-10-30 15:10 - 2015-10-30 15:10 - 00000000 ____D C:\WINDOWS\system32\BestPractices
2015-10-30 15:10 - 2015-10-30 15:10 - 00000000 ____D C:\Program Files\Reference Assemblies
2015-10-30 15:10 - 2015-10-30 15:10 - 00000000 ____D C:\Program Files\MSBuild
2015-10-30 15:10 - 2015-10-30 15:10 - 00000000 ____D C:\Program Files (x86)\Reference Assemblies
2015-10-30 15:10 - 2015-10-30 15:10 - 00000000 ____D C:\Program Files (x86)\MSBuild
2015-10-30 15:10 - 2015-10-30 15:10 - 00000000 ____D C:\inetpub
2015-10-30 15:09 - 2015-10-19 17:31 - 00778936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationNative_v0300.dll
2015-10-30 15:09 - 2015-10-19 17:31 - 00103120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2015-10-30 15:09 - 2015-10-19 17:31 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TsWpfWrp.exe
2015-10-30 15:09 - 2015-10-16 17:52 - 01166520 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationNative_v0300.dll
2015-10-30 15:09 - 2015-10-16 17:52 - 00124624 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2015-10-30 15:09 - 2015-10-16 17:52 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe
2015-10-30 10:21 - 2015-10-30 10:21 - 00000000 ____D C:\Users\Sabine\AppData\Roaming\QuickScan
2015-10-30 09:22 - 2015-10-05 23:26 - 01801288 _____ (Malwarebytes) C:\Users\Sabine\Desktop\JRT.exe
2015-10-30 08:50 - 2015-10-30 08:50 - 00000000 ____D C:\ProgramData\Emsisoft
2015-10-30 06:15 - 2015-10-30 15:48 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Emsisoft Anti-Malware
2015-10-30 06:15 - 2015-10-30 06:15 - 00001171 _____ C:\Users\Public\Desktop\Emsisoft Anti-Malware.lnk
2015-10-30 06:14 - 2015-11-01 07:16 - 00000000 ____D C:\Program Files (x86)\Emsisoft Anti-Malware
2015-10-30 05:43 - 2015-11-01 07:25 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2015-10-30 05:36 - 2015-10-30 05:36 - 00001182 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2015-10-30 05:36 - 2015-10-05 09:50 - 00109272 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\is-CQQ6C.tmp
2015-10-30 05:36 - 2015-10-05 09:50 - 00064216 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys
2015-10-30 05:36 - 2015-10-05 09:50 - 00025816 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2015-10-24 15:04 - 2015-10-24 15:04 - 00000000 _SHDL C:\Users\Default.migrated\Vorlagen
2015-10-24 15:04 - 2015-10-24 15:04 - 00000000 _SHDL C:\Users\Default.migrated\Startmenü
2015-10-24 15:04 - 2015-10-24 15:04 - 00000000 _SHDL C:\Users\Default.migrated\Netzwerkumgebung
2015-10-24 15:04 - 2015-10-24 15:04 - 00000000 _SHDL C:\Users\Default.migrated\Lokale Einstellungen
2015-10-24 15:04 - 2015-10-24 15:04 - 00000000 _SHDL C:\Users\Default.migrated\Eigene Dateien
2015-10-24 15:04 - 2015-10-24 15:04 - 00000000 _SHDL C:\Users\Default.migrated\Druckumgebung
2015-10-24 15:04 - 2015-10-24 15:04 - 00000000 _SHDL C:\Users\Default.migrated\Documents\Eigene Musik
2015-10-24 15:04 - 2015-10-24 15:04 - 00000000 _SHDL C:\Users\Default.migrated\Documents\Eigene Bilder
2015-10-24 15:04 - 2015-10-24 15:04 - 00000000 _SHDL C:\Users\Default.migrated\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2015-10-24 15:04 - 2015-10-24 15:04 - 00000000 _SHDL C:\Users\Default.migrated\AppData\Local\Verlauf
2015-10-24 15:04 - 2015-10-24 15:04 - 00000000 _SHDL C:\Users\Default.migrated\AppData\Local\Anwendungsdaten
2015-10-24 15:04 - 2015-10-24 15:04 - 00000000 _SHDL C:\Users\Default.migrated\Anwendungsdaten
2015-10-24 08:18 - 2015-10-24 08:18 - 00001615 _____ C:\Users\Sabine\Desktop\BASE Cloud.lnk
2015-10-24 08:18 - 2015-10-24 08:18 - 00000000 ___RD C:\Users\Sabine\Documents\BASE Cloud
2015-10-24 08:18 - 2015-10-24 08:18 - 00000000 ____D C:\Users\Sabine\AppData\Roaming\BASE
2015-10-24 08:17 - 2015-10-30 15:48 - 00000000 ____D C:\Users\Sabine\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BASE Cloud
2015-10-24 08:16 - 2015-10-31 05:11 - 00000000 ____D C:\Users\Sabine\AppData\Local\BASE Cloud
2015-10-23 11:51 - 2015-10-23 11:51 - 03996360 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerInstaller.exe
2015-10-20 18:43 - 2015-10-30 14:52 - 00000000 ___HD C:\$WINDOWS.~BT
2015-10-20 17:07 - 2015-10-20 08:26 - 00031816 _____ C:\WINDOWS\Core.xml
2015-10-20 17:06 - 2015-10-20 17:06 - 00000000 __RHD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tablet PC
2015-10-20 17:06 - 2015-10-20 17:06 - 00000000 ____D C:\WINDOWS\ShellNew
2015-10-20 17:06 - 2015-10-20 17:06 - 00000000 ____D C:\Program Files\Windows Journal
2015-10-20 17:02 - 2015-10-20 17:02 - 00000000 ____D C:\WINDOWS\SKB
2015-10-20 17:02 - 2015-10-20 17:02 - 00000000 ____D C:\WINDOWS\OCR
2015-10-20 17:01 - 2015-10-31 17:13 - 00889260 _____ C:\WINDOWS\system32\perfh007.dat
2015-10-20 17:01 - 2015-10-31 17:13 - 00196966 _____ C:\WINDOWS\system32\perfc007.dat
2015-10-20 17:01 - 2015-10-30 15:48 - 00000000 ____D C:\WINDOWS\system32\0409
2015-10-20 17:01 - 2015-10-30 15:40 - 00000000 ____D C:\WINDOWS\SysWOW64\sysprep
2015-10-20 17:01 - 2015-10-30 15:38 - 00000000 ____D C:\WINDOWS\DigitalLocker
2015-10-20 17:01 - 2015-10-20 17:01 - 00305634 _____ C:\WINDOWS\system32\perfi007.dat
2015-10-20 17:01 - 2015-10-20 17:01 - 00040390 _____ C:\WINDOWS\system32\perfd007.dat
2015-10-20 17:01 - 2015-10-20 17:01 - 00000000 ____D C:\WINDOWS\SysWOW64\winrm
2015-10-20 17:01 - 2015-10-20 17:01 - 00000000 ____D C:\WINDOWS\SysWOW64\WCN
2015-10-20 17:01 - 2015-10-20 17:01 - 00000000 ____D C:\WINDOWS\SysWOW64\slmgr
2015-10-20 17:01 - 2015-10-20 17:01 - 00000000 ____D C:\WINDOWS\SysWOW64\Printing_Admin_Scripts
2015-10-20 17:01 - 2015-10-20 17:01 - 00000000 ____D C:\WINDOWS\SysWOW64\de
2015-10-20 17:01 - 2015-10-20 17:01 - 00000000 ____D C:\WINDOWS\SysWOW64\0409
2015-10-20 17:01 - 2015-10-20 17:01 - 00000000 ____D C:\WINDOWS\system32\winrm
2015-10-20 17:01 - 2015-10-20 17:01 - 00000000 ____D C:\WINDOWS\system32\WCN
2015-10-20 17:01 - 2015-10-20 17:01 - 00000000 ____D C:\WINDOWS\system32\slmgr
2015-10-20 17:01 - 2015-10-20 17:01 - 00000000 ____D C:\WINDOWS\system32\Printing_Admin_Scripts
2015-10-20 17:01 - 2015-10-20 17:01 - 00000000 ____D C:\WINDOWS\system32\de
2015-10-20 09:19 - 2015-10-20 09:19 - 00028672 ___SH C:\WINDOWS\system32\config\BCD-Template.LOG
2015-10-20 08:33 - 2015-10-20 08:33 - 00000000 ____D C:\WINDOWS\Setup
2015-10-20 08:32 - 2015-10-30 15:48 - 00003949 _____ C:\WINDOWS\DtcInstall.log
2015-10-20 08:32 - 2015-10-20 08:26 - 00810488 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2015-10-20 08:32 - 2015-10-20 08:26 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2015-10-20 08:31 - 2015-11-01 07:18 - 00000000 ____D C:\WINDOWS\system32\sru
