| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Direkt nach dem Start erscheint "Modul nicht gefunden".Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
03.12.2015, 11:54
| #1 |
 |  Direkt nach dem Start erscheint "Modul nicht gefunden". >Guten morgen zusammen, ich habe seit ein paar Tagen das Problem, dass mir nach dem Start der Hinweis "Modul nicht gefunden" angezeigt wird und ich auch nach einem Scan von Comodo nicht mehr weiss, was ich machen soll! Eigentlich arbeitet mein PC nach löschungen verschiedener Programme mittlerweile wieder ganz ordentlich, aber der Hinweis wird wahrscheinlich auf Reste eines Trojaners oder so hinweisen! (Weg damit) Hab hier im Forum auch vorher schon nach diesem Problem geschaut und hab dieses vorhin mit fabers recovery scan tool bearbeitet! Aber jetzt brauch ich dann wirklich Hilfe ich pack euch die ergebnisse mal direkt rein, vllt könnt ihr mir ja gleich helfen vielen dank schonmal im voraus Frst.txt - Editor FRST Logfile: Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:01-12-2015
durchgeführt von Andreas (Administrator) auf ANDREAS (03-12-2015 11:03:59)
Gestartet von C:\Users\Andreas\Downloads
Geladene Profile: Andreas (Verfügbare Profile: Andreas)
Platform: Windows 10 Home Version 1511 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: Edge)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(Comodo Security Solutions, Inc.) C:\Program Files (x86)\Common Files\COMODO\launcher_service.exe
(Softex Inc.) C:\Program Files\Hewlett-Packard\SimplePass\OmniServ.exe
(Intel Corporation) C:\Windows\System32\SET557A.tmp
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Andrea Electronics Corporation) C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
(Intel Corporation) C:\Windows\SysWOW64\SET4486.tmp
(Comodo Security Solutions, Inc.) C:\Program Files (x86)\Common Files\COMODO\GeekBuddyRSP.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Intel(R) Corporation) C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe
(Abengine) C:\Program Files (x86)\Fast-Search\acengine.exe
(Comodo) C:\Program Files (x86)\Comodo\Chromodo\chromodo_updater.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPWMISVC.exe
(DTools LIMITED) C:\ProgramData\9WMiniPro9\WMiniPro.exe
() C:\Program Files\CyberLink\Shared files\RichVideo64.exe
() C:\Program Files (x86)\ScreenSnapshotTool\1.1.0.10921\ScreenShotServ.exe
(WildTangent) C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\systemcore\mfemms.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe
(McAfee, Inc.) C:\Windows\System32\mfevtps.exe
(McAfee, Inc.) C:\Windows\System32\mfevtps.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\AMCore\mcshield.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\systemcore\mfefire.exe
(McAfee, Inc.) C:\Program Files\mcafee\msc\McAPExe.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\systemcore\mfefire.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\CSP\1.6.1180.0\McCSPServiceHost.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
() C:\Program Files (x86)\ScreenSnapshotTool\1.1.0.10921\ScreenSnapshot.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\platform\McUICnt.exe
(Nico Mak Computing) C:\Program Files (x86)\WinZip Malware Protector\WinZipMalwareProtector.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxTray.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
() C:\Program Files\Hewlett-Packard\SimplePass\opvapp.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Hewlett-Packard) C:\Program Files\Hewlett-Packard\SimplePass\ClientCore.exe
(Hewlett-Packard) C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBroker.exe
(Hewlett-Packard) C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBrokerDsktop.exe
(Space Sound Pro) C:\Program Files\SpaceSoundPro\SpaceSoundPro.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPMSGSVC.exe
(Comodo) C:\Program Files (x86)\Comodo\Chromodo\chromodo.exe
(Comodo) C:\Program Files (x86)\Comodo\Chromodo\chromodo.exe
(Comodo) C:\Program Files (x86)\Comodo\Chromodo\chromodo.exe
(Comodo) C:\Program Files (x86)\Comodo\Chromodo\chromodo.exe
(Comodo) C:\Program Files (x86)\Comodo\Chromodo\chromodo.exe
(Comodo) C:\Program Files (x86)\Comodo\Chromodo\chromodo.exe
(Comodo) C:\Program Files (x86)\Comodo\Chromodo\chromodo.exe
(Comodo) C:\Program Files (x86)\Comodo\Chromodo\chromodo.exe
(Comodo) C:\Program Files (x86)\Comodo\Chromodo\chromodo.exe
(Microsoft Corporation) C:\Windows\System32\CompatTelRunner.exe
(Microsoft Corporation) C:\Windows\System32\CompatTelRunner.exe
() C:\Program Files\WindowsApps\Microsoft.Messaging_1.11.19004.0_x86__8wekyb3d8bbwe\SkypeHost.exe
(Comodo) C:\Program Files (x86)\Comodo\Chromodo\chromodo.exe
==================== Registry (Nicht auf der Ausnahmeliste) ===========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7634288 2014-06-24] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1386712 2014-06-24] (Realtek Semiconductor)
HKLM\...\Run: [SimplePass] => C:\Program Files\Hewlett-Packard\SimplePass\ClientCore.exe [3962936 2014-03-28] (Hewlett-Packard)
HKLM\...\Run: [OPBHOBroker] => C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBroker.exe [415288 2014-03-28] (Hewlett-Packard)
HKLM\...\Run: [OPBHOBrokerDesktop] => C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBrokerDsktop.exe [415288 2014-03-28] (Hewlett-Packard)
HKLM\...\Run: [Sound+] => C:\Program Files\Sound+\Sound+.exe [4143616 2015-10-23] (Sound+)
HKLM\...\Run: [SpaceSoundPro] => C:\Program Files\SpaceSoundPro\SpaceSoundPro.exe [4203520 2015-08-03] (Space Sound Pro)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [3944136 2015-07-17] (Synaptics Incorporated)
HKLM-x32\...\Run: [HPMessageService] => C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPMSGSVC.exe [506680 2014-06-19] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [mpck_en_004090152] => "C:\Program Files (x86)\mpck_en_004090152\mpck_en_004090152.exe"
HKLM-x32\...\Run: [rec_en_77] => C:\Program Files (x86)\rec_en_77\rec_en_77.exe [4018392 2015-11-23] ()
HKLM-x32\...\Run: [gmsd_de_005010153] => [X]
HKLM-x32\...\Run: [gmsd_de_005010154] => [X]
HKLM-x32\...\Run: [gmsd_de_005010155] => C:\Program Files (x86)\gmsd_de_005010155\gmsd_de_005010155.exe [4336304 2015-11-23] ()
HKLM-x32\...\Run: [tvncontrol] => C:\Program Files (x86)\Common Files\COMODO\GeekBuddyRSP.exe [2327248 2015-01-30] (Comodo Security Solutions, Inc.)
HKLM-x32\...\Run: [gmsd_de_005010156] => C:\Program Files (x86)\gmsd_de_005010156\gmsd_de_005010156.exe [4338864 2015-11-24] ()
HKLM\...\Policies\Explorer: [NoFolderOptions] 0
HKLM\...\Policies\Explorer: [NoControlPanel] 0
HKU\S-1-5-21-1884890629-360092094-2303528047-1001\...\Run: [GoogleChromeAutoLaunch_46A172103AF55F16E10754CCD32BD34E] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [811848 2015-11-07] (Google Inc.)
HKU\S-1-5-21-1884890629-360092094-2303528047-1001\...\Run: [InetStat] => C:\Users\Andreas\AppData\Roaming\InetStat\inetstat.exe [840206 2015-11-24] ()
HKU\S-1-5-21-1884890629-360092094-2303528047-1001\...\RunOnce: [Uninstall C:\Users\Andreas\AppData\Local\Microsoft\OneDrive\17.3.5892.0626\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Andreas\AppData\Local\Microsoft\OneDrive\17.3.5892.0626\amd64"
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Start GeekBuddy.lnk [2015-11-28]
ShortcutTarget: Start GeekBuddy.lnk -> C:\Program Files\COMODO\GeekBuddy\launcher.exe (Comodo Security Solutions, Inc.)
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
Winsock: Catalog9-x64 01 C:\WINDOWS\system32\acengine64.dll [308136 2015-11-19] (Abengine)
Winsock: Catalog9-x64 02 C:\WINDOWS\system32\acengine64.dll [308136 2015-11-19] (Abengine)
Winsock: Catalog9-x64 03 C:\WINDOWS\system32\acengine64.dll [308136 2015-11-19] (Abengine)
Winsock: Catalog9-x64 04 C:\WINDOWS\system32\acengine64.dll [308136 2015-11-19] (Abengine)
Winsock: Catalog9-x64 05 C:\WINDOWS\system32\acengine64.dll [308136 2015-11-19] (Abengine)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{f202c746-f929-4b93-b5b8-ecb6ea4ea064}: [DhcpNameServer] 192.168.178.1
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.istartpageing.com/web/?type=ds&ts=1448708311&z=0c29afdb54b4bdd5daffad2g0z5z6bbm4e7b7c1g3g&from=cornl&uid=st500lt012-1dg142_s3pgkcj0&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.istartpageing.com/?type=hp&ts=1448708311&z=0c29afdb54b4bdd5daffad2g0z5z6bbm4e7b7c1g3g&from=cornl&uid=st500lt012-1dg142_s3pgkcj0
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.istartpageing.com/web/?type=ds&ts=1448708311&z=0c29afdb54b4bdd5daffad2g0z5z6bbm4e7b7c1g3g&from=cornl&uid=st500lt012-1dg142_s3pgkcj0&q={searchTerms}
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,First Home Page = hxxp://g.uk.msn.com/HPNOT14/4
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/HPNOT14/4
HKU\S-1-5-21-1884890629-360092094-2303528047-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://de.hao123.com/?tn=sdks_inner_hp_01_hao123_de&guid=2bd6920bddaba7dd82be3ebd89f18f0a
HKU\S-1-5-21-1884890629-360092094-2303528047-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.istartpageing.com/?type=hp&ts=1448708311&z=0c29afdb54b4bdd5daffad2g0z5z6bbm4e7b7c1g3g&from=cornl&uid=st500lt012-1dg142_s3pgkcj0
SearchScopes: HKLM -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.istartpageing.com/web/?type=ds&ts=1448708311&z=0c29afdb54b4bdd5daffad2g0z5z6bbm4e7b7c1g3g&from=cornl&uid=st500lt012-1dg142_s3pgkcj0&q={searchTerms}
SearchScopes: HKLM -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.istartpageing.com/web/?type=ds&ts=1448708311&z=0c29afdb54b4bdd5daffad2g0z5z6bbm4e7b7c1g3g&from=cornl&uid=st500lt012-1dg142_s3pgkcj0&q={searchTerms}
SearchScopes: HKLM-x32 -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.istartpageing.com/web/?type=ds&ts=1448708311&z=0c29afdb54b4bdd5daffad2g0z5z6bbm4e7b7c1g3g&from=cornl&uid=st500lt012-1dg142_s3pgkcj0&q={searchTerms}
SearchScopes: HKLM-x32 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.istartpageing.com/web/?type=ds&ts=1448708311&z=0c29afdb54b4bdd5daffad2g0z5z6bbm4e7b7c1g3g&from=cornl&uid=st500lt012-1dg142_s3pgkcj0&q={searchTerms}
SearchScopes: HKLM-x32 -> {60495DA5-575C-451E-990C-FCC7EFB8778B} URL = hxxp://www.amazon.de/s/ref=azs_osd_ieade?ie=UTF-8&tag=hp-de2-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKU\S-1-5-21-1884890629-360092094-2303528047-1001 -> {02E9C7D7-ED67-4E53-9ABE-4FD4AC094231} URL = hxxp://www-searching.com/s.ashx?prd=opensearch&q={searchTerms}&s=FBMzftpbl2,c9254ac0-9cf9-45ad-8455-626ac6d01873,
SearchScopes: HKU\S-1-5-21-1884890629-360092094-2303528047-1001 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.istartpageing.com/web/?type=ds&ts=1448708311&z=0c29afdb54b4bdd5daffad2g0z5z6bbm4e7b7c1g3g&from=cornl&uid=st500lt012-1dg142_s3pgkcj0&q={searchTerms}
SearchScopes: HKU\S-1-5-21-1884890629-360092094-2303528047-1001 -> {60495DA5-575C-451E-990C-FCC7EFB8778B} URL = hxxp://www.amazon.de/s/ref=azs_osd_ieade?ie=UTF-8&tag=hp-de2-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2013-08-28] (Hewlett-Packard)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2013-08-28] (Hewlett-Packard)
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\mcafee\msc\McSnIePl64.dll [2015-09-28] (McAfee, Inc.)
Filter-x32: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files (x86)\McAfee\msc\McSnIePl.dll [2015-09-28] (McAfee, Inc.)
FireFox:
========
FF Plugin: @mcafee.com/MSC,version=10 -> c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL [2015-09-28] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\windows\SysWOW64\Adobe\Director\np32dsw_1204144.dll [2013-09-05] (Adobe Systems, Inc.)
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2014-05-13] ()
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2014-05-13] ()
FF Plugin-x32: @mcafee.com/MSC,version=10 -> c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL [2015-09-28] ()
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-11-20] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-11-20] (Google Inc.)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll [2013-08-06] ()
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK
FF Extension: McAfee Anti-Spam Thunderbird Extension - C:\Program Files\McAfee\MSK [2015-11-23] [ist nicht signiert]
Chrome:
=======
CHR HomePage: Default -> hxxp://www.sweet-page.com/?type=hp&ts=1448810962&z=ca2c397948453f8734d181agez0z9bbbcg8e8t1w5t&from=cornl&uid=ST500LT012-1DG142_S3PGKCJ0
CHR StartupUrls: Default -> "hxxp://www.sweet-page.com/?type=hp&ts=1448810962&z=ca2c397948453f8734d181agez0z9bbbcg8e8t1w5t&from=cornl&uid=ST500LT012-1DG142_S3PGKCJ0"
CHR DefaultSearchURL: Default -> hxxp://www.sweet-page.com/web/?type=ds&ts=1448810962&z=ca2c397948453f8734d181agez0z9bbbcg8e8t1w5t&from=cornl&uid=ST500LT012-1DG142_S3PGKCJ0&q={searchTerms}
CHR DefaultSearchKeyword: Default -> sweet-page
CHR Profile: C:\Users\Andreas\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\Andreas\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-11-20]
CHR Extension: (Google Docs) - C:\Users\Andreas\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-11-20]
CHR Extension: (Google Drive) - C:\Users\Andreas\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-11-20]
CHR Extension: (YouTube) - C:\Users\Andreas\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-11-20]
CHR Extension: (Google Search) - C:\Users\Andreas\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-11-20]
CHR Extension: (Google Sheets) - C:\Users\Andreas\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-11-20]
CHR Extension: (Google Docs Offline) - C:\Users\Andreas\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-11-20]
CHR Extension: (Background for LinkedIn) - C:\Users\Andreas\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmamnhfbiackmckkaopokinkpmccdnki [2015-11-20]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Andreas\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-11-20]
CHR Extension: (Gmail) - C:\Users\Andreas\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-11-20]
==================== Dienste (Nicht auf der Ausnahmeliste) ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R2 acengine; C:\Program Files (x86)\Fast-Search\acengine.exe [2436152 2015-11-19] (Abengine) [Datei ist nicht signiert]
R2 ChromodoUpdater; C:\Program Files (x86)\Comodo\Chromodo\chromodo_updater.exe [1984696 2015-11-13] (Comodo)
R2 CLPSLauncher; C:\Program Files (x86)\Common Files\COMODO\launcher_service.exe [70872 2015-03-05] (Comodo Security Solutions, Inc.)
R2 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [227904 2014-04-24] (WildTangent)
R2 GeekBuddyRSP; C:\Program Files (x86)\Common Files\COMODO\GeekBuddyRSP.exe [2327248 2015-01-30] (Comodo Security Solutions, Inc.)
R2 HomeNetSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [368584 2015-09-01] (McAfee, Inc.)
R2 HP Support Assistant Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [92160 2014-06-03] (Hewlett-Packard Company) [Datei ist nicht signiert]
R2 HPWMISVC; C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPWMISVC.exe [475960 2014-06-19] (Hewlett-Packard Development Company, L.P.)
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [330136 2015-08-27] (Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe [733696 2013-07-01] (Intel(R) Corporation) [Datei ist nicht signiert]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\TXE Components\TCS\SocketHeciServer.exe [822232 2013-07-01] (Intel(R) Corporation)
R2 McAPExe; C:\Program Files\McAfee\MSC\McAPExe.exe [783120 2015-09-28] (McAfee, Inc.)
S3 McAWFwk; C:\Program Files\Common Files\mcafee\ActWiz\McAWFwk.exe [334608 2013-07-29] (McAfee, Inc.)
R2 mccspsvc; C:\Program Files\Common Files\McAfee\CSP\1.6.1180.0\McCSPServiceHost.exe [1694152 2015-09-01] (McAfee, Inc.)
R2 McMPFSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [368584 2015-09-01] (McAfee, Inc.)
R2 McNaiAnn; C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe [368584 2015-09-01] (McAfee, Inc.)
S3 McODS; C:\Program Files\mcafee\VirusScan\mcods.exe [639456 2015-08-11] (McAfee, Inc.)
S4 McOobeSv2; C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe [368584 2015-09-01] (McAfee, Inc.)
R2 mcpltsvc; C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe [368584 2015-09-01] (McAfee, Inc.)
R2 McProxy; C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe [368584 2015-09-01] (McAfee, Inc.)
R3 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [232656 2015-07-31] (McAfee, Inc.)
R2 mfemms; C:\Program Files\Common Files\McAfee\SystemCore\\mfemms.exe [376264 2015-08-10] (McAfee, Inc.)
R2 mfevtp; C:\Windows\system32\mfevtps.exe [254792 2015-07-31] (McAfee, Inc.)
R2 MSK80Service; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [368584 2015-09-01] (McAfee, Inc.)
R2 omniserv; C:\Program Files\Hewlett-Packard\SimplePass\OmniServ.exe [88064 2014-03-28] (Softex Inc.) [Datei ist nicht signiert]
R2 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [389896 2014-04-14] ()
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [290520 2014-06-24] (Realtek Semiconductor)
S2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [246472 2015-07-17] (Synaptics Incorporated)
R2 TheScreenSnapshotService; C:\Program Files (x86)\ScreenSnapshotTool\1.1.0.10921\ScreenShotServ.exe [152016 2015-09-17] ()
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [364464 2015-10-30] (Microsoft Corporation)
R2 WdsManPro; C:\ProgramData\9WMiniPro9\WMiniPro.exe [309384 2015-11-29] (DTools LIMITED)
S2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-10-30] (Microsoft Corporation)
===================== Treiber (Nicht auf der Ausnahmeliste) ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [245248 2015-10-30] (Microsoft Corporation)
R1 CFRMD; C:\Windows\System32\DRIVERS\CFRMD.sys [40224 2014-06-26] (Windows (R) Win 7 DDK provider)
R3 cfwids; C:\Windows\System32\drivers\cfwids.sys [80768 2015-08-10] (McAfee, Inc.)
R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [91912 2013-11-12] (CyberLink)
R3 GPIO; C:\Windows\System32\drivers\iaiogpioe.sys [31232 2013-11-11] (Intel Corporation)
S3 HipShieldK; C:\Windows\System32\drivers\HipShieldK.sys [207208 2015-05-19] (McAfee, Inc.)
R0 MBI; C:\Windows\System32\drivers\MBI.sys [29464 2014-01-23] (Intel Corporation)
R3 mfeaack; C:\Windows\System32\drivers\mfeaack.sys [413432 2015-08-10] (McAfee, Inc.)
R3 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [349096 2015-08-10] (McAfee, Inc.)
S0 mfeelamk; C:\Windows\System32\drivers\mfeelamk.sys [82072 2015-08-10] (McAfee, Inc.)
S3 mfefirek; C:\Windows\System32\drivers\mfefirek.sys [495856 2015-08-10] (McAfee, Inc.)
U3 mfefirek01; kein ImagePath
U3 mfefirek02; kein ImagePath
R0 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [839376 2015-08-10] (McAfee, Inc.)
R3 mfencbdc; C:\Windows\System32\DRIVERS\mfencbdc.sys [537408 2015-08-12] (McAfee, Inc.)
S3 mfencrk; C:\Windows\System32\DRIVERS\mfencrk.sys [111256 2015-08-12] (McAfee, Inc.)
R0 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [244024 2015-08-10] (McAfee, Inc.)
R3 RSP2STOR; C:\Windows\system32\DRIVERS\RtsP2Stor.sys [310528 2015-06-05] (Realtek Semiconductor Corp.)
R3 RtkBtFilter; C:\Windows\system32\DRIVERS\RtkBtfilter.sys [624424 2015-10-30] (Realtek Semiconductor Corporation)
R3 RTWlanE; C:\Windows\system32\DRIVERS\rtwlane.sys [4629744 2015-08-28] (Realtek Semiconductor Corporation )
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [42696 2015-07-17] (Synaptics Incorporated)
R3 TXEIx64; C:\Windows\System32\drivers\TXEIx64.sys [88592 2014-01-15] (Intel Corporation)
S0 WdBoot; C:\Windows\System32\drivers\WdBoot.sys [44568 2015-10-30] (Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [293216 2015-10-30] (Microsoft Corporation)
R3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [118112 2015-10-30] (Microsoft Corporation)
R3 WirelessButtonDriver; C:\Windows\System32\drivers\WirelessButtonDriver64.sys [20800 2013-07-22] (Hewlett-Packard Development Company, L.P.)
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat: Erstellte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2015-12-03 11:03 - 2015-12-03 11:05 - 00023861 _____ C:\Users\Andreas\Downloads\FRST.txt
2015-12-03 11:03 - 2015-12-03 11:03 - 00000000 ____D C:\FRST
2015-12-03 11:01 - 2015-12-03 11:02 - 02350080 _____ (Farbar) C:\Users\Andreas\Downloads\FRST64.exe
2015-12-03 10:58 - 2015-12-03 10:59 - 01721344 _____ (Farbar) C:\Users\Andreas\Downloads\FRST.exe
2015-12-03 10:42 - 2015-12-03 10:42 - 00000000 ___HD C:\OneDriveTemp
2015-12-03 10:41 - 2015-12-03 10:41 - 00000000 ____D C:\WINDOWS\LastGood
2015-12-02 18:32 - 2015-12-02 18:32 - 00000000 ____D C:\Users\Andreas\AppData\Local\NetworkTiles
2015-12-02 16:39 - 2015-12-02 16:41 - 00002405 _____ C:\Users\Andreas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2015-12-02 16:27 - 2015-12-02 16:27 - 00000000 ____D C:\Users\Andreas\AppData\Local\Publishers
2015-12-02 16:20 - 2015-12-02 16:20 - 00000000 ____D C:\ProgramData\Microsoft OneDrive
2015-12-02 16:15 - 2015-12-02 16:15 - 00000000 ____D C:\Users\Andreas\AppData\Local\Comms
2015-12-02 16:12 - 2015-12-02 16:12 - 00000000 ____D C:\Users\Andreas\AppData\Local\ActiveSync
2015-12-02 16:11 - 2015-12-03 10:41 - 00000000 __SHD C:\Users\Andreas\IntelGraphicsProfiles
2015-12-02 16:11 - 2015-12-02 16:11 - 00000000 ____D C:\Users\Andreas\AppData\Local\TileDataLayer
2015-12-02 16:10 - 2015-12-03 10:41 - 00000451 _____ C:\WINDOWS\system32\{F33C3B9B-72AF-418A-B3FD-560646F7CDA2}.bat
2015-12-02 16:10 - 2015-12-02 16:10 - 00000020 ___SH C:\Users\Andreas\ntuser.ini
2015-12-02 16:09 - 2015-12-02 16:09 - 00000000 ____D C:\ProgramData\USOShared
2015-12-02 12:55 - 2015-12-02 12:55 - 00000000 _SHDL C:\Users\Default\Vorlagen
2015-12-02 12:55 - 2015-12-02 12:55 - 00000000 _SHDL C:\Users\Default\Startmenü
2015-12-02 12:55 - 2015-12-02 12:55 - 00000000 _SHDL C:\Users\Default\Netzwerkumgebung
2015-12-02 12:55 - 2015-12-02 12:55 - 00000000 _SHDL C:\Users\Default\Lokale Einstellungen
2015-12-02 12:55 - 2015-12-02 12:55 - 00000000 _SHDL C:\Users\Default\Eigene Dateien
2015-12-02 12:55 - 2015-12-02 12:55 - 00000000 _SHDL C:\Users\Default\Druckumgebung
2015-12-02 12:55 - 2015-12-02 12:55 - 00000000 _SHDL C:\Users\Default\Documents\Eigene Videos
2015-12-02 12:55 - 2015-12-02 12:55 - 00000000 _SHDL C:\Users\Default\Documents\Eigene Musik
2015-12-02 12:55 - 2015-12-02 12:55 - 00000000 _SHDL C:\Users\Default\Documents\Eigene Bilder
2015-12-02 12:55 - 2015-12-02 12:55 - 00000000 _SHDL C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2015-12-02 12:55 - 2015-12-02 12:55 - 00000000 _SHDL C:\Users\Default\AppData\Local\Verlauf
2015-12-02 12:55 - 2015-12-02 12:55 - 00000000 _SHDL C:\Users\Default\AppData\Local\Anwendungsdaten
2015-12-02 12:55 - 2015-12-02 12:55 - 00000000 _SHDL C:\Users\Default\Anwendungsdaten
2015-12-02 12:55 - 2015-12-02 12:55 - 00000000 _SHDL C:\Users\Default User\Documents\Eigene Videos
2015-12-02 12:55 - 2015-12-02 12:55 - 00000000 _SHDL C:\Users\Default User\Documents\Eigene Musik
2015-12-02 12:55 - 2015-12-02 12:55 - 00000000 _SHDL C:\Users\Default User\Documents\Eigene Bilder
2015-12-02 12:55 - 2015-12-02 12:55 - 00000000 _SHDL C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2015-12-02 12:55 - 2015-12-02 12:55 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Verlauf
2015-12-02 12:55 - 2015-12-02 12:55 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Anwendungsdaten
2015-12-02 12:52 - 2015-12-02 12:52 - 00022960 _____ C:\WINDOWS\system32\emptyregdb.dat
2015-12-02 12:51 - 2015-12-02 12:51 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2015-12-02 12:38 - 2015-12-02 12:38 - 00000000 ____D C:\Users\Public\Documents\Baidu
2015-12-02 12:34 - 2015-12-02 12:34 - 00000000 ____D C:\Users\Default\Documents\hp.system.package.metadata
2015-12-02 12:34 - 2015-12-02 12:34 - 00000000 ____D C:\Users\Default\Documents\hp.applications.package.appdata
2015-12-02 12:34 - 2015-12-02 12:34 - 00000000 ____D C:\Users\Default User\Documents\hp.system.package.metadata
2015-12-02 12:34 - 2015-12-02 12:34 - 00000000 ____D C:\Users\Default User\Documents\hp.applications.package.appdata
2015-12-02 12:33 - 2015-12-02 12:33 - 00001519 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2015-12-02 12:28 - 2015-12-02 12:28 - 00000000 ____D C:\WINDOWS\system32\config\bbimigrate
2015-12-02 12:26 - 2015-12-02 16:11 - 00000000 ____D C:\Users\Andreas
2015-12-02 12:26 - 2015-12-02 12:26 - 00000000 _SHDL C:\Users\Andreas\Vorlagen
2015-12-02 12:26 - 2015-12-02 12:26 - 00000000 _SHDL C:\Users\Andreas\Startmenü
2015-12-02 12:26 - 2015-12-02 12:26 - 00000000 _SHDL C:\Users\Andreas\Netzwerkumgebung
2015-12-02 12:26 - 2015-12-02 12:26 - 00000000 _SHDL C:\Users\Andreas\Lokale Einstellungen
2015-12-02 12:26 - 2015-12-02 12:26 - 00000000 _SHDL C:\Users\Andreas\Eigene Dateien
2015-12-02 12:26 - 2015-12-02 12:26 - 00000000 _SHDL C:\Users\Andreas\Druckumgebung
2015-12-02 12:26 - 2015-12-02 12:26 - 00000000 _SHDL C:\Users\Andreas\Documents\Eigene Videos
2015-12-02 12:26 - 2015-12-02 12:26 - 00000000 _SHDL C:\Users\Andreas\Documents\Eigene Musik
2015-12-02 12:26 - 2015-12-02 12:26 - 00000000 _SHDL C:\Users\Andreas\Documents\Eigene Bilder
2015-12-02 12:26 - 2015-12-02 12:26 - 00000000 _SHDL C:\Users\Andreas\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2015-12-02 12:26 - 2015-12-02 12:26 - 00000000 _SHDL C:\Users\Andreas\AppData\Local\Verlauf
2015-12-02 12:26 - 2015-12-02 12:26 - 00000000 _SHDL C:\Users\Andreas\AppData\Local\Anwendungsdaten
2015-12-02 12:26 - 2015-12-02 12:26 - 00000000 _SHDL C:\Users\Andreas\Anwendungsdaten
2015-12-02 12:25 - 2015-12-02 16:28 - 02003182 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2015-12-02 12:25 - 2015-12-02 12:25 - 01909068 _____ C:\WINDOWS\SysWOW64\PerfStringBackup.INI
2015-12-02 12:22 - 2015-12-02 12:22 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_SynTP_01011.Wdf
2015-12-02 12:21 - 2015-12-02 12:36 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Music, Photos and Videos
2015-12-02 12:21 - 2015-12-02 12:28 - 00000000 ____D C:\Program Files\Intel
2015-12-02 12:21 - 2015-12-02 12:21 - 00000000 ____D C:\WINDOWS\SysWOW64\sda
2015-12-02 12:21 - 2015-12-02 12:21 - 00000000 ____D C:\WINDOWS\SysWOW64\RTCOM
2015-12-02 12:21 - 2015-12-02 12:21 - 00000000 ____D C:\WINDOWS\system32\SRSLabs
2015-12-02 12:21 - 2015-12-02 12:21 - 00000000 ____D C:\Program Files\Realtek
2015-12-02 12:21 - 2015-08-27 18:20 - 00072704 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.DLL
2015-12-02 12:21 - 2015-08-27 18:20 - 00069120 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.DLL
2015-12-02 12:20 - 2015-12-02 12:20 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_Smb_driver_Intel_01011.Wdf
2015-12-02 12:20 - 2015-12-02 12:20 - 00000000 ____D C:\Program Files\Synaptics
2015-12-02 12:18 - 2015-10-30 08:17 - 02718208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2015-12-02 12:15 - 2015-12-02 12:37 - 00279280 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2015-12-02 12:13 - 2015-12-02 16:10 - 00000000 ___DC C:\WINDOWS\Panther
2015-12-02 12:07 - 2015-12-02 12:07 - 00000000 ____D C:\Windows.old