2015-10-20 08:31 - 2015-10-31 17:17 - 00000000 ____D C:\WINDOWS\AppReadiness
2015-10-20 08:31 - 2015-10-31 16:57 - 00000000 ____D C:\WINDOWS\SysWOW64\MUI
2015-10-20 08:31 - 2015-10-31 16:57 - 00000000 ____D C:\WINDOWS\system32\MUI
2015-10-20 08:31 - 2015-10-31 05:14 - 00000000 ____D C:\WINDOWS\system32\restore
2015-10-20 08:31 - 2015-10-31 05:11 - 00000000 ____D C:\WINDOWS\appcompat
2015-10-20 08:31 - 2015-10-30 16:12 - 00000000 ___RD C:\WINDOWS\PrintDialog
2015-10-20 08:31 - 2015-10-30 16:11 - 00000000 ___RD C:\WINDOWS\MiracastView
2015-10-20 08:31 - 2015-10-30 16:11 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2015-10-20 08:31 - 2015-10-30 16:09 - 00000000 ____D C:\WINDOWS\rescache
2015-10-20 08:31 - 2015-10-30 16:08 - 00000000 ____D C:\WINDOWS\Registration
2015-10-20 08:31 - 2015-10-30 16:08 - 00000000 ____D C:\Program Files\Windows NT
2015-10-20 08:31 - 2015-10-30 16:04 - 00000000 ____D C:\WINDOWS\system32\WinBioDatabase
2015-10-20 08:31 - 2015-10-30 16:00 - 00000000 __RSD C:\WINDOWS\Media
2015-10-20 08:31 - 2015-10-30 15:59 - 00000000 __RHD C:\Users\Public\Libraries
2015-10-20 08:31 - 2015-10-30 15:48 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
2015-10-20 08:31 - 2015-10-30 15:45 - 00000000 __RSD C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell
2015-10-20 08:31 - 2015-10-30 15:45 - 00000000 __RSD C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell
2015-10-20 08:31 - 2015-10-30 15:45 - 00000000 ___RD C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-10-20 08:31 - 2015-10-30 15:45 - 00000000 ___RD C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-10-20 08:31 - 2015-10-30 15:45 - 00000000 ___RD C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-10-20 08:31 - 2015-10-30 15:45 - 00000000 ___RD C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-10-20 08:31 - 2015-10-30 15:40 - 00000000 ___SD C:\WINDOWS\SysWOW64\F12
2015-10-20 08:31 - 2015-10-30 15:40 - 00000000 ____D C:\WINDOWS\SysWOW64\WindowsPowerShell
2015-10-20 08:31 - 2015-10-30 15:40 - 00000000 ____D C:\WINDOWS\SysWOW64\migwiz
2015-10-20 08:31 - 2015-10-30 15:40 - 00000000 ____D C:\WINDOWS\SysWOW64\IME
2015-10-20 08:31 - 2015-10-30 15:40 - 00000000 ____D C:\WINDOWS\SysWOW64\GroupPolicy
2015-10-20 08:31 - 2015-10-30 15:39 - 00000000 ___SD C:\WINDOWS\system32\F12
2015-10-20 08:31 - 2015-10-30 15:39 - 00000000 ___RD C:\WINDOWS\PurchaseDialog
2015-10-20 08:31 - 2015-10-30 15:39 - 00000000 ____D C:\WINDOWS\system32\WindowsPowerShell
2015-10-20 08:31 - 2015-10-30 15:39 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2015-10-20 08:31 - 2015-10-30 15:39 - 00000000 ____D C:\WINDOWS\system32\spool
2015-10-20 08:31 - 2015-10-30 15:39 - 00000000 ____D C:\WINDOWS\system32\oobe
2015-10-20 08:31 - 2015-10-30 15:39 - 00000000 ____D C:\WINDOWS\system32\NDF
2015-10-20 08:31 - 2015-10-30 15:39 - 00000000 ____D C:\WINDOWS\system32\IME
2015-10-20 08:31 - 2015-10-30 15:39 - 00000000 ____D C:\WINDOWS\System
2015-10-20 08:31 - 2015-10-30 15:39 - 00000000 ____D C:\WINDOWS\schemas
2015-10-20 08:31 - 2015-10-30 15:39 - 00000000 ____D C:\WINDOWS\PolicyDefinitions
2015-10-20 08:31 - 2015-10-30 15:39 - 00000000 ____D C:\WINDOWS\LiveKernelReports
2015-10-20 08:31 - 2015-10-30 15:39 - 00000000 ____D C:\WINDOWS\IME
2015-10-20 08:31 - 2015-10-30 15:38 - 00000000 ____D C:\WINDOWS\Cursors
2015-10-20 08:31 - 2015-10-30 15:38 - 00000000 ____D C:\ProgramData\USOPrivate
2015-10-20 08:31 - 2015-10-30 15:37 - 00000000 ____D C:\Program Files\Common Files\System
2015-10-20 08:31 - 2015-10-30 15:37 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2015-10-20 08:31 - 2015-10-30 15:36 - 00000000 ____D C:\WINDOWS\system32\Recovery
2015-10-20 08:31 - 2015-10-30 15:26 - 00000000 ____D C:\WINDOWS\Help
2015-10-20 08:31 - 2015-10-30 15:21 - 00028672 _____ C:\WINDOWS\system32\config\BCD-Template
2015-10-20 08:31 - 2015-10-30 15:10 - 00000000 ____D C:\WINDOWS\SysWOW64\inetsrv
2015-10-20 08:31 - 2015-10-30 15:10 - 00000000 ____D C:\WINDOWS\system32\inetsrv
2015-10-20 08:31 - 2015-10-20 17:06 - 00000000 ____D C:\WINDOWS\Web
2015-10-20 08:31 - 2015-10-20 17:01 - 00000000 ___SD C:\WINDOWS\SysWOW64\DiagSvcs
2015-10-20 08:31 - 2015-10-20 17:01 - 00000000 ___SD C:\WINDOWS\system32\dsc
2015-10-20 08:31 - 2015-10-20 17:01 - 00000000 ___SD C:\WINDOWS\system32\DiagSvcs
2015-10-20 08:31 - 2015-10-20 17:01 - 00000000 ____D C:\WINDOWS\SysWOW64\setup
2015-10-20 08:31 - 2015-10-20 17:01 - 00000000 ____D C:\WINDOWS\SysWOW64\oobe
2015-10-20 08:31 - 2015-10-20 17:01 - 00000000 ____D C:\WINDOWS\SysWOW64\Com
2015-10-20 08:31 - 2015-10-20 17:01 - 00000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2015-10-20 08:31 - 2015-10-20 17:01 - 00000000 ____D C:\WINDOWS\system32\setup
2015-10-20 08:31 - 2015-10-20 17:01 - 00000000 ____D C:\WINDOWS\system32\migwiz
2015-10-20 08:31 - 2015-10-20 17:01 - 00000000 ____D C:\WINDOWS\system32\Com
2015-10-20 08:31 - 2015-10-20 17:01 - 00000000 ____D C:\Program Files\Windows Photo Viewer
2015-10-20 08:31 - 2015-10-20 17:01 - 00000000 ____D C:\Program Files\Windows Defender
2015-10-20 08:31 - 2015-10-20 17:01 - 00000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2015-10-20 08:31 - 2015-10-20 17:01 - 00000000 ____D C:\Program Files (x86)\Windows Defender
2015-10-20 08:31 - 2015-10-20 08:31 - 00000000 __SHD C:\Program Files\Windows Sidebar
2015-10-20 08:31 - 2015-10-20 08:31 - 00000000 __SHD C:\Program Files (x86)\Windows Sidebar
2015-10-20 08:31 - 2015-10-20 08:31 - 00000000 ___SD C:\WINDOWS\SysWOW64\Nui
2015-10-20 08:31 - 2015-10-20 08:31 - 00000000 ___SD C:\WINDOWS\SysWOW64\Configuration
2015-10-20 08:31 - 2015-10-20 08:31 - 00000000 ___SD C:\WINDOWS\system32\Nui
2015-10-20 08:31 - 2015-10-20 08:31 - 00000000 ___SD C:\WINDOWS\system32\Configuration
2015-10-20 08:31 - 2015-10-20 08:31 - 00000000 ___SD C:\Program Files\WindowsPowerShell
2015-10-20 08:31 - 2015-10-20 08:31 - 00000000 ___SD C:\Program Files (x86)\WindowsPowerShell
2015-10-20 08:31 - 2015-10-20 08:31 - 00000000 ___RD C:\WINDOWS\Offline Web Pages
2015-10-20 08:31 - 2015-10-20 08:31 - 00000000 ___RD C:\WINDOWS\DesktopTileResources
2015-10-20 08:31 - 2015-10-20 08:31 - 00000000 ___RD C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2015-10-20 08:31 - 2015-10-20 08:31 - 00000000 ___RD C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2015-10-20 08:31 - 2015-10-20 08:31 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Tools