2015-12-02 12:06 - 2015-12-02 12:06 - 24603136 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2015-12-02 12:06 - 2015-12-02 12:06 - 22572632 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2015-12-02 12:06 - 2015-12-02 12:06 - 22394880 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2015-12-02 12:06 - 2015-12-02 12:06 - 21125408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2015-12-02 12:06 - 2015-12-02 12:06 - 19339776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2015-12-02 12:06 - 2015-12-02 12:06 - 18677760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2015-12-02 12:06 - 2015-12-02 12:06 - 16984064 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2015-12-02 12:06 - 2015-12-02 12:06 - 13376512 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2015-12-02 12:06 - 2015-12-02 12:06 - 13017088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2015-12-02 12:06 - 2015-12-02 12:06 - 12120064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2015-12-02 12:06 - 2015-12-02 12:06 - 11545088 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2015-12-02 12:06 - 2015-12-02 12:06 - 09918976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2015-12-02 12:06 - 2015-12-02 12:06 - 07476576 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2015-12-02 12:06 - 2015-12-02 12:06 - 03670832 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2015-12-02 12:06 - 2015-12-02 12:06 - 03592704 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2015-12-02 12:06 - 2015-12-02 12:06 - 02918808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2015-12-02 12:06 - 2015-12-02 12:06 - 02756096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2015-12-02 12:06 - 2015-12-02 12:06 - 02756096 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2015-12-02 12:06 - 2015-12-02 12:06 - 02587136 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2015-12-02 12:06 - 2015-12-02 12:06 - 02544264 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2015-12-02 12:06 - 2015-12-02 12:06 - 02444288 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.appcore.dll
2015-12-02 12:06 - 2015-12-02 12:06 - 02179584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2015-12-02 12:06 - 2015-12-02 12:06 - 02064384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2015-12-02 12:06 - 2015-12-02 12:06 - 02001408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.appcore.dll
2015-12-02 12:06 - 2015-12-02 12:06 - 01998848 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActiveSyncProvider.dll
2015-12-02 12:06 - 2015-12-02 12:06 - 01707008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActiveSyncProvider.dll
2015-12-02 12:06 - 2015-12-02 12:06 - 01393664 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2015-12-02 12:06 - 2015-12-02 12:06 - 01268736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Resources.dll
2015-12-02 12:06 - 2015-12-02 12:06 - 01268736 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.dll
2015-12-02 12:06 - 2015-12-02 12:06 - 01212416 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2015-12-02 12:06 - 2015-12-02 12:06 - 01063424 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2015-12-02 12:06 - 2015-12-02 12:06 - 00969728 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2015-12-02 12:06 - 2015-12-02 12:06 - 00914944 _____ (Microsoft Corporation) C:\WINDOWS\system32\usermgr.dll
2015-12-02 12:06 - 2015-12-02 12:06 - 00911648 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcomp.dll
2015-12-02 12:06 - 2015-12-02 12:06 - 00870400 _____ (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll
2015-12-02 12:06 - 2015-12-02 12:06 - 00809312 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
2015-12-02 12:06 - 2015-12-02 12:06 - 00803840 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2015-12-02 12:06 - 2015-12-02 12:06 - 00791552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2015-12-02 12:06 - 2015-12-02 12:06 - 00704352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe
2015-12-02 12:06 - 2015-12-02 12:06 - 00698208 _____ (Microsoft Corporation) C:\WINDOWS\system32\wimgapi.dll
2015-12-02 12:06 - 2015-12-02 12:06 - 00675064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dcomp.dll
2015-12-02 12:06 - 2015-12-02 12:06 - 00674816 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.dll
2015-12-02 12:06 - 2015-12-02 12:06 - 00647168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2015-12-02 12:06 - 2015-12-02 12:06 - 00630632 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2015-12-02 12:06 - 2015-12-02 12:06 - 00623616 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneProviders.dll
2015-12-02 12:06 - 2015-12-02 12:06 - 00586208 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf.dll
2015-12-02 12:06 - 2015-12-02 12:06 - 00586080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wimgapi.dll
2015-12-02 12:06 - 2015-12-02 12:06 - 00578912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\afd.sys
2015-12-02 12:06 - 2015-12-02 12:06 - 00543232 _____ (Microsoft Corporation) C:\WINDOWS\system32\StoreAgent.dll
2015-12-02 12:06 - 2015-12-02 12:06 - 00540752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2015-12-02 12:06 - 2015-12-02 12:06 - 00536768 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2015-12-02 12:06 - 2015-12-02 12:06 - 00523616 _____ (Microsoft Corporation) C:\WINDOWS\system32\wimserv.exe
2015-12-02 12:06 - 2015-12-02 12:06 - 00517632 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2015-12-02 12:06 - 2015-12-02 12:06 - 00516544 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2015-12-02 12:06 - 2015-12-02 12:06 - 00511320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf.dll
2015-12-02 12:06 - 2015-12-02 12:06 - 00497664 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmkvsrcsnk.dll
2015-12-02 12:06 - 2015-12-02 12:06 - 00490496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.dll
2015-12-02 12:06 - 2015-12-02 12:06 - 00454056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioEng.dll
2015-12-02 12:06 - 2015-12-02 12:06 - 00450560 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Bluetooth.dll
2015-12-02 12:06 - 2015-12-02 12:06 - 00414720 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvr.exe
2015-12-02 12:06 - 2015-12-02 12:06 - 00409088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StoreAgent.dll
2015-12-02 12:06 - 2015-12-02 12:06 - 00408128 _____ (Microsoft Corporation) C:\WINDOWS\system32\AUDIOKSE.dll
2015-12-02 12:06 - 2015-12-02 12:06 - 00405048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2015-12-02 12:06 - 2015-12-02 12:06 - 00400896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv
2015-12-02 12:06 - 2015-12-02 12:06 - 00382464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmkvsrcsnk.dll
2015-12-02 12:06 - 2015-12-02 12:06 - 00369912 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe
2015-12-02 12:06 - 2015-12-02 12:06 - 00366224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AUDIOKSE.dll
2015-12-02 12:06 - 2015-12-02 12:06 - 00365568 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2015-12-02 12:06 - 2015-12-02 12:06 - 00334736 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanager.dll
2015-12-02 12:06 - 2015-12-02 12:06 - 00334336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcastdvr.exe
2015-12-02 12:06 - 2015-12-02 12:06 - 00315904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Bluetooth.dll
2015-12-02 12:06 - 2015-12-02 12:06 - 00303104 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll
2015-12-02 12:06 - 2015-12-02 12:06 - 00296488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\policymanager.dll
2015-12-02 12:06 - 2015-12-02 12:06 - 00292352 _____ (Microsoft Corporation) C:\WINDOWS\system32\provengine.dll
2015-12-02 12:06 - 2015-12-02 12:06 - 00286720 _____ (Microsoft Corporation) C:\WINDOWS\system32\deviceaccess.dll
2015-12-02 12:06 - 2015-12-02 12:06 - 00286208 _____ (Microsoft Corporation) C:\WINDOWS\system32\provhandlers.dll
2015-12-02 12:06 - 2015-12-02 12:06 - 00275456 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2015-12-02 12:06 - 2015-12-02 12:06 - 00245848 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2015-12-02 12:06 - 2015-12-02 12:06 - 00231936 _____ (Microsoft Corporation) C:\WINDOWS\system32\KnobsCore.dll
2015-12-02 12:06 - 2015-12-02 12:06 - 00227840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\deviceaccess.dll
2015-12-02 12:06 - 2015-12-02 12:06 - 00204800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft-Windows-AppModelExecEvents.dll
2015-12-02 12:06 - 2015-12-02 12:06 - 00198656 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe
2015-12-02 12:06 - 2015-12-02 12:06 - 00192000 _____ (Microsoft Corporation) C:\WINDOWS\system32\provisioningcsp.dll
2015-12-02 12:06 - 2015-12-02 12:06 - 00165376 _____ (Microsoft Corporation) C:\WINDOWS\system32\provdatastore.dll
2015-12-02 12:06 - 2015-12-02 12:06 - 00163328 _____ (Microsoft Corporation) C:\WINDOWS\system32\provops.dll
2015-12-02 12:06 - 2015-12-02 12:06 - 00162304 _____ (Microsoft Corporation) C:\WINDOWS\system32\tetheringservice.dll
2015-12-02 12:06 - 2015-12-02 12:06 - 00161792 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCensus.exe
2015-12-02 12:06 - 2015-12-02 12:06 - 00160768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgent.exe
2015-12-02 12:06 - 2015-12-02 12:06 - 00122368 _____ (Microsoft Corporation) C:\WINDOWS\system32\KnobsCsp.dll
2015-12-02 12:06 - 2015-12-02 12:06 - 00118624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tdx.sys
2015-12-02 12:06 - 2015-12-02 12:06 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontsub.dll
2015-12-02 12:06 - 2015-12-02 12:06 - 00116728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfps.dll
2015-12-02 12:06 - 2015-12-02 12:06 - 00115200 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2015-12-02 12:06 - 2015-12-02 12:06 - 00110032 _____ (Microsoft Corporation) C:\WINDOWS\system32\EncDump.dll
2015-12-02 12:06 - 2015-12-02 12:06 - 00093696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontsub.dll
2015-12-02 12:06 - 2015-12-02 12:06 - 00092352 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2015-12-02 12:06 - 2015-12-02 12:06 - 00089600 _____ (Microsoft Corporation) C:\WINDOWS\system32\NFCProvisioningPlugin.dll
2015-12-02 12:06 - 2015-12-02 12:06 - 00088392 _____ (Microsoft Corporation) C:\WINDOWS\system32\remoteaudioendpoint.dll
2015-12-02 12:06 - 2015-12-02 12:06 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzautoupdate.dll
2015-12-02 12:06 - 2015-12-02 12:06 - 00086528 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppCapture.dll
2015-12-02 12:06 - 2015-12-02 12:06 - 00078336 _____ (Microsoft Corporation) C:\WINDOWS\system32\BarcodeProvisioningPlugin.dll
2015-12-02 12:06 - 2015-12-02 12:06 - 00077312 _____ (Microsoft Corporation) C:\WINDOWS\system32\ProvPluginEng.dll
2015-12-02 12:06 - 2015-12-02 12:06 - 00075264 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanprotdim.dll
2015-12-02 12:06 - 2015-12-02 12:06 - 00073360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\remoteaudioendpoint.dll
2015-12-02 12:06 - 2015-12-02 12:06 - 00070656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppCapture.dll
2015-12-02 12:06 - 2015-12-02 12:06 - 00056320 _____ (Microsoft Corporation) C:\WINDOWS\system32\provtool.exe
2015-12-02 12:06 - 2015-12-02 12:06 - 00052736 _____ (Microsoft Corporation) C:\WINDOWS\system32\tetheringclient.dll
2015-12-02 12:06 - 2015-12-02 12:06 - 00052736 _____ (Microsoft Corporation) C:\WINDOWS\system32\RemovableMediaProvisioningPlugin.dll
2015-12-02 12:06 - 2015-12-02 12:06 - 00045568 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2015-12-02 12:06 - 2015-12-02 12:06 - 00043520 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvr.proxy.dll
2015-12-02 12:06 - 2015-12-02 12:06 - 00037376 _____ (Microsoft Corporation) C:\WINDOWS\system32\LaunchWinApp.exe
2015-12-02 12:06 - 2015-12-02 12:06 - 00037376 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2015-12-02 12:06 - 2015-12-02 12:06 - 00035680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wimmount.sys
2015-12-02 12:06 - 2015-12-02 12:06 - 00035656 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfpmp.exe
2015-12-02 12:06 - 2015-12-02 12:06 - 00032040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfpmp.exe
2015-12-02 12:06 - 2015-12-02 12:06 - 00030720 _____ (Microsoft Corporation) C:\WINDOWS\system32\tetheringconfigsp.dll
2015-12-02 12:06 - 2015-12-02 12:06 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LaunchWinApp.exe
2015-12-02 12:06 - 2015-12-02 12:06 - 00028160 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Management.Provisioning.ProxyStub.dll
2015-12-02 12:06 - 2015-12-02 12:06 - 00027136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcastdvr.proxy.dll
2015-12-02 12:06 - 2015-12-02 12:06 - 00017408 _____ (Microsoft Corporation) C:\WINDOWS\system32\IcsEntitlementHost.exe
2015-12-02 12:06 - 2015-12-02 12:06 - 00014336 _____ (Microsoft Corporation) C:\WINDOWS\system32\dciman32.dll
2015-12-02 12:06 - 2015-12-02 12:06 - 00011776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dciman32.dll
2015-12-02 12:06 - 2015-12-02 12:06 - 00007680 _____ (Microsoft Corporation) C:\WINDOWS\system32\readingviewresources.dll
2015-12-02 12:06 - 2015-12-02 12:06 - 00003072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\lpk.dll
2015-12-02 12:06 - 2015-12-02 12:06 - 00003072 _____ (Microsoft Corporation) C:\WINDOWS\system32\lpk.dll
2015-12-02 12:03 - 2015-10-29 19:43 - 05739520 _____ (Microsoft Corporation) C:\WINDOWS\system32\prm0009.dll
2015-12-02 12:03 - 2015-10-29 19:43 - 02629632 _____ (Microsoft Corporation) C:\WINDOWS\system32\NlsLexicons0009.dll
2015-12-02 12:03 - 2015-10-29 19:41 - 02629632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NlsLexicons0009.dll
2015-12-02 12:03 - 2015-10-29 19:25 - 06359040 _____ (Microsoft Corporation) C:\WINDOWS\system32\NlsData0009.dll
2015-12-02 12:03 - 2015-10-29 19:24 - 04847616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NlsData0009.dll
2015-12-02 11:52 - 2015-12-02 11:52 - 00008192 _____ C:\WINDOWS\system32\config\userdiff
2015-12-02 11:49 - 2015-12-02 11:49 - 00000000 ____D C:\WINDOWS\SysWOW64\XPSViewer
2015-12-02 11:49 - 2015-12-02 11:49 - 00000000 ____D C:\Program Files\Reference Assemblies
2015-12-02 11:49 - 2015-12-02 11:49 - 00000000 ____D C:\Program Files\MSBuild
2015-12-02 11:49 - 2015-12-02 11:49 - 00000000 ____D C:\Program Files (x86)\Reference Assemblies
2015-12-02 11:49 - 2015-12-02 11:49 - 00000000 ____D C:\Program Files (x86)\MSBuild
2015-12-02 11:49 - 2015-12-02 11:49 - 00000000 ____D C:\inetpub
2015-12-02 11:48 - 2015-10-23 17:47 - 00778936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationNative_v0300.dll
2015-12-02 11:48 - 2015-10-23 17:47 - 00103120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2015-12-02 11:48 - 2015-10-23 17:47 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TsWpfWrp.exe
2015-12-02 11:48 - 2015-10-23 17:46 - 01166520 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationNative_v0300.dll
2015-12-02 11:48 - 2015-10-23 17:46 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe
2015-12-02 11:48 - 2015-10-23 17:45 - 00124624 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2015-12-02 11:25 - 2015-12-02 12:54 - 00009528 _____ C:\WINDOWS\diagwrn.xml
2015-12-02 11:25 - 2015-12-02 12:54 - 00009528 _____ C:\WINDOWS\diagerr.xml
2015-11-29 16:30 - 2015-11-29 16:31 - 00000000 ____D C:\ProgramData\9WMiniPro9
2015-11-29 16:29 - 2015-11-29 16:29 - 00000000 ____D C:\Users\Andreas\AppData\Roaming\sweet-page
2015-11-29 15:55 - 2015-11-29 15:58 - 29234869 _____ (AVG Technologies) C:\Users\Andreas\Downloads\AVG_Antivirus7161Free_x86_694.exe
2015-11-29 14:40 - 2015-11-29 14:40 - 00000000 ____D C:\Program Files (x86)\ESET
2015-11-29 14:39 - 2015-11-29 14:39 - 02870984 _____ (ESET) C:\Users\Andreas\Downloads\esetsmartinstaller_deu.exe
2015-11-29 14:09 - 2015-11-29 14:09 - 07635472 _____ (Microsoft Corporation) C:\Users\Andreas\Downloads\GetWindows10-sds_____________.exe
2015-11-29 01:56 - 2015-11-29 01:56 - 00000000 ____D C:\ProgramData\Nico Mak Computing
2015-11-29 00:09 - 2015-11-29 00:09 - 00000000 ____D C:\ProgramData\ReviverSoft
2015-11-28 12:10 - 2015-11-28 12:10 - 00000000 ____D C:\Program Files\ReviverSoft
2015-11-28 11:59 - 2015-12-03 10:42 - 00003256 _____ C:\WINDOWS\System32\Tasks\WinZip Malware Protector_startup
2015-11-28 11:58 - 2015-11-29 01:52 - 00000000 ____D C:\Users\Andreas\AppData\Roaming\Nico Mak Computing
2015-11-28 11:57 - 2015-12-02 12:36 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinZip Malware Protector
2015-11-28 11:57 - 2015-11-29 01:53 - 00000000 ____D C:\Program Files (x86)\WinZip Malware Protector
2015-11-28 11:57 - 2015-11-28 11:55 - 00107016 _____ (GreenTree Applications SRL) C:\Users\Andreas\Downloads\FlashPlayer_Updater [1].exe
2015-11-28 11:57 - 2015-03-17 11:03 - 00020480 _____ C:\WINDOWS\system32\wsusnative64.exe
2015-11-28 11:54 - 2015-11-28 11:54 - 00975264 _____ (Generic app ) C:\Users\Andreas\Downloads\FlashPlayer_Updater.exe
2015-11-28 11:36 - 2015-11-28 11:36 - 00686160 _____ C:\Users\Andreas\Downloads\Setup (2).exe
2015-11-28 11:36 - 2015-11-28 11:36 - 00000000 ____D C:\Users\Andreas\AppData\Roaming\Ashampoo
2015-11-28 11:36 - 2015-11-28 11:36 - 00000000 ____D C:\Users\Andreas\AppData\Local\ashampoo
2015-11-28 11:35 - 2015-12-02 12:28 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ashampoo
2015-11-28 11:35 - 2015-11-28 11:35 - 00001346 _____ C:\Users\Public\Desktop\Ashampoo Burning Studio 2015.lnk
2015-11-28 11:31 - 2015-12-02 12:52 - 00002614 _____ C:\WINDOWS\System32\Tasks\WinZipDriverUpdater_UPDATES
2015-11-28 11:31 - 2015-12-02 11:31 - 00000316 _____ C:\WINDOWS\Tasks\WinZipDriverUpdater_UPDATES.job
2015-11-28 11:31 - 2015-11-29 01:41 - 00000000 ____D C:\Program Files (x86)\Ashampoo
2015-11-28 11:31 - 2015-11-28 11:36 - 00000000 ____D C:\ProgramData\Ashampoo
2015-11-28 11:30 - 2015-12-02 16:19 - 00003252 _____ C:\WINDOWS\System32\Tasks\WinZipDriverUpdaterRunAtStartup
2015-11-28 11:30 - 2015-11-29 01:52 - 00000000 ____D C:\Users\Andreas\AppData\Roaming\WinZip
2015-11-28 11:30 - 2015-11-28 11:30 - 00686168 _____ C:\Users\Andreas\Downloads\Setup (1).exe
2015-11-28 11:29 - 2015-12-02 12:36 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinZip Driver Updater
2015-11-28 11:29 - 2015-11-29 01:52 - 00000000 ____D C:\Users\Andreas\AppData\Roaming\yoursearching
2015-11-28 11:29 - 2015-11-29 01:52 - 00000000 ____D C:\Program Files (x86)\WinZip Driver Updater
2015-11-28 11:29 - 2015-11-29 00:42 - 00000000 ____D C:\Program Files (x86)\OneSystemCare
2015-11-28 11:29 - 2015-11-28 11:30 - 00000000 ____D C:\ProgramData\4WMiniPro4
2015-11-28 11:29 - 2015-11-28 11:29 - 00034498 _____ C:\Users\Andreas\AppData\Roaming\ICSW_0P1F1E1T0J1T1CtJ1V0P1C1L1R1P0F1F2Y1G2Z1T1L1G1V0P0P0I.txt
2015-11-28 11:29 - 2015-11-28 11:29 - 00000296 _____ C:\WINDOWS\Tasks\One System CarePeriod.job
2015-11-28 11:28 - 2015-11-29 16:24 - 29727656 _____ (Oracle Corporation) C:\Users\Andreas\Downloads\setup [1].exe
2015-11-28 11:27 - 2015-11-28 11:27 - 00962696 _____ (Software ) C:\Users\Andreas\Downloads\setup.exe
2015-11-25 19:53 - 2015-11-25 19:53 - 71087912 _____ C:\Users\Andreas\Downloads\c66739117ad9598e39c6418989440fb1.mp4
2015-11-24 18:29 - 2015-12-02 12:51 - 00002256 _____ C:\WINDOWS\System32\Tasks\Beach Comp
2015-11-24 18:29 - 2015-11-24 18:29 - 00000000 ____D C:\Users\Andreas\AppData\Local\Beach Comp
2015-11-24 18:28 - 2015-12-02 12:27 - 00000000 ____D C:\Users\Andreas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\InetStat
2015-11-24 18:28 - 2015-11-29 01:52 - 00000000 ____D C:\Users\Andreas\AppData\Roaming\InetStat
2015-11-24 18:20 - 2015-12-02 09:42 - 00000000 ____D C:\Users\Andreas\AppData\Local\gmsd_de_005010156
2015-11-24 18:20 - 2015-11-29 01:52 - 00000000 ____D C:\Program Files (x86)\gmsd_de_005010156
2015-11-23 21:40 - 2015-11-23 21:40 - 00000000 ____D C:\Program Files (x86)\Comodo
2015-11-23 18:23 - 2015-12-02 12:36 - 00000000 ____D C:\Users\Andreas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SpaceSoundPro 1.0
2015-11-23 18:23 - 2015-11-29 01:52 - 00000000 ____D C:\Program Files (x86)\SpaceSondPro_v53.9510
2015-11-23 18:15 - 2015-11-23 18:15 - 00000000 ___HD C:\VTRoot
2015-11-23 18:14 - 2015-11-23 21:37 - 00033462 _____ C:\WINDOWS\system32\Drivers\fvstore.dat
2015-11-23 18:13 - 2015-11-23 18:14 - 01466656 _____ C:\Users\Andreas\Downloads\VLC media player 32 Bit - CHIP-Installer.exe
2015-11-23 18:08 - 2015-11-23 18:56 - 791547261 _____ C:\Users\Andreas\Downloads\video.mp4
2015-11-23 17:51 - 2015-11-23 17:51 - 00000000 ____D C:\WINDOWS\System32\Tasks\COMODO
2015-11-23 17:49 - 2015-11-23 21:37 - 00007520 _____ C:\WINDOWS\system32\Drivers\sfi.dat
2015-11-23 17:49 - 2015-11-23 17:49 - 651293402 _____ C:\WINDOWS\MEMORY.DMP
2015-11-23 17:20 - 2015-11-23 17:20 - 00000000 ____D C:\ProgramData\Shared Space
2015-11-23 17:19 - 2015-12-02 12:28 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Comodo
2015-11-23 17:19 - 2015-11-28 11:58 - 00002342 _____ C:\Users\Public\Desktop\GeekBuddy.lnk
2015-11-23 17:19 - 2015-11-23 21:38 - 00000000 ____D C:\Program Files\COMODO
2015-11-23 17:19 - 2015-11-23 17:19 - 00000000 ____D C:\Users\Andreas\AppData\Local\Comodo
2015-11-23 17:18 - 2015-11-23 17:18 - 00000000 ____D C:\ProgramData\Comodo Downloader
2015-11-23 17:11 - 2015-11-23 21:38 - 00000000 ____D C:\ProgramData\Comodo
2015-11-23 16:43 - 2015-11-23 17:08 - 225688096 _____ (COMODO) C:\Users\Andreas\Downloads\cispremium_installer_v8.2.0.4703.exe
2015-11-23 16:38 - 2015-12-02 12:36 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GAMESDESKTOP
2015-11-23 16:38 - 2015-12-02 09:37 - 00000000 ____D C:\Users\Andreas\AppData\Local\gmsd_de_005010155
2015-11-23 16:38 - 2015-11-29 01:52 - 00000000 ____D C:\Program Files (x86)\gmsd_de_005010155
2015-11-23 16:09 - 2015-08-22 14:42 - 00066400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-crt-private-l1-1-0.dll
2015-11-23 16:09 - 2015-08-22 14:42 - 00022368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-crt-math-l1-1-0.dll
2015-11-23 16:09 - 2015-08-22 14:42 - 00019808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-crt-multibyte-l1-1-0.dll
2015-11-23 16:09 - 2015-08-22 14:42 - 00017760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-crt-string-l1-1-0.dll
2015-11-23 16:09 - 2015-08-22 14:42 - 00017760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-crt-stdio-l1-1-0.dll
2015-11-23 16:09 - 2015-08-22 14:42 - 00016224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-crt-runtime-l1-1-0.dll
2015-11-23 16:09 - 2015-08-22 14:42 - 00015712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-crt-convert-l1-1-0.dll
2015-11-23 16:09 - 2015-08-22 14:42 - 00014176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-crt-time-l1-1-0.dll
2015-11-23 16:09 - 2015-08-22 14:42 - 00013664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-crt-filesystem-l1-1-0.dll
2015-11-23 16:09 - 2015-08-22 14:42 - 00012640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-crt-process-l1-1-0.dll
2015-11-23 16:09 - 2015-08-22 14:42 - 00012640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-crt-heap-l1-1-0.dll
2015-11-23 16:09 - 2015-08-22 14:42 - 00012640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-crt-conio-l1-1-0.dll
2015-11-23 16:09 - 2015-08-22 14:42 - 00012128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-crt-utility-l1-1-0.dll
2015-11-23 16:09 - 2015-08-22 14:42 - 00012128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-crt-locale-l1-1-0.dll
2015-11-23 16:09 - 2015-08-22 14:42 - 00012128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-crt-environment-l1-1-0.dll
2015-11-23 16:09 - 2015-08-22 14:35 - 00063840 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-crt-private-l1-1-0.dll
2015-11-23 16:09 - 2015-08-22 14:35 - 00020832 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-crt-math-l1-1-0.dll
2015-11-23 16:09 - 2015-08-22 14:35 - 00019808 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-crt-multibyte-l1-1-0.dll
2015-11-23 16:09 - 2015-08-22 14:35 - 00017760 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-crt-string-l1-1-0.dll
2015-11-23 16:09 - 2015-08-22 14:35 - 00017760 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-crt-stdio-l1-1-0.dll
2015-11-23 16:09 - 2015-08-22 14:35 - 00016224 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-crt-runtime-l1-1-0.dll
2015-11-23 16:09 - 2015-08-22 14:35 - 00015712 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-crt-convert-l1-1-0.dll
2015-11-23 16:09 - 2015-08-22 14:35 - 00014176 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-crt-time-l1-1-0.dll
2015-11-23 16:09 - 2015-08-22 14:35 - 00013664 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-crt-filesystem-l1-1-0.dll
2015-11-23 16:09 - 2015-08-22 14:35 - 00012640 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-crt-process-l1-1-0.dll
2015-11-23 16:09 - 2015-08-22 14:35 - 00012640 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-crt-heap-l1-1-0.dll
2015-11-23 16:09 - 2015-08-22 14:35 - 00012640 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-crt-conio-l1-1-0.dll
2015-11-23 16:09 - 2015-08-22 14:35 - 00012128 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-crt-utility-l1-1-0.dll
2015-11-23 16:09 - 2015-08-22 14:35 - 00012128 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-crt-locale-l1-1-0.dll
2015-11-23 16:09 - 2015-08-22 14:35 - 00012128 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-crt-environment-l1-1-0.dll
2015-11-22 23:12 - 2015-11-23 00:30 - 00000000 ____D C:\WINDOWS\system32\MRT
2015-11-22 23:12 - 2015-10-27 18:43 - 145617392 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2015-11-22 22:57 - 2015-12-02 20:44 - 00000000 ____D C:\Users\Andreas\AppData\Roaming\ScreenSnapshotTool
2015-11-22 22:57 - 2015-11-22 22:57 - 00000000 ____D C:\Users\Public\Documents\Guid
2015-11-22 22:57 - 2015-11-22 22:57 - 00000000 ____D C:\Program Files (x86)\ScreenSnapshotTool
2015-11-22 22:42 - 2015-11-22 22:42 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_LocationProvider_01_11_00.Wdf
2015-11-22 20:21 - 2015-07-22 15:19 - 00041984 _____ (Microsoft Corporation) C:\WINDOWS\system32\UtcResources.dll
2015-11-22 20:20 - 2014-07-10 05:08 - 00321536 _____ (Microsoft Corporation) C:\WINDOWS\system32\lockscreencn.dll
2015-11-22 18:14 - 2015-11-29 01:52 - 00000000 ____D C:\Users\Andreas\AppData\Local\SearchModule
2015-11-22 17:59 - 2014-10-31 04:23 - 00733696 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDriveTelemetry.dll
2015-11-22 17:50 - 2014-10-29 02:54 - 00408576 _____ (Microsoft Corporation) C:\WINDOWS\system32\DfpCommon.dll
2015-11-22 17:48 - 2014-10-29 02:59 - 00032256 _____ (Microsoft Corporation) C:\WINDOWS\system32\dfp.exe
2015-11-22 16:56 - 2015-12-02 12:51 - 00002176 _____ C:\WINDOWS\System32\Tasks\{72B3C6E9-C316-429E-92A6-E973A08C5823}
2015-11-22 15:14 - 2015-11-22 15:14 - 00296785 _____ C:\Users\Andreas\Downloads\C750.tmp
2015-11-21 19:44 - 2015-12-02 12:37 - 00009000 _____ C:\WINDOWS\SysWOW64\acengineOff.ini
2015-11-21 19:44 - 2015-12-02 12:37 - 00009000 _____ C:\WINDOWS\system32\acengineOff.ini
2015-11-21 19:44 - 2015-11-21 19:46 - 00000592 _____ C:\task.vbs
2015-11-21 19:44 - 2015-11-19 14:29 - 00308136 _____ (Abengine) C:\WINDOWS\system32\acengine64.dll
2015-11-21 19:44 - 2015-11-19 14:29 - 00260728 _____ (Abengine) C:\WINDOWS\SysWOW64\acengine.dll
2015-11-21 19:43 - 2015-12-01 17:20 - 00000000 ____D C:\Program Files (x86)\Fast-Search
2015-11-21 19:43 - 2015-11-29 16:30 - 00000098 _____ C:\ProgramData\{262E20B8-6E20-4CEF-B1FD-D022AB1085F5}.dat
2015-11-21 19:43 - 2015-11-29 01:52 - 00000000 ____D C:\Users\Andreas\AppData\Roaming\istartpageing
2015-11-21 19:43 - 2015-11-23 21:38 - 00000000 ____D C:\Program Files\SpaceSoundPro
2015-11-21 19:43 - 2015-11-23 21:38 - 00000000 ____D C:\Program Files (x86)\SFK
2015-11-21 19:43 - 2015-11-23 16:37 - 00000000 ____D C:\Program Files (x86)\Opera
2015-11-21 19:43 - 2015-11-21 19:46 - 00000000 ____D C:\Program Files (x86)\SpaceSondPro_v53.9414
2015-11-21 19:43 - 2015-11-21 19:44 - 00000000 ____D C:\ProgramData\ZWMiniProZ
2015-11-21 19:43 - 2015-11-21 19:43 - 00000000 ____D C:\Users\Andreas\AppData\Roaming\cpuminer
2015-11-21 19:43 - 2015-11-21 19:43 - 00000000 ____D C:\Program Files (x86)\SpaceSondPro
2015-11-21 19:19 - 2015-11-23 18:33 - 00000000 ____D C:\Program Files (x86)\rec_en_77
2015-11-21 19:19 - 2015-11-21 19:19 - 00000000 ____D C:\Users\Andreas\AppData\Local\rec_en_77
2015-11-21 19:09 - 2015-11-23 16:09 - 00000000 ____D C:\Users\Andreas\AppData\Local\D2A8B3F8-1448132992-E411-A654-3863BB803291
2015-11-21 19:09 - 2013-08-22 14:25 - 00000824 _____ C:\WINDOWS\system32\Drivers\etc\hp.bak
2015-11-21 19:08 - 2015-12-01 17:19 - 00000000 ____D C:\Program Files (x86)\D2A8B3F8-1448129326-E411-A654-3863BB803291
2015-11-21 19:08 - 2015-11-29 01:52 - 00000000 ____D C:\Users\Andreas\AppData\Roaming\NUIns
2015-11-21 19:04 - 2015-11-25 17:12 - 00000000 ____D C:\WINDOWS\System32\Tasks\McAfee
2015-11-20 17:35 - 2015-12-02 23:40 - 00001134 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA1d123b16d1b2c0c.job
2015-11-20 17:35 - 2015-12-02 12:52 - 00003502 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA1d123b16d1b2c0c
2015-11-20 17:31 - 2015-12-02 12:36 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MOBILEPCSTARTERKIT
2015-11-20 17:31 - 2015-12-02 12:36 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-11-20 17:31 - 2015-12-01 20:37 - 00000000 ____D C:\Program Files (x86)\RayDld
2015-11-20 17:31 - 2015-11-23 17:54 - 00000000 ____D C:\Program Files (x86)\mpck_en_004090152
2015-11-20 17:31 - 2015-11-23 17:19 - 00001145 _____ C:\Users\Public\Desktop\Internet (Chromodo).lnk
2015-11-20 17:31 - 2015-11-21 18:59 - 00000000 ____D C:\Users\Andreas\AppData\Local\mpck_en_004090152
2015-11-20 17:30 - 2015-12-03 10:41 - 00001130 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2015-11-20 17:30 - 2015-12-02 23:40 - 00001134 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2015-11-20 17:30 - 2015-12-02 12:51 - 00003502 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2015-11-20 17:30 - 2015-12-02 12:51 - 00003274 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2015-11-20 17:30 - 2015-12-02 12:36 - 00000000 ____D C:\Users\Andreas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Sound+ 1.0
2015-11-20 17:30 - 2015-12-02 12:36 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WNEn
2015-11-20 17:30 - 2015-11-23 19:02 - 00000000 ____D C:\Users\Andreas\AppData\Local\Google
2015-11-20 17:30 - 2015-11-23 18:24 - 00000008 _____ C:\END
2015-11-20 17:30 - 2015-11-21 19:01 - 00000000 ____D C:\Program Files (x86)\spaceeplus_v138.9392
2015-11-20 17:30 - 2015-11-20 17:30 - 00000807 _____ C:\Users\Andreas\Desktop\Sound+.lnk
2015-11-20 17:30 - 2015-11-20 17:30 - 00000000 ____D C:\Program Files\Sound+
2015-11-20 17:30 - 2015-11-20 17:30 - 00000000 ____D C:\Program Files (x86)\spaceeplus
2015-11-20 17:30 - 2015-11-20 17:30 - 00000000 ____D C:\Program Files (x86)\Google
2015-11-20 17:26 - 2015-11-20 17:26 - 00000000 ____D C:\Program Files\Common Files\AV
2015-11-20 17:25 - 2015-11-24 18:31 - 00000000 __SHD C:\Users\Andreas\AppData\Local\EmieUserList
2015-11-20 17:25 - 2015-11-24 18:31 - 00000000 __SHD C:\Users\Andreas\AppData\Local\EmieSiteList
2015-11-20 17:25 - 2015-11-20 17:25 - 00000000 __SHD C:\Users\Andreas\AppData\LocalLow\EmieUserList
2015-11-20 17:22 - 2015-12-03 10:45 - 00004158 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{DD81F2A9-78EA-4C5F-837F-47B6F5DC573E}
2015-11-20 17:22 - 2015-11-20 17:25 - 00000000 __SHD C:\Users\Andreas\AppData\LocalLow\EmieSiteList
2015-11-20 14:22 - 2015-11-20 14:22 - 00000000 ____D C:\Users\Andreas\AppData\Local\GWX
2015-11-20 14:21 - 2015-12-03 10:42 - 00000000 __RDO C:\Users\Andreas\OneDrive
2015-11-20 14:21 - 2015-12-02 12:51 - 00002750 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1884890629-360092094-2303528047-1001
2015-11-20 14:20 - 2015-11-20 14:20 - 00000000 ____D C:\Users\Andreas\AppData\Roaming\Macromedia
2015-11-20 14:18 - 2015-12-03 10:46 - 00000000 ____D C:\Users\Andreas\Documents\Youcam
2015-11-20 14:18 - 2015-11-20 14:18 - 00000000 ____D C:\Users\Andreas\AppData\Roaming\Hewlett-Packard
2015-11-20 14:18 - 2015-11-20 14:18 - 00000000 ____D C:\Users\Andreas\AppData\Local\CyberLink
2015-11-20 14:17 - 2015-11-20 14:17 - 00000000 ____D C:\Users\Andreas\AppData\Roaming\hpqlog
2015-11-20 14:17 - 2015-11-20 14:17 - 00000000 ____D C:\Users\Andreas\AppData\Local\Hewlett-Packard
2015-11-20 14:16 - 2015-11-20 14:16 - 00000000 ____D C:\WINDOWS\System32\Tasks\WPD
2015-11-20 14:16 - 2015-11-20 14:16 - 00000000 ____D C:\Users\Andreas\AppData\Local\PackageStaging
2015-11-20 14:15 - 2015-12-02 17:23 - 00000000 ____D C:\Users\Andreas\AppData\Local\Packages
2015-11-20 14:15 - 2015-11-22 22:53 - 00001457 _____ C:\Users\Andreas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet-Explorer.lnk
2015-11-20 14:15 - 2015-11-20 14:15 - 00000186 _____ C:\WINDOWS\insFileSpec
2015-11-20 14:15 - 2015-11-20 14:15 - 00000000 ____D C:\Users\Andreas\AppData\Roaming\Adobe
2015-11-20 14:15 - 2015-11-20 14:15 - 00000000 ____D C:\Users\Andreas\AppData\Local\VirtualStore
2015-11-20 14:15 - 2014-10-31 17:31 - 00002249 _____ C:\Users\Public\Desktop\Snapfish Fotos.lnk
2015-11-20 14:15 - 2014-10-31 17:15 - 00001322 _____ C:\Users\Public\Desktop\TripAdvisor.lnk
2015-11-20 14:14 - 2015-11-20 14:14 - 00000000 ____D C:\Users\Andreas\AppData\Roaming\Synaptics
2015-11-20 14:12 - 2014-09-03 06:02 - 00000000 ___HD C:\Users\Andreas\Documents\hp.system.package.metadata
2015-11-20 14:12 - 2014-09-03 06:02 - 00000000 ___HD C:\Users\Andreas\Documents\hp.applications.package.appdata
2015-11-20 14:08 - 2015-03-14 02:51 - 00015360 _____ (Microsoft Corporation) C:\WINDOWS\system32\wu.upgrade.ps.dll
2015-11-20 09:44 - 2015-11-20 09:44 - 00000000 _____ C:\Recovery.txt
2015-11-20 05:41 - 2015-12-02 16:11 - 00000000 __RHD C:\Users\Public\AccountPictures
2015-11-20 00:51 - 2015-11-20 00:51 - 00000000 _SHDL C:\Users\Public\Documents\Eigene Videos
2015-11-20 00:51 - 2015-11-20 00:51 - 00000000 _SHDL C:\Users\Public\Documents\Eigene Musik
2015-11-20 00:51 - 2015-11-20 00:51 - 00000000 _SHDL C:\Users\Public\Documents\Eigene Bilder
2015-11-20 00:51 - 2015-11-20 00:51 - 00000000 _SHDL C:\Users\Default.migrated\Vorlagen
2015-11-20 00:51 - 2015-11-20 00:51 - 00000000 _SHDL C:\Users\Default.migrated\Startmenü
2015-11-20 00:51 - 2015-11-20 00:51 - 00000000 _SHDL C:\Users\Default.migrated\Netzwerkumgebung
2015-11-20 00:51 - 2015-11-20 00:51 - 00000000 _SHDL C:\Users\Default.migrated\Lokale Einstellungen
2015-11-20 00:51 - 2015-11-20 00:51 - 00000000 _SHDL C:\Users\Default.migrated\Eigene Dateien
2015-11-20 00:51 - 2015-11-20 00:51 - 00000000 _SHDL C:\Users\Default.migrated\Druckumgebung
2015-11-20 00:51 - 2015-11-20 00:51 - 00000000 _SHDL C:\Users\Default.migrated\Documents\Eigene Videos
2015-11-20 00:51 - 2015-11-20 00:51 - 00000000 _SHDL C:\Users\Default.migrated\Documents\Eigene Musik
2015-11-20 00:51 - 2015-11-20 00:51 - 00000000 _SHDL C:\Users\Default.migrated\Documents\Eigene Bilder
2015-11-20 00:51 - 2015-11-20 00:51 - 00000000 _SHDL C:\Users\Default.migrated\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2015-11-20 00:51 - 2015-11-20 00:51 - 00000000 _SHDL C:\Users\Default.migrated\AppData\Local\Verlauf
2015-11-20 00:51 - 2015-11-20 00:51 - 00000000 _SHDL C:\Users\Default.migrated\AppData\Local\Anwendungsdaten
2015-11-20 00:51 - 2015-11-20 00:51 - 00000000 _SHDL C:\Users\Default.migrated\Anwendungsdaten
2015-11-20 00:51 - 2015-11-20 00:51 - 00000000 _SHDL C:\Programme
2015-11-20 00:51 - 2015-11-20 00:51 - 00000000 _SHDL C:\ProgramData\Vorlagen
2015-11-20 00:51 - 2015-11-20 00:51 - 00000000 _SHDL C:\ProgramData\Startmenü
2015-11-20 00:51 - 2015-11-20 00:51 - 00000000 _SHDL C:\ProgramData\Microsoft\Windows\Start Menu\Programme
2015-11-20 00:51 - 2015-11-20 00:51 - 00000000 _SHDL C:\ProgramData\Dokumente
2015-11-20 00:51 - 2015-11-20 00:51 - 00000000 _SHDL C:\ProgramData\Anwendungsdaten
2015-11-20 00:51 - 2015-11-20 00:51 - 00000000 _SHDL C:\Program Files\Gemeinsame Dateien
2015-11-20 00:51 - 2015-11-20 00:51 - 00000000 _SHDL C:\Dokumente und Einstellungen
2015-11-20 00:46 - 2015-12-02 12:51 - 00002378 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1884890629-360092094-2303528047-500
==================== Ein Monat: Geänderte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2015-12-03 11:03 - 2015-10-30 07:28 - 00000000 ____D C:\Windows
2015-12-03 10:53 - 2015-10-30 08:21 - 00000000 ____D C:\WINDOWS\INF
2015-12-03 10:43 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\appcompat
2015-12-02 20:41 - 2015-10-30 08:24 - 00000000 ___HD C:\Program Files\WindowsApps
2015-12-02 18:15 - 2015-10-30 08:11 - 00000000 ____D C:\WINDOWS\CbsTemp
2015-12-02 17:50 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\AppReadiness
2015-12-02 16:28 - 2015-10-30 19:35 - 00853752 _____ C:\WINDOWS\system32\perfh007.dat
2015-12-02 16:28 - 2015-10-30 19:35 - 00187942 _____ C:\WINDOWS\system32\perfc007.dat
2015-12-02 16:25 - 2015-10-30 08:24 - 00000000 ___RD C:\WINDOWS\PurchaseDialog
2015-12-02 16:25 - 2015-10-30 08:24 - 00000000 ___RD C:\WINDOWS\PrintDialog
2015-12-02 16:25 - 2015-10-30 08:24 - 00000000 ___RD C:\WINDOWS\MiracastView
2015-12-02 16:25 - 2015-10-30 08:24 - 00000000 ___RD C:\WINDOWS\DevicesFlow
2015-12-02 16:25 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\rescache
2015-12-02 16:16 - 2015-10-30 08:24 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2015-12-02 16:09 - 2015-10-30 08:24 - 00000000 ____D C:\ProgramData\USOPrivate
2015-12-02 12:55 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\WinBioDatabase
2015-12-02 12:55 - 2015-10-30 08:24 - 00000000 ____D C:\Program Files\Windows NT
2015-12-02 12:53 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\Registration
2015-12-02 12:51 - 2014-10-31 17:23 - 00002346 _____ C:\WINDOWS\System32\Tasks\YCMServiceAgent
2015-12-02 12:41 - 2015-10-30 08:24 - 00000000 __RHD C:\Users\Public\Libraries
2015-12-02 12:36 - 2015-10-30 08:24 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2015-12-02 12:36 - 2015-10-30 07:28 - 00262144 ___SH C:\WINDOWS\system32\config\BBI
2015-12-02 12:36 - 2015-10-30 07:28 - 00008192 ___SH C:\WINDOWS\system32\config\ELAM
2015-12-02 12:36 - 2014-10-31 17:24 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2015-12-02 12:36 - 2014-10-31 17:23 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Communication and Chat
2015-12-02 12:36 - 2014-09-03 06:21 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP Help and Support
2015-12-02 12:36 - 2014-09-03 06:07 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Security and Protection
2015-12-02 12:36 - 2014-09-03 06:06 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Productivity and Tools
2015-12-02 12:34 - 2013-08-22 14:36 - 00000000 ____D C:\Users\Default.migrated
2015-12-02 12:31 - 2015-10-30 19:35 - 00000000 ____D C:\WINDOWS\SysWOW64\slmgr
2015-12-02 12:31 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\SysWOW64\lv-LV
2015-12-02 12:31 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\SysWOW64\lt-LT
2015-12-02 12:31 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\SysWOW64\et-EE
2015-12-02 12:31 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\spool
2015-12-02 12:31 - 2014-09-03 06:17 - 00000000 ____D C:\WINDOWS\SysWOW64\Adobe
2015-12-02 12:31 - 2014-03-18 11:06 - 00000000 ____D C:\WINDOWS\SysWOW64\gl-es
2015-12-02 12:31 - 2014-03-18 11:06 - 00000000 ____D C:\WINDOWS\SysWOW64\eu-es
2015-12-02 12:31 - 2014-03-18 11:06 - 00000000 ____D C:\WINDOWS\SysWOW64\ca-es-valencia
2015-12-02 12:31 - 2014-03-18 11:06 - 00000000 ____D C:\WINDOWS\SysWOW64\ca-es
2015-12-02 12:31 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\system32\WindowsInternal.Inbox.Shared
2015-12-02 12:31 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\system32\WindowsInternal.Inbox.Media.Shared
2015-12-02 12:30 - 2015-10-30 19:35 - 00000000 ____D C:\WINDOWS\system32\slmgr
2015-12-02 12:30 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\oobe
2015-12-02 12:30 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\NDF
2015-12-02 12:30 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\lv-LV
2015-12-02 12:30 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\lt-LT
2015-12-02 12:30 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\InputMethod
2015-12-02 12:30 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\et-EE
2015-12-02 12:30 - 2014-03-18 11:06 - 00000000 ____D C:\WINDOWS\system32\gl-es
2015-12-02 12:30 - 2014-03-18 11:06 - 00000000 ____D C:\WINDOWS\system32\eu-es
2015-12-02 12:29 - 2015-10-30 08:24 - 00000000 ___HD C:\WINDOWS\ELAMBKUP
2015-12-02 12:29 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\InputMethod
2015-12-02 12:29 - 2014-03-18 11:06 - 00000000 ____D C:\WINDOWS\system32\ca-es-valencia
2015-12-02 12:29 - 2014-03-18 11:06 - 00000000 ____D C:\WINDOWS\system32\ca-es
2015-12-02 12:29 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\MediaViewer
2015-12-02 12:29 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\ADFS
2015-12-02 12:28 - 2015-10-30 08:24 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2015-12-02 12:28 - 2014-09-03 06:02 - 00000000 ____D C:\Program Files (x86)\Hewlett-Packard
2015-12-02 12:25 - 2015-10-30 07:28 - 00000000 ____D C:\WINDOWS\system32\Sysprep
2015-12-02 12:15 - 2015-10-30 19:55 - 00000000 ____D C:\WINDOWS\ServiceProfiles
2015-12-02 12:13 - 2015-10-30 08:24 - 00028672 _____ C:\WINDOWS\system32\config\BCD-Template
2015-12-02 12:07 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2015-12-02 12:07 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\appraiser
2015-12-02 12:07 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\Provisioning
2015-12-02 12:07 - 2015-10-30 07:28 - 00000000 ____D C:\WINDOWS\SysWOW64\Dism
2015-12-02 12:07 - 2015-10-30 07:28 - 00000000 ____D C:\WINDOWS\system32\Dism
2015-12-02 12:04 - 2015-10-30 19:36 - 00000000 ____D C:\WINDOWS\OCR
2015-12-02 12:02 - 2015-10-30 19:44 - 00000000 ____D C:\Program Files\Windows Journal
2015-12-02 12:02 - 2015-10-30 19:35 - 00000000 ____D C:\WINDOWS\SysWOW64\winrm
2015-12-02 12:02 - 2015-10-30 19:35 - 00000000 ____D C:\WINDOWS\SysWOW64\WCN
2015-12-02 12:02 - 2015-10-30 19:35 - 00000000 ____D C:\WINDOWS\SysWOW64\Printing_Admin_Scripts
2015-12-02 12:02 - 2015-10-30 19:35 - 00000000 ____D C:\WINDOWS\system32\winrm
2015-12-02 12:02 - 2015-10-30 19:35 - 00000000 ____D C:\WINDOWS\system32\WCN
2015-12-02 12:02 - 2015-10-30 19:35 - 00000000 ____D C:\WINDOWS\system32\Printing_Admin_Scripts
2015-12-02 12:02 - 2015-10-30 08:24 - 00000000 ___SD C:\WINDOWS\SysWOW64\F12
2015-12-02 12:02 - 2015-10-30 08:24 - 00000000 ___SD C:\WINDOWS\SysWOW64\DiagSvcs
2015-12-02 12:02 - 2015-10-30 08:24 - 00000000 ___SD C:\WINDOWS\system32\F12
2015-12-02 12:02 - 2015-10-30 08:24 - 00000000 ___SD C:\WINDOWS\system32\dsc
2015-12-02 12:02 - 2015-10-30 08:24 - 00000000 ___SD C:\WINDOWS\system32\DiagSvcs
2015-12-02 12:02 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\SysWOW64\oobe
2015-12-02 12:02 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\SysWOW64\en-GB
2015-12-02 12:02 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\migwiz
2015-12-02 12:02 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\en-GB
2015-12-02 12:02 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\PolicyDefinitions
2015-12-02 12:02 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\IME
2015-12-02 12:02 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\Help
2015-12-02 12:02 - 2015-10-30 08:24 - 00000000 ____D C:\Program Files\Windows Photo Viewer
2015-12-02 12:02 - 2015-10-30 08:24 - 00000000 ____D C:\Program Files\Windows Defender
2015-12-02 12:02 - 2015-10-30 08:24 - 00000000 ____D C:\Program Files\Common Files\System
2015-12-02 12:02 - 2015-10-30 08:24 - 00000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2015-12-02 12:02 - 2015-10-30 08:24 - 00000000 ____D C:\Program Files (x86)\Windows Defender
2015-12-02 12:02 - 2015-10-30 07:28 - 00000000 ____D C:\WINDOWS\servicing
2015-12-02 11:49 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\SysWOW64\MUI
2015-12-02 11:49 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\SysWOW64\inetsrv
2015-12-02 11:49 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\MUI
2015-12-02 11:49 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\inetsrv
2015-12-02 11:49 - 2015-10-30 08:19 - 00168960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iisRtl.dll
2015-12-02 11:49 - 2015-10-30 08:19 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\admwprox.dll
2015-12-02 11:49 - 2015-10-30 08:19 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ahadmin.dll
2015-12-02 11:49 - 2015-10-30 08:19 - 00017408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iisreset.exe
2015-12-02 11:49 - 2015-10-30 08:19 - 00011264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wamregps.dll
2015-12-02 11:49 - 2015-10-30 08:19 - 00010240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iisrstap.dll
2015-12-02 11:49 - 2015-10-30 08:18 - 00202240 _____ (Microsoft Corporation) C:\WINDOWS\system32\iisRtl.dll
2015-12-02 11:49 - 2015-10-30 08:18 - 00056320 _____ (Microsoft Corporation) C:\WINDOWS\system32\admwprox.dll
2015-12-02 11:49 - 2015-10-30 08:18 - 00053248 _____ (Microsoft Corporation) C:\WINDOWS\system32\ahadmin.dll
2015-12-02 11:49 - 2015-10-30 08:18 - 00019456 _____ (Microsoft Corporation) C:\WINDOWS\system32\iisreset.exe
2015-12-02 11:49 - 2015-10-30 08:18 - 00015360 _____ (Microsoft Corporation) C:\WINDOWS\system32\wamregps.dll
2015-12-02 11:49 - 2015-10-30 08:18 - 00013312 _____ (Microsoft Corporation) C:\WINDOWS\system32\iisrstap.dll
2015-12-02 11:26 - 2015-10-30 20:27 - 00000000 ___HD C:\$WINDOWS.~BT
2015-11-29 01:52 - 2014-09-03 06:07 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2015-11-29 01:41 - 2014-10-31 17:03 - 00000000 ____D C:\Program Files (x86)\Realtek
2015-11-29 00:55 - 2014-10-31 17:10 - 00000000 ___HD C:\Program Files (x86)\Temp
2015-11-29 00:25 - 2014-09-03 06:02 - 00000000 ____D C:\Program Files\Hewlett-Packard
2015-11-25 19:28 - 2014-10-31 17:35 - 00000000 ____D C:\Program Files (x86)\McAfee
2015-11-25 17:16 - 2014-10-31 17:35 - 00000000 ____D C:\Program Files\Common Files\mcafee
2015-11-25 17:08 - 2014-10-31 17:34 - 00000000 ____D C:\ProgramData\McAfee
2015-11-24 02:36 - 2013-08-22 16:36 - 00000000 ___RD C:\WINDOWS\ToastData
2015-11-22 22:51 - 2014-09-03 06:20 - 00000000 ____D C:\ProgramData\Package Cache
2015-11-21 19:09 - 2014-10-31 17:33 - 00000000 ____D C:\Users\Public\CyberLink
2015-11-20 17:48 - 2014-10-31 17:36 - 00001881 _____ C:\Users\Public\Desktop\McAfee LiveSafe - Internet Security.lnk
2015-11-20 14:18 - 2014-09-03 06:21 - 00000000 ____D C:\ProgramData\Hewlett-Packard
2015-11-20 14:15 - 2014-04-05 00:45 - 00000000 ___HD C:\SYSTEM.SAV
2015-11-03 01:12 - 2015-10-30 08:26 - 00810488 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2015-11-03 01:12 - 2015-10-30 08:26 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======
2015-11-28 11:29 - 2015-11-28 11:29 - 0034498 _____ () C:\Users\Andreas\AppData\Roaming\ICSW_0P1F1E1T0J1T1CtJ1V0P1C1L1R1P0F1F2Y1G2Z1T1L1G1V0P0P0I.txt
2015-11-21 19:43 - 2015-11-29 16:30 - 0000098 _____ () C:\ProgramData\{262E20B8-6E20-4CEF-B1FD-D022AB1085F5}.dat
Dateien, die verschoben oder gelöscht werden sollten:
====================
C:\ProgramData\{262E20B8-6E20-4CEF-B1FD-D022AB1085F5}.dat
==================== Bamital & volsnap =================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert
LastRegBack: 2015-12-02 12:14
==================== Ende von FRST.txt ============================
Addition.txt - EditorFRST Additions Logfile: Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:01-12-2015
durchgeführt von Andreas (2015-12-03 11:06:43)
Gestartet von C:\Users\Andreas\Downloads
Windows 10 Home (X64) (2015-12-02 15:09:34)
Start-Modus: Normal
==========================================================
==================== Konten: =============================
Administrator (S-1-5-21-1884890629-360092094-2303528047-500 - Administrator - Disabled)
Andreas (S-1-5-21-1884890629-360092094-2303528047-1001 - Administrator - Enabled) => C:\Users\Andreas
DefaultAccount (S-1-5-21-1884890629-360092094-2303528047-503 - Limited - Disabled)
Gast (S-1-5-21-1884890629-360092094-2303528047-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1884890629-360092094-2303528047-1003 - Limited - Enabled)
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: McAfee Anti-Virus und Anti-Spyware (Enabled - Up to date) {DA9F8ED0-D0DE-39CC-F55A-51AB4CC1B556}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: McAfee Anti-Virus und Anti-Spyware (Enabled - Up to date) {61FE6F34-F6E4-3642-CFEA-6AD93746FFEB}
FW: McAfee Firewall (Enabled) {E2A40FF5-9AB1-3894-DE05-F89EB212F22D}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
Adobe Shockwave Player 12.0 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.0.4.144 - Adobe Systems, Inc.)
Advanced ScreenSnapshot 1.1 (HKLM\...\{61FFE1F9-137D-4c31-A181-3415FCAA5946}) (Version: 1.1.0.10921 - qiusheng xie) <==== ACHTUNG
Ashampoo Burning Studio 2015 v.1.15.0 (HKLM-x32\...\{91B33C97-21E3-DF34-9630-2EE80DDE1648}_is1) (Version: 1.15.0 - Ashampoo GmbH & Co. KG)
Beach Comp (HKU\S-1-5-21-1884890629-360092094-2303528047-1001\...\{A6B7E7DC-4B07-0CD0-7EE6-78BF4681A8DA}) (Version: 1.1.3 - Download Experience corp)
Bejeweled 3 (x32 Version: 3.0.2.59 - WildTangent) Hidden
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Build-a-lot (x32 Version: 2.2.0.98 - WildTangent) Hidden
Building the Great Wall of China Collector's Edition (x32 Version: 3.0.2.48 - WildTangent) Hidden
Chromodo (HKLM-x32\...\Chromodo) (Version: 45.7.11.387 - Comodo)
Crazy Chicken Soccer (x32 Version: 2.2.0.110 - WildTangent) Hidden
CyberLink Media Suite 10 (HKLM-x32\...\InstallShield_{1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}) (Version: 10.0.7.4023 - CyberLink Corp.)
Cyberlink PhotoDirector (HKLM-x32\...\InstallShield_{5A454EC5-217A-42a5-8CE1-2DDEC4E70E01}) (Version: 5.0.1.5406 - CyberLink Corp.)
Cyberlink PhotoDirector (Version: 5.0.1.5406 - Ihr Firmenname) Hidden
CyberLink Power2Go 8 (HKLM-x32\...\InstallShield_{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}) (Version: 8.0.7.4016 - CyberLink Corp.)
CyberLink PowerDirector 12 (HKLM-x32\...\InstallShield_{E1646825-D391-42A0-93AA-27FA810DA093}) (Version: 12.0.1.3024 - CyberLink Corp.)
CyberLink PowerDirector 12 (Version: 12.0.1.3024 - Ihr Firmenname) Hidden
CyberLink PowerDVD 12 (HKLM-x32\...\InstallShield_{B46BEA36-0B71-4A4E-AE41-87241643FA0A}) (Version: 12.0.4.4223 - CyberLink Corp.)
CyberLink YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 5.0.4.4218 - CyberLink Corp.)
DisableMSDefender (Version: 1.0.0 - Hewlett-Packard Company) Hidden
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version: - )
Farm Frenzy (x32 Version: 3.0.2.59 - WildTangent) Hidden
Fast-Search (HKLM-x32\...\Fast-Search) (Version: 3.0.1.5 - Geronimo Kenanyahu) <==== ACHTUNG
Foxit PhantomPDF (HKLM-x32\...\{00CD7D62-056A-4F0F-9143-44522D44E6DD}) (Version: 6.0.32.507 - Foxit Corporation)
GamesDesktop 014.005010155 (HKLM-x32\...\gmsd_de_005010155_is1) (Version: - GAMESDESKTOP) <==== ACHTUNG
GamesDesktop 014.005010156 (HKLM-x32\...\gmsd_de_005010156_is1) (Version: - GAMESDESKTOP) <==== ACHTUNG
GeekBuddy (HKLM\...\{266FA04F-F0FA-4F7A-AA1E-387A57F579F2}) (Version: 4.19.131 - Comodo Security Solutions Inc)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 46.0.2490.86 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.28.15 - Google Inc.) Hidden
Governor of Poker 2 Premium Edition (x32 Version: 3.0.2.59 - WildTangent) Hidden
Hewlett-Packard ACLM.NET v1.2.2.3 (x32 Version: 1.00.0000 - Hewlett-Packard Company) Hidden
HP Documentation (HKLM-x32\...\{90CE78B2-4F84-4BE8-B55C-ED85759C8445}) (Version: 1.2.0.0 - Hewlett-Packard)
HP Registration Service (HKLM\...\{D1E8F2D7-7794-4245-B286-87ED86C1893C}) (Version: 1.2.7745.4851 - Hewlett-Packard)
HP SimplePass (HKLM-x32\...\InstallShield_{314FAD12-F785-4471-BCE8-AB506642B9A1}) (Version: 8.01.11 - Hewlett-Packard)
HP Support Assistant (HKLM-x32\...\{7FE016CC-DAA9-4E21-BD2F-98390D1E6F3F}) (Version: 7.6.23.8 - Hewlett-Packard Company)
HP System Event Utility (HKLM-x32\...\{E20B0C89-ACCF-4EBB-909D-2E5BD4A9C024}) (Version: 1.1.11 - Hewlett-Packard Company)
HP Utility Center (HKLM\...\{E8F2076D-1885-4A0F-83D8-77B1F9D384CE}) (Version: 2.5.2 - Hewlett-Packard Company)
HP Wireless Button Driver (HKLM-x32\...\{30B2D1D8-0A07-4B71-9553-0710C5D31E35}) (Version: 1.1.2.1 - Hewlett-Packard Company)
InetStat (HKU\S-1-5-21-1884890629-360092094-2303528047-1001\...\InetStat) (Version: 0.5b - InetStat) <==== ACHTUNG
Inst5675 (Version: 8.01.11 - Softex Inc.) Hidden
Inst5676 (Version: 8.01.11 - Softex Inc.) Hidden
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.4276 - Intel Corporation)
Intel(R) Sideband Fabric Device Driver (HKLM-x32\...\C5A8BC6E-723A-4C0F-96E1-C426D1A4BCA9) (Version: 1.70.305.16316 - Intel Corporation)
Intel(R) Trusted Execution Engine (HKLM\...\{176E2755-0A17-42C6-88E2-192AB2131278}) (Version: 1.0.0.1064 - Intel Corporation)
istartpageing (HKLM-x32\...\istartpageing) (Version: 1.0.0.4 - ) <==== ACHTUNG
Jewel Match 3 (x32 Version: 3.0.2.59 - WildTangent) Hidden
McAfee LiveSafe - Internet Security (HKLM-x32\...\MSC) (Version: 14.0.5120 - McAfee, Inc.)
Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
MobilePCStarterKit 000.004090152 (HKLM-x32\...\mpck_en_004090152_is1) (Version: - MOBILEPCSTARTERKIT) <==== ACHTUNG
Note-UP (HKLM-x32\...\NUIns) (Version: - QUAHOG LIMITED)
Plants vs. Zombies - Game of the Year (x32 Version: 3.0.2.51 - WildTangent) Hidden
Polar Bowler 1st Frame (x32 Version: 3.0.2.59 - WildTangent) Hidden
Ranch Rush 2 - Premium Edition (x32 Version: 2.2.0.98 - WildTangent) Hidden
Realtek Ethernet Controller All-In-One Windows Driver (HKLM-x32\...\{F7E7F0CB-AA41-4D5A-B6F2-8E6738EB063F}) (Version: 8.32.508.2014 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7272 - Realtek Semiconductor Corp.)
REALTEK Wireless LAN Driver (HKLM-x32\...\{A5107464-AA9B-4177-8129-5FF2F42DD322}) (Version: 1.0.0.33 - REALTEK Semiconductor Corp.)