2015-10-20 08:31 - 2015-10-20 08:31 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessibility
2015-10-20 08:31 - 2015-10-20 08:31 - 00000000 ___HD C:\WINDOWS\ELAMBKUP
2015-10-20 08:31 - 2015-10-20 08:31 - 00000000 ____D C:\WINDOWS\Vss
2015-10-20 08:31 - 2015-10-20 08:31 - 00000000 ____D C:\WINDOWS\tracing
2015-10-20 08:31 - 2015-10-20 08:31 - 00000000 ____D C:\WINDOWS\TAPI
2015-10-20 08:31 - 2015-10-20 08:31 - 00000000 ____D C:\WINDOWS\SysWOW64\zh-HK
2015-10-20 08:31 - 2015-10-20 08:31 - 00000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2015-10-20 08:31 - 2015-10-20 08:31 - 00000000 ____D C:\WINDOWS\SysWOW64\uk-UA
2015-10-20 08:31 - 2015-10-20 08:31 - 00000000 ____D C:\WINDOWS\SysWOW64\tr-TR
2015-10-20 08:31 - 2015-10-20 08:31 - 00000000 ____D C:\WINDOWS\SysWOW64\th-TH
2015-10-20 08:31 - 2015-10-20 08:31 - 00000000 ____D C:\WINDOWS\SysWOW64\sru
2015-10-20 08:31 - 2015-10-20 08:31 - 00000000 ____D C:\WINDOWS\SysWOW64\sr-Latn-RS
2015-10-20 08:31 - 2015-10-20 08:31 - 00000000 ____D C:\WINDOWS\SysWOW64\sr-Latn-CS
2015-10-20 08:31 - 2015-10-20 08:31 - 00000000 ____D C:\WINDOWS\SysWOW64\sppui
2015-10-20 08:31 - 2015-10-20 08:31 - 00000000 ____D C:\WINDOWS\SysWOW64\spp
2015-10-20 08:31 - 2015-10-20 08:31 - 00000000 ____D C:\WINDOWS\SysWOW64\Speech_OneCore
2015-10-20 08:31 - 2015-10-20 08:31 - 00000000 ____D C:\WINDOWS\SysWOW64\Speech
2015-10-20 08:31 - 2015-10-20 08:31 - 00000000 ____D C:\WINDOWS\SysWOW64\SMI
2015-10-20 08:31 - 2015-10-20 08:31 - 00000000 ____D C:\WINDOWS\SysWOW64\sl-SI
2015-10-20 08:31 - 2015-10-20 08:31 - 00000000 ____D C:\WINDOWS\SysWOW64\sk-SK
2015-10-20 08:31 - 2015-10-20 08:31 - 00000000 ____D C:\WINDOWS\SysWOW64\ro-RO
2015-10-20 08:31 - 2015-10-20 08:31 - 00000000 ____D C:\WINDOWS\SysWOW64\restore
2015-10-20 08:31 - 2015-10-20 08:31 - 00000000 ____D C:\WINDOWS\SysWOW64\Recovery
2015-10-20 08:31 - 2015-10-20 08:31 - 00000000 ____D C:\WINDOWS\SysWOW64\RasToast
2015-10-20 08:31 - 2015-10-20 08:31 - 00000000 ____D C:\WINDOWS\SysWOW64\ras
2015-10-20 08:31 - 2015-10-20 08:31 - 00000000 ____D C:\WINDOWS\SysWOW64\networklist
2015-10-20 08:31 - 2015-10-20 08:31 - 00000000 ____D C:\WINDOWS\SysWOW64\NDF
2015-10-20 08:31 - 2015-10-20 08:31 - 00000000 ____D C:\WINDOWS\SysWOW64\MsDtc
2015-10-20 08:31 - 2015-10-20 08:31 - 00000000 ____D C:\WINDOWS\SysWOW64\MSDRM
2015-10-20 08:31 - 2015-10-20 08:31 - 00000000 ____D C:\WINDOWS\SysWOW64\MailContactsCalendarSync
2015-10-20 08:31 - 2015-10-20 08:31 - 00000000 ____D C:\WINDOWS\SysWOW64\Macromed
2015-10-20 08:31 - 2015-10-20 08:31 - 00000000 ____D C:\WINDOWS\SysWOW64\lv-LV
2015-10-20 08:31 - 2015-10-20 08:31 - 00000000 ____D C:\WINDOWS\SysWOW64\lt-LT
2015-10-20 08:31 - 2015-10-20 08:31 - 00000000 ____D C:\WINDOWS\SysWOW64\Licenses
2015-10-20 08:31 - 2015-10-20 08:31 - 00000000 ____D C:\WINDOWS\SysWOW64\Ipmi
2015-10-20 08:31 - 2015-10-20 08:31 - 00000000 ____D C:\WINDOWS\SysWOW64\InstallShield
2015-10-20 08:31 - 2015-10-20 08:31 - 00000000 ____D C:\WINDOWS\SysWOW64\InputMethod
2015-10-20 08:31 - 2015-10-20 08:31 - 00000000 ____D C:\WINDOWS\SysWOW64\icsxml
2015-10-20 08:31 - 2015-10-20 08:31 - 00000000 ____D C:\WINDOWS\SysWOW64\hr-HR
2015-10-20 08:31 - 2015-10-20 08:31 - 00000000 ____D C:\WINDOWS\SysWOW64\he-IL
2015-10-20 08:31 - 2015-10-20 08:31 - 00000000 ____D C:\WINDOWS\SysWOW64\FxsTmp
2015-10-20 08:31 - 2015-10-20 08:31 - 00000000 ____D C:\WINDOWS\SysWOW64\fr-CA
2015-10-20 08:31 - 2015-10-20 08:31 - 00000000 ____D C:\WINDOWS\SysWOW64\et-EE
2015-10-20 08:31 - 2015-10-20 08:31 - 00000000 ____D C:\WINDOWS\SysWOW64\es-MX
2015-10-20 08:31 - 2015-10-20 08:31 - 00000000 ____D C:\WINDOWS\SysWOW64\en-GB
2015-10-20 08:31 - 2015-10-20 08:31 - 00000000 ____D C:\WINDOWS\SysWOW64\Bthprops
2015-10-20 08:31 - 2015-10-20 08:31 - 00000000 ____D C:\WINDOWS\SysWOW64\bg-BG
2015-10-20 08:31 - 2015-10-20 08:31 - 00000000 ____D C:\WINDOWS\SysWOW64\ar-SA
2015-10-20 08:31 - 2015-10-20 08:31 - 00000000 ____D C:\WINDOWS\SysWOW64\AppLocker
2015-10-20 08:31 - 2015-10-20 08:31 - 00000000 ____D C:\WINDOWS\SystemResources
2015-10-20 08:31 - 2015-10-20 08:31 - 00000000 ____D C:\WINDOWS\system32\zh-HK
2015-10-20 08:31 - 2015-10-20 08:31 - 00000000 ____D C:\WINDOWS\system32\WinMetadata
2015-10-20 08:31 - 2015-10-20 08:31 - 00000000 ____D C:\WINDOWS\system32\winevt
2015-10-20 08:31 - 2015-10-20 08:31 - 00000000 ____D C:\WINDOWS\system32\uk-UA
2015-10-20 08:31 - 2015-10-20 08:31 - 00000000 ____D C:\WINDOWS\system32\tr-TR
2015-10-20 08:31 - 2015-10-20 08:31 - 00000000 ____D C:\WINDOWS\system32\th-TH
2015-10-20 08:31 - 2015-10-20 08:31 - 00000000 ____D C:\WINDOWS\system32\sr-Latn-RS
2015-10-20 08:31 - 2015-10-20 08:31 - 00000000 ____D C:\WINDOWS\system32\sr-Latn-CS
2015-10-20 08:31 - 2015-10-20 08:31 - 00000000 ____D C:\WINDOWS\system32\sppui
2015-10-20 08:31 - 2015-10-20 08:31 - 00000000 ____D C:\WINDOWS\system32\spp
2015-10-20 08:31 - 2015-10-20 08:31 - 00000000 ____D C:\WINDOWS\system32\Speech_OneCore
2015-10-20 08:31 - 2015-10-20 08:31 - 00000000 ____D C:\WINDOWS\system32\Speech
2015-10-20 08:31 - 2015-10-20 08:31 - 00000000 ____D C:\WINDOWS\system32\sl-SI
2015-10-20 08:31 - 2015-10-20 08:31 - 00000000 ____D C:\WINDOWS\system32\sk-SK
2015-10-20 08:31 - 2015-10-20 08:31 - 00000000 ____D C:\WINDOWS\system32\SecureBootUpdates
2015-10-20 08:31 - 2015-10-20 08:31 - 00000000 ____D C:\WINDOWS\system32\ro-RO
2015-10-20 08:31 - 2015-10-20 08:31 - 00000000 ____D C:\WINDOWS\system32\RasToast
2015-10-20 08:31 - 2015-10-20 08:31 - 00000000 ____D C:\WINDOWS\system32\ras
2015-10-20 08:31 - 2015-10-20 08:31 - 00000000 ____D C:\WINDOWS\system32\ProximityToast
2015-10-20 08:31 - 2015-10-20 08:31 - 00000000 ____D C:\WINDOWS\system32\PointOfService
2015-10-20 08:31 - 2015-10-20 08:31 - 00000000 ____D C:\WINDOWS\system32\networklist
2015-10-20 08:31 - 2015-10-20 08:31 - 00000000 ____D C:\WINDOWS\system32\MsDtc
2015-10-20 08:31 - 2015-10-20 08:31 - 00000000 ____D C:\WINDOWS\system32\MSDRM
2015-10-20 08:31 - 2015-10-20 08:31 - 00000000 ____D C:\WINDOWS\system32\MailContactsCalendarSync
2015-10-20 08:31 - 2015-10-20 08:31 - 00000000 ____D C:\WINDOWS\system32\Macromed
2015-10-20 08:31 - 2015-10-20 08:31 - 00000000 ____D C:\WINDOWS\system32\lv-LV
2015-10-20 08:31 - 2015-10-20 08:31 - 00000000 ____D C:\WINDOWS\system32\lt-LT
2015-10-20 08:31 - 2015-10-20 08:31 - 00000000 ____D C:\WINDOWS\system32\Licenses
2015-10-20 08:31 - 2015-10-20 08:31 - 00000000 ____D C:\WINDOWS\system32\Ipmi
2015-10-20 08:31 - 2015-10-20 08:31 - 00000000 ____D C:\WINDOWS\system32\InputMethod