SearchModule (HKU\S-1-5-21-1884890629-360092094-2303528047-1001\...\{D2E9FE6A-7003-42A0-96F6-5569DFC2A3A8}_is1) (Version: 2.7.6.1776 - Goobzo LTD)
Setup (HKLM-x32\...\{7ADF667E-E14D-4D2C-827C-B0108F0D93BC}) (Version: - ) <==== ACHTUNG
Sound+ (HKLM-x32\...\zz.9392.sp) (Version: 1.0.0 - CSDI) <==== ACHTUNG
SpaceSoundPro (HKLM\...\SpaceSoundPro) (Version: 1.0 - ) <==== ACHTUNG
SpaceSoundPro Service (HKLM-x32\...\zz.9414.ssp) (Version: 1.0.0 - CSDI) <==== ACHTUNG
SpaceSoundPro Service (HKLM-x32\...\zz.9510.ssp) (Version: 1.0.0 - CSDI) <==== ACHTUNG
SVH (HKLM-x32\...\rec_en_77_is1) (Version: - ) <==== ACHTUNG
sweet-page uninstall (HKLM-x32\...\sweet-page uninstall) (Version: - sweet-page) <==== ACHTUNG
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.0.12.95 - Synaptics Incorporated)
Trinklit Supreme (x32 Version: 2.2.0.98 - WildTangent) Hidden
Update Installer for WildTangent Games App (x32 Version: - WildTangent) Hidden
Virtual Families (x32 Version: 2.2.0.98 - WildTangent) Hidden
Wedding Dash (x32 Version: 2.2.0.95 - WildTangent) Hidden
WildTangent Games App für HP (x32 Version: 4.0.11.9 - WildTangent) Hidden
WildTangent-Spiele (HKLM-x32\...\WildTangent wildgames Master Uninstall) (Version: 1.0.4.0 - WildTangent)
WinZip Driver Updater (HKLM-x32\...\{9854A5C4-5BE5-46E2-A989-352DD8B37E20}_is1) (Version: 1.0.648.16566 - WinZip Computing, S.L. (WinZip Computing))
WinZip Malware Protector (HKLM-x32\...\WinZip Malware Protector_is1) (Version: 2.1.1000.15248 - WinZip International LLC)
Youda Jewel Shop (x32 Version: 3.0.2.51 - WildTangent) Hidden
yoursearching uninstall (HKLM-x32\...\yoursearching uninstall) (Version: - yoursearching)
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
CustomCLSID: HKU\S-1-5-21-1884890629-360092094-2303528047-1001_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\Andreas\AppData\Local\Microsoft\OneDrive\17.3.6201.1019\FileCoAuth.exe (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1884890629-360092094-2303528047-1001_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\WINDOWS\system32\igfxEM.exe (Intel Corporation)
==================== Wiederherstellungspunkte =========================
02-12-2015 18:14:46 Windows Update
==================== Hosts Inhalt: ===============================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2013-08-22 14:25 - 2013-08-22 14:25 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {070DAEAC-8CFD-4E19-BB16-2CE8427F8B68} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Keine Datei <==== ACHTUNG
Task: {081F01E5-F47F-4EE3-AD48-357997E92032} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-11-20] (Google Inc.)
Task: {0B2BF874-558F-4627-976D-7A51CD39DDC9} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> Keine Datei <==== ACHTUNG
Task: {12A47C55-9EC9-4413-A7CC-C21DCF8D78A8} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Keine Datei <==== ACHTUNG
Task: {1F0B9FF1-A074-44E2-8FD2-B0B19C7822BF} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2014-06-03] (Hewlett-Packard Company)
Task: {20BA4C6A-9014-4B88-98AA-B53E68B993B2} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2015-10-27] (Microsoft Corporation)
Task: {25243BD7-FE2D-4500-84D7-8DBF8F089C4D} - System32\Tasks\COMODO\COMODO Update {A6D52E4F-569B-4756-B3D8-DF217313DA85} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe
Task: {2B2E3826-2EF4-44A1-BA89-CFCB65C76300} - System32\Tasks\McAfee\McAfee Auto Maintenance Task Agent
Task: {38A55D5C-F367-40E7-8347-6ACCFF6B5883} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2014-06-03] (Hewlett-Packard Company)
Task: {3AB9317A-7938-467C-B355-2DBA3AD8DFB3} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-11-20] (Google Inc.)
Task: {41AAE44A-1548-45DD-B933-CCB29F111EC5} - System32\Tasks\COMODO\COMODO Scan {F140D794-60B6-4F00-9235-D6457AA25B22} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe
Task: {4208FD2C-7D17-4D69-A873-5579341E4087} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Keine Datei <==== ACHTUNG
Task: {51AF312A-A1F4-4A05-861A-9F23F580A87A} - System32\Tasks\{72B3C6E9-C316-429E-92A6-E973A08C5823} => pcalua.exe -a "C:\Program Files (x86)\SpaceSondPro_v53.9414\SpaceSondPro_Service.exe" -d "C:\Program Files (x86)\SpaceSondPro_v53.9414\"
Task: {57FFDA18-74E6-4B12-90D3-1CBE103340E7} - System32\Tasks\COMODO\COMODO Signature Update {B9D5C6F9-17D2-4917-8BD0-614BAA1C6A59} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe
Task: {6B7E8466-0672-419A-8287-6D2CE1AE1070} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Keine Datei <==== ACHTUNG
Task: {6FD43B5D-7CED-4B68-AB04-C9817019D7DE} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Keine Datei <==== ACHTUNG
Task: {882AEA57-EE1F-4F8B-A2D4-F376DC73D0A7} - System32\Tasks\YCMServiceAgent => C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe [2014-06-18] (CyberLink Corp.)
Task: {8FDC4106-8E3D-4ACC-AB68-D64A571319F1} - System32\Tasks\WinZipDriverUpdaterRunAtStartup => C:\Program Files (x86)\WinZip Driver Updater\winzipdu.exe [2015-04-02] (WinZip Computing, S.L. (WinZip Computing))
Task: {90974206-859F-4EFB-9119-AB2896C8F23B} - System32\Tasks\WinZip Malware Protector_startup => C:\Program Files (x86)\WinZip Malware Protector\WinZipMalwareProtector.exe [2015-05-20] (Nico Mak Computing)
Task: {95CE79F4-3084-4642-B196-053DBFDE7F5F} - System32\Tasks\Beach Comp => Rundll32.exe "C:\Users\Andreas\AppData\Local\Beach Comp\zBin\BeachComp.dll",#3 <==== ACHTUNG
Task: {981145AB-9AE2-4BF0-B1F8-5FD25CB8D062} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Keine Datei <==== ACHTUNG
Task: {99B7D262-88DA-429A-AE13-A8595DDEB425} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Keine Datei <==== ACHTUNG
Task: {99CA7D23-A236-4965-B81E-F0464DC27B1F} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Keine Datei <==== ACHTUNG
Task: {A786DAD0-7B3B-47E5-93FF-A75013CC0A5A} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Keine Datei <==== ACHTUNG
Task: {ADE6F998-5CAF-4EE2-80D4-7FBF4C0994F6} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2015-11-04] (HP Inc.)
Task: {B26799FB-4B94-4C5D-8BF2-23513EA08A64} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2015-11-04] (HP Inc.)
Task: {B76CEF5C-0D92-440E-B8BE-7976BF75E315} - System32\Tasks\COMODO\COMODO Cache Builder {0FB77674-7905-4F34-A362-C5A9A26F8CF9} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe
Task: {B9898D8E-2573-4DC1-AB92-D0AC43091506} - System32\Tasks\COMODO\COMODO Autostart {D5EFF3B3-E126-4AF6-BCE9-852A72129E10} => C:\Program Files\COMODO\COMODO Internet Security\cistray.exe
Task: {DBAD47DF-7E24-4A67-860C-F1630E704D2C} - System32\Tasks\WinZipDriverUpdater_UPDATES => C:\Program Files (x86)\WinZip Driver Updater\winzipdu.exe [2015-04-02] (WinZip Computing, S.L. (WinZip Computing))
Task: {E87E5EA4-C423-4141-9329-9C78C1720646} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Keine Datei <==== ACHTUNG
Task: {EF8678CF-2B41-4FCA-9FBC-A86A88BE7364} - System32\Tasks\GoogleUpdateTaskMachineUA1d123b16d1b2c0c => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-11-20] (Google Inc.)
Task: {F160501F-631C-4CB2-90A4-2961784CA284} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Update Check => C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe [2014-05-12] (Hewlett-Packard Company)
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA1d123b16d1b2c0c.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\One System CarePeriod.job => C:\Program Files (x86)\OneSystemCare\OneSystemCare.exe
Task: C:\WINDOWS\Tasks\WinZipDriverUpdater_UPDATES.job => C:\Program Files (x86)\WinZip Driver Updater\winzipdu.exe
==================== Verknüpfungen =============================
(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)
ShortcutWithArgument: C:\Users\Andreas\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> hxxp://www.istartpageing.com/?type=sc&ts=1448708311&z=0c29afdb54b4bdd5daffad2g0z5z6bbm4e7b7c1g3g&from=cornl&uid=st500lt012-1dg142_s3pgkcj0 <==== ACHTUNG
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> hxxp://www.istartpageing.com/?type=sc&ts=1448708311&z=0c29afdb54b4bdd5daffad2g0z5z6bbm4e7b7c1g3g&from=cornl&uid=st500lt012-1dg142_s3pgkcj0 <==== ACHTUNG
ShortcutWithArgument: C:\Users\Public\Desktop\GeekBuddy.lnk -> C:\Program Files\COMODO\GeekBuddy\launcher.exe (Comodo Security Solutions, Inc.) -> hxxp://www.istartpageing.com/?type=sc&ts=1448708311&z=0c29afdb54b4bdd5daffad2g0z5z6bbm4e7b7c1g3g&from=cornl&uid=st500lt012-1dg142_s3pgkcj0 <==== ACHTUNG
ShortcutWithArgument: C:\Users\Public\Desktop\Snapfish Fotos.lnk -> C:\Program Files (x86)\Hewlett-Packard\Shared\WizLink.exe () -> hxxp://www.snapfish.com/hp_notebook_desktopicon_2014_de <==== ACHTUNG
==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
2014-03-28 12:31 - 2014-03-28 12:31 - 02110464 _____ () C:\Program Files\Hewlett-Packard\SimplePass\autheng.dll
2014-03-28 12:27 - 2014-03-28 12:27 - 00021504 _____ () C:\Program Files\Hewlett-Packard\SimplePass\cryptodll.dll
2014-03-28 12:27 - 2014-03-28 12:27 - 00035328 _____ () C:\Program Files\Hewlett-Packard\SimplePass\ssplogon.dll
2014-03-28 12:27 - 2014-03-28 12:27 - 00055296 _____ () C:\Program Files\Hewlett-Packard\SimplePass\RandomPass.dll
2014-03-28 12:48 - 2014-03-28 12:48 - 00367504 _____ () C:\Program Files\Hewlett-Packard\SimplePass\mstrpwd.dll
2014-03-28 12:48 - 2014-03-28 12:48 - 00712080 _____ () C:\Program Files\Hewlett-Packard\SimplePass\GraphicalPwd.dll
2014-10-31 17:44 - 2014-04-14 18:59 - 00389896 _____ () C:\Program Files\CyberLink\Shared files\RichVideo64.exe
2015-09-17 09:11 - 2015-09-17 09:11 - 00152016 _____ () C:\Program Files (x86)\ScreenSnapshotTool\1.1.0.10921\ScreenShotServ.exe
2015-10-30 08:18 - 2015-10-30 08:18 - 00185856 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2015-09-17 09:11 - 2015-09-17 09:11 - 01834448 _____ () C:\Program Files (x86)\ScreenSnapshotTool\1.1.0.10921\ScreenSnapshot.exe
2015-10-30 08:17 - 2015-10-30 08:17 - 02652784 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2015-10-30 08:17 - 2015-10-30 08:17 - 02652784 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
2015-10-30 08:17 - 2015-10-30 08:17 - 00093696 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\Windows.UI.Shell.SharedUtilities.dll
2015-10-30 08:17 - 2015-10-30 08:17 - 00472064 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll
2015-10-30 08:18 - 2015-10-30 19:44 - 08005632 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2015-10-30 08:18 - 2015-10-30 19:44 - 00591360 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2015-10-30 08:18 - 2015-10-30 19:44 - 02483200 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2015-10-30 08:18 - 2015-10-30 19:44 - 04089856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2014-03-28 12:36 - 2014-03-28 12:36 - 00065024 _____ () C:\Program Files\Hewlett-Packard\SimplePass\opvapp.exe
2015-12-02 17:38 - 2015-12-02 17:40 - 00144384 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_1.11.19004.0_x86__8wekyb3d8bbwe\SkypeHost.exe
2015-09-17 09:11 - 2015-09-17 09:11 - 00543392 _____ () C:\Program Files (x86)\ScreenSnapshotTool\1.1.0.10921\EVPTask.dll
2015-09-17 09:11 - 2015-09-17 09:11 - 00406688 _____ () C:\Program Files (x86)\ScreenSnapshotTool\1.1.0.10921\EVPNet.dll
2015-09-17 09:11 - 2015-09-17 09:11 - 00428704 _____ () C:\Program Files (x86)\ScreenSnapshotTool\1.1.0.10921\EVPDR.dll
2015-11-28 11:57 - 2015-03-17 11:03 - 00886272 _____ () C:\Program Files (x86)\WinZip Malware Protector\System.Data.SQLite.dll
2015-11-28 11:57 - 2015-05-20 13:51 - 01717960 _____ () C:\Program Files (x86)\WinZip Malware Protector\aspsys.dll
2015-11-28 11:57 - 2015-03-17 11:03 - 00168448 _____ () C:\Program Files (x86)\WinZip Malware Protector\UNRAR.DLL
2015-11-13 18:53 - 2015-11-13 18:53 - 01881784 _____ () C:\Program Files (x86)\Comodo\Chromodo\libglesv2.dll
2015-11-13 18:43 - 2015-11-13 18:43 - 00082104 _____ () C:\Program Files (x86)\Comodo\Chromodo\libegl.dll
2015-12-02 17:38 - 2015-12-02 17:40 - 00152064 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_1.11.19004.0_x86__8wekyb3d8bbwe\SkypeBackgroundTasks.dll
2015-12-02 17:38 - 2015-12-02 17:40 - 18906624 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_1.11.19004.0_x86__8wekyb3d8bbwe\SkyWrap.dll
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
AlternateDataStreams: C:\Users\Andreas\Downloads\video.mp4:$CmdZnID
AlternateDataStreams: C:\Users\Andreas\Downloads\VLC media player 32 Bit - CHIP-Installer.exe:$CmdZnID
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeaack => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeaack.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeavfk => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeavfk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefire => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfemms => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfetdi2k => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfetdi2k.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfevtp => ""="Service"
==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
==================== Andere Bereiche ============================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-1884890629-360092094-2303528047-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Andreas\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\dsc_0201.jpg
DNS Servers: 192.168.178.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKLM\...\StartupApproved\StartupFolder: => "Start GeekBuddy.lnk"
HKLM\...\StartupApproved\Run: => "Sound+"
HKLM\...\StartupApproved\Run32: => "rec_en_77"
HKLM\...\StartupApproved\Run32: => "gmsd_de_005010156"
HKLM\...\StartupApproved\Run32: => "tvncontrol"
HKLM\...\StartupApproved\Run32: => "gmsd_de_005010155"
HKU\S-1-5-21-1884890629-360092094-2303528047-1001\...\StartupApproved\Run: => "InetStat"
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{5B3D653B-6824-4C59-8416-C6900287AE57}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPDeviceDetection3.exe
FirewallRules: [{832C0BA7-9301-4D90-AA90-9719B02E415F}] => (Allow) C:\Program Files (x86)\WinZip Driver Updater\winzipdu.exe
FirewallRules: [{5E4CC67D-1D10-4760-BE68-6A2D76A12408}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{7E631BA4-C7C7-48CF-B432-E87F8EF6FD22}] => (Allow) C:\Program Files\CyberLink\PowerDirector12\PDR10.EXE
FirewallRules: [{8B9FC500-2960-467C-8542-2FF385F0D664}] => (Allow) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe
FirewallRules: [{9E65C981-215E-4DFE-BF86-84D37EB82C3B}] => (Allow) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe
FirewallRules: [{2D4008FA-077F-40F7-A0C9-46DCB187BBCF}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\Movie\PowerDVD.exe
FirewallRules: [{8ACB7FA8-A197-4A43-9E42-306E6226C8DB}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12ML.exe
FirewallRules: [{2FA9C81F-7693-4E6C-981F-0A3AA8A302FB}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12Agent.exe
FirewallRules: [{837AFD22-E6AC-4DFE-91B1-D91C6633D796}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe
FirewallRules: [{D149D774-90BB-4090-9DD2-FEDA3AB74EE0}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMR\PowerDVD12DMREngine.exe
FirewallRules: [{1991B6AF-C9CD-441D-942E-F3ACE4CAE764}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12.exe
FirewallRules: [{20F1F91E-3BDF-42BB-8F22-412D0434AC4B}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{9BDABC1F-6A93-4CB1-AB7E-B16323EE1471}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{35942880-1184-476E-B801-07E583A172AA}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{B9EA844A-BC1B-4CDC-85F4-1686290278B9}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
==================== Fehlerhafte Geräte im Gerätemanager =============
==================== Fehlereinträge in der Ereignisanzeige: =========================
Applikationsfehler:
==================
Error: (12/03/2015 10:41:50 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: SynTPEnh.exe, Version: 19.0.12.95, Zeitstempel: 0x559a67c8
Name des fehlerhaften Moduls: SynCOM.dll, Version: 19.0.12.95, Zeitstempel: 0x559a644b
Ausnahmecode: 0xc0000005
Fehleroffset: 0x000000000001e8e8
ID des fehlerhaften Prozesses: 0x2770
Startzeit der fehlerhaften Anwendung: 0xSynTPEnh.exe0
Pfad der fehlerhaften Anwendung: SynTPEnh.exe1
Pfad des fehlerhaften Moduls: SynTPEnh.exe2
Berichtskennung: SynTPEnh.exe3
Vollständiger Name des fehlerhaften Pakets: SynTPEnh.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: SynTPEnh.exe5
Error: (12/03/2015 10:40:42 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Local Hostname Andreas.local already in use; will try Andreas-2.local instead
Error: (12/03/2015 10:40:42 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: ProbeCount 2; will deregister 4 Andreas.local. Addr 192.168.178.29
Error: (12/03/2015 10:40:42 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Received from 192.168.178.29:5353 16 Andreas.local. AAAA 2A02:0908:EB10:C420:31B4:4BCF:C1E5:4DD5
Error: (12/02/2015 11:45:56 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: ANDREAS)
Description: Bei der Aktivierung der App „Microsoft.Windows.ContentDeliveryManager_cw5n1h2txyewy!App“ ist folgender Fehler aufgetreten: -2144927141. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.
Error: (12/02/2015 11:45:27 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: ShellExperienceHost.exe, Version: 10.0.10586.0, Zeitstempel: 0x5632d93d
Name des fehlerhaften Moduls: StartUI.dll, Version: 10.0.10586.0, Zeitstempel: 0x5632d84d
Ausnahmecode: 0x80000003
Fehleroffset: 0x00000000002b7beb
ID des fehlerhaften Prozesses: 0x1ce4
Startzeit der fehlerhaften Anwendung: 0xShellExperienceHost.exe0
Pfad der fehlerhaften Anwendung: ShellExperienceHost.exe1
Pfad des fehlerhaften Moduls: ShellExperienceHost.exe2
Berichtskennung: ShellExperienceHost.exe3
Vollständiger Name des fehlerhaften Pakets: ShellExperienceHost.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: ShellExperienceHost.exe5
Error: (12/02/2015 08:59:35 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 8171
Error: (12/02/2015 08:59:35 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 8171
Error: (12/02/2015 08:59:35 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (12/02/2015 08:59:29 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 1484
Systemfehler:
=============
Error: (12/03/2015 10:40:35 AM) (Source: ACPI) (EventID: 13) (User: )
Description: : Der eingebettete Controller (EC) hat nicht innerhalb des angegebenen Zeitlimits reagiert. Dies deutet auf einen Fehler in der EC-Hardware oder -Firmware hin bzw. darauf, dass das BIOS auf falsche Art auf den EC zugreift. Fragen Sie den Computerhersteller nach einem aktualisierten BIOS. Dieser Fehler kann in einigen Situationen zur Folge haben, dass der Computer fehlerhaft läuft.
Error: (12/02/2015 11:46:00 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Synchronisierungshost_1269ad9 erreicht.
Error: (12/02/2015 11:46:00 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Benutzerdatenspeicher _1269ad9 erreicht.
Error: (12/02/2015 11:45:56 PM) (Source: DCOM) (EventID: 10010) (User: ANDREAS)
Description: App.AppXx4zfy1ffv3wctgdz2vypnybzjkh27jhw.mca
Error: (12/02/2015 11:45:50 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Benutzerdatenzugriff_1269ad9" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (12/02/2015 11:45:50 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Benutzerdatenspeicher _1269ad9" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (12/02/2015 11:45:50 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Kontaktdaten_1269ad9" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (12/02/2015 11:45:50 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Synchronisierungshost_1269ad9" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (12/02/2015 11:45:50 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalAktivierung{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar
Error: (12/02/2015 08:59:23 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalAktivierung{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar
CodeIntegrity:
===================================
Date: 2015-12-03 10:45:35.958
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
Date: 2015-12-02 12:42:15.782
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
Date: 2015-12-02 12:40:44.800
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
Date: 2015-12-02 12:16:42.711
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
==================== Speicherinformationen ===========================
Prozessor: Intel(R) Celeron(R) CPU N2840 @ 2.16GHz
Prozentuale Nutzung des RAM: 50%
Installierter physikalischer RAM: 3984.27 MB
Verfügbarer physikalischer RAM: 1966.72 MB
Summe virtueller Speicher: 5392.27 MB
Verfügbarer virtueller Speicher: 3082.68 MB
==================== Laufwerke ================================
Drive c: (Windows) (Fixed) (Total:442.2 GB) (Free:385.81 GB) NTFS
Drive d: (RECOVERY) (Fixed) (Total:21.76 GB) (Free:2.44 GB) NTFS ==>[System mit Startkomponenten (eingeholt von Laufwerk)]
==================== MBR & Partitionstabelle ==================
========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: E6DC802C)
Partition: GPT.
==================== Ende von Addition.txt ============================
|
|
03.12.2015, 12:00
| #2 |
| /// Winkelfunktion /// TB-Süch-Tiger™   | Direkt nach dem Start erscheint "Modul nicht gefunden". Hallo und
__________________ Hast du noch weitere Logs (mit Funden)? Malwarebytes und/oder andere Virenscanner, sind die mal fündig geworden? Ich frage deswegen nach => http://www.trojaner-board.de/125889-...tml#post941520 Bitte keine neuen Virenscans machen sondern erst nur schon vorhandene Logs in CODE-Tags posten! Relevant sind nur Logs der letzten 7 Tage bzw. seitdem das Problem besteht! Editiere deine FRST-Logs im Eingangposting bitte so, dass sie in CODE-Tags stehen. Du kannst nur deine Postings editieren, die jünger als eine Stunde sind.  Lesestoff:Posten in CODE-Tags Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR oder 7Z-Archiv zu packen erschwert mir massiv die Arbeit. Auch wenn die Logs für einen Beitrag zu groß sein sollten, bitte ich dich die Logs direkt und notfalls über mehrere Beiträge verteilt zu posten. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
__________________ |
|
03.12.2015, 13:23
| #3 |
| | Direkt nach dem Start erscheint "Modul nicht gefunden". nein, sonst habe ich nichts gemacht. alles hat eigentlich damit angefangen, dass sich beim betätigen des Internet-Explorer ständig neue Tabs geöffnet haben und ich meine cookie-einstellungen betätigen konnte, wie ich wollte, das Problem blieb betstehen..Dann hab ich angefangen, kürzlich aufgespielte Programme
__________________wie "Reimage" (oder so ähnlich) zu löschen. Das hat leider auch nur teilweise und mit Fehlermeldungen funktioniert, deshalb habe ich meinen PC irgendwann auf "Werkseinstellungen zurückgesetzt" und trotzdem blieb das Problem bestehen! Ich wurde nahezu bombadiert mit Fehlermeldungen!(Alptraum) Dann hab ich eure Seite gefunden, nach dem ich das Problem mit den "ständig neuen Tabs" bei Google eingegeben habe. hab da dann ein Programm gefunden, welches ich runtergeladen und gestartet habe (Name esetsmartinstaller) Anschließend hab ich nichts mehr gemacht und die ständigen Tabs waren auf wundersame weise verschwunden, dafür wird jetzt das "MODUL NICHT MEHR GEFUNDEN" Sorry, aber das wollte ich ein wenig ausführlicher beschreiben (was mir wohl gelungen ist :-) Wie soll ich jetzt weiter vorgehen? |
|
03.12.2015, 13:25
| #4 | |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Direkt nach dem Start erscheint "Modul nicht gefunden".Zitat:
__________________ Logfiles bitte immer in CODE-Tags posten  |
|
03.12.2015, 13:55
| #5 |
| | Direkt nach dem Start erscheint "Modul nicht gefunden". das Problem ist, dass ich dieses Programmergebnis nicht posten kann, da ich nach gefühlten 20 Minuten und keinem erkennbaren Fortschritt bei 21 % den Suchlauf beendet habe! Die unerwünschten Fenster sind anschließend aber trotzdem ausgeblieben! Logs dazu kann ich deshalb aber leider nicht anbieten obwohl ich den Lauf auf Wunsch auch gerne nochmal laufen lassen kann...Befindet sich ja in meinen Downloads Soll ich das Programm nochmal laufen lassen, oder können Sie mir was anderes empfehlen? |
|
03.12.2015, 14:01
| #6 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Direkt nach dem Start erscheint "Modul nicht gefunden". Du hast nicht geschrieben, dass ESET noch garnicht fertig war. Adware/Junkware/Toolbars entfernen 1. Schritt: Malwarebytes Downloade Dir bitte  Malwarebytes Anti-Malware
(alte Versionen von adwCleaner und falls vorhanden JRT vorher löschen, danach neu runterladen auf den Desktop!) 2. Schritt: adwCleaner Downloade Dir bitte  AdwCleaner auf deinen Desktop.
3. Schritt: JRT - Junkware Removal Tool Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
4. Schritt: Frisches Log mit FRST Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:  FRST 32-Bit | FRST 64-Bit(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
__________________ --> Direkt nach dem Start erscheint "Modul nicht gefunden". |
|
03.12.2015, 15:22
| #7 |
| |  Ergebnis Schritt 1 Soll ich die Schritte wirklich alle nacheinander abarbeiten? Hier erstmal ie ergebnisse vom Anti-Malware Programm Malwarebytes Anti-Malware www.malwarebytes.org Suchlaufdatum: 03.12.2015 Suchlaufzeit: 14:22 Protokolldatei: mbam.txt Administrator: Ja Version: 2.2.0.1024 Malware-Datenbank: v2015.12.03.03 Rootkit-Datenbank: v2015.11.26.01 Lizenz: Kostenlose Version Malware-Schutz: Deaktiviert Schutz vor bösartigen Websites: Deaktiviert Selbstschutz: Deaktiviert Betriebssystem: Windows 10 CPU: x64 Dateisystem: NTFS Benutzer: Andreas Suchlauftyp: Bedrohungssuchlauf Ergebnis: Abgeschlossen Durchsuchte Objekte: 349800 Abgelaufene Zeit: 23 Min., 49 Sek. Speicher: Aktiviert Start: Aktiviert Dateisystem: Aktiviert Archive: Aktiviert Rootkits: Deaktiviert Heuristik: Aktiviert PUP: Aktiviert PUM: Aktiviert Prozesse: 0 (keine bösartigen Elemente erkannt) Module: 0 (keine bösartigen Elemente erkannt) Registrierungsschlüssel: 0 (keine bösartigen Elemente erkannt) Registrierungswerte: 0 (keine bösartigen Elemente erkannt) Registrierungsdaten: 0 (keine bösartigen Elemente erkannt) Ordner: 0 (keine bösartigen Elemente erkannt) Dateien: 0 (keine bösartigen Elemente erkannt) Physische Sektoren: 0 (keine bösartigen Elemente erkannt) (end) |
|
03.12.2015, 15:24
| #8 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Direkt nach dem Start erscheint "Modul nicht gefunden". Und nochmal: poste die Logs bitte in CODE-Tags! Lesestoff:Posten in CODE-Tags Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR oder 7Z-Archiv zu packen erschwert mir massiv die Arbeit. Auch wenn die Logs für einen Beitrag zu groß sein sollten, bitte ich dich die Logs direkt und notfalls über mehrere Beiträge verteilt zu posten. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
__________________ Logfiles bitte immer in CODE-Tags posten |
|
03.12.2015, 17:49
| #9 |
| | Ich peil es nicht also ich bin nach der Anleitung vorgegangen, die Ergebnisse in Code-Tags umzuwandeln, aber da ich das zum ersten mal machen muss, stehe ich gerade ein bisschen "aufm Schlauch" Bis zum kopieren des Textes komme ich noch, aber die # Taste im Editor????  Was soll da passieren, nachdem ich den Text markiert habe und diese Taste drücke? Da passiert leider garnichts, außer, das der omplette Text verschwindet und ich ein "wunderschönes" # Symbol im Bild habe was mache ich falsch?    Code:
ATTFilter ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.0.1 (11.24.2015)
Operating System: Windows 10 Home x64
Ran by Andreas (Administrator) on 03.12.2015 at 16:06:14,57
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
File System: 4
Successfully deleted: C:\ProgramData\nico mak computing (Folder)
Successfully deleted: C:\ProgramData\reviversoft (Folder)
Successfully deleted: C:\Users\Andreas\AppData\Roaming\nico mak computing (Folder)
Successfully deleted: C:\Program Files\reviversoft (Folder)
Registry: 3
Successfully deleted: HKCU\Software\Microsoft\Windows\CurrentVersion\Run\\GoogleChromeAutoLaunch_46A172103AF55F16E10754CCD32BD34E (Registry Value)
Successfully deleted: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{60495DA5-575C-451E-990C-FCC7EFB8778B} (Registry Key)
Successfully deleted: HKLM\Software\Microsoft\Internet Explorer\SearchScopes\{60495DA5-575C-451E-990C-FCC7EFB8778B} (Registry Key)
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 03.12.2015 at 16:11:37,84
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~JRT Logfile:
JRT Logfile:
JRT Logfile:
Code:
ATTFilter ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.0.1 (11.24.2015)
Operating System: Windows 10 Home x64
Ran by Andreas (Administrator) on 03.12.2015 at 16:06:14,57
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
File System: 4
Successfully deleted: C:\ProgramData\nico mak computing (Folder)
Successfully deleted: C:\ProgramData\reviversoft (Folder)
Successfully deleted: C:\Users\Andreas\AppData\Roaming\nico mak computing (Folder)
Successfully deleted: C:\Program Files\reviversoft (Folder)
Registry: 3
Successfully deleted: HKCU\Software\Microsoft\Windows\CurrentVersion\Run\\GoogleChromeAutoLaunch_46A172103AF55F16E10754CCD32BD34E (Registry Value)
Successfully deleted: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{60495DA5-575C-451E-990C-FCC7EFB8778B} (Registry Key)
Successfully deleted: HKLM\Software\Microsoft\Internet Explorer\SearchScopes\{60495DA5-575C-451E-990C-FCC7EFB8778B} (Registry Key)
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 03.12.2015 at 16:11:37,84
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
[/CODE] ist das so richtig??? Malwarebytes Anti-Malware www.malwarebytes.org Suchlaufdatum: 03.12.2015 Suchlaufzeit: 14:22 Protokolldatei: mbam.txt Administrator: Ja Version: 2.2.0.1024 Malware-Datenbank: v2015.12.03.03 Rootkit-Datenbank: v2015.11.26.01 Lizenz: Kostenlose Version Malware-Schutz: Deaktiviert Schutz vor bösartigen Websites: Deaktiviert Selbstschutz: Deaktiviert Betriebssystem: Windows 10 CPU: x64 Dateisystem: NTFS Benutzer: Andreas Suchlauftyp: Bedrohungssuchlauf Ergebnis: Abgeschlossen Durchsuchte Objekte: 349800 Abgelaufene Zeit: 23 Min., 49 Sek. Speicher: Aktiviert Start: Aktiviert Dateisystem: Aktiviert Archive: Aktiviert Rootkits: Deaktiviert Heuristik: Aktiviert PUP: Aktiviert PUM: Aktiviert Prozesse: 0 (keine bösartigen Elemente erkannt) Module: 0 (keine bösartigen Elemente erkannt) Registrierungsschlüssel: 0 (keine bösartigen Elemente erkannt) Registrierungswerte: 0 (keine bösartigen Elemente erkannt) Registrierungsdaten: 0 (keine bösartigen Elemente erkannt) Ordner: 0 (keine bösartigen Elemente erkannt) Dateien: 0 (keine bösartigen Elemente erkannt) Physische Sektoren: 0 (keine bösartigen Elemente erkannt) (end) also die Taste hab ich doch jetzt tatsächlich gefunden, aber ich finde, dass die Ergebnisse genauso aussehen, als hätte ich diesen "Code nicht vermerkt" Irgendwas stimmt da noch immer nicht... Tut mir cht leiod, dass ich das nicht gleich auf die Reihe kriege, aber vllt kriegen wir das ja heute zusammen noch fertig :-) bitte um noch ein bisschen geduld und bedanke mich schonmal für die Mühen Code:
ATTFilter ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.0.1 (11.24.2015)
Operating System: Windows 10 Home x64
Ran by Andreas (Administrator) on 03.12.2015 at 16:06:14,57
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
File System: 4
Successfully deleted: C:\ProgramData\nico mak computing (Folder)
Successfully deleted: C:\ProgramData\reviversoft (Folder)
Successfully deleted: C:\Users\Andreas\AppData\Roaming\nico mak computing (Folder)
Successfully deleted: C:\Program Files\reviversoft (Folder)
Registry: 3
Successfully deleted: HKCU\Software\Microsoft\Windows\CurrentVersion\Run\\GoogleChromeAutoLaunch_46A172103AF55F16E10754CCD32BD34E (Registry Value)
Successfully deleted: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{60495DA5-575C-451E-990C-FCC7EFB8778B} (Registry Key)
Successfully deleted: HKLM\Software\Microsoft\Internet Explorer\SearchScopes\{60495DA5-575C-451E-990C-FCC7EFB8778B} (Registry Key)
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 03.12.2015 at 16:11:37,84
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Code:
ATTFilter Malwarebytes Anti-Malware www.malwarebytes.org Suchlaufdatum: 03.12.2015 Suchlaufzeit: 14:22 Protokolldatei: mbam.txt Administrator: Ja Version: 2.2.0.1024 Malware-Datenbank: v2015.12.03.03 Rootkit-Datenbank: v2015.11.26.01 Lizenz: Kostenlose Version Malware-Schutz: Deaktiviert Schutz vor bösartigen Websites: Deaktiviert Selbstschutz: Deaktiviert Betriebssystem: Windows 10 CPU: x64 Dateisystem: NTFS Benutzer: Andreas Suchlauftyp: Bedrohungssuchlauf Ergebnis: Abgeschlossen Durchsuchte Objekte: 349800 Abgelaufene Zeit: 23 Min., 49 Sek. Speicher: Aktiviert Start: Aktiviert Dateisystem: Aktiviert Archive: Aktiviert Rootkits: Deaktiviert Heuristik: Aktiviert PUP: Aktiviert PUM: Aktiviert Prozesse: 0 (keine bösartigen Elemente erkannt) Module: 0 (keine bösartigen Elemente erkannt) Registrierungsschlüssel: 0 (keine bösartigen Elemente erkannt) Registrierungswerte: 0 (keine bösartigen Elemente erkannt) Registrierungsdaten: 0 (keine bösartigen Elemente erkannt) Ordner: 0 (keine bösartigen Elemente erkannt) Dateien: 0 (keine bösartigen Elemente erkannt) Physische Sektoren: 0 (keine bösartigen Elemente erkannt) (end) |
|
03.12.2015, 22:25
| #10 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Direkt nach dem Start erscheint "Modul nicht gefunden". Adwcleaner Log fehlt und auch die neuen von FRST. Und mal ehrlich, was ist denn so kompliziert an den CODE-Tags??? Im Lesestoff wurde doch extra zur Veranschaulichung ein Screenshot integriert...
__________________ Logfiles bitte immer in CODE-Tags posten |
|
04.12.2015, 14:30
| #11 |
| | Direkt nach dem Start erscheint "Modul nicht gefunden".Code:
ATTFilter # AdwCleaner v5.023 - Bericht erstellt am 04/12/2015 um 13:24:14
# Aktualisiert am 30/11/2015 von Xplode
# Datenbank : 2015-12-03.1 [Server]
# Betriebssystem : Windows 10 Home (x64)
# Benutzername : Andreas - ANDREAS
# Gestartet von : C:\Users\Andreas\Downloads\AdwCleaner_5.023 (1).exe
# Option : Löschen
# Unterstützung : hxxp://toolslib.net/forum
***** [ Dienste ] *****
***** [ Ordner ] *****
***** [ Dateien ] *****
***** [ DLLs ] *****
***** [ Verknüpfungen ] *****
***** [ Aufgabenplanung ] *****
***** [ Registrierungsdatenbank ] *****
***** [ Internetbrowser ] *****
*************************
:: "Tracing" Schlüssel gelöscht
:: Proxy Einstellungen zurückgesetzt
:: Winsock Einstellungen zurückgesetzt
:: Chrome Richtlinien gelöscht
########## EOF - C:\AdwCleaner\AdwCleaner[C2].txt - [807 Bytes] ##########
Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:01-12-2015 durchgeführt von Andreas (Administrator) auf ANDREAS (04-12-2015 14:25:26) Gestartet von C:\Users\Andreas\Downloads Geladene Profile: Andreas (Verfügbare Profile: Andreas) Platform: Windows 10 Home Version 1511 (X64) Sprache: Deutsch (Deutschland) Internet Explorer Version 11 (Standard-Browser: Edge) Start-Modus: Normal Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Prozesse (Nicht auf der Ausnahmeliste) ================= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.) (Comodo Security Solutions, Inc.) C:\Program Files (x86)\Common Files\COMODO\launcher_service.exe (Intel Corporation) C:\Windows\SysWOW64\IntelCpHeciSvc.exe (Softex Inc.) C:\Program Files\Hewlett-Packard\SimplePass\OmniServ.exe (Intel Corporation) C:\Windows\System32\igfxCUIService.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Microsoft Corporation) C:\Windows\System32\wlanext.exe (Andrea Electronics Corporation) C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe (Comodo) C:\Program Files (x86)\Comodo\Chromodo\chromodo_updater.exe (Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPWMISVC.exe (Comodo Security Solutions, Inc.) C:\Program Files (x86)\Common Files\COMODO\GeekBuddyRSP.exe (Intel(R) Corporation) C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe (Malwarebytes) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe (McAfee, Inc.) C:\Windows\System32\mfevtps.exe () C:\Program Files\CyberLink\Shared files\RichVideo64.exe (McAfee, Inc.) C:\Program Files\Common Files\mcafee\systemcore\mfemms.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe (McAfee, Inc.) C:\Windows\System32\mfevtps.exe (AVG Technologies) C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe (McAfee, Inc.) C:\Program Files\Common Files\mcafee\AMCore\mcshield.exe (McAfee, Inc.) C:\Program Files\Common Files\mcafee\systemcore\mfefire.exe (McAfee, Inc.) C:\Program Files\Common Files\mcafee\systemcore\mfefire.exe (McAfee, Inc.) C:\Program Files\mcafee\msc\McAPExe.exe (McAfee, Inc.) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (AVG Technologies) C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesApp64.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe (McAfee, Inc.) C:\Program Files\Common Files\mcafee\CSP\1.6.1180.0\McCSPServiceHost.exe () C:\Program Files\WindowsApps\Microsoft.Messaging_1.11.19004.0_x86__8wekyb3d8bbwe\SkypeHost.exe (Intel Corporation) C:\Windows\System32\igfxEM.exe (Intel Corporation) C:\Windows\System32\igfxHK.exe (Intel Corporation) C:\Windows\System32\igfxTray.exe () C:\Program Files\Hewlett-Packard\SimplePass\opvapp.exe (CyberLink Corp.) C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Hewlett-Packard) C:\Program Files\Hewlett-Packard\SimplePass\ClientCore.exe (Hewlett-Packard) C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBroker.exe (Hewlett-Packard) C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBrokerDsktop.exe (Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPMSGSVC.exe (WildTangent) C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe (Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe (Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe (Microsoft Corporation) C:\Windows\System32\wuapihost.exe (Comodo) C:\Program Files (x86)\Comodo\Chromodo\chromodo.exe (Comodo) C:\Program Files (x86)\Comodo\Chromodo\chromodo.exe (McAfee, Inc.) C:\Program Files\Common Files\mcafee\platform\McUICnt.exe (Comodo) C:\Program Files (x86)\Comodo\Chromodo\chromodo.exe (Comodo) C:\Program Files (x86)\Comodo\Chromodo\chromodo.exe (Comodo) C:\Program Files (x86)\Comodo\Chromodo\chromodo.exe (Comodo) C:\Program Files (x86)\Comodo\Chromodo\chromodo.exe (Comodo) C:\Program Files (x86)\Comodo\Chromodo\chromodo.exe (Comodo) C:\Program Files (x86)\Comodo\Chromodo\chromodo.exe (Comodo) C:\Program Files (x86)\Comodo\Chromodo\chromodo.exe (Farbar) C:\Users\Andreas\Downloads\FRST64 (2).exe ==================== Registry (Nicht auf der Ausnahmeliste) =========================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.) HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7634288 2014-06-24] (Realtek Semiconductor) HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1386712 2014-06-24] (Realtek Semiconductor) HKLM\...\Run: [SimplePass] => C:\Program Files\Hewlett-Packard\SimplePass\ClientCore.exe [3962936 2014-03-28] (Hewlett-Packard) HKLM\...\Run: [OPBHOBroker] => C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBroker.exe [415288 2014-03-28] (Hewlett-Packard) HKLM\...\Run: [OPBHOBrokerDesktop] => C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBrokerDsktop.exe [415288 2014-03-28] (Hewlett-Packard) HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [3944136 2015-07-17] (Synaptics Incorporated) HKLM-x32\...\Run: [HPMessageService] => C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPMSGSVC.exe [506680 2014-06-19] (Hewlett-Packard Development Company, L.P.) HKLM-x32\...\Run: [tvncontrol] => C:\Program Files (x86)\Common Files\COMODO\GeekBuddyRSP.exe [2327248 2015-01-30] (Comodo Security Solutions, Inc.) HKLM\...\Policies\Explorer: [NoFolderOptions] 0 HKLM\...\Policies\Explorer: [NoControlPanel] 0 HKU\S-1-5-21-1884890629-360092094-2303528047-1001\...\RunOnce: [Uninstall C:\Users\Andreas\AppData\Local\Microsoft\OneDrive\17.3.5892.0626\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Andreas\AppData\Local\Microsoft\OneDrive\17.3.5892.0626\amd64" ==================== Internet (Nicht auf der Ausnahmeliste) ==================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.) Tcpip\Parameters: [DhcpNameServer] 192.168.178.1 Tcpip\..\Interfaces\{f202c746-f929-4b93-b5b8-ecb6ea4ea064}: [DhcpNameServer] 192.168.178.1 Internet Explorer: ================== HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = www.google.com HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,First Home Page = hxxp://g.uk.msn.com/HPNOT14/4 HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/HPNOT14/4 BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2013-08-28] (Hewlett-Packard) BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2013-08-28] (Hewlett-Packard) Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\mcafee\msc\McSnIePl64.dll [2015-09-28] (McAfee, Inc.) Filter-x32: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files (x86)\McAfee\msc\McSnIePl.dll [2015-09-28] (McAfee, Inc.) FireFox: ======== FF Plugin: @mcafee.com/MSC,version=10 -> c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL [2015-09-28] () FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\windows\SysWOW64\Adobe\Director\np32dsw_1204144.dll [2013-09-05] (Adobe Systems, Inc.) FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2014-05-13] () FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2014-05-13] () FF Plugin-x32: @mcafee.com/MSC,version=10 -> c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL [2015-09-28] () FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-03] (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-03] (Google Inc.) FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll [2013-08-06] () FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK FF Extension: McAfee Anti-Spam Thunderbird Extension - C:\Program Files\McAfee\MSK [2015-11-23] [ist nicht signiert] Chrome: ======= CHR Profile: C:\Users\Andreas\AppData\Local\Google\Chrome\User Data\Default CHR Extension: (Google Slides) - C:\Users\Andreas\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-11-20] CHR Extension: (Google Docs) - C:\Users\Andreas\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-11-20] CHR Extension: (Google Drive) - C:\Users\Andreas\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-11-20] CHR Extension: (YouTube) - C:\Users\Andreas\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-11-20] CHR Extension: (Google Search) - C:\Users\Andreas\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-11-20] CHR Extension: (Google Sheets) - C:\Users\Andreas\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-11-20] CHR Extension: (Google Docs Offline) - C:\Users\Andreas\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-11-20] CHR Extension: (Background for LinkedIn) - C:\Users\Andreas\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmamnhfbiackmckkaopokinkpmccdnki [2015-11-20] CHR Extension: (Chrome Web Store Payments) - C:\Users\Andreas\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-11-20] CHR Extension: (Gmail) - C:\Users\Andreas\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-11-20] ==================== Dienste (Nicht auf der Ausnahmeliste) ======================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) R2 ChromodoUpdater; C:\Program Files (x86)\Comodo\Chromodo\chromodo_updater.exe [1984696 2015-11-13] (Comodo) R2 CLPSLauncher; C:\Program Files (x86)\Common Files\COMODO\launcher_service.exe [70872 2015-03-05] (Comodo Security Solutions, Inc.) R2 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [227904 2014-04-24] (WildTangent) R2 GeekBuddyRSP; C:\Program Files (x86)\Common Files\COMODO\GeekBuddyRSP.exe [2327248 2015-01-30] (Comodo Security Solutions, Inc.) R2 HomeNetSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [368584 2015-09-01] (McAfee, Inc.) R2 HP Support Assistant Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [92160 2014-06-03] (Hewlett-Packard Company) [Datei ist nicht signiert] R2 HPWMISVC; C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPWMISVC.exe [475960 2014-06-19] (Hewlett-Packard Development Company, L.P.) R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [330136 2015-08-27] (Intel Corporation) R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe [733696 2013-07-01] (Intel(R) Corporation) [Datei ist nicht signiert] S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\TXE Components\TCS\SocketHeciServer.exe [822232 2013-07-01] (Intel(R) Corporation) R2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1513784 2015-10-05] (Malwarebytes) S2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1135416 2015-10-05] (Malwarebytes) R2 McAPExe; C:\Program Files\McAfee\MSC\McAPExe.exe [783120 2015-09-28] (McAfee, Inc.) S3 McAWFwk; C:\Program Files\Common Files\mcafee\ActWiz\McAWFwk.exe [334608 2013-07-29] (McAfee, Inc.) R2 mccspsvc; C:\Program Files\Common Files\McAfee\CSP\1.6.1180.0\McCSPServiceHost.exe [1694152 2015-09-01] (McAfee, Inc.) R2 McMPFSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [368584 2015-09-01] (McAfee, Inc.) R2 McNaiAnn; C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe [368584 2015-09-01] (McAfee, Inc.) S3 McODS; C:\Program Files\mcafee\VirusScan\mcods.exe [639456 2015-08-11] (McAfee, Inc.) S4 McOobeSv2; C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe [368584 2015-09-01] (McAfee, Inc.) R2 mcpltsvc; C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe [368584 2015-09-01] (McAfee, Inc.) R2 McProxy; C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe [368584 2015-09-01] (McAfee, Inc.) R3 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [232656 2015-07-31] (McAfee, Inc.) R2 mfemms; C:\Program Files\Common Files\McAfee\SystemCore\\mfemms.exe [376264 2015-08-10] (McAfee, Inc.) R2 mfevtp; C:\Windows\system32\mfevtps.exe [254792 2015-07-31] (McAfee, Inc.) R2 MSK80Service; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [368584 2015-09-01] (McAfee, Inc.) R2 omniserv; C:\Program Files\Hewlett-Packard\SimplePass\OmniServ.exe [88064 2014-03-28] (Softex Inc.) [Datei ist nicht signiert] R2 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [389896 2014-04-14] () R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [290520 2014-06-24] (Realtek Semiconductor) R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [246472 2015-07-17] (Synaptics Incorporated) R2 TuneUp.UtilitiesSvc; C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe [2973400 2015-08-04] (AVG Technologies) S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [364464 2015-10-30] (Microsoft Corporation) S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-10-30] (Microsoft Corporation) ===================== Treiber (Nicht auf der Ausnahmeliste) ========================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) R3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [245248 2015-10-30] (Microsoft Corporation) R1 CFRMD; C:\Windows\System32\DRIVERS\CFRMD.sys [40224 2014-06-26] (Windows (R) Win 7 DDK provider) R3 cfwids; C:\Windows\System32\drivers\cfwids.sys [80768 2015-08-10] (McAfee, Inc.) R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [91912 2013-11-12] (CyberLink) R3 GPIO; C:\Windows\System32\drivers\iaiogpioe.sys [31232 2013-11-11] (Intel Corporation) S3 HipShieldK; C:\Windows\System32\drivers\HipShieldK.sys [207208 2015-05-19] (McAfee, Inc.) R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25816 2015-10-05] (Malwarebytes) S3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [64216 2015-10-05] (Malwarebytes Corporation) R0 MBI; C:\Windows\System32\drivers\MBI.sys [29464 2014-01-23] (Intel Corporation) R3 mfeaack; C:\Windows\System32\drivers\mfeaack.sys [413432 2015-08-10] (McAfee, Inc.) R3 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [349096 2015-08-10] (McAfee, Inc.) S0 mfeelamk; C:\Windows\System32\drivers\mfeelamk.sys [82072 2015-08-10] (McAfee, Inc.) R3 mfefirek; C:\Windows\System32\drivers\mfefirek.sys [495856 2015-08-10] (McAfee, Inc.) R0 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [839376 2015-08-10] (McAfee, Inc.) R3 mfencbdc; C:\Windows\System32\DRIVERS\mfencbdc.sys [537408 2015-08-12] (McAfee, Inc.) S3 mfencrk; C:\Windows\System32\DRIVERS\mfencrk.sys [111256 2015-08-12] (McAfee, Inc.) R0 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [244024 2015-08-10] (McAfee, Inc.) R3 RSP2STOR; C:\Windows\system32\DRIVERS\RtsP2Stor.sys [310528 2015-06-05] (Realtek Semiconductor Corp.) R3 RtkBtFilter; C:\Windows\system32\DRIVERS\RtkBtfilter.sys [624424 2015-10-30] (Realtek Semiconductor Corporation) R3 RTWlanE; C:\Windows\system32\DRIVERS\rtwlane.sys [4629744 2015-08-28] (Realtek Semiconductor Corporation ) R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [42696 2015-07-17] (Synaptics Incorporated) R3 TuneUpUtilitiesDrv; C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesDriver64.sys [31144 2015-07-23] (TuneUp Software) R3 TXEIx64; C:\Windows\System32\drivers\TXEIx64.sys [88592 2014-01-15] (Intel Corporation) S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44568 2015-10-30] (Microsoft Corporation) S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [293216 2015-10-30] (Microsoft Corporation) S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [118112 2015-10-30] (Microsoft Corporation) R3 WirelessButtonDriver; C:\Windows\System32\drivers\WirelessButtonDriver64.sys [20800 2013-07-22] (Hewlett-Packard Development Company, L.P.) ==================== NetSvcs (Nicht auf der Ausnahmeliste) =================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) ==================== Ein Monat: Erstellte Dateien und Ordner ======== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.) 2015-12-04 14:24 - 2015-12-04 14:25 - 02350080 _____ (Farbar) C:\Users\Andreas\Downloads\FRST64 (2).exe 2015-12-04 13:18 - 2015-12-04 13:18 - 01736704 _____ C:\Users\Andreas\Downloads\AdwCleaner_5.023 (1).exe 2015-12-04 13:16 - 2015-12-04 13:16 - 00000000 ___HD C:\OneDriveTemp 2015-12-03 16:50 - 2015-12-03 16:50 - 02350080 _____ (Farbar) C:\Users\Andreas\Downloads\FRST64 (1).exe 2015-12-03 16:27 - 2015-12-03 16:27 - 00000000 ____D C:\WINDOWS\system32\SleepStudy 2015-12-03 16:11 - 2015-12-03 16:11 - 00001236 _____ C:\Users\Andreas\Desktop\JRT.txt 2015-12-03 16:05 - 2015-12-03 16:05 - 01599336 _____ (Malwarebytes) C:\Users\Andreas\Downloads\JRT.exe 2015-12-03 15:51 - 2015-11-22 11:47 - 02653816 _____ C:\WINDOWS\system32\CoreUIComponents.dll 2015-12-03 15:51 - 2015-11-22 10:56 - 22394880 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll 2015-12-03 15:51 - 2015-11-22 10:54 - 00138240 _____ (Microsoft Corporation) C:\WINDOWS\system32\ETWCoreUIComponentsResources.dll 2015-12-03 15:51 - 2015-11-22 10:52 - 16984576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll 2015-12-03 15:51 - 2015-11-22 10:43 - 24604672 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll 2015-12-03 15:51 - 2015-11-22 10:42 - 13017600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll 2015-12-03 15:51 - 2015-11-22 10:42 - 00138240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ETWCoreUIComponentsResources.dll 2015-12-03 15:51 - 2015-11-22 10:34 - 02843136 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdp.dll 2015-12-03 15:51 - 2015-11-22 10:33 - 18677760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll 2015-12-03 15:51 - 2015-11-22 10:33 - 13380608 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll 2015-12-03 15:51 - 2015-11-22 10:30 - 19340800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll 2015-12-03 15:51 - 2015-11-22 10:30 - 02598400 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll 2015-12-03 15:51 - 2015-11-22 10:27 - 03993600 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll 2015-12-03 15:51 - 2015-11-22 10:24 - 12124672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll 2015-12-03 15:50 - 2015-11-22 11:47 - 07476576 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe 2015-12-03 15:50 - 2015-11-22 11:41 - 01859448 _____ C:\WINDOWS\SysWOW64\CoreUIComponents.dll 2015-12-03 15:50 - 2015-11-22 11:41 - 01284960 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll 2015-12-03 15:50 - 2015-11-22 11:41 - 00026408 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe 2015-12-03 15:50 - 2015-11-22 11:35 - 00538632 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWanAPI.dll 2015-12-03 15:50 - 2015-11-22 11:34 - 00975200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll 2015-12-03 15:50 - 2015-11-22 11:34 - 00080600 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwapi.dll 2015-12-03 15:50 - 2015-11-22 11:33 - 00095072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdstor.sys 2015-12-03 15:50 - 2015-11-22 11:33 - 00058408 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsNativeApi.dll 2015-12-03 15:50 - 2015-11-22 11:33 - 00051680 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsUtilsV2.dll 2015-12-03 15:50 - 2015-11-22 11:30 - 00604928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys 2015-12-03 15:50 - 2015-11-22 11:30 - 00161632 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys 2015-12-03 15:50 - 2015-11-22 11:26 - 00431232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWanAPI.dll 2015-12-03 15:50 - 2015-11-22 11:25 - 00063528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wwapi.dll 2015-12-03 15:50 - 2015-11-22 11:24 - 02772584 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d11.dll 2015-12-03 15:50 - 2015-11-22 11:20 - 00795840 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll 2015-12-03 15:50 - 2015-11-22 11:19 - 00440160 _____ (Microsoft Corporation) C:\WINDOWS\system32\services.exe 2015-12-03 15:50 - 2015-11-22 11:14 - 02185840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d11.dll 2015-12-03 15:50 - 2015-11-22 11:00 - 00089088 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsCSP.dll 2015-12-03 15:50 - 2015-11-22 11:00 - 00058368 _____ (Microsoft Corporation) C:\WINDOWS\system32\MosResource.dll 2015-12-03 15:50 - 2015-11-22 10:57 - 02756096 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb 2015-12-03 15:50 - 2015-11-22 10:57 - 00110592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft-Windows-MapControls.dll 2015-12-03 15:50 - 2015-11-22 10:57 - 00036352 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAutomationCoreRes.dll 2015-12-03 15:50 - 2015-11-22 10:57 - 00010240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft-Windows-MosTrace.dll 2015-12-03 15:50 - 2015-11-22 10:57 - 00009728 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft-Windows-MosHost.dll 2015-12-03 15:50 - 2015-11-22 10:56 - 01268736 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.dll 2015-12-03 15:50 - 2015-11-22 10:56 - 00064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\MosHostClient.dll 2015-12-03 15:50 - 2015-11-22 10:56 - 00064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\ihvrilproxy.dll 2015-12-03 15:50 - 2015-11-22 10:56 - 00055808 _____ (Microsoft Corporation) C:\WINDOWS\system32\rilproxy.dll 2015-12-03 15:50 - 2015-11-22 10:55 - 00070656 _____ (Microsoft Corporation) C:\WINDOWS\system32\XblAuthManagerProxy.dll 2015-12-03 15:50 - 2015-11-22 10:55 - 00013312 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsBtSvcProxy.dll 2015-12-03 15:50 - 2015-11-22 10:55 - 00007680 _____ (Microsoft Corporation) C:\WINDOWS\system32\readingviewresources.dll 2015-12-03 15:50 - 2015-11-22 10:54 - 00117248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\capimg.sys 2015-12-03 15:50 - 2015-11-22 10:54 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsNativeApi.V2.dll 2015-12-03 15:50 - 2015-11-22 10:54 - 00075264 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanprotdim.dll 2015-12-03 15:50 - 2015-11-22 10:54 - 00044032 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsplib.dll 2015-12-03 15:50 - 2015-11-22 10:54 - 00032256 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups2.dll 2015-12-03 15:50 - 2015-11-22 10:54 - 00028672 _____ (Microsoft Corporation) C:\WINDOWS\system32\WordBreakers.dll 2015-12-03 15:50 - 2015-11-22 10:54 - 00028160 _____ (Microsoft Corporation) C:\WINDOWS\system32\nativemap.dll 2015-12-03 15:50 - 2015-11-22 10:54 - 00003072 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapControlStringsRes.dll 2015-12-03 15:50 - 2015-11-22 10:52 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininetlui.dll 2015-12-03 15:50 - 2015-11-22 10:52 - 00060928 _____ (Microsoft Corporation) C:\WINDOWS\system32\XblAuthTokenBrokerExt.dll 2015-12-03 15:50 - 2015-11-22 10:52 - 00052224 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll 2015-12-03 15:50 - 2015-11-22 10:52 - 00028672 _____ (Microsoft Corporation) C:\WINDOWS\system32\mapsupdatetask.dll 2015-12-03 15:50 - 2015-11-22 10:51 - 00157184 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcertinst.exe 2015-12-03 15:50 - 2015-11-22 10:51 - 00119808 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsBtSvc.dll 2015-12-03 15:50 - 2015-11-22 10:51 - 00072704 _____ (Microsoft Corporation) C:\WINDOWS\system32\MosStorage.dll 2015-12-03 15:50 - 2015-11-22 10:51 - 00042496 _____ (Microsoft Corporation) C:\WINDOWS\system32\mapstoasttask.dll 2015-12-03 15:50 - 2015-11-22 10:51 - 00034304 _____ (Microsoft Corporation) C:\WINDOWS\system32\iernonce.dll 2015-12-03 15:50 - 2015-11-22 10:50 - 00074240 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssign32.dll 2015-12-03 15:50 - 2015-11-22 10:49 - 00162304 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCensus.exe 2015-12-03 15:50 - 2015-11-22 10:49 - 00066560 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshost.dll 2015-12-03 15:50 - 2015-11-22 10:49 - 00066560 _____ (Microsoft Corporation) C:\WINDOWS\system32\iesetup.dll 2015-12-03 15:50 - 2015-11-22 10:49 - 00052224 _____ (Microsoft Corporation) C:\WINDOWS\system32\Wwanpref.dll 2015-12-03 15:50 - 2015-11-22 10:48 - 00058368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MosResource.dll 2015-12-03 15:50 - 2015-11-22 10:47 - 00269824 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshostcore.dll 2015-12-03 15:50 - 2015-11-22 