2015-10-20 08:31 - 2015-10-20 08:31 - 00000000 ____D C:\WINDOWS\system32\icsxml
2015-10-20 08:31 - 2015-10-20 08:31 - 00000000 ____D C:\WINDOWS\system32\ias
2015-10-20 08:31 - 2015-10-20 08:31 - 00000000 ____D C:\WINDOWS\system32\hr-HR
2015-10-20 08:31 - 2015-10-20 08:31 - 00000000 ____D C:\WINDOWS\system32\he-IL
2015-10-20 08:31 - 2015-10-20 08:31 - 00000000 ____D C:\WINDOWS\system32\FxsTmp
2015-10-20 08:31 - 2015-10-20 08:31 - 00000000 ____D C:\WINDOWS\system32\fr-CA
2015-10-20 08:31 - 2015-10-20 08:31 - 00000000 ____D C:\WINDOWS\system32\et-EE
2015-10-20 08:31 - 2015-10-20 08:31 - 00000000 ____D C:\WINDOWS\system32\es-MX
2015-10-20 08:31 - 2015-10-20 08:31 - 00000000 ____D C:\WINDOWS\system32\en-GB
2015-10-20 08:31 - 2015-10-20 08:31 - 00000000 ____D C:\WINDOWS\system32\config\Journal
2015-10-20 08:31 - 2015-10-20 08:31 - 00000000 ____D C:\WINDOWS\system32\Bthprops
2015-10-20 08:31 - 2015-10-20 08:31 - 00000000 ____D C:\WINDOWS\system32\bg-BG
2015-10-20 08:31 - 2015-10-20 08:31 - 00000000 ____D C:\WINDOWS\system32\ar-SA
2015-10-20 08:31 - 2015-10-20 08:31 - 00000000 ____D C:\WINDOWS\system32\appraiser
2015-10-20 08:31 - 2015-10-20 08:31 - 00000000 ____D C:\WINDOWS\system32\AppLocker
2015-10-20 08:31 - 2015-10-20 08:31 - 00000000 ____D C:\WINDOWS\system\Speech
2015-10-20 08:31 - 2015-10-20 08:31 - 00000000 ____D C:\WINDOWS\Speech_OneCore
2015-10-20 08:31 - 2015-10-20 08:31 - 00000000 ____D C:\WINDOWS\Speech
2015-10-20 08:31 - 2015-10-20 08:31 - 00000000 ____D C:\WINDOWS\security
2015-10-20 08:31 - 2015-10-20 08:31 - 00000000 ____D C:\WINDOWS\SchCache
2015-10-20 08:31 - 2015-10-20 08:31 - 00000000 ____D C:\WINDOWS\Resources
2015-10-20 08:31 - 2015-10-20 08:31 - 00000000 ____D C:\WINDOWS\Provisioning
2015-10-20 08:31 - 2015-10-20 08:31 - 00000000 ____D C:\WINDOWS\PLA
2015-10-20 08:31 - 2015-10-20 08:31 - 00000000 ____D C:\WINDOWS\Performance
2015-10-20 08:31 - 2015-10-20 08:31 - 00000000 ____D C:\WINDOWS\L2Schemas
2015-10-20 08:31 - 2015-10-20 08:31 - 00000000 ____D C:\WINDOWS\InputMethod
2015-10-20 08:31 - 2015-10-20 08:31 - 00000000 ____D C:\WINDOWS\Globalization
2015-10-20 08:31 - 2015-10-20 08:31 - 00000000 ____D C:\WINDOWS\Branding
2015-10-20 08:31 - 2015-10-20 08:31 - 00000000 ____D C:\WINDOWS\bcastdvr
2015-10-20 08:31 - 2015-10-20 08:31 - 00000000 ____D C:\WINDOWS\addins
2015-10-20 08:31 - 2015-10-20 08:31 - 00000000 ____D C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2015-10-20 08:31 - 2015-10-20 08:31 - 00000000 ____D C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2015-10-20 08:31 - 2015-10-20 08:31 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maintenance
2015-10-20 08:31 - 2015-10-20 08:31 - 00000000 ____D C:\ProgramData\Comms
2015-10-20 08:31 - 2015-10-20 08:31 - 00000000 ____D C:\Program Files\Windows Portable Devices
2015-10-20 08:31 - 2015-10-20 08:31 - 00000000 ____D C:\Program Files\Windows Multimedia Platform
2015-10-20 08:31 - 2015-10-20 08:31 - 00000000 ____D C:\Program Files\Common Files\Services
2015-10-20 08:31 - 2015-10-20 08:31 - 00000000 ____D C:\Program Files (x86)\Windows Portable Devices
2015-10-20 08:31 - 2015-10-20 08:31 - 00000000 ____D C:\Program Files (x86)\Windows NT
2015-10-20 08:31 - 2015-10-20 08:31 - 00000000 ____D C:\Program Files (x86)\Windows Multimedia Platform
2015-10-20 08:31 - 2015-10-20 08:28 - 00230912 _____ (Microsoft Corporation) C:\WINDOWS\system32\msclmd.dll
2015-10-20 08:31 - 2015-10-20 08:28 - 00215943 _____ C:\WINDOWS\SysWOW64\dssec.dat
2015-10-20 08:31 - 2015-10-20 08:28 - 00215943 _____ C:\WINDOWS\system32\dssec.dat
2015-10-20 08:31 - 2015-10-20 08:28 - 00209408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msclmd.dll
2015-10-20 08:31 - 2015-10-20 08:28 - 00015462 _____ C:\WINDOWS\system32\OEMDefaultAssociations.xml
2015-10-20 08:31 - 2015-10-20 08:28 - 00008798 _____ C:\WINDOWS\SysWOW64\icrav03.rat
2015-10-20 08:31 - 2015-10-20 08:28 - 00008798 _____ C:\WINDOWS\system32\icrav03.rat
2015-10-20 08:31 - 2015-10-20 08:28 - 00003683 _____ C:\WINDOWS\system32\Drivers\etc\lmhosts.sam
2015-10-20 08:31 - 2015-10-20 08:28 - 00001988 _____ C:\WINDOWS\SysWOW64\ticrf.rat
2015-10-20 08:31 - 2015-10-20 08:28 - 00001988 _____ C:\WINDOWS\system32\ticrf.rat
2015-10-20 08:31 - 2015-10-20 08:28 - 00000858 _____ C:\WINDOWS\system32\DefaultQuestions.json
2015-10-20 08:31 - 2015-10-20 08:28 - 00000741 _____ C:\WINDOWS\SysWOW64\NOISE.DAT
2015-10-20 08:31 - 2015-10-20 08:28 - 00000741 _____ C:\WINDOWS\system32\NOISE.DAT
2015-10-20 08:26 - 2015-10-30 15:10 - 00635904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqsnap.dll
2015-10-20 08:26 - 2015-10-30 15:10 - 00266240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqoa.dll
2015-10-20 08:26 - 2015-10-30 15:10 - 00202240 _____ (Microsoft Corporation) C:\WINDOWS\system32\iisRtl.dll
2015-10-20 08:26 - 2015-10-30 15:10 - 00168960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iisRtl.dll
2015-10-20 08:26 - 2015-10-30 15:10 - 00161792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqrt.dll
2015-10-20 08:26 - 2015-10-30 15:10 - 00096768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqoa.tlb
2015-10-20 08:26 - 2015-10-30 15:10 - 00091136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqoa30.tlb
2015-10-20 08:26 - 2015-10-30 15:10 - 00056320 _____ (Microsoft Corporation) C:\WINDOWS\system32\admwprox.dll
2015-10-20 08:26 - 2015-10-30 15:10 - 00055808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqoa20.tlb
2015-10-20 08:26 - 2015-10-30 15:10 - 00053248 _____ (Microsoft Corporation) C:\WINDOWS\system32\ahadmin.dll
2015-10-20 08:26 - 2015-10-30 15:10 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\admwprox.dll
2015-10-20 08:26 - 2015-10-30 15:10 - 00037376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqoa10.tlb
2015-10-20 08:26 - 2015-10-30 15:10 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ahadmin.dll
2015-10-20 08:26 - 2015-10-30 15:10 - 00017408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iisreset.exe
2015-10-20 08:26 - 2015-10-30 15:10 - 00015360 _____ (Microsoft Corporation) C:\WINDOWS\system32\wamregps.dll
2015-10-20 08:26 - 2015-10-30 15:10 - 00014848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqcertui.dll
2015-10-20 08:26 - 2015-10-30 15:10 - 00011264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wamregps.dll
2015-10-20 08:26 - 2015-10-30 15:10 - 00010240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iisrstap.dll
2015-10-20 08:26 - 2015-10-30 15:10 - 00009096 _____ C:\WINDOWS\SysWOW64\msmqtrc.mof
2015-10-20 08:26 - 2015-10-30 15:09 - 00562176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqutil.dll
2015-10-20 08:26 - 2015-10-20 17:06 - 02535424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InkAnalysis.dll
2015-10-20 08:26 - 2015-10-20 17:06 - 01312256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SensorsCpl.dll
2015-10-20 08:26 - 2015-10-20 17:06 - 01312256 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsCpl.dll
2015-10-20 08:26 - 2015-10-20 17:06 - 00668672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Sensors.dll
2015-10-20 08:26 - 2015-10-20 17:06 - 00501760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Sensors.dll
2015-10-20 08:26 - 2015-10-20 17:06 - 00344064 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsApi.dll
2015-10-20 08:26 - 2015-10-20 17:06 - 00278016 _____ (Microsoft Corporation) C:\WINDOWS\system32\umrdp.dll
2015-10-20 08:26 - 2015-10-20 17:06 - 00274352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpendp.dll
2015-10-20 08:26 - 2015-10-20 17:06 - 00273920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SensorsApi.dll
2015-10-20 08:26 - 2015-10-20 17:06 - 00180224 _____ (Microsoft Corporation) C:\WINDOWS\system32\sensrsvc.dll
2015-10-20 08:26 - 2015-10-20 17:06 - 00172544 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdpdr.sys
2015-10-20 08:26 - 2015-10-20 17:06 - 00141312 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsClassExtension.dll
2015-10-20 08:26 - 2015-10-20 17:06 - 00047616 _____ (Microsoft Corporation) C:\WINDOWS\system32\dfdts.dll
2015-10-20 08:26 - 2015-10-20 17:06 - 00032768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rfxvmt.dll
2015-10-20 08:26 - 2015-10-20 17:06 - 00028160 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorPerformanceEvents.dll
2015-10-20 08:26 - 2015-10-20 17:06 - 00026624 _____ (Microsoft Corporation) C:\WINDOWS\system32\jnwmon.dll
2015-10-20 08:26 - 2015-10-20 17:06 - 00021504 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorCustomAdbAlgorithm.dll
2015-10-20 08:26 - 2015-10-20 08:26 - 28851352 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecsRaw.dll
2015-10-20 08:26 - 2015-10-20 08:26 - 28083280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecsRaw.dll
2015-10-20 08:26 - 2015-10-20 08:26 - 19359232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2015-10-20 08:26 - 2015-10-20 08:26 - 18646528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2015-10-20 08:26 - 2015-10-20 08:26 - 14225408 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll
2015-10-20 08:26 - 2015-10-20 08:26 - 12576768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll
2015-10-20 08:26 - 2015-10-20 08:26 - 12129280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2015-10-20 08:26 - 2015-10-20 08:26 - 09375232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmploc.DLL
2015-10-20 08:26 - 2015-10-20 08:26 - 09375232 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmploc.DLL
2015-10-20 08:26 - 2015-10-20 08:26 - 06964224 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2015-10-20 08:26 - 2015-10-20 08:26 - 05676032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2015-10-20 08:26 - 2015-10-20 08:26 - 05317120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2015-10-20 08:26 - 2015-10-20 08:26 - 04830896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rtmpltfm.dll
2015-10-20 08:26 - 2015-10-20 08:26 - 04646400 _____ (Microsoft Corporation) C:\WINDOWS\system32\xpsrchvw.exe
2015-10-20 08:26 - 2015-10-20 08:26 - 04238848 _____ (Microsoft) C:\WINDOWS\SysWOW64\GameUXLegacyGDFs.dll
2015-10-20 08:26 - 2015-10-20 08:26 - 04238848 _____ (Microsoft) C:\WINDOWS\system32\GameUXLegacyGDFs.dll
2015-10-20 08:26 - 2015-10-20 08:26 - 04170240 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIRibbon.dll
2015-10-20 08:26 - 2015-10-20 08:26 - 03750912 _____ (Microsoft Corporation) C:\WINDOWS\system32\bootux.dll
2015-10-20 08:26 - 2015-10-20 08:26 - 03652608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2015-10-20 08:26 - 2015-10-20 08:26 - 03573248 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsThresholdAdminFlowUI.dll
2015-10-20 08:26 - 2015-10-20 08:26 - 03555840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xpsrchvw.exe
2015-10-20 08:26 - 2015-10-20 08:26 - 03549184 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVidCtl.dll
2015-10-20 08:26 - 2015-10-20 08:26 - 03459584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIRibbon.dll
2015-10-20 08:26 - 2015-10-20 08:26 - 03416576 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncCenter.dll
2015-10-20 08:26 - 2015-10-20 08:26 - 03301376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SyncCenter.dll
2015-10-20 08:26 - 2015-10-20 08:26 - 02836992 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdp.dll
2015-10-20 08:26 - 2015-10-20 08:26 - 02756096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2015-10-20 08:26 - 2015-10-20 08:26 - 02731008 _____ (Microsoft Corporation) C:\WINDOWS\system32\gameux.dll
2015-10-20 08:26 - 2015-10-20 08:26 - 02578432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gameux.dll
2015-10-20 08:26 - 2015-10-20 08:26 - 02362880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVidCtl.dll
2015-10-20 08:26 - 2015-10-20 08:26 - 02352128 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2015-10-20 08:26 - 2015-10-20 08:26 - 02330592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMVCORE.DLL
2015-10-20 08:26 - 2015-10-20 08:26 - 02214912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Wpc.dll
2015-10-20 08:26 - 2015-10-20 08:26 - 02155520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll
2015-10-20 08:26 - 2015-10-20 08:26 - 02088960 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpdshext.dll
2015-10-20 08:26 - 2015-10-20 08:26 - 02049024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2015-10-20 08:26 - 2015-10-20 08:26 - 01976832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wpdshext.dll
2015-10-20 08:26 - 2015-10-20 08:26 - 01852928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cdp.dll
2015-10-20 08:26 - 2015-10-20 08:26 - 01732272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rtmcodecs.dll
2015-10-20 08:26 - 2015-10-20 08:26 - 01572864 _____ (Microsoft Corporation) C:\WINDOWS\system32\NlsData0000.dll
2015-10-20 08:26 - 2015-10-20 08:26 - 01570816 _____ (Microsoft Corporation) C:\WINDOWS\system32\wbengine.exe