10:46 - 00248832 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserMgrProxy.dll 2015-12-03 15:50 - 2015-11-22 10:46 - 00209920 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmcsp.dll 2015-12-03 15:50 - 2015-11-22 10:45 - 06572032 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanmm.dll 2015-12-03 15:50 - 2015-11-22 10:45 - 02756096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb 2015-12-03 15:50 - 2015-11-22 10:45 - 00638464 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll 2015-12-03 15:50 - 2015-11-22 10:45 - 00264192 _____ (Nokia) C:\WINDOWS\system32\NmaDirect.dll 2015-12-03 15:50 - 2015-11-22 10:45 - 00220672 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe 2015-12-03 15:50 - 2015-11-22 10:45 - 00110592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Microsoft-Windows-MapControls.dll 2015-12-03 15:50 - 2015-11-22 10:45 - 00073728 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwancfg.dll 2015-12-03 15:50 - 2015-11-22 10:45 - 00036352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIAutomationCoreRes.dll 2015-12-03 15:50 - 2015-11-22 10:45 - 00010240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Microsoft-Windows-MosTrace.dll 2015-12-03 15:50 - 2015-11-22 10:45 - 00009728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Microsoft-Windows-MosHost.dll 2015-12-03 15:50 - 2015-11-22 10:44 - 01268736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Resources.dll 2015-12-03 15:50 - 2015-11-22 10:44 - 00558080 _____ (Microsoft Corporation) C:\WINDOWS\system32\MBMediaManager.dll 2015-12-03 15:50 - 2015-11-22 10:44 - 00048640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MosHostClient.dll 2015-12-03 15:50 - 2015-11-22 10:43 - 00704000 _____ (Microsoft Corporation) C:\WINDOWS\system32\CellularAPI.dll 2015-12-03 15:50 - 2015-11-22 10:43 - 00459776 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapConfiguration.dll 2015-12-03 15:50 - 2015-11-22 10:43 - 00382464 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll 2015-12-03 15:50 - 2015-11-22 10:43 - 00342016 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorService.dll 2015-12-03 15:50 - 2015-11-22 10:43 - 00041984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XblAuthManagerProxy.dll 2015-12-03 15:50 - 2015-11-22 10:42 - 07979008 _____ (Microsoft Corporation) C:\WINDOWS\system32\mos.dll 2015-12-03 15:50 - 2015-11-22 10:42 - 00589312 _____ (Microsoft Corporation) C:\WINDOWS\system32\MbaeApi.dll 2015-12-03 15:50 - 2015-11-22 10:42 - 00168960 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmmigrator.dll 2015-12-03 15:50 - 2015-11-22 10:42 - 00024064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WordBreakers.dll 2015-12-03 15:50 - 2015-11-22 10:42 - 00003072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapControlStringsRes.dll 2015-12-03 15:50 - 2015-11-22 10:41 - 01814528 _____ (Microsoft Corporation) C:\WINDOWS\system32\pnidui.dll 2015-12-03 15:50 - 2015-11-22 10:41 - 00948224 _____ (Microsoft Corporation) C:\WINDOWS\system32\XblAuthManager.dll 2015-12-03 15:50 - 2015-11-22 10:41 - 00607232 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmsvc.dll 2015-12-03 15:50 - 2015-11-22 10:40 - 01056256 _____ (Microsoft Corporation) C:\WINDOWS\system32\JpMapControl.dll 2015-12-03 15:50 - 2015-11-22 10:40 - 00850432 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsStore.dll 2015-12-03 15:50 - 2015-11-22 10:40 - 00465920 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanconn.dll 2015-12-03 15:50 - 2015-11-22 10:40 - 00065536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininetlui.dll 2015-12-03 15:50 - 2015-11-22 10:40 - 00049152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XblAuthTokenBrokerExt.dll 2015-12-03 15:50 - 2015-11-22 10:39 - 02126848 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl 2015-12-03 15:50 - 2015-11-22 10:39 - 01713664 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRHInproc.dll 2015-12-03 15:50 - 2015-11-22 10:39 - 00988160 _____ (Microsoft Corporation) C:\WINDOWS\system32\NMAA.dll 2015-12-03 15:50 - 2015-11-22 10:39 - 00957440 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRH.dll 2015-12-03 15:50 - 2015-11-22 10:39 - 00938496 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapControlCore.dll 2015-12-03 15:50 - 2015-11-22 10:39 - 00870400 _____ (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll 2015-12-03 15:50 - 2015-11-22 10:39 - 00783360 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll 2015-12-03 15:50 - 2015-11-22 10:39 - 00114688 _____ (Microsoft Corporation) C:\WINDOWS\system32\offlinelsa.dll 2015-12-03 15:50 - 2015-11-22 10:39 - 00086528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapsBtSvc.dll 2015-12-03 15:50 - 2015-11-22 10:39 - 00058368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MosStorage.dll 2015-12-03 15:50 - 2015-11-22 10:39 - 00045568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jsproxy.dll 2015-12-03 15:50 - 2015-11-22 10:38 - 01223168 _____ (Microsoft Corporation) C:\WINDOWS\system32\Unistore.dll 2015-12-03 15:50 - 2015-11-22 10:38 - 01212928 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll 2015-12-03 15:50 - 2015-11-22 10:38 - 00912384 _____ (Microsoft Corporation) C:\WINDOWS\system32\usermgr.dll 2015-12-03 15:50 - 2015-11-22 10:38 - 00320000 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptngc.dll 2015-12-03 15:50 - 2015-11-22 10:38 - 00060928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssign32.dll 2015-12-03 15:50 - 2015-11-22 10:37 - 02624512 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputService.dll 2015-12-03 15:50 - 2015-11-22 10:37 - 01395200 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAutomationCore.dll 2015-12-03 15:50 - 2015-11-22 10:37 - 00515584 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll 2015-12-03 15:50 - 2015-11-22 10:36 - 01042432 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingOnlineServices.dll 2015-12-03 15:50 - 2015-11-22 10:34 - 00345600 _____ (Microsoft Corporation) C:\WINDOWS\system32\TextInputFramework.dll 2015-12-03 15:50 - 2015-11-22 10:34 - 00175616 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Core.TextInput.dll 2015-12-03 15:50 - 2015-11-22 10:34 - 00166912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserMgrProxy.dll 2015-12-03 15:50 - 2015-11-22 10:34 - 00108544 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputLocaleManager.dll 2015-12-03 15:50 - 2015-11-22 10:34 - 00075264 _____ (Microsoft Corporation) C:\WINDOWS\system32\EditBufferTestHook.dll 2015-12-03 15:50 - 2015-11-22 10:33 - 02587136 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll 2015-12-03 15:50 - 2015-11-22 10:33 - 00205824 _____ (Nokia) C:\WINDOWS\SysWOW64\NmaDirect.dll 2015-12-03 15:50 - 2015-11-22 10:32 - 00346112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapConfiguration.dll 2015-12-03 15:50 - 2015-11-22 10:32 - 00340480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToDevice.dll 2015-12-03 15:50 - 2015-11-22 10:32 - 00334848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll 2015-12-03 15:50 - 2015-11-22 10:31 - 07199232 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll 2015-12-03 15:50 - 2015-11-22 10:31 - 00470528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MbaeApi.dll 2015-12-03 15:50 - 2015-11-22 10:31 - 00416768 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenrollengine.dll 2015-12-03 15:50 - 2015-11-22 10:29 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\JpMapControl.dll 2015-12-03 15:50 - 2015-11-22 10:28 - 01734656 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll 2015-12-03 15:50 - 2015-11-22 10:28 - 01443328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRHInproc.dll 2015-12-03 15:50 - 2015-11-22 10:28 - 01387008 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll 2015-12-03 15:50 - 2015-11-22 10:28 - 00948224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Unistore.dll 2015-12-03 15:50 - 2015-11-22 10:28 - 00870400 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpncore.dll 2015-12-03 15:50 - 2015-11-22 10:28 - 00793600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRH.dll 2015-12-03 15:50 - 2015-11-22 10:28 - 00784896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NMAA.dll 2015-12-03 15:50 - 2015-11-22 10:28 - 00686592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll 2015-12-03 15:50 - 2015-11-22 10:28 - 00100864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\offlinelsa.dll 2015-12-03 15:50 - 2015-11-22 10:27 - 02049024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl 2015-12-03 15:50 - 2015-11-22 10:27 - 01944576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputService.dll 2015-12-03 15:50 - 2015-11-22 10:27 - 00711680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapControlCore.dll 2015-12-03 15:50 - 2015-11-22 10:27 - 00241664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cryptngc.dll 2015-12-03 15:50 - 2015-11-22 10:27 - 00160768 _____ (Microsoft Corporation) C:\WINDOWS\system32\enrollmentapi.dll 2015-12-03 15:50 - 2015-11-22 10:26 - 03355136 _____ (Microsoft Corporation) C:\WINDOWS\system32\msftedit.dll 2015-12-03 15:50 - 2015-11-22 10:26 - 01139200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIAutomationCore.dll 2015-12-03 15:50 - 2015-11-22 10:26 - 00709120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingOnlineServices.dll 2015-12-03 15:50 - 2015-11-22 10:26 - 00421888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LogonController.dll 2015-12-03 15:50 - 2015-11-22 10:25 - 06297088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mos.dll 2015-12-03 15:50 - 2015-11-22 10:25 - 02280448 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll 2015-12-03 15:50 - 2015-11-22 10:25 - 00133632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Core.TextInput.dll 2015-12-03 15:50 - 2015-11-22 10:24 - 02647552 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll 2015-12-03 15:50 - 2015-11-22 10:24 - 01995264 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActiveSyncProvider.dll 2015-12-03 15:50 - 2015-11-22 10:24 - 00245760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TextInputFramework.dll 2015-12-03 15:50 - 2015-11-22 10:24 - 00083456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputLocaleManager.dll 2015-12-03 15:50 - 2015-11-22 10:24 - 00059904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EditBufferTestHook.dll 2015-12-03 15:50 - 2015-11-22 10:23 - 05202944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingMaps.dll 2015-12-03 15:50 - 2015-11-22 10:20 - 01860096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cdp.dll 2015-12-03 15:50 - 2015-11-22 10:19 - 02064384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll 2015-12-03 15:50 - 2015-11-22 10:18 - 01505280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll 2015-12-03 15:50 - 2015-11-22 10:18 - 00697856 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToManager.dll 2015-12-03 15:50 - 2015-11-22 10:18 - 00458752 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToDevice.dll 2015-12-03 15:50 - 2015-11-22 10:17 - 02680320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msftedit.dll 2015-12-03 15:50 - 2015-11-22 10:17 - 02121216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll 2015-12-03 15:50 - 2015-11-22 10:16 - 01706496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActiveSyncProvider.dll 2015-12-03 15:50 - 2015-11-22 10:11 - 00517632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToManager.dll 2015-12-03 15:31 - 2015-12-04 13:24 - 00000000 ____D C:\AdwCleaner 2015-12-03 15:25 - 2015-12-03 15:25 - 01736704 _____ C:\Users\Andreas\Downloads\AdwCleaner_5.023.exe 2015-12-03 15:15 - 2015-12-03 15:15 - 00001198 _____ C:\mbam.txt 2015-12-03 14:55 - 2015-12-03 14:55 - 00000144 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat 2015-12-03 14:19 - 2015-12-04 14:22 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys 2015-12-03 14:18 - 2015-12-03 14:57 - 00001178 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk 2015-12-03 14:18 - 2015-12-03 14:20 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 2015-12-03 14:18 - 2015-12-03 14:20 - 00000000 ____D C:\Program Files (x86)\ Malwarebytes Anti-Malware 2015-12-03 14:18 - 2015-12-03 14:18 - 00000000 ____D C:\ProgramData\Malwarebytes 2015-12-03 14:18 - 2015-10-05 09:50 - 00109272 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamchameleon.sys 2015-12-03 14:18 - 2015-10-05 09:50 - 00064216 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys 2015-12-03 14:18 - 2015-10-05 09:50 - 00025816 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys 2015-12-03 14:15 - 2015-12-03 14:15 - 00000000 ____D C:\Users\Andreas\AppData\Roaming\dlg 2015-12-03 14:13 - 2015-12-03 14:58 - 00002192 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG PC TuneUp 2015.lnk 2015-12-03 14:13 - 2015-12-03 14:57 - 00002184 _____ C:\Users\Public\Desktop\AVG 1-Klick-Wartung.lnk 2015-12-03 14:13 - 2015-12-03 14:57 - 00002180 _____ C:\Users\Public\Desktop\AVG PC TuneUp 2015.lnk 2015-12-03 14:13 - 2015-12-03 14:13 - 00000000 ____D C:\Users\Andreas\AppData\Local\MicrosoftEdge 2015-12-03 14:13 - 2015-08-04 14:25 - 00041688 _____ (AVG Technologies) C:\WINDOWS\system32\TURegOpt.exe 2015-12-03 14:13 - 2015-08-04 14:25 - 00030424 _____ (AVG Technologies) C:\WINDOWS\system32\authuitu.dll 2015-12-03 14:13 - 2015-08-04 14:25 - 00025816 _____ (AVG Technologies) C:\WINDOWS\SysWOW64\authuitu.dll 2015-12-03 14:12 - 2015-12-03 14:12 - 00000000 ____D C:\Users\Andreas\AppData\Roaming\AVG 2015-12-03 14:12 - 2015-12-03 14:12 - 00000000 ____D C:\Program Files (x86)\AVG 2015-12-03 14:11 - 2015-12-03 14:11 - 00000000 ____D C:\Users\Andreas\AppData\Local\Avg 2015-12-03 14:10 - 2015-12-03 14:13 - 00000000 ____D C:\ProgramData\AVG 2015-12-03 14:09 - 2015-12-03 14:09 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight 2015-12-03 14:09 - 2015-12-03 14:09 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight 2015-12-03 11:06 - 2015-12-03 11:09 - 00037152 _____ C:\Users\Andreas\Downloads\Addition.txt 2015-12-03 11:03 - 2015-12-04 14:25 - 00018977 _____ C:\Users\Andreas\Downloads\FRST.txt 2015-12-03 11:03 - 2015-12-04 14:25 - 00000000 ____D C:\FRST 2015-12-03 11:01 - 2015-12-03 11:02 - 02350080 _____ (Farbar) C:\Users\Andreas\Downloads\FRST64.exe 2015-12-03 10:58 - 2015-12-03 10:59 - 01721344 _____ (Farbar) C:\Users\Andreas\Downloads\FRST.exe 2015-12-02 18:32 - 2015-12-02 18:32 - 00000000 ____D C:\Users\Andreas\AppData\Local\NetworkTiles 2015-12-02 16:39 - 2015-12-03 14:57 - 00002405 _____ C:\Users\Andreas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk 2015-12-02 16:27 - 2015-12-02 16:27 - 00000000 ____D C:\Users\Andreas\AppData\Local\Publishers 2015-12-02 16:20 - 2015-12-02 16:20 - 00000000 ____D C:\ProgramData\Microsoft OneDrive 2015-12-02 16:15 - 2015-12-02 16:15 - 00000000 ____D C:\Users\Andreas\AppData\Local\Comms 2015-12-02 16:12 - 2015-12-02 16:12 - 00000000 ____D C:\Users\Andreas\AppData\Local\ActiveSync 2015-12-02 16:11 - 2015-12-04 13:26 - 00000000 __SHD C:\Users\Andreas\IntelGraphicsProfiles 2015-12-02 16:11 - 2015-12-02 16:11 - 00000000 ____D C:\Users\Andreas\AppData\Local\TileDataLayer 2015-12-02 16:10 - 2015-12-03 10:41 - 00000451 _____ C:\WINDOWS\system32\{F33C3B9B-72AF-418A-B3FD-560646F7CDA2}.bat 2015-12-02 16:10 - 2015-12-02 16:10 - 00000020 ___SH C:\Users\Andreas\ntuser.ini 2015-12-02 16:09 - 2015-12-02 16:09 - 00000000 ____D C:\ProgramData\USOShared 2015-12-02 12:55 - 2015-12-02 12:55 - 00000000 _SHDL C:\Users\Default\Vorlagen 2015-12-02 12:55 - 2015-12-02 12:55 - 00000000 _SHDL C:\Users\Default\Startmenü 2015-12-02 12:55 - 2015-12-02 12:55 - 00000000 _SHDL C:\Users\Default\Netzwerkumgebung 2015-12-02 12:55 - 2015-12-02 12:55 - 00000000 _SHDL C:\Users\Default\Lokale Einstellungen 2015-12-02 12:55 - 2015-12-02 12:55 - 00000000 _SHDL C:\Users\Default\Eigene Dateien 2015-12-02 12:55 - 2015-12-02 12:55 - 00000000 _SHDL C:\Users\Default\Druckumgebung 2015-12-02 12:55 - 2015-12-02 12:55 - 00000000 _SHDL C:\Users\Default\Documents\Eigene Videos 2015-12-02 12:55 - 2015-12-02 12:55 - 00000000 _SHDL C:\Users\Default\Documents\Eigene Musik 2015-12-02 12:55 - 2015-12-02 12:55 - 00000000 _SHDL C:\Users\Default\Documents\Eigene Bilder 2015-12-02 12:55 - 2015-12-02 12:55 - 00000000 _SHDL C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programme 2015-12-02 12:55 - 2015-12-02 12:55 - 00000000 _SHDL C:\Users\Default\AppData\Local\Verlauf 2015-12-02 12:55 - 2015-12-02 12:55 - 00000000 _SHDL C:\Users\Default\AppData\Local\Anwendungsdaten 2015-12-02 12:55 - 2015-12-02 12:55 - 00000000 _SHDL C:\Users\Default\Anwendungsdaten 2015-12-02 12:55 - 2015-12-02 12:55 - 00000000 _SHDL C:\Users\Default User\Documents\Eigene Videos 2015-12-02 12:55 - 2015-12-02 12:55 - 00000000 _SHDL C:\Users\Default User\Documents\Eigene Musik 2015-12-02 12:55 - 2015-12-02 12:55 - 00000000 _SHDL C:\Users\Default User\Documents\Eigene Bilder 2015-12-02 12:55 - 2015-12-02 12:55 - 00000000 _SHDL C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programme 2015-12-02 12:55 - 2015-12-02 12:55 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Verlauf 2015-12-02 12:55 - 2015-12-02 12:55 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Anwendungsdaten 2015-12-02 12:52 - 2015-12-02 12:52 - 00022960 _____ C:\WINDOWS\system32\emptyregdb.dat 2015-12-02 12:51 - 2015-12-04 13:25 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT 2015-12-02 12:38 - 2015-12-02 12:38 - 00000000 ____D C:\Users\Public\Documents\Baidu 2015-12-02 12:34 - 2015-12-02 12:34 - 00000000 ____D C:\Users\Default\Documents\hp.system.package.metadata 2015-12-02 12:34 - 2015-12-02 12:34 - 00000000 ____D C:\Users\Default\Documents\hp.applications.package.appdata 2015-12-02 12:34 - 2015-12-02 12:34 - 00000000 ____D C:\Users\Default User\Documents\hp.system.package.metadata 2015-12-02 12:34 - 2015-12-02 12:34 - 00000000 ____D C:\Users\Default User\Documents\hp.applications.package.appdata 2015-12-02 12:33 - 2015-12-03 14:58 - 00001495 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk 2015-12-02 12:28 - 2015-12-02 12:28 - 00000000 ____D C:\WINDOWS\system32\config\bbimigrate 2015-12-02 12:26 - 2015-12-02 16:11 - 00000000 ____D C:\Users\Andreas 2015-12-02 12:26 - 2015-12-02 12:26 - 00000000 _SHDL C:\Users\Andreas\Vorlagen 2015-12-02 12:26 - 2015-12-02 12:26 - 00000000 _SHDL C:\Users\Andreas\Startmenü 2015-12-02 12:26 - 2015-12-02 12:26 - 00000000 _SHDL C:\Users\Andreas\Netzwerkumgebung 2015-12-02 12:26 - 2015-12-02 12:26 - 00000000 _SHDL C:\Users\Andreas\Lokale Einstellungen 2015-12-02 12:26 - 2015-12-02 12:26 - 00000000 _SHDL C:\Users\Andreas\Eigene Dateien 2015-12-02 12:26 - 2015-12-02 12:26 - 00000000 _SHDL C:\Users\Andreas\Druckumgebung 2015-12-02 12:26 - 2015-12-02 12:26 - 00000000 _SHDL C:\Users\Andreas\Documents\Eigene Videos 2015-12-02 12:26 - 2015-12-02 12:26 - 00000000 _SHDL C:\Users\Andreas\Documents\Eigene Musik 2015-12-02 12:26 - 2015-12-02 12:26 - 00000000 _SHDL C:\Users\Andreas\Documents\Eigene Bilder 2015-12-02 12:26 - 2015-12-02 12:26 - 00000000 _SHDL C:\Users\Andreas\AppData\Roaming\Microsoft\Windows\Start Menu\Programme 2015-12-02 12:26 - 2015-12-02 12:26 - 00000000 _SHDL C:\Users\Andreas\AppData\Local\Verlauf 2015-12-02 12:26 - 2015-12-02 12:26 - 00000000 _SHDL C:\Users\Andreas\AppData\Local\Anwendungsdaten 2015-12-02 12:26 - 2015-12-02 12:26 - 00000000 _SHDL C:\Users\Andreas\Anwendungsdaten 2015-12-02 12:25 - 2015-12-03 15:06 - 02003182 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2015-12-02 12:25 - 2015-12-02 12:25 - 01909068 _____ C:\WINDOWS\SysWOW64\PerfStringBackup.INI 2015-12-02 12:22 - 2015-12-02 12:22 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_SynTP_01011.Wdf 2015-12-02 12:21 - 2015-12-02 12:36 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Music, Photos and Videos 2015-12-02 12:21 - 2015-12-02 12:28 - 00000000 ____D C:\Program Files\Intel 2015-12-02 12:21 - 2015-12-02 12:21 - 00000000 ____D C:\WINDOWS\SysWOW64\sda 2015-12-02 12:21 - 2015-12-02 12:21 - 00000000 ____D C:\WINDOWS\SysWOW64\RTCOM 2015-12-02 12:21 - 2015-12-02 12:21 - 00000000 ____D C:\WINDOWS\system32\SRSLabs 2015-12-02 12:21 - 2015-12-02 12:21 - 00000000 ____D C:\Program Files\Realtek 2015-12-02 12:21 - 2015-08-27 18:20 - 00072704 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.DLL 2015-12-02 12:21 - 2015-08-27 18:20 - 00069120 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.DLL 2015-12-02 12:20 - 2015-12-02 12:20 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_Smb_driver_Intel_01011.Wdf 2015-12-02 12:20 - 2015-12-02 12:20 - 00000000 ____D C:\Program Files\Synaptics 2015-12-02 12:18 - 2015-10-30 08:17 - 02718208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll 2015-12-02 12:15 - 2015-12-02 12:37 - 00279280 _____ C:\WINDOWS\system32\FNTCACHE.DAT 2015-12-02 12:13 - 2015-12-02 16:10 - 00000000 ___DC C:\WINDOWS\Panther 2015-12-02 12:07 - 2015-12-02 12:07 - 00000000 ____D C:\Windows.old 2015-12-02 12:06 - 2015-12-02 12:06 - 22572632 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll 2015-12-02 12:06 - 2015-12-02 12:06 - 21125408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll 2015-12-02 12:06 - 2015-12-02 12:06 - 11545088 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll 2015-12-02 12:06 - 2015-12-02 12:06 - 09918976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll 2015-12-02 12:06 - 2015-12-02 12:06 - 03670832 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll 2015-12-02 12:06 - 2015-12-02 12:06 - 03592704 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys 2015-12-02 12:06 - 2015-12-02 12:06 - 02918808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll 2015-12-02 12:06 - 2015-12-02 12:06 - 02544264 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll 2015-12-02 12:06 - 2015-12-02 12:06 - 02444288 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.appcore.dll 2015-12-02 12:06 - 2015-12-02 12:06 - 02179584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll 2015-12-02 12:06 - 2015-12-02 12:06 - 02001408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.appcore.dll 2015-12-02 12:06 - 2015-12-02 12:06 - 01393664 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys 2015-12-02 12:06 - 2015-12-02 12:06 - 01063424 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll 2015-12-02 12:06 - 2015-12-02 12:06 - 00969728 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll 2015-12-02 12:06 - 2015-12-02 12:06 - 00911648 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcomp.dll 2015-12-02 12:06 - 2015-12-02 12:06 - 00809312 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe 2015-12-02 12:06 - 2015-12-02 12:06 - 00803840 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll 2015-12-02 12:06 - 2015-12-02 12:06 - 00791552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll 2015-12-02 12:06 - 2015-12-02 12:06 - 00704352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe 2015-12-02 12:06 - 2015-12-02 12:06 - 00698208 _____ (Microsoft Corporation) C:\WINDOWS\system32\wimgapi.dll 2015-12-02 12:06 - 2015-12-02 12:06 - 00675064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dcomp.dll 2015-12-02 12:06 - 2015-12-02 12:06 - 00674816 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.dll 2015-12-02 12:06 - 2015-12-02 12:06 - 00647168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll 2015-12-02 12:06 - 2015-12-02 12:06 - 00630632 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe 2015-12-02 12:06 - 2015-12-02 12:06 - 00623616 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneProviders.dll 2015-12-02 12:06 - 2015-12-02 12:06 - 00586208 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf.dll 2015-12-02 12:06 - 2015-12-02 12:06 - 00586080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wimgapi.dll 2015-12-02 12:06 - 2015-12-02 12:06 - 00578912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\afd.sys 2015-12-02 12:06 - 2015-12-02 12:06 - 00543232 _____ (Microsoft Corporation) C:\WINDOWS\system32\StoreAgent.dll 2015-12-02 12:06 - 2015-12-02 12:06 - 00540752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe 2015-12-02 12:06 - 2015-12-02 12:06 - 00536768 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll 2015-12-02 12:06 - 2015-12-02 12:06 - 00523616 _____ (Microsoft Corporation) C:\WINDOWS\system32\wimserv.exe 2015-12-02 12:06 - 2015-12-02 12:06 - 00517632 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv 2015-12-02 12:06 - 2015-12-02 12:06 - 