2015-10-20 08:26 - 2015-10-20 08:26 - 01559040 _____ (Microsoft Corporation) C:\WINDOWS\system32\vssapi.dll
2015-10-20 08:26 - 2015-10-20 08:26 - 01522688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2015-10-20 08:26 - 2015-10-20 08:26 - 01517056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NlsData0000.dll
2015-10-20 08:26 - 2015-10-20 08:26 - 01432064 _____ (Microsoft Corporation) C:\WINDOWS\system32\DxpTaskSync.dll
2015-10-20 08:26 - 2015-10-20 08:26 - 01389568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Shell.dll
2015-10-20 08:26 - 2015-10-20 08:26 - 01389056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DxpTaskSync.dll
2015-10-20 08:26 - 2015-10-20 08:26 - 01226752 _____ (Microsoft Corporation) C:\WINDOWS\system32\sdclt.exe
2015-10-20 08:26 - 2015-10-20 08:26 - 01213440 _____ (Microsoft Corporation) C:\WINDOWS\system32\sdengin2.dll
2015-10-20 08:26 - 2015-10-20 08:26 - 01211392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Cred.dll
2015-10-20 08:26 - 2015-10-20 08:26 - 01186816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMNetMgr.dll
2015-10-20 08:26 - 2015-10-20 08:26 - 01163776 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscui.cpl
2015-10-20 08:26 - 2015-10-20 08:26 - 01139712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vssapi.dll
2015-10-20 08:26 - 2015-10-20 08:26 - 01138688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wscui.cpl
2015-10-20 08:26 - 2015-10-20 08:26 - 01129472 _____ (Microsoft Corporation) C:\WINDOWS\system32\NaturalLanguage6.dll
2015-10-20 08:26 - 2015-10-20 08:26 - 01084416 _____ (Microsoft Corporation) C:\WINDOWS\system32\sysmain.dll
2015-10-20 08:26 - 2015-10-20 08:26 - 01072128 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXService.dll
2015-10-20 08:26 - 2015-10-20 08:26 - 01054912 _____ (Microsoft Corporation) C:\WINDOWS\system32\drmv2clt.dll
2015-10-20 08:26 - 2015-10-20 08:26 - 01052672 _____ (Microsoft Corporation) C:\WINDOWS\system32\MsSpellCheckingFacility.dll
2015-10-20 08:26 - 2015-10-20 08:26 - 00993632 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvcr120_clr0400.dll
2015-10-20 08:26 - 2015-10-20 08:26 - 00992256 _____ (Microsoft Corporation) C:\WINDOWS\system32\sbe.dll
2015-10-20 08:26 - 2015-10-20 08:26 - 00987848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcr120_clr0400.dll
2015-10-20 08:26 - 2015-10-20 08:26 - 00950784 _____ (Microsoft Corporation) C:\WINDOWS\system32\WFS.exe
2015-10-20 08:26 - 2015-10-20 08:26 - 00926208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FXSRESM.dll
2015-10-20 08:26 - 2015-10-20 08:26 - 00926208 _____ (Microsoft Corporation) C:\WINDOWS\system32\FXSRESM.dll
2015-10-20 08:26 - 2015-10-20 08:26 - 00918016 _____ (Microsoft Corporation) C:\WINDOWS\system32\XpsFilt.dll
2015-10-20 08:26 - 2015-10-20 08:26 - 00901824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\drmv2clt.dll
2015-10-20 08:26 - 2015-10-20 08:26 - 00900608 _____ (Microsoft Corporation) C:\WINDOWS\system32\CPFilters.dll
2015-10-20 08:26 - 2015-10-20 08:26 - 00879616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WebcamUi.dll
2015-10-20 08:26 - 2015-10-20 08:26 - 00859648 _____ (Microsoft Corporation) C:\WINDOWS\system32\FXSST.dll
2015-10-20 08:26 - 2015-10-20 08:26 - 00851456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NaturalLanguage6.dll
2015-10-20 08:26 - 2015-10-20 08:26 - 00829616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rtmpal.dll
2015-10-20 08:26 - 2015-10-20 08:26 - 00805888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Bubbles.scr
2015-10-20 08:26 - 2015-10-20 08:26 - 00796672 _____ (Microsoft Corporation) C:\WINDOWS\system32\blackbox.dll
2015-10-20 08:26 - 2015-10-20 08:26 - 00792064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Bubbles.scr
2015-10-20 08:26 - 2015-10-20 08:26 - 00779264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sbe.dll
2015-10-20 08:26 - 2015-10-20 08:26 - 00777728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MsSpellCheckingFacility.dll
2015-10-20 08:26 - 2015-10-20 08:26 - 00764416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Cred.dll
2015-10-20 08:26 - 2015-10-20 08:26 - 00743936 _____ (Microsoft Corporation) C:\WINDOWS\system32\sdcpl.dll
2015-10-20 08:26 - 2015-10-20 08:26 - 00738816 _____ (Microsoft Corporation) C:\WINDOWS\system32\SmartCardSimulator.dll
2015-10-20 08:26 - 2015-10-20 08:26 - 00734208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\qedwipes.dll
2015-10-20 08:26 - 2015-10-20 08:26 - 00734208 _____ (Microsoft Corporation) C:\WINDOWS\system32\qedwipes.dll
2015-10-20 08:26 - 2015-10-20 08:26 - 00726528 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidcli.dll
2015-10-20 08:26 - 2015-10-20 08:26 - 00708608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CPFilters.dll
2015-10-20 08:26 - 2015-10-20 08:26 - 00704000 _____ (Microsoft Corporation) C:\WINDOWS\system32\elslad.dll
2015-10-20 08:26 - 2015-10-20 08:26 - 00690016 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvcp120_clr0400.dll
2015-10-20 08:26 - 2015-10-20 08:26 - 00686592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2015-10-20 08:26 - 2015-10-20 08:26 - 00678912 _____ (Microsoft Corporation) C:\WINDOWS\system32\qedit.dll
2015-10-20 08:26 - 2015-10-20 08:26 - 00677376 _____ (Microsoft Corporation) C:\WINDOWS\system32\wiaaut.dll
2015-10-20 08:26 - 2015-10-20 08:26 - 00670208 _____ (Microsoft Corporation) C:\WINDOWS\system32\WFSR.dll
2015-10-20 08:26 - 2015-10-20 08:26 - 00651776 _____ (Microsoft Corporation) C:\WINDOWS\system32\FXSSVC.exe
2015-10-20 08:26 - 2015-10-20 08:26 - 00649400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ortcengine.dll
2015-10-20 08:26 - 2015-10-20 08:26 - 00649216 _____ (Microsoft Corporation) C:\WINDOWS\system32\clusapi.dll
2015-10-20 08:26 - 2015-10-20 08:26 - 00647168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2015-10-20 08:26 - 2015-10-20 08:26 - 00641024 _____ (Microsoft Corporation) C:\WINDOWS\system32\wiaservc.dll
2015-10-20 08:26 - 2015-10-20 08:26 - 00640512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\blackbox.dll
2015-10-20 08:26 - 2015-10-20 08:26 - 00639488 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdbui.dll
2015-10-20 08:26 - 2015-10-20 08:26 - 00639488 _____ (Microsoft Corporation) C:\WINDOWS\system32\PortableDeviceApi.dll
2015-10-20 08:26 - 2015-10-20 08:26 - 00631296 _____ (Microsoft Corporation) C:\WINDOWS\system32\OobeFldr.dll
2015-10-20 08:26 - 2015-10-20 08:26 - 00629248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OobeFldr.dll
2015-10-20 08:26 - 2015-10-20 08:26 - 00627200 _____ (Microsoft Corporation) C:\WINDOWS\system32\FXSCOMEX.dll
2015-10-20 08:26 - 2015-10-20 08:26 - 00620544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XpsFilt.dll
2015-10-20 08:26 - 2015-10-20 08:26 - 00617984 _____ (Microsoft Corporation) C:\WINDOWS\system32\msra.exe
2015-10-20 08:26 - 2015-10-20 08:26 - 00611840 _____ (Microsoft Corporation) C:\WINDOWS\system32\psisdecd.dll
2015-10-20 08:26 - 2015-10-20 08:26 - 00610304 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmdrmsdk.dll
2015-10-20 08:26 - 2015-10-20 08:26 - 00592896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\elslad.dll
2015-10-20 08:26 - 2015-10-20 08:26 - 00588456 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmdrmdev.dll
2015-10-20 08:26 - 2015-10-20 08:26 - 00584704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIRibbonRes.dll
2015-10-20 08:26 - 2015-10-20 08:26 - 00584704 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIRibbonRes.dll
2015-10-20 08:26 - 2015-10-20 08:26 - 00583680 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhotoScreensaver.scr
2015-10-20 08:26 - 2015-10-20 08:26 - 00578048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wiaaut.dll
2015-10-20 08:26 - 2015-10-20 08:26 - 00577536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2015-10-20 08:26 - 2015-10-20 08:26 - 00573440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\qedit.dll
2015-10-20 08:26 - 2015-10-20 08:26 - 00570880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WpcWebFilter.dll
2015-10-20 08:26 - 2015-10-20 08:26 - 00565248 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActionCenterCPL.dll
2015-10-20 08:26 - 2015-10-20 08:26 - 00546816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActionCenterCPL.dll
2015-10-20 08:26 - 2015-10-20 08:26 - 00529408 _____ (Microsoft Corporation) C:\WINDOWS\system32\EncDec.dll
2015-10-20 08:26 - 2015-10-20 08:26 - 00527360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2015-10-20 08:26 - 2015-10-20 08:26 - 00525824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FXSCOMEX.dll
2015-10-20 08:26 - 2015-10-20 08:26 - 00521728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmdrmsdk.dll
2015-10-20 08:26 - 2015-10-20 08:26 - 00520704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PortableDeviceApi.dll
2015-10-20 08:26 - 2015-10-20 08:26 - 00515584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PhotoScreensaver.scr
2015-10-20 08:26 - 2015-10-20 08:26 - 00514048 _____ (Microsoft Corporation) C:\WINDOWS\system32\mpunits.dll
2015-10-20 08:26 - 2015-10-20 08:26 - 00510976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlidcli.dll
2015-10-20 08:26 - 2015-10-20 08:26 - 00503808 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppReadiness.dll
2015-10-20 08:26 - 2015-10-20 08:26 - 00499200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\psisdecd.dll
2015-10-20 08:26 - 2015-10-20 08:26 - 00497664 _____ (Microsoft Corporation) C:\WINDOWS\system32\WalletService.dll
2015-10-20 08:26 - 2015-10-20 08:26 - 00495984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmdrmdev.dll
2015-10-20 08:26 - 2015-10-20 08:26 - 00492544 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.UserAccountsHandlers.dll
2015-10-20 08:26 - 2015-10-20 08:26 - 00488960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\clusapi.dll
2015-10-20 08:26 - 2015-10-20 08:26 - 00484552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcp120_clr0400.dll
2015-10-20 08:26 - 2015-10-20 08:26 - 00479232 _____ (Microsoft Corporation) C:\WINDOWS\system32\DXP.dll
2015-10-20 08:26 - 2015-10-20 08:26 - 00478208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieui.dll
2015-10-20 08:26 - 2015-10-20 08:26 - 00473088 _____ (Microsoft Corporation) C:\WINDOWS\system32\srcore.dll
2015-10-20 08:26 - 2015-10-20 08:26 - 00472576 _____ (Microsoft Corporation) C:\WINDOWS\system32\DscCore.dll
2015-10-20 08:26 - 2015-10-20 08:26 - 00465920 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmdrmnet.dll
2015-10-20 08:26 - 2015-10-20 08:26 - 00465408 _____ (Microsoft Corporation) C:\WINDOWS\system32\wiashext.dll
2015-10-20 08:26 - 2015-10-20 08:26 - 00462848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetworkCollectionAgent.dll
2015-10-20 08:26 - 2015-10-20 08:26 - 00460800 _____ (Microsoft Corporation) C:\WINDOWS\system32\wiadefui.dll
2015-10-20 08:26 - 2015-10-20 08:26 - 00446464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wiashext.dll
2015-10-20 08:26 - 2015-10-20 08:26 - 00445952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EncDec.dll
2015-10-20 08:26 - 2015-10-20 08:26 - 00441344 _____ (Microsoft Corporation) C:\WINDOWS\system32\PortableDeviceStatus.dll
2015-10-20 08:26 - 2015-10-20 08:26 - 00434688 _____ (Microsoft Corporation) C:\WINDOWS\system32\msscp.dll
2015-10-20 08:26 - 2015-10-20 08:26 - 00433896 _____ (Microsoft Corporation) C:\WINDOWS\system32\MCEWMDRMNDBootstrap.dll
2015-10-20 08:26 - 2015-10-20 08:26 - 00430080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PortableDeviceStatus.dll
2015-10-20 08:26 - 2015-10-20 08:26 - 00430080 _____ (Microsoft Corporation) C:\WINDOWS\system32\mswmdm.dll
2015-10-20 08:26 - 2015-10-20 08:26 - 00429568 _____ (Microsoft Corporation) C:\WINDOWS\system32\FXSCOMPOSE.dll
2015-10-20 08:26 - 2015-10-20 08:26 - 00418304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wiadefui.dll
2015-10-20 08:26 - 2015-10-20 08:26 - 00417792 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncInfrastructure.dll
2015-10-20 08:26 - 2015-10-20 08:26 - 00415232 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.BioFeedback.dll
2015-10-20 08:26 - 2015-10-20 08:26 - 00412672 _____ (Microsoft Corporation) C:\WINDOWS\system32\FXSTIFF.dll
2015-10-20 08:26 - 2015-10-20 08:26 - 00411136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmdrmnet.dll
2015-10-20 08:26 - 2015-10-20 08:26 - 00406528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtmsft.dll
2015-10-20 08:26 - 2015-10-20 08:26 - 00399360 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncsi.dll
2015-10-20 08:26 - 2015-10-20 08:26 - 00389632 _____ (Microsoft Corporation) C:\WINDOWS\system32\tpmvsc.dll
2015-10-20 08:26 - 2015-10-20 08:26 - 00389032 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpps.dll
2015-10-20 08:26 - 2015-10-20 08:26 - 00382976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\provsvc.dll