00516544 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll 2015-12-02 12:06 - 2015-12-02 12:06 - 00511320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf.dll 2015-12-02 12:06 - 2015-12-02 12:06 - 00497664 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmkvsrcsnk.dll 2015-12-02 12:06 - 2015-12-02 12:06 - 00490496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.dll 2015-12-02 12:06 - 2015-12-02 12:06 - 00454056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioEng.dll 2015-12-02 12:06 - 2015-12-02 12:06 - 00450560 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Bluetooth.dll 2015-12-02 12:06 - 2015-12-02 12:06 - 00414720 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvr.exe 2015-12-02 12:06 - 2015-12-02 12:06 - 00409088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StoreAgent.dll 2015-12-02 12:06 - 2015-12-02 12:06 - 00408128 _____ (Microsoft Corporation) C:\WINDOWS\system32\AUDIOKSE.dll 2015-12-02 12:06 - 2015-12-02 12:06 - 00405048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll 2015-12-02 12:06 - 2015-12-02 12:06 - 00400896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv 2015-12-02 12:06 - 2015-12-02 12:06 - 00382464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmkvsrcsnk.dll 2015-12-02 12:06 - 2015-12-02 12:06 - 00369912 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe 2015-12-02 12:06 - 2015-12-02 12:06 - 00366224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AUDIOKSE.dll 2015-12-02 12:06 - 2015-12-02 12:06 - 00365568 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll 2015-12-02 12:06 - 2015-12-02 12:06 - 00334736 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanager.dll 2015-12-02 12:06 - 2015-12-02 12:06 - 00334336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcastdvr.exe 2015-12-02 12:06 - 2015-12-02 12:06 - 00315904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Bluetooth.dll 2015-12-02 12:06 - 2015-12-02 12:06 - 00303104 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll 2015-12-02 12:06 - 2015-12-02 12:06 - 00296488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\policymanager.dll 2015-12-02 12:06 - 2015-12-02 12:06 - 00292352 _____ (Microsoft Corporation) C:\WINDOWS\system32\provengine.dll 2015-12-02 12:06 - 2015-12-02 12:06 - 00286720 _____ (Microsoft Corporation) C:\WINDOWS\system32\deviceaccess.dll 2015-12-02 12:06 - 2015-12-02 12:06 - 00286208 _____ (Microsoft Corporation) C:\WINDOWS\system32\provhandlers.dll 2015-12-02 12:06 - 2015-12-02 12:06 - 00275456 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll 2015-12-02 12:06 - 2015-12-02 12:06 - 00245848 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll 2015-12-02 12:06 - 2015-12-02 12:06 - 00231936 _____ (Microsoft Corporation) C:\WINDOWS\system32\KnobsCore.dll 2015-12-02 12:06 - 2015-12-02 12:06 - 00227840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\deviceaccess.dll 2015-12-02 12:06 - 2015-12-02 12:06 - 00204800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft-Windows-AppModelExecEvents.dll 2015-12-02 12:06 - 2015-12-02 12:06 - 00198656 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe 2015-12-02 12:06 - 2015-12-02 12:06 - 00192000 _____ (Microsoft Corporation) C:\WINDOWS\system32\provisioningcsp.dll 2015-12-02 12:06 - 2015-12-02 12:06 - 00165376 _____ (Microsoft Corporation) C:\WINDOWS\system32\provdatastore.dll 2015-12-02 12:06 - 2015-12-02 12:06 - 00163328 _____ (Microsoft Corporation) C:\WINDOWS\system32\provops.dll 2015-12-02 12:06 - 2015-12-02 12:06 - 00162304 _____ (Microsoft Corporation) C:\WINDOWS\system32\tetheringservice.dll 2015-12-02 12:06 - 2015-12-02 12:06 - 00160768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgent.exe 2015-12-02 12:06 - 2015-12-02 12:06 - 00122368 _____ (Microsoft Corporation) C:\WINDOWS\system32\KnobsCsp.dll 2015-12-02 12:06 - 2015-12-02 12:06 - 00118624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tdx.sys 2015-12-02 12:06 - 2015-12-02 12:06 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontsub.dll 2015-12-02 12:06 - 2015-12-02 12:06 - 00116728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfps.dll 2015-12-02 12:06 - 2015-12-02 12:06 - 00115200 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys 2015-12-02 12:06 - 2015-12-02 12:06 - 00110032 _____ (Microsoft Corporation) C:\WINDOWS\system32\EncDump.dll 2015-12-02 12:06 - 2015-12-02 12:06 - 00093696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontsub.dll 2015-12-02 12:06 - 2015-12-02 12:06 - 00092352 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll 2015-12-02 12:06 - 2015-12-02 12:06 - 00089600 _____ (Microsoft Corporation) C:\WINDOWS\system32\NFCProvisioningPlugin.dll 2015-12-02 12:06 - 2015-12-02 12:06 - 00088392 _____ (Microsoft Corporation) C:\WINDOWS\system32\remoteaudioendpoint.dll 2015-12-02 12:06 - 2015-12-02 12:06 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzautoupdate.dll 2015-12-02 12:06 - 2015-12-02 12:06 - 00086528 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppCapture.dll 2015-12-02 12:06 - 2015-12-02 12:06 - 00078336 _____ (Microsoft Corporation) C:\WINDOWS\system32\BarcodeProvisioningPlugin.dll 2015-12-02 12:06 - 2015-12-02 12:06 - 00077312 _____ (Microsoft Corporation) C:\WINDOWS\system32\ProvPluginEng.dll 2015-12-02 12:06 - 2015-12-02 12:06 - 00073360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\remoteaudioendpoint.dll 2015-12-02 12:06 - 2015-12-02 12:06 - 00070656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppCapture.dll 2015-12-02 12:06 - 2015-12-02 12:06 - 00056320 _____ (Microsoft Corporation) C:\WINDOWS\system32\provtool.exe 2015-12-02 12:06 - 2015-12-02 12:06 - 00052736 _____ (Microsoft Corporation) C:\WINDOWS\system32\tetheringclient.dll 2015-12-02 12:06 - 2015-12-02 12:06 - 00052736 _____ (Microsoft Corporation) C:\WINDOWS\system32\RemovableMediaProvisioningPlugin.dll 2015-12-02 12:06 - 2015-12-02 12:06 - 00045568 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll 2015-12-02 12:06 - 2015-12-02 12:06 - 00043520 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvr.proxy.dll 2015-12-02 12:06 - 2015-12-02 12:06 - 00037376 _____ (Microsoft Corporation) C:\WINDOWS\system32\LaunchWinApp.exe 2015-12-02 12:06 - 2015-12-02 12:06 - 00037376 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll 2015-12-02 12:06 - 2015-12-02 12:06 - 00035680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wimmount.sys 2015-12-02 12:06 - 2015-12-02 12:06 - 00035656 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfpmp.exe 2015-12-02 12:06 - 2015-12-02 12:06 - 00032040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfpmp.exe 2015-12-02 12:06 - 2015-12-02 12:06 - 00030720 _____ (Microsoft Corporation) C:\WINDOWS\system32\tetheringconfigsp.dll 2015-12-02 12:06 - 2015-12-02 12:06 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LaunchWinApp.exe 2015-12-02 12:06 - 2015-12-02 12:06 - 00028160 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Management.Provisioning.ProxyStub.dll 2015-12-02 12:06 - 2015-12-02 12:06 - 00027136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcastdvr.proxy.dll 2015-12-02 12:06 - 2015-12-02 12:06 - 00017408 _____ (Microsoft Corporation) C:\WINDOWS\system32\IcsEntitlementHost.exe 2015-12-02 12:06 - 2015-12-02 12:06 - 00014336 _____ (Microsoft Corporation) C:\WINDOWS\system32\dciman32.dll 2015-12-02 12:06 - 2015-12-02 12:06 - 00011776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dciman32.dll 2015-12-02 12:06 - 2015-12-02 12:06 - 00003072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\lpk.dll 2015-12-02 12:06 - 2015-12-02 12:06 - 00003072 _____ (Microsoft Corporation) C:\WINDOWS\system32\lpk.dll 2015-12-02 12:03 - 2015-10-29 19:43 - 05739520 _____ (Microsoft Corporation) C:\WINDOWS\system32\prm0009.dll 2015-12-02 12:03 - 2015-10-29 19:43 - 02629632 _____ (Microsoft Corporation) C:\WINDOWS\system32\NlsLexicons0009.dll 2015-12-02 12:03 - 2015-10-29 19:41 - 02629632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NlsLexicons0009.dll 2015-12-02 12:03 - 2015-10-29 19:25 - 06359040 _____ (Microsoft Corporation) C:\WINDOWS\system32\NlsData0009.dll 2015-12-02 12:03 - 2015-10-29 19:24 - 04847616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NlsData0009.dll 2015-12-02 11:52 - 2015-12-02 11:52 - 00008192 _____ C:\WINDOWS\system32\config\userdiff 2015-12-02 11:49 - 2015-12-02 11:49 - 00000000 ____D C:\WINDOWS\SysWOW64\XPSViewer 2015-12-02 11:49 - 2015-12-02 11:49 - 00000000 ____D C:\Program Files\Reference Assemblies 2015-12-02 11:49 - 2015-12-02 11:49 - 00000000 ____D C:\Program Files\MSBuild 2015-12-02 11:49 - 2015-12-02 11:49 - 00000000 ____D C:\Program Files (x86)\Reference Assemblies 2015-12-02 11:49 - 2015-12-02 11:49 - 00000000 ____D C:\Program Files (x86)\MSBuild 2015-12-02 11:49 - 2015-12-02 11:49 - 00000000 ____D C:\inetpub 2015-12-02 11:48 - 2015-10-23 17:47 - 00778936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationNative_v0300.dll 2015-12-02 11:48 - 2015-10-23 17:47 - 00103120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll 2015-12-02 11:48 - 2015-10-23 17:47 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TsWpfWrp.exe 2015-12-02 11:48 - 2015-10-23 17:46 - 01166520 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationNative_v0300.dll 2015-12-02 11:48 - 2015-10-23 17:46 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe 2015-12-02 11:48 - 2015-10-23 17:45 - 00124624 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll 2015-12-02 11:25 - 2015-12-02 12:54 - 00009528 _____ C:\WINDOWS\diagwrn.xml 2015-12-02 11:25 - 2015-12-02 12:54 - 00009528 _____ C:\WINDOWS\diagerr.xml 2015-11-29 15:55 - 2015-11-29 15:58 - 29234869 _____ (AVG Technologies) C:\Users\Andreas\Downloads\AVG_Antivirus7161Free_x86_694.exe 2015-11-29 14:40 - 2015-11-29 14:40 - 00000000 ____D C:\Program Files (x86)\ESET 2015-11-29 14:39 - 2015-11-29 14:39 - 02870984 _____ (ESET) C:\Users\Andreas\Downloads\esetsmartinstaller_deu.exe 2015-11-29 14:09 - 2015-11-29 14:09 - 07635472 _____ (Microsoft Corporation) C:\Users\Andreas\Downloads\GetWindows10-sds_____________.exe 2015-11-28 11:36 - 2015-11-28 11:36 - 00000000 ____D C:\Users\Andreas\AppData\Roaming\Ashampoo 2015-11-28 11:36 - 2015-11-28 11:36 - 00000000 ____D C:\Users\Andreas\AppData\Local\ashampoo 2015-11-28 11:35 - 2015-12-03 14:57 - 00001346 _____ C:\Users\Public\Desktop\Ashampoo Burning Studio 2015.lnk 2015-11-28 11:35 - 2015-12-02 12:28 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ashampoo 2015-11-28 11:31 - 2015-11-29 01:41 - 00000000 ____D C:\Program Files (x86)\Ashampoo 2015-11-28 11:31 - 2015-11-28 11:36 - 00000000 ____D C:\ProgramData\Ashampoo 2015-11-28 11:30 - 2015-11-29 01:52 - 00000000 ____D C:\Users\Andreas\AppData\Roaming\WinZip 2015-11-28 11:29 - 2015-11-28 11:29 - 00034498 _____ C:\Users\Andreas\AppData\Roaming\ICSW_0P1F1E1T0J1T1CtJ1V0P1C1L1R1P0F1F2Y1G2Z1T1L1G1V0P0P0I.txt 2015-11-28 11:28 - 2015-11-29 16:24 - 29727656 _____ (Oracle Corporation) C:\Users\Andreas\Downloads\setup [1].exe 2015-11-25 19:53 - 2015-11-25 19:53 - 71087912 _____ C:\Users\Andreas\Downloads\c66739117ad9598e39c6418989440fb1.mp4 2015-11-24 18:29 - 2015-12-02 12:51 - 00002256 _____ C:\WINDOWS\System32\Tasks\Beach Comp 2015-11-23 21:40 - 2015-11-23 21:40 - 00000000 ____D C:\Program Files (x86)\Comodo 2015-11-23 18:15 - 2015-11-23 18:15 - 00000000 ___HD C:\VTRoot 2015-11-23 18:14 - 2015-11-23 21:37 - 00033462 _____ C:\WINDOWS\system32\Drivers\fvstore.dat 2015-11-23 18:13 - 2015-11-23 18:14 - 01466656 _____ C:\Users\Andreas\Downloads\VLC media player 32 Bit - CHIP-Installer.exe 2015-11-23 18:08 - 2015-11-23 18:56 - 791547261 _____ C:\Users\Andreas\Downloads\video.mp4 2015-11-23 17:51 - 2015-11-23 17:51 - 00000000 ____D C:\WINDOWS\System32\Tasks\COMODO 2015-11-23 17:49 - 2015-11-23 21:37 - 00007520 _____ C:\WINDOWS\system32\Drivers\sfi.dat 2015-11-23 17:49 - 2015-11-23 17:49 - 651293402 _____ C:\WINDOWS\MEMORY.DMP 2015-11-23 17:20 - 2015-11-23 17:20 - 00000000 ____D C:\ProgramData\Shared Space 2015-11-23 17:19 - 2015-12-02 12:28 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Comodo 2015-11-23 17:19 - 2015-11-23 21:38 - 00000000 ____D C:\Program Files\COMODO 2015-11-23 17:19 - 2015-11-23 17:19 - 00000000 ____D C:\Users\Andreas\AppData\Local\Comodo 2015-11-23 17:18 - 2015-11-23 17:18 - 00000000 ____D C:\ProgramData\Comodo Downloader 2015-11-23 17:11 - 2015-11-23 21:38 - 00000000 ____D C:\ProgramData\Comodo 2015-11-23 16:43 - 2015-11-23 17:08 - 225688096 _____ (COMODO) C:\Users\Andreas\Downloads\cispremium_installer_v8.2.0.4703.exe 2015-11-23 16:09 - 2015-08-22 14:42 - 00066400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-crt-private-l1-1-0.dll 2015-11-23 16:09 - 2015-08-22 14:42 - 00022368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-crt-math-l1-1-0.dll 2015-11-23 16:09 - 2015-08-22 14:42 - 00019808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-crt-multibyte-l1-1-0.dll 2015-11-23 16:09 - 2015-08-22 14:42 - 00017760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-crt-string-l1-1-0.dll 2015-11-23 16:09 - 2015-08-22 14:42 - 00017760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-crt-stdio-l1-1-0.dll 2015-11-23 16:09 - 2015-08-22 14:42 - 00016224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-crt-runtime-l1-1-0.dll 2015-11-23 16:09 - 2015-08-22 14:42 - 00015712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-crt-convert-l1-1-0.dll 2015-11-23 16:09 - 2015-08-22 14:42 - 00014176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-crt-time-l1-1-0.dll 2015-11-23 16:09 - 2015-08-22 14:42 - 00013664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-crt-filesystem-l1-1-0.dll 2015-11-23 16:09 - 2015-08-22 14:42 - 00012640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-crt-process-l1-1-0.dll 2015-11-23 16:09 - 2015-08-22 14:42 - 00012640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-crt-heap-l1-1-0.dll 2015-11-23 16:09 - 2015-08-22 14:42 - 00012640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-crt-conio-l1-1-0.dll 2015-11-23 16:09 - 2015-08-22 14:42 - 00012128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-crt-utility-l1-1-0.dll 2015-11-23 16:09 - 2015-08-22 14:42 - 00012128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-crt-locale-l1-1-0.dll 2015-11-23 16:09 - 2015-08-22 14:42 - 00012128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-crt-environment-l1-1-0.dll 2015-11-23 16:09 - 2015-08-22 14:35 - 00063840 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-crt-private-l1-1-0.dll 2015-11-23 16:09 - 2015-08-22 14:35 - 00020832 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-crt-math-l1-1-0.dll 2015-11-23 16:09 - 2015-08-22 14:35 - 00019808 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-crt-multibyte-l1-1-0.dll 2015-11-23 16:09 - 2015-08-22 14:35 - 00017760 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-crt-string-l1-1-0.dll 2015-11-23 16:09 - 2015-08-22 14:35 - 00017760 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-crt-stdio-l1-1-0.dll 2015-11-23 16:09 - 2015-08-22 14:35 - 00016224 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-crt-runtime-l1-1-0.dll 2015-11-23 16:09 - 2015-08-22 14:35 - 00015712 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-crt-convert-l1-1-0.dll 2015-11-23 16:09 - 2015-08-22 14:35 - 00014176 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-crt-time-l1-1-0.dll 2015-11-23 16:09 - 2015-08-22 14:35 - 00013664 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-crt-filesystem-l1-1-0.dll 2015-11-23 16:09 - 2015-08-22 14:35 - 00012640 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-crt-process-l1-1-0.dll 2015-11-23 16:09 - 2015-08-22 14:35 - 00012640 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-crt-heap-l1-1-0.dll 2015-11-23 16:09 - 2015-08-22 14:35 - 00012640 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-crt-conio-l1-1-0.dll 2015-11-23 16:09 - 2015-08-22 14:35 - 00012128 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-crt-utility-l1-1-0.dll 2015-11-23 16:09 - 2015-08-22 14:35 - 00012128 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-crt-locale-l1-1-0.dll 2015-11-23 16:09 - 2015-08-22 14:35 - 00012128 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-crt-environment-l1-1-0.dll 2015-11-22 23:12 - 2015-11-23 00:30 - 00000000 ____D C:\WINDOWS\system32\MRT 2015-11-22 23:12 - 2015-10-27 18:43 - 145617392 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe 2015-11-22 22:42 - 2015-11-22 22:42 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_LocationProvider_01_11_00.Wdf 2015-11-22 20:21 - 2015-07-22 15:19 - 00041984 _____ (Microsoft Corporation) C:\WINDOWS\system32\UtcResources.dll 2015-11-22 20:20 - 2014-07-10 05:08 - 00321536 _____ (Microsoft Corporation) C:\WINDOWS\system32\lockscreencn.dll 2015-11-22 17:59 - 2014-10-31 04:23 - 00733696 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDriveTelemetry.dll 2015-11-22 17:50 - 2014-10-29 02:54 - 00408576 _____ (Microsoft Corporation) C:\WINDOWS\system32\DfpCommon.dll 2015-11-22 17:48 - 2014-10-29 02:59 - 00032256 _____ (Microsoft Corporation) C:\WINDOWS\system32\dfp.exe 2015-11-22 16:56 - 2015-12-02 12:51 - 00002176 _____ C:\WINDOWS\System32\Tasks\{72B3C6E9-C316-429E-92A6-E973A08C5823} 2015-11-22 15:14 - 2015-11-22 15:14 - 00296785 _____ C:\Users\Andreas\Downloads\C750.tmp 2015-11-21 19:43 - 2015-11-23 16:37 - 00000000 ____D C:\Program Files (x86)\Opera 2015-11-21 19:09 - 2013-08-22 14:25 - 00000824 _____ C:\WINDOWS\system32\Drivers\etc\hp.bak 2015-11-21 19:04 - 2015-11-25 17:12 - 00000000 ____D C:\WINDOWS\System32\Tasks\McAfee 2015-11-20 17:35 - 2015-12-03 23:45 - 00001134 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA1d123b16d1b2c0c.job 2015-11-20 17:35 - 2015-12-03 21:40 - 00004222 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA1d123b16d1b2c0c 2015-11-20 17:31 - 2015-12-03 14:57 - 00001145 _____ C:\Users\Public\Desktop\Internet (Chromodo).lnk 2015-11-20 17:31 - 2015-12-02 12:36 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome 2015-11-20 17:30 - 2015-12-04 13:26 - 00001130 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job 2015-11-20 17:30 - 2015-12-03 23:40 - 00001134 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job 2015-11-20 17:30 - 2015-12-03 21:40 - 00003960 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore 2015-11-20 17:30 - 2015-12-02 12:51 - 00003502 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA 2015-11-20 17:30 - 2015-11-23 19:02 - 00000000 ____D C:\Users\Andreas\AppData\Local\Google 2015-11-20 17:30 - 2015-11-20 17:30 - 00000000 ____D C:\Program Files (x86)\Google 2015-11-20 17:26 - 2015-11-20 17:26 - 00000000 ____D C:\Program Files\Common Files\AV 2015-11-20 17:25 - 2015-11-24 18:31 - 00000000 __SHD C:\Users\Andreas\AppData\Local\EmieUserList 2015-11-20 17:25 - 2015-11-24 18:31 - 00000000 __SHD C:\Users\Andreas\AppData\Local\EmieSiteList 2015-11-20 17:25 - 2015-11-20 17:25 - 00000000 __SHD C:\Users\Andreas\AppData\LocalLow\EmieUserList 2015-11-20 17:22 - 2015-12-04 13:18 - 00004158 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{DD81F2A9-78EA-4C5F-837F-47B6F5DC573E} 2015-11-20 17:22 - 2015-11-20 17:25 - 00000000 __SHD C:\Users\Andreas\AppData\LocalLow\EmieSiteList 2015-11-20 14:22 - 2015-11-20 14:22 - 00000000 ____D C:\Users\Andreas\AppData\Local\GWX 2015-11-20 14:21 - 2015-12-04 13:27 - 00000000 __RDO C:\Users\Andreas\OneDrive 2015-11-20 14:21 - 2015-12-02 12:51 - 00002750 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1884890629-360092094-2303528047-1001 2015-11-20 14:20 - 2015-11-20 14:20 - 00000000 ____D C:\Users\Andreas\AppData\Roaming\Macromedia 2015-11-20 14:18 - 2015-12-04 13:29 - 00000000 ____D C:\Users\Andreas\Documents\Youcam 2015-11-20 14:18 - 2015-11-20 14:18 - 00000000 ____D C:\Users\Andreas\AppData\Roaming\Hewlett-Packard 2015-11-20 14:18 - 2015-11-20 14:18 - 00000000 ____D C:\Users\Andreas\AppData\Local\CyberLink 2015-11-20 14:17 - 2015-11-20 14:17 - 00000000 ____D C:\Users\Andreas\AppData\Roaming\hpqlog 2015-11-20 14:17 - 2015-11-20 14:17 - 00000000 ____D C:\Users\Andreas\AppData\Local\Hewlett-Packard 2015-11-20 14:16 - 2015-11-20 14:16 - 00000000 ____D C:\WINDOWS\System32\Tasks\WPD 2015-11-20 14:16 - 2015-11-20 14:16 - 00000000 ____D C:\Users\Andreas\AppData\Local\PackageStaging 2015-11-20 14:15 - 2015-12-03 14:57 - 00002125 _____ C:\Users\Public\Desktop\Snapfish Fotos.lnk 2015-11-20 14:15 - 2015-12-03 14:57 - 00001457 _____ C:\Users\Andreas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet-Explorer.lnk 2015-11-20 14:15 - 2015-12-03 14:57 - 00001322 _____ C:\Users\Public\Desktop\TripAdvisor.lnk 2015-11-20 14:15 - 2015-12-03 14:36 - 00000000 ____D C:\Users\Andreas\AppData\Local\VirtualStore 2015-11-20 14:15 - 2015-12-02 17:23 - 00000000 ____D C:\Users\Andreas\AppData\Local\Packages 2015-11-20 14:15 - 2015-11-20 14:15 - 00000186 _____ C:\WINDOWS\insFileSpec 2015-11-20 14:15 - 2015-11-20 14:15 - 00000000 ____D C:\Users\Andreas\AppData\Roaming\Adobe 2015-11-20 14:14 - 2015-11-20 14:14 - 00000000 ____D C:\Users\Andreas\AppData\Roaming\Synaptics 2015-11-20 14:12 - 2014-09-03 06:02 - 00000000 ___HD C:\Users\Andreas\Documents\hp.system.package.metadata 2015-11-20 14:12 - 2014-09-03 06:02 - 00000000 ___HD C:\Users\Andreas\Documents\hp.applications.package.appdata 2015-11-20 14:08 - 2015-03-14 02:51 - 00015360 _____ (Microsoft Corporation) C:\WINDOWS\system32\wu.upgrade.ps.dll 2015-11-20 09:44 - 2015-11-20 09:44 - 00000000 _____ C:\Recovery.txt 2015-11-20 05:41 - 2015-12-02 16:11 - 00000000 __RHD C:\Users\Public\AccountPictures 2015-11-20 00:51 - 2015-11-20 00:51 - 00000000 _SHDL C:\Users\Public\Documents\Eigene Videos 2015-11-20 00:51 - 2015-11-20 00:51 - 00000000 _SHDL C:\Users\Public\Documents\Eigene Musik 2015-11-20 00:51 - 2015-11-20 00:51 - 00000000 _SHDL C:\Users\Public\Documents\Eigene Bilder 2015-11-20 00:51 - 2015-11-20 00:51 - 00000000 _SHDL C:\Users\Default.migrated\Vorlagen 2015-11-20 00:51 - 2015-11-20 00:51 - 00000000 _SHDL C:\Users\Default.migrated\Startmenü 2015-11-20 00:51 - 2015-11-20 00:51 - 00000000 _SHDL C:\Users\Default.migrated\Netzwerkumgebung 2015-11-20 00:51 - 2015-11-20 00:51 - 00000000 _SHDL C:\Users\Default.migrated\Lokale Einstellungen 2015-11-20 00:51 - 2015-11-20 00:51 - 00000000 _SHDL C:\Users\Default.migrated\Eigene Dateien 2015-11-20 00:51 - 2015-11-20 00:51 - 00000000 _SHDL C:\Users\Default.migrated\Druckumgebung 2015-11-20 00:51 - 2015-11-20 00:51 - 00000000 _SHDL C:\Users\Default.migrated\Documents\Eigene Videos 2015-11-20 00:51 - 2015-11-20 00:51 - 00000000 _SHDL C:\Users\Default.migrated\Documents\Eigene Musik 2015-11-20 00:51 - 2015-11-20 00:51 - 00000000 _SHDL C:\Users\Default.migrated\Documents\Eigene Bilder 2015-11-20 00:51 - 2015-11-20 00:51 - 00000000 _SHDL C:\Users\Default.migrated\AppData\Roaming\Microsoft\Windows\Start Menu\Programme 2015-11-20 00:51 - 2015-11-20 00:51 - 00000000 _SHDL C:\Users\Default.migrated\AppData\Local\Verlauf 2015-11-20 00:51 - 2015-11-20 00:51 - 00000000 _SHDL C:\Users\Default.migrated\AppData\Local\Anwendungsdaten 2015-11-20 00:51 - 2015-11-20 00:51 - 00000000 _SHDL C:\Users\Default.migrated\Anwendungsdaten 2015-11-20 00:51 - 2015-11-20 00:51 - 00000000 _SHDL C:\Programme 2015-11-20 00:51 - 2015-11-20 00:51 - 00000000 _SHDL C:\ProgramData\Vorlagen 2015-11-20 00:51 - 2015-11-20 00:51 - 00000000 _SHDL C:\ProgramData\Startmenü 2015-11-20 00:51 - 2015-11-20 00:51 - 00000000 _SHDL C:\ProgramData\Microsoft\Windows\Start Menu\Programme 2015-11-20 00:51 - 2015-11-20 00:51 - 00000000 _SHDL C:\ProgramData\Dokumente 2015-11-20 00:51 - 2015-11-20 00:51 - 00000000 _SHDL C:\ProgramData\Anwendungsdaten 2015-11-20 00:51 - 2015-11-20 00:51 - 00000000 _SHDL C:\Program Files\Gemeinsame Dateien 2015-11-20 00:51 - 2015-11-20 00:51 - 00000000 _SHDL C:\Dokumente und Einstellungen 2015-11-20 00:46 - 2015-12-02 12:51 - 00002378 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1884890629-360092094-2303528047-500 ==================== Ein Monat: Geänderte Dateien und Ordner ======== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.) 