2015-10-20 08:26 - 2015-10-20 08:26 - 00374144 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlows.exe
2015-10-20 08:26 - 2015-10-20 08:26 - 00371712 _____ (Microsoft Corporation) C:\WINDOWS\system32\nlasvc.dll
2015-10-20 08:26 - 2015-10-20 08:26 - 00368640 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack_win.dll
2015-10-20 08:26 - 2015-10-20 08:26 - 00367616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\P2PGraph.dll
2015-10-20 08:26 - 2015-10-20 08:26 - 00361984 _____ (Microsoft Corporation) C:\WINDOWS\system32\WPDSp.dll
2015-10-20 08:26 - 2015-10-20 08:26 - 00352256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msscp.dll
2015-10-20 08:26 - 2015-10-20 08:26 - 00350720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mswmdm.dll
2015-10-20 08:26 - 2015-10-20 08:26 - 00346624 _____ (Microsoft Corporation) C:\WINDOWS\system32\photowiz.dll
2015-10-20 08:26 - 2015-10-20 08:26 - 00346112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SyncInfrastructure.dll
2015-10-20 08:26 - 2015-10-20 08:26 - 00344064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\html.iec
2015-10-20 08:26 - 2015-10-20 08:26 - 00344064 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Picker.dll
2015-10-20 08:26 - 2015-10-20 08:26 - 00336384 _____ (Microsoft Corporation) C:\WINDOWS\system32\drmmgrtn.dll
2015-10-20 08:26 - 2015-10-20 08:26 - 00334848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2015-10-20 08:26 - 2015-10-20 08:26 - 00325120 _____ (Microsoft Corporation) C:\WINDOWS\system32\DaOtpCredentialProvider.dll
2015-10-20 08:26 - 2015-10-20 08:26 - 00321024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\srchadmin.dll
2015-10-20 08:26 - 2015-10-20 08:26 - 00316416 _____ (Microsoft Corporation) C:\WINDOWS\system32\sti.dll
2015-10-20 08:26 - 2015-10-20 08:26 - 00314368 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasppp.dll
2015-10-20 08:26 - 2015-10-20 08:26 - 00313344 _____ (Microsoft Corporation) C:\WINDOWS\system32\resutils.dll
2015-10-20 08:26 - 2015-10-20 08:26 - 00312552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MCEWMDRMNDBootstrap.dll
2015-10-20 08:26 - 2015-10-20 08:26 - 00311296 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActionCenter.dll
2015-10-20 08:26 - 2015-10-20 08:26 - 00309760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WPDSp.dll
2015-10-20 08:26 - 2015-10-20 08:26 - 00305664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
2015-10-20 08:26 - 2015-10-20 08:26 - 00305440 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpeffects.dll
2015-10-20 08:26 - 2015-10-20 08:26 - 00304128 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcl.dll
2015-10-20 08:26 - 2015-10-20 08:26 - 00301056 _____ (Microsoft Corporation) C:\WINDOWS\system32\Dxpserver.exe
2015-10-20 08:26 - 2015-10-20 08:26 - 00296448 _____ (Microsoft Corporation) C:\WINDOWS\system32\scansetting.dll
2015-10-20 08:26 - 2015-10-20 08:26 - 00294400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasppp.dll
2015-10-20 08:26 - 2015-10-20 08:26 - 00291840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\photowiz.dll
2015-10-20 08:26 - 2015-10-20 08:26 - 00287744 _____ (Microsoft Corporation) C:\WINDOWS\system32\wbadmin.exe
2015-10-20 08:26 - 2015-10-20 08:26 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\drmmgrtn.dll
2015-10-20 08:26 - 2015-10-20 08:26 - 00283648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.BioFeedback.dll
2015-10-20 08:26 - 2015-10-20 08:26 - 00283648 _____ (Microsoft Corporation) C:\WINDOWS\system32\FXSAPI.dll
2015-10-20 08:26 - 2015-10-20 08:26 - 00277504 _____ (Microsoft Corporation) C:\WINDOWS\system32\spp.dll
2015-10-20 08:26 - 2015-10-20 08:26 - 00276480 _____ (Microsoft Corporation) C:\WINDOWS\system32\ConsoleLogon.dll
2015-10-20 08:26 - 2015-10-20 08:26 - 00275456 _____ (Microsoft Corporation) C:\WINDOWS\system32\wisp.dll
2015-10-20 08:26 - 2015-10-20 08:26 - 00273920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DaOtpCredentialProvider.dll
2015-10-20 08:26 - 2015-10-20 08:26 - 00270336 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSNP.ax
2015-10-20 08:26 - 2015-10-20 08:26 - 00269824 _____ (Microsoft Corporation) C:\WINDOWS\system32\rstrui.exe
2015-10-20 08:26 - 2015-10-20 08:26 - 00269312 _____ (Microsoft Corporation) C:\WINDOWS\system32\InkEd.dll
2015-10-20 08:26 - 2015-10-20 08:26 - 00268800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2015-10-20 08:26 - 2015-10-20 08:26 - 00266240 _____ (Microsoft Corporation) C:\WINDOWS\system32\cewmdm.dll
2015-10-20 08:26 - 2015-10-20 08:26 - 00260096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Family.SyncEngine.dll
2015-10-20 08:26 - 2015-10-20 08:26 - 00258560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActionCenter.dll
2015-10-20 08:26 - 2015-10-20 08:26 - 00258048 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidcredprov.dll
2015-10-20 08:26 - 2015-10-20 08:26 - 00258048 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSWB7.dll
2015-10-20 08:26 - 2015-10-20 08:26 - 00256000 _____ (Microsoft Corporation) C:\WINDOWS\system32\DevicesFlowBroker.dll
2015-10-20 08:26 - 2015-10-20 08:26 - 00254976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Picker.dll
2015-10-20 08:26 - 2015-10-20 08:26 - 00254976 _____ (Microsoft Corporation) C:\WINDOWS\system32\FXST30.dll
2015-10-20 08:26 - 2015-10-20 08:26 - 00253440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\scansetting.dll
2015-10-20 08:26 - 2015-10-20 08:26 - 00253216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmpeffects.dll
2015-10-20 08:26 - 2015-10-20 08:26 - 00250368 _____ (Microsoft Corporation) C:\WINDOWS\system32\srrstr.dll
2015-10-20 08:26 - 2015-10-20 08:26 - 00250112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMASF.DLL
2015-10-20 08:26 - 2015-10-20 08:26 - 00248320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\resutils.dll
2015-10-20 08:26 - 2015-10-20 08:26 - 00248320 _____ (Microsoft Corporation) C:\WINDOWS\system32\elshyph.dll
2015-10-20 08:26 - 2015-10-20 08:26 - 00246784 _____ (Microsoft Corporation) C:\WINDOWS\system32\FXSCOVER.exe
2015-10-20 08:26 - 2015-10-20 08:26 - 00244224 _____ (Microsoft Corporation)
|
| Themen zu Versende Spammails , Telekomaccount wird verändert |
| .dll, administrator, adobe, bluestacks, defender, desktop, explorer, failed, firefox, fireie, helper, homepage, modul, mozilla, nvidia, onedrive, pdf, problem, prozesse, realtek, registry, scan, security, software, svchost.exe, system, usb, windows, windowsapps |
Baum-Darstellung