2015-12-04 13:25 - 2015-10-30 07:28 - 00262144 ___SH C:\WINDOWS\system32\config\BBI 2015-12-04 13:24 - 2015-10-30 08:24 - 00000000 ___HD C:\Program Files\WindowsApps 2015-12-04 13:24 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\AppReadiness 2015-12-04 13:14 - 2015-10-30 08:21 - 00000000 ____D C:\WINDOWS\INF 2015-12-04 00:36 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\SysWOW64\en-GB 2015-12-04 00:36 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\SystemResetPlatform 2015-12-04 00:36 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\en-GB 2015-12-03 16:20 - 2015-10-30 08:11 - 00000000 ____D C:\WINDOWS\CbsTemp 2015-12-03 15:46 - 2015-10-30 07:28 - 00000000 ____D C:\Windows 2015-12-03 15:06 - 2015-10-30 19:35 - 00853752 _____ C:\WINDOWS\system32\perfh007.dat 2015-12-03 15:06 - 2015-10-30 19:35 - 00187942 _____ C:\WINDOWS\system32\perfc007.dat 2015-12-03 14:58 - 2014-09-03 06:09 - 00001986 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office.lnk 2015-12-03 14:57 - 2014-10-31 17:40 - 00002050 _____ C:\Users\Public\Desktop\Connected Photo.lnk 2015-12-03 14:57 - 2014-10-31 17:36 - 00001833 _____ C:\Users\Public\Desktop\McAfee LiveSafe - Internet Security.lnk 2015-12-03 14:57 - 2014-10-31 17:24 - 00002513 _____ C:\Users\Public\Desktop\WildTangent Games App - hp.lnk 2015-12-03 14:57 - 2014-10-31 17:20 - 00001987 _____ C:\Users\Public\Desktop\Connected Music.lnk 2015-12-03 10:43 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\appcompat 2015-12-02 16:25 - 2015-10-30 08:24 - 00000000 ___RD C:\WINDOWS\PurchaseDialog 2015-12-02 16:25 - 2015-10-30 08:24 - 00000000 ___RD C:\WINDOWS\PrintDialog 2015-12-02 16:25 - 2015-10-30 08:24 - 00000000 ___RD C:\WINDOWS\MiracastView 2015-12-02 16:25 - 2015-10-30 08:24 - 00000000 ___RD C:\WINDOWS\DevicesFlow 2015-12-02 16:25 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\rescache 2015-12-02 16:16 - 2015-10-30 08:24 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel 2015-12-02 16:09 - 2015-10-30 08:24 - 00000000 ____D C:\ProgramData\USOPrivate 2015-12-02 12:55 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\WinBioDatabase 2015-12-02 12:55 - 2015-10-30 08:24 - 00000000 ____D C:\Program Files\Windows NT 2015-12-02 12:53 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\Registration 2015-12-02 12:51 - 2014-10-31 17:23 - 00002346 _____ C:\WINDOWS\System32\Tasks\YCMServiceAgent 2015-12-02 12:41 - 2015-10-30 08:24 - 00000000 __RHD C:\Users\Public\Libraries 2015-12-02 12:36 - 2015-10-30 08:24 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft 2015-12-02 12:36 - 2015-10-30 07:28 - 00008192 ___SH C:\WINDOWS\system32\config\ELAM 2015-12-02 12:36 - 2014-10-31 17:24 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games 2015-12-02 12:36 - 2014-10-31 17:23 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Communication and Chat 2015-12-02 12:36 - 2014-09-03 06:21 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP Help and Support 2015-12-02 12:36 - 2014-09-03 06:07 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Security and Protection 2015-12-02 12:36 - 2014-09-03 06:06 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Productivity and Tools 2015-12-02 12:34 - 2013-08-22 14:36 - 00000000 ____D C:\Users\Default.migrated 2015-12-02 12:31 - 2015-10-30 19:35 - 00000000 ____D C:\WINDOWS\SysWOW64\slmgr 2015-12-02 12:31 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\SysWOW64\lv-LV 2015-12-02 12:31 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\SysWOW64\lt-LT 2015-12-02 12:31 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\SysWOW64\et-EE 2015-12-02 12:31 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\spool 2015-12-02 12:31 - 2014-09-03 06:17 - 00000000 ____D C:\WINDOWS\SysWOW64\Adobe 2015-12-02 12:31 - 2014-03-18 11:06 - 00000000 ____D C:\WINDOWS\SysWOW64\gl-es 2015-12-02 12:31 - 2014-03-18 11:06 - 00000000 ____D C:\WINDOWS\SysWOW64\eu-es 2015-12-02 12:31 - 2014-03-18 11:06 - 00000000 ____D C:\WINDOWS\SysWOW64\ca-es-valencia 2015-12-02 12:31 - 2014-03-18 11:06 - 00000000 ____D C:\WINDOWS\SysWOW64\ca-es 2015-12-02 12:31 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\system32\WindowsInternal.Inbox.Shared 2015-12-02 12:31 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\system32\WindowsInternal.Inbox.Media.Shared 2015-12-02 12:30 - 2015-10-30 19:35 - 00000000 ____D C:\WINDOWS\system32\slmgr 2015-12-02 12:30 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\oobe 2015-12-02 12:30 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\NDF 2015-12-02 12:30 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\lv-LV 2015-12-02 12:30 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\lt-LT 2015-12-02 12:30 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\InputMethod 2015-12-02 12:30 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\et-EE 2015-12-02 12:30 - 2014-03-18 11:06 - 00000000 ____D C:\WINDOWS\system32\gl-es 2015-12-02 12:30 - 2014-03-18 11:06 - 00000000 ____D C:\WINDOWS\system32\eu-es 2015-12-02 12:29 - 2015-10-30 08:24 - 00000000 ___HD C:\WINDOWS\ELAMBKUP 2015-12-02 12:29 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\InputMethod 2015-12-02 12:29 - 2014-03-18 11:06 - 00000000 ____D C:\WINDOWS\system32\ca-es-valencia 2015-12-02 12:29 - 2014-03-18 11:06 - 00000000 ____D C:\WINDOWS\system32\ca-es 2015-12-02 12:29 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\MediaViewer 2015-12-02 12:29 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\ADFS 2015-12-02 12:28 - 2015-10-30 08:24 - 00000000 ____D C:\Program Files\Common Files\microsoft shared 2015-12-02 12:28 - 2014-09-03 06:02 - 00000000 ____D C:\Program Files (x86)\Hewlett-Packard 2015-12-02 12:25 - 2015-10-30 07:28 - 00000000 ____D C:\WINDOWS\system32\Sysprep 2015-12-02 12:15 - 2015-10-30 19:55 - 00000000 ____D C:\WINDOWS\ServiceProfiles 2015-12-02 12:13 - 2015-10-30 08:24 - 00028672 _____ C:\WINDOWS\system32\config\BCD-Template 2015-12-02 12:07 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\appraiser 2015-12-02 12:07 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\Provisioning 2015-12-02 12:07 - 2015-10-30 07:28 - 00000000 ____D C:\WINDOWS\SysWOW64\Dism 2015-12-02 12:07 - 2015-10-30 07:28 - 00000000 ____D C:\WINDOWS\system32\Dism 2015-12-02 12:04 - 2015-10-30 19:36 - 00000000 ____D C:\WINDOWS\OCR 2015-12-02 12:02 - 2015-10-30 19:44 - 00000000 ____D C:\Program Files\Windows Journal 2015-12-02 12:02 - 2015-10-30 19:35 - 00000000 ____D C:\WINDOWS\SysWOW64\winrm 2015-12-02 12:02 - 2015-10-30 19:35 - 00000000 ____D C:\WINDOWS\SysWOW64\WCN 2015-12-02 12:02 - 2015-10-30 19:35 - 00000000 ____D C:\WINDOWS\SysWOW64\Printing_Admin_Scripts 2015-12-02 12:02 - 2015-10-30 19:35 - 00000000 ____D C:\WINDOWS\system32\winrm 2015-12-02 12:02 - 2015-10-30 19:35 - 00000000 ____D C:\WINDOWS\system32\WCN 2015-12-02 12:02 - 2015-10-30 19:35 - 00000000 ____D C:\WINDOWS\system32\Printing_Admin_Scripts 2015-12-02 12:02 - 2015-10-30 08:24 - 00000000 ___SD C:\WINDOWS\SysWOW64\F12 2015-12-02 12:02 - 2015-10-30 08:24 - 00000000 ___SD C:\WINDOWS\SysWOW64\DiagSvcs 2015-12-02 12:02 - 2015-10-30 08:24 - 00000000 ___SD C:\WINDOWS\system32\F12 2015-12-02 12:02 - 2015-10-30 08:24 - 00000000 ___SD C:\WINDOWS\system32\dsc 2015-12-02 12:02 - 2015-10-30 08:24 - 00000000 ___SD C:\WINDOWS\system32\DiagSvcs 2015-12-02 12:02 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\SysWOW64\oobe 2015-12-02 12:02 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\migwiz 2015-12-02 12:02 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\PolicyDefinitions 2015-12-02 12:02 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\IME 2015-12-02 12:02 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\Help 2015-12-02 12:02 - 2015-10-30 08:24 - 00000000 ____D C:\Program Files\Windows Photo Viewer 2015-12-02 12:02 - 2015-10-30 08:24 - 00000000 ____D C:\Program Files\Windows Defender 2015-12-02 12:02 - 2015-10-30 08:24 - 00000000 ____D C:\Program Files\Common Files\System 2015-12-02 12:02 - 2015-10-30 08:24 - 00000000 ____D C:\Program Files (x86)\Windows Photo Viewer 2015-12-02 12:02 - 2015-10-30 08:24 - 00000000 ____D C:\Program Files (x86)\Windows Defender 2015-12-02 12:02 - 2015-10-30 07:28 - 00000000 ____D C:\WINDOWS\servicing 2015-12-02 11:49 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\SysWOW64\MUI 2015-12-02 11:49 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\SysWOW64\inetsrv 2015-12-02 11:49 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\MUI 2015-12-02 11:49 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\inetsrv 2015-12-02 11:49 - 2015-10-30 08:19 - 00168960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iisRtl.dll 2015-12-02 11:49 - 2015-10-30 08:19 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\admwprox.dll 2015-12-02 11:49 - 2015-10-30 08:19 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ahadmin.dll 2015-12-02 11:49 - 2015-10-30 08:19 - 00017408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iisreset.exe 2015-12-02 11:49 - 2015-10-30 08:19 - 00011264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wamregps.dll 2015-12-02 11:49 - 2015-10-30 08:19 - 00010240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iisrstap.dll 2015-12-02 11:49 - 2015-10-30 08:18 - 00202240 _____ (Microsoft Corporation) C:\WINDOWS\system32\iisRtl.dll 2015-12-02 11:49 - 2015-10-30 08:18 - 00056320 _____ (Microsoft Corporation) C:\WINDOWS\system32\admwprox.dll 2015-12-02 11:49 - 2015-10-30 08:18 - 00053248 _____ (Microsoft Corporation) C:\WINDOWS\system32\ahadmin.dll 2015-12-02 11:49 - 2015-10-30 08:18 - 00019456 _____ (Microsoft Corporation) C:\WINDOWS\system32\iisreset.exe 2015-12-02 11:49 - 2015-10-30 08:18 - 00015360 _____ (Microsoft Corporation) C:\WINDOWS\system32\wamregps.dll 2015-12-02 11:49 - 2015-10-30 08:18 - 00013312 _____ (Microsoft Corporation) C:\WINDOWS\system32\iisrstap.dll 2015-12-02 11:26 - 2015-10-30 20:27 - 00000000 ___HD C:\$WINDOWS.~BT 2015-11-29 01:52 - 2014-09-03 06:07 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information 2015-11-29 01:41 - 2014-10-31 17:03 - 00000000 ____D C:\Program Files (x86)\Realtek 2015-11-29 00:55 - 2014-10-31 17:10 - 00000000 ___HD C:\Program Files (x86)\Temp 2015-11-29 00:25 - 2014-09-03 06:02 - 00000000 ____D C:\Program Files\Hewlett-Packard 2015-11-25 19:28 - 2014-10-31 17:35 - 00000000 ____D C:\Program Files (x86)\McAfee 2015-11-25 17:16 - 2014-10-31 17:35 - 00000000 ____D C:\Program Files\Common Files\mcafee 2015-11-25 17:08 - 2014-10-31 17:34 - 00000000 ____D C:\ProgramData\McAfee 2015-11-24 02:36 - 2013-08-22 16:36 - 00000000 ___RD C:\WINDOWS\ToastData 2015-11-22 22:51 - 2014-09-03 06:20 - 00000000 ____D C:\ProgramData\Package Cache 2015-11-21 19:09 - 2014-10-31 17:33 - 00000000 ____D C:\Users\Public\CyberLink 2015-11-20 14:18 - 2014-09-03 06:21 - 00000000 ____D C:\ProgramData\Hewlett-Packard 2015-11-20 14:15 - 2014-04-05 00:45 - 00000000 ___HD C:\SYSTEM.SAV ==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse ======= 2015-11-28 11:29 - 2015-11-28 11:29 - 0034498 _____ () C:\Users\Andreas\AppData\Roaming\ICSW_0P1F1E1T0J1T1CtJ1V0P1C1L1R1P0F1F2Y1G2Z1T1L1G1V0P0P0I.txt Einige Dateien in TEMP: ==================== C:\Users\Andreas\AppData\Local\Temp\sqlite3.dll ==================== Bamital & volsnap ================= (Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.) C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert C:\WINDOWS\explorer.exe => Datei ist digital signiert C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert C:\WINDOWS\system32\services.exe => Datei ist digital signiert C:\WINDOWS\system32\User32.dll => Datei ist digital signiert C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert LastRegBack: 2015-12-02 12:14 ==================== Ende von FRST.txt ============================ |
|
04.12.2015, 16:38
| #12 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Direkt nach dem Start erscheint "Modul nicht gefunden". FRST-Fix Virenscanner jetzt bitte komplett deaktivieren, damit sichergestellt ist, dass der Fix sauber durchläuft! Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster. Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument Code:
ATTFilter C:\Users\Andreas\Downloads\C750.tmp
cmd: type C:\Users\Andreas\AppData\Roaming\ICSW_0P1F1E1T0J1T1CtJ1V0P1C1L1R1P0F1F2Y1G2Z1T1L1G1V0P0P0I.txt
emptytemp:
Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
__________________ Logfiles bitte immer in CODE-Tags posten |
|
04.12.2015, 18:02
| #13 |
| | Direkt nach dem Start erscheint "Modul nicht gefunden".Code:
ATTFilter Entferungsergebnis von Farbar Recovery Scan Tool (x64) Version:01-12-2015
durchgeführt von Andreas (2015-12-04 17:52:51) Run:1
Gestartet von C:\Users\Andreas\Desktop\F
Geladene Profile: Andreas (Verfügbare Profile: Andreas)
Start-Modus: Normal
==============================================
fixlist Inhalt:
*****************
C:\Users\Andreas\Downloads\C750.tmp
cmd: type C:\Users\Andreas\AppData\Roaming\ICSW_0P1F1E1T0J1T1CtJ1V0P1C1L1R1P0F1F2Y1G2Z1T1L1G1V0P0P0I.txt
emptytemp:
*****************
C:\Users\Andreas\Downloads\C750.tmp => erfolgreich verschoben
========= type C:\Users\Andreas\AppData\Roaming\ICSW_0P1F1E1T0J1T1CtJ1V0P1C1L1R1P0F1F2Y1G2Z1T1L1G1V0P0P0I.txt =========
2StR1T1R1R1F2Y1G2Z0N1T1H1PtRzxtRtD0PtC0FtC0EtC0TtD0JtC0TtC0CtRtHtR1R1T1C1C1L1P1C0N1T1H1PtRzxtR0J1T2X1TtRtHtR1L1G1B2Z1T1I1I1P1C0N1T1H1PtRzxtR0P1F1E1T0J1T1CtRtHtR1E1R1JtRzx2StR1E1C1L1F1C1L2Z2UtRzxtCtHtR1R1M1T1G1G1P1ItRzxtRtC1VtCyD1VyEzz1V1F2Z1M1P1CtRtHtR0O1O1C0I1G2Z0R0I0DtRzxtRtRtHtR0T0I0S0I0DtRzxtRtRtHtR2Z2U1E1PtRzxtR0S0H0O0P0P0I0N0GtRtHtR1E1T1R1J1T1N1P0N1T1H1PtRzxtRtJ1V0P1C1L1R1P0F1F2Y1G2Z1T1L1G1V0P0P0ItRtHtR1Q1F2W1G1I1F1T1Q0U0R0L1BtRzx1ZtR1M2Z2Z1EzxtEtE1E1OtBtF1E1O1Q1F2W1G1I1F1T1QtF1R1F1HtE1R1L1BtE1E1OtBtF1R1L1BtR1XtHtR1Q1P1B2Z0F1L1I1P0E2V2ZtRzxtR0C0I0StRtHtR1P2V1PtRzxtR1E1HtF1P2V1PtRtHtR2W1T1L2Z0F1F1C0E2V1PtRzx1O1T1I1B1PtHtR1Q1L1B1T1S1I1P0D1F2W1G1I1F1T1QtRzx2Z1C2Y1PtHtR1Q1L1B1T1S1I1P0E2V2Z1C1T1R2ZtRzx2Z1C2Y1PtHtR1Q1L1B1T1S1I1P0E2V1P1R2Y2Z1PtRzx2Z1C2Y1P2QtHtR1P2V1P0P1T1C1T1H1B0S2Z1C1L1G1NtRzxtRtE0M0U0S0EtTtE0P0A0R0T0N0E0Rzu1L1C1F1G1E1E1L1E1OtBtTtE0C0H0A0N0N0E0LzutC1VtCyD1VyEzz1V1F2Z1M1P1CtTtE2Y1L1QzutD0C2Z0D2Z0A2T2T2T2U2U0C2T2TtD0C2Z0DtD0CtD0DtD0E2Z0BtD0F2U0D2T2UtB0R2Z0B2Z0D2Z0C2U0D2Z0C2Z0C2Z0B2T2T2Z0C2Z0C2Z0B2U0B2Z0A2U0B2Z0A2Z0D2Z0AtRtHtR1F1O1O1P1C0P1T1C1T1H1BtRzx2StR1G1T1H1PtRzxtR0P1C1L1R1P1V0B1L1B1I1L1V0M1VtByEyDtDtRtHtR1R1M1P1R1J1P1CtRzx2StR1F1O1O1P1C0I0DtRzxtR0P1C1L1R1P0F1F2Y1G2Z1T1L1GtRtHtR1P1G1R0F1F1I1Q1P1C0N1T1H1PtRzxtRtD0PtC0CtC0LtC0RtC0PtD0FtC0FtB0YtC0GtB0ZtC0TtC0LtC0GtRtHtR1R1M1P1R1J1P1C0F1T1L1I0R1P1E1F1C2ZtRzxtRtRtHtR1B1M1F2W0F1C1F1HtRzxtDtHtR1B1M1F2W0T1FtRzxtBtAtHtR1J1P2U1B0D1T2Z1TtRzx1Z2StR1E1T1C1P1G2Z0K1P2UtRzxtR0S0O0F0T0W0A0R0E1Y1Y0M1L1R1C1F1B1F1O2Z1Y1Y0W1L1G1Q1F2W1B1Y1Y0C2Y1C1C1P1G2Z0V1P1C1B1L1F1G1Y1Y0U1G1L1G1B2Z1T1I1ItRtHtR1R1M1P1R1J0K1P2UtRzxtR0P1C1L1R1P0F1F2Y1G2Z1T1L1GtRtHtR1J1P2U0V1T1I2Y1PtRzxtRtRtHtR1C1F1F2ZtRzxtA2Q1X2QtHtR1F1O1C0E2V1R1I2Y1Q1P1Q0O1O1C1BtRzx1ZtR0D1P1P1T1I1V0T0C1VtCyDyEtAtRtHtR0P1C1L1R1P0F1F2Y1G2Z1T1L1G1V0U0N1VtCzytDtAtRtHtR0P1C1L1R1P0F1F2Y1G2Z1T1L1G1V0R0B1V0F0S1VtBtDtAtDtRtHtR0P1C1L1R1P0F1F2Y1G2Z1T1L1G1V0B1L1B1I1L1V0M1VtBtCyBtAtRtHtR0P1C1L1R1P1V0B1L1B1I1L1V0M1VtByEyDtDtRtHtR1O1F2V2U1Q1P1T1I1V2Y1G1VtCzyyDyEtRtHtR1O1F2V2U1Q1P1T1I1V2XtC1VtCzyyDyDtRtHtR1O1F2V2U1Q1P1T1I1V2XtC1V1T2X2Z1T1C1N1P2Z1VtCzyyCzytRtHtR0I0S1V0B1L1G1N1VtBtAzytCtRtHtR0L1F1R1T1I1V0T1P1H1E1P1C1T2Z2Y1C1P1V0U0N1VtBtDzztCtRtHtR0L1F1R1T1I0T1P1H1E1P1C1T2Z2Y1C1P1V0R0B1V0F0S1VtBtCtAyEtRtHtR0L1F1R1T1I0T1P1H1E1V0B1L1B1I1L1V0M1VtBtCtAyDtRtHtR0S2Z1F1G1P1O1I1P1P2Z1V0B1L1B1I1L1V0M1VtBtBzyyBtRtHtR0S2Z1F1G1P1O1I1P1P2Z1V0U0N1VtBtBzyzztRtHtR0S2Z1F1G1P1O1I1P1P2Z1VtBtBzyzytRtHtR0G1P1G1L2Y1B0B1F2V1V0U0N1VtBtDtBzztRtHtR0D0T0M1V0S2Z1F1C1H0W1T2Z1R1M1VtBtDtBzytRtHtR0D0T0M1V0S2Z1F1C1H0W1T2Z1R1M1V0N0C1VtBtByBzytRtHtR0O1J1T2U0F1C1P1P1Q1F1H1VtCzyyBtCtRtHtR0O1J1T2U0F1C1P1P1Q1F1H1V0R0B1V0F0S1VtBtCtCzytRtHtR0O1J1T2U0F1C1P1P1Q1F1H1V0U0N1VtBtCzztCtRtHtR0B1F2V0G1C1P1P1G1V0VtC1VtCyCtAtCtRtHtR0B1F2V0G1C1P1P1G1V0B1L1B1I1L1VtCyCtAtBtRtHtR0B1F2V0G1C1P1P1G1V0U0N1VtCyCtAtAtRtHtR0A1I2Z1F1G1T2X1V1S1L1B1I1L1V0M1VtBtAtAtAtRtHtR0A1I2Z1F1G1T2X1V0U0N1VtBtAtAyEtRtHtR0B1F1G1B0P1I1T1G1B1V1S1B1VtBtAyBtBtRtHtR0B1F1G0P1I1T1G1B1V1R1B1VtBtAyBtAtRtHtR0D1L1B1R1F2Y1G2Z0M1T1N1G1P2Z1V0U0N1V0F0S1VtBtAyCtBtRtHtR0B2Y2U1M1T2Z1J1P1V0B1L1B1I1L1V0M1VtBtAyByCtRtHtR0B2Y2U1M1T2Z1J1P1V2W1M1L2Z1P1VtBtAyByBtRtHtR0B2Y2U1M1T2Z1J1P1V0B1I1T1R1J1VtBtAyBzztRtHtR0X0R1T2Z1P1V0U0N1V0F0S1VtByEtDyEtRtHtR0X0R1T2Z1P1V0U0N1VtByEtDyDtRtHtR0C1F2Y1E1F1G0M1T1C2X1P1I1V0B1L1B1I1L1VtBtDyEzytRtHtR0C1F2Y1E1F1G0M1T1C2X1P1I1V0U0N1VtBtDyDtDtRtHtR0C1F2Y1E1F1G0M1T1C2X1P1I1V0R0B1V0F0S1VtBtDzzyBtRtHtR0C1F2Y1E1F1G0M1T1C2X1P1I1V0B1L1B1I1L1V0M1VtBtCyEtAtRtHtR0S1J1L1G0A1E1E1V0U0N1VtBtAyDzytRtHtR0S1J1L1G0A1E1E1V0V0X1VtBtAyCtDtRtHtR0S1J1L1G0A1E1E1V0R0B1V0F0S1VtBtAyCtCtRtHtR0F1T1R2Z0F1L1C1P1VtCzzzyyCtRtHtR0F1T1R2Z0F1L1C1P1V0B1L1B1I1L1VtCzzzyzztRtHtR0F1T1R2Z0F1L1C1P1V0U0N1VtCzzzyzytRtHtR0F1T1R2Z0F1L1C1P1V0U0N1V0F0S1VtCzytAtCtRtHtR0F1T1R2Z0F1L1C1P1V0R0B1V0F0S1VtCzyyBzytRtHtR0F1T1R2Z0F1L1C1P1V0B1L1B1I1L1V0M1VtBtCtBtAtRtHtR0T1C1P2T1T1T1V0U0N1VtBtAyDzztRtHtR0T1C1P2T1T1T1V0U0N1V0M1VtByDtAyCtRtHtR0T1C1P2T1T1T1V0R0B1V0F0S1VtByDtAyBtRtHtR0P1F2Y1E1VtCtDyEzytRtHtR0P1F2Y1E1V0U0N1V1H1VtBtAyDtBtRtHtR0S2Z1P1C1J1I2U1V0C1F1H1S1F1V0VtC1VtByDtDzztRtHtR0C1T1B1M0R1P1H1L1G1Q1P1C1V0U0N1V0F0S1VtByEyCtAtRtHtR0C1T1B1M0R1P1H1L1G1Q1P1C1V0B1L1B1I1L1V0M1VtByEyCyEtRtHtR0C1T1B1M0R1P1H1L1G1Q1P1C0W0D1V0B1L1B1I1L1V0M1VtByDtCzztRtHtR0G1F0G1F0G1F0R1T1Q1L1F1V0U0N1V0M1VtBtByBtAtRtHtR0G1F1N1F1N1F1C1T1Q1L1F1V0B1L1B1I1L1V0M1VtBtByByEtRtHtR0G1F0G1F0G1F0R1T1Q1L1F1V0U0N1VtByEyDtBtRtHtR0I1G1O1F0I0N0T0LtB1V0A0V1V0B1L1B1I1L1V0M1VtBtAtCyCtRtHtR0I1G1O1F0I0N0T0LtB1V0A0V1V0U0N1VtBtAtCyBtRtHtR0I1G1O1F0I0N0T0LtB1V0B1L1B1I1L1V0M1VtBtAtCzztRtHtR0I1G1O1F0I0N0T0LtB1V0U0N1VtBtAtCzytRtHtR0I1G1O1F0I0N0T0LtB1V0VtC1VtBtAtBtDtRtHtR0I1G1O1F0I0N0T0LtB1V0A0V1V0VtC1VtBtAtBtCtRtHtR0I1G1O1F0I0N0T0LtB1V0V0X1VtByEtDzytRtHtR0I1G1O1F0I0N0T0L1V0VtC1VzztAzztRtHtR0I1G1O1F0I0N0T0L1V0U0N1VzzyEtDtRtHtR0I1G1O1F0I0N0T0L1V0A0V1V0VtC1VtBtDtCzytRtHtR0I1G1O1F0I0N0T0L1V0A0V1V0U0N1VtBtDtBtCtRtHtR0I1G1O1F0I0N0T0L1V0B1L1B1I1L1V0M1VtBtCyEyEtRtHtR0I1G1O1F0I0N0T0L1V0A0V1V0B1L1B1I1L1V0M1VtBtCyCtCtRtHtR0I1G1O1F0I0N0T0L1V0V0X1VtByEtCtDtRtHtR0G1T1H1P1C0F1F1C1P1B2Z1V0A0V1V0B1L1B1I1L1V0M1VtBtByCyBtRtHtR0G1T1H1P1C0F1F1C1P1B2Z1V0A0V1V0U0N1VtBtByCzztRtHtR0G1T1H1P1C0F1F1C1P1B2Z1V0B1L1B1I1L1V0M1VtBtByCzytRtHtR0G1T1H1P1C0F1F1C1P1B2Z1V0U0N1VtBtByBtDtRtHtR0G1T1H1P1C0F1F1C1P1B2Z1V0VtC1VtBtByBtCtRtHtR0G1T1H1P1C0F1F1C1P1B2Z1V2XtB1VtByEtCtAtRtHtR0S1P1R0U2Z1L1I1L2Z2U1V0U0N1VtBtCzyyCtRtHtR0S1P1R0U2Z1L1I1L2Z2U1V0B1L1B1I1L1V0M1VtBtCzyyBtRtHtR0S1P1R0U2Z1L1I1L2Z2U1V0U0N1V0F0S1VtBtCzyzztRtHtR0W1T1K1T1HtBtDtCyD1V0B1L1B1I1L1V1H1VtByEtBtBtRtHtR0W1T1K1T1HtBtDtCyD1V0L1F1N1F1V0U0N1VtByEtBtAtRtHtR0W1T1K1T1HtBtDtCyD1V0VtC1VtByEtByEtRtHtR0P1I1T2U0M1L1I1I1L1F1G1V0VtC1VtBtAyEtCtRtHtR0P1I1T2U0M1L1I1I1L1F1G1V0VtB1VtByDtBzytRtHtR0S2Z1P1C1J1I2U1VtCtAyEtCtRtHtR0S2Z1P1C1J1I2U1V0U0N1VtCtAyEtBtRtHtR0S2Z1P1C1J1I2U1V0B1L1B1I1L1V0M1VtCtAyEtAtRtHtR0S2Z1P1C1J1I2U1V0B1L1B1I1L1VtBtAtByBtRtHtR0S2Z1P1C1J1I2U1V0V0X1VtBtAyCyEtRtHtR0P1C1L1R1P0F1F2Y1G2Z1T1L1G1V0P0P0I1V0U0N1VtCzytCyEtRtHtR0P1C1L1R1P0F1F2Y1G2Z1T1L1G1V0P0P0I0R0B1V0F0S1VtBtDtAtAtRtHtR0P1C1L1R1P1V0P0P0I1V0B1L1B1I1L1V0M1VtBtCzytAtRtHtR0P1L1N1N2U1VtByEzyzytRtHtR0P1L1N1N2U1V0F1C1T1E1E1P1VtByDyEyBtRtHtR0P1L1N1N2U1V0B1L1B1I1L1V0M1VtByDyEzztRtHtR0P1L1N1N2U1V0F0S1VtByDyBzztRtHtR0P1L1N1N2U1V1G1F1G1T1Q1H1L1G1VtByDyBzytRtHtR0I1G1O1F1V0U0S1V0VtC1VtCzztCzytRtHtR0I1G1O1F1V0U0S1V0U0N1VtCzztBtCtRtHtR0I1G1O1F1V0U0S1V0A0V1V0VtC1VtBtDtCtBtRtHtR0I1G1O1F1V0U0S1V0A0V1V0B1L1B1I1L1V0M1VtBtDtCtAtRtHtR0I1G1O1F1V0U0S1V0A0V1V0U0N1VtBtDtCyEtRtHtR0I1G1O1F1V0U0S1V0B1L1B1I1L1V0M1VtBtCyEyDtRtHtR0I1G1O1F1V0U0S1V0A0V1VtB1V0M1VtBtAtCtDtRtHtR0I1G1O1F1V0U0S1V0A0V1VtB1V0U0N1VtBtAtCtCtRtHtR0I1G1O1F1V0U0S1VtB1V0B1L1B1I1L1V0M1VtBtAtCtBtRtHtR0I1G1O1F1V0U0S1VtB1V0U0N1VtBtAtCtAtRtHtR0I1G1O1F1V0U0S1VtB1V0VtC1VtBtAtCyEtRtHtR0I1G1O1F1V0U0S1V0A0V1VtB1V0VtC1VtBtAtCyDtRtHtR0I0S0B1L1G1N1V0U0S1VtBtDyEyCtRtHtR0I0S0B1L1G1N1V0R0O0W1VtBtDyEyBtRtHtR0I0S0B1L1G1N1VtBtDyBzytRtHtR0I0S0B1L1G1N1V0U0N1VtBtBtByDtRtHtR0W1L1G0B1L1G1N1VtBtAtDyBtRtHtR0W1L1G0B1L1G1N1V0U0N1VtByEyDtCtR1XtHtR1S1I1T1R1J0L1L1B2Z0C0C1BtRzx1ZtR0A0FtRtHtR0A0XtRtHtR0A0LtRtHtR0D0ZtRtHtR0A0StRtHtR0A0DtRtHtR0A0OtRtHtR0A0ItRtHtR0A0QtRtHtR0A0GtRtHtR0A0MtRtHtR0A0WtRtHtR0A0ZtRtHtR0B0StRtHtR0B0HtRtHtR0B0DtRtHtR0B0BtRtHtR0B0YtRtHtR0B0ZtRtHtR0B0JtRtHtR0B0MtRtHtR0B0TtRtHtR0B0OtRtHtR0B0QtRtHtR0B0AtRtHtR0B0WtRtHtR0B0VtRtHtR0I0OtRtHtR0B0NtRtHtR0B0GtRtHtR0B0FtRtHtR0B0ItRtHtR0K0HtRtHtR0C0MtRtHtR0C0VtRtHtR0K0YtRtHtR0C0FtRtHtR0T0DtRtHtR0C0LtRtHtR0C0NtRtHtR0C0XtRtHtR0C0CtRtHtR0C0OtRtHtR0K0MtRtHtR0C0GtRtHtR0C0DtRtHtR0C0KtRtHtR0C0RtRtHtR0C0ItRtHtR0H0RtRtHtR0C0UtRtHtR0C0WtRtHtR0C0YtRtHtR0C0ZtRtHtR0D0KtRtHtR0D0JtRtHtR0D0MtRtHtR0D0OtRtHtR0E0CtRtHtR0E0GtRtHtR0S0VtRtHtR0G0QtRtHtR0E0RtRtHtR0E0EtRtHtR0E0TtRtHtR0F0KtRtHtR0F0OtRtHtR0F0JtRtHtR0F0ItRtHtR0G0FtRtHtR0P0FtRtHtR0T0FtRtHtR0G0AtRtHtR0G0MtRtHtR0G0EtRtHtR0G0HtRtHtR0G0ItRtHtR0G0RtRtHtR0G0LtRtHtR0G0DtRtHtR0G0PtRtHtR0G0UtRtHtR0G0TtRtHtR0G0GtRtHtR0G0NtRtHtR0G0WtRtHtR0G0YtRtHtR0H0TtRtHtR0H0MtRtHtR0V0AtRtHtR0H0NtRtHtR0H0KtRtHtR0H0UtRtHtR0I0StRtHtR0I0DtRtHtR0I0RtRtHtR0I0QtRtHtR0I0EtRtHtR0I0MtRtHtR0I0LtRtHtR0J0MtRtHtR0J0EtRtHtR0J0OtRtHtR0K0ZtRtHtR0K0EtRtHtR0K0ItRtHtR0K0PtRtHtR0K0RtRtHtR0K0WtRtHtR0K0GtRtHtR0L0AtRtHtR0L0VtRtHtR0L0BtRtHtR0L0StRtHtR0L0RtRtHtR0L0YtRtHtR0L0ItRtHtR0L0TtRtHtR0L0UtRtHtR0M0OtRtHtR0M0KtRtHtR0M0GtRtHtR0M0WtRtHtR0M0YtRtHtR0M0VtRtHtR0M0LtRtHtR0M0TtRtHtR0M0HtRtHtR0M0QtRtHtR0M0RtRtHtR0M0UtRtHtR0Y0TtRtHtR0F0MtRtHtR0M0DtRtHtR0M0CtRtHtR0M0NtRtHtR0M0EtRtHtR0M0StRtHtR0M0AtRtHtR0M0ZtRtHtR0M0MtRtHtR0N0AtRtHtR0N0RtRtHtR0N0PtRtHtR0N0CtRtHtR0N0ZtRtHtR0N0ItRtHtR0N0EtRtHtR0N0GtRtHtR0N0UtRtHtR0N0FtRtHtR0M0PtRtHtR0O0MtRtHtR0P0KtRtHtR0P0WtRtHtR0P0StRtHtR0P0AtRtHtR0P0GtRtHtR0P0YtRtHtR0P0EtRtHtR0P0NtRtHtR0P0TtRtHtR0P0RtRtHtR0Q0AtRtHtR0R0O0WtRtHtR0R0EtRtHtR0R0OtRtHtR0R0WtRtHtR0B0LtRtHtR0S0HtRtHtR0K0NtRtHtR0L0CtRtHtR0M0FtRtHtR0P0MtRtHtR0V0CtRtHtR0W0StRtHtR0S0MtRtHtR0S0TtRtHtR0S0AtRtHtR0S0NtRtHtR0R0StRtHtR0S0CtRtHtR0S0LtRtHtR0S0GtRtHtR0S0XtRtHtR0S0KtRtHtR0S0ItRtHtR0S0BtRtHtR0S0OtRtHtR0Z0AtRtHtR0G0StRtHtR0S0StRtHtR0L0KtRtHtR0S0DtRtHtR0S0RtRtHtR0S0JtRtHtR0S0ZtRtHtR0C0HtRtHtR0S0YtRtHtR0T0WtRtHtR0T0JtRtHtR0T0ZtRtHtR0T0LtRtHtR0T0GtRtHtR0T0KtRtHtR0T0OtRtHtR0T0TtRtHtR0T0NtRtHtR0T0MtRtHtR0T0CtRtHtR0T0VtRtHtR0U0GtRtHtR0U0AtRtHtR0A0EtRtHtR0U0MtRtHtR0U0YtRtHtR0U0ZtRtHtR0V0UtRtHtR0V0EtRtHtR0V0GtRtHtR0V0ItRtHtR0W0FtRtHtR0E0HtRtHtR0Y0EtRtHtR0Z0MtRtHtR0Z0WtR1XtHtR1F1O1C0E2V1R1I2Y1Q1P0B2U0M1T1Q1PtRzx1Z1XtHtR1P2V1R1I2Y1Q1PtRzx1G2Y1I1ItHtR2W1C1T1E0I1QtRzxtByDyEyDyEtHtR1F1O1C0A0RtRzx1ZtDtFyCtCyCtH2StRtCtRzx1ZtDtFyByCtAzyzzyDyDyByBzzzyyCyDzytHtDtFtDtByByEtAzyyDtCtDtDzyyByByBzy1XtHtRtBtRzx1ZtDtFyByByDzytCyDzzzztBtBzztDtDtAtHtDtFtDtAyBtAtCtCzytByEyBzytDyEyEyB1XtHtRtAtRzx1ZtDtFyBtAyBzztAtAzzyEzyyDyBzztAtAtHtDtFtDtCyDtCtAyCyCyCtDzztAtAtDyEyC1XtHtRyEtRzx1ZtDtFyByEyByBtAtDtAzyyEzyyDtCtAyCtHtDtFtDtByCtAtAtAtAyEtAyEzzyDyBtAzy1XtHtRyDtRzx1ZtDtFyBtAyByEzzyEzztDtByEtByEtAyDtHtDtFtDtByDzyyEtBtCyEyDzzyByEtDyCyE1X2Q1XtHtR1R1M1P1R1J1P1C0R1P1B2Y1I2ZtRzxtRtBtRtHtR1T1Q0S1P1C2X1P1C0P1T1C1T1H1BtRzx2StR0P1T1R1J1T1N1P0N1T1H1PtRzxtR0P1C1L1R1P0F1F2Y1G2Z1T1L1GtRtHtR0T2U1E1PtRzxtR0S0H0O0P0P0I0N0GtRtHtR0M0O0D1V0S0U0P0P0O0R0TtRzxtR2Z1C2Y1PtRtHtR0B0R0A0N0D1V0S0E0L0E0C0T0I0O0NtRzxtRyEtDtHyCtDtRtHtR0C0U0S0T0O0MtCtRzxtRtBtHtAtHzztRtHtR0E0X0C0L0U0D0E0D1V0S0O0F0T0W0A0R0EtRzx1ZtR0Q0V0Z1O0Q0X0Z1M1RtA0QzutRtHtR0Q0V0Z1O0Q1H1ItD0R0G0V1H0Z0WyD1J0Z0X0IzutRtHtR0Q0V0Z1O0R0V0N0F0V0CtC0O0TtD0Q2T0M1NzuzutRtHtR0Q0V0Z1O0RtD0R1M1Q0G0EzutRtHtR0Q0V0Z1O0T0W0F1B1QtB0F2U0Z0W0JyD1Q0G0V2TtR1X2Q2QtHtR1R1Q1G0E0U0S1P1C2X1P1CtRzxtR1M2Z2Z1EzxtEtE1R1Q1G1P2YtF0J1T1K1T1K1T1E1TtF1R1F1HtEtRtHtR1R1Q1G0U0S0S1P1C2X1P1CtRzxtR1M2Z2Z1EzxtEtE1R1Q1G2Y1BtF0J1T1K1T1K1T1E1TtF1R1F1HtEtRtHtR1C1P1E1F1C2Z0D1F1H1T1L1GtRzxtR1M2Z2Z1EzxtEtE1C1EtF0J1T1K1T1K1T1E1TtF1R1F1HtEtRtHtR1C1P1E1F1C2Z1BtRzx2StR1B1R1M1P1H1P0N1T1H1PtRzxtR0P1F1E1T0J1T1CtRtHtR1N1I1S0V1P1CtRzxtRtCtFtAyBtFyBtRtHtR0F1V0P1F1BtRzxtRyDtRtHtR0F1V0S1I1F2ZtRzxtR1H1T1L1GtRtHtR1L1B0A2Y2Z1F0F1I1F2WtRzxtRtCtRtHtR0O1O1O1P1C0F1I1T2X1F1CtRzxtR0P1C1L1R1P1V0B1L1B1I1L1V0MtRtHtR0O1O1O1P1C0F1I1T2X1F1C0I0DtRzxtRtByEyDtDtRtHtR1Q1L1B0D2Y1C1T2Z1L1F1GtRzxtRtByBtAtDtRtHtR0P2Y1S0E2V2Z0C0H0N0LtRzxtR1O1T1StD1O1S1QtD1Q1P1RtAyE1TyEyDzyzyyE1OyB1R1TtAzzzytDyD1S1StB1OtRtHtR0C0H0N0LtRzxtR1O1T1StD1O1S1QtD1Q1P1RtAyE1TyEyDzyzyyE1OyB1R1TtAzzzytDyD1S1StB1OtRtHtR2Y1B1P1C0A1R2Z1L1F1GtRzxtRyEtRtHtR0B0N0D1V0B0K0U0P1V0E0X0I0S0TtRzxtRtCtRtHtR0B0N0D1V0C0N0TtRzxtRtCtRtHtR0B0N0D1V0F0W0T0MtRzxtRtDtRtHtR0B0N0D1V0S0T0TtRzxtRtBtRtHtR0B0N0D1V0S0T0T1V0M0A0I0NtRzxtRtBtRtHtR0B0N0D1V0S0ZtRzxtRyCtDyEtCyDyDtRtHtR0B0N0D1V0T0MtRzxtRyBzztCtBtRtHtR0B0R0WtRzxtR0C0H0R0O0M0O0D0OtF0E0X0EtRtHtR1T1Q1B1V2X1P1CtRzxtRtCtFtAtFtDtRtHtR0D0E0P1V0M0O0DtRzxtRtBtRtHtR1F1O1C1I1G1NtRzxtR0D0EtRtHtR1L1C1B1V1S1C2WtRzxtR0C0H0R0O0M0O0D0OtF0E0X0EtRtHtR1L1B1E1V1S1C2WtRzxtR1L1PtRtHtR1L1G1B2Z1V1O1I2XtRzxtR0AtRtHtR1B2W1H2X1P1CtRzxtRtCtFtCyBtRtHtR1B2W0R2Y1GtRzxtRtCtRtHtR0P0R0O0D1V0T0I0T0L0EtRzxtR0J1T2X1TtR2QtHtR1T1Q1Q0B2Y2Z2Z1F1G1BtRzx2Z1C2Y1PtHtR2W1C1T1E1E1P1C0F2Y1G1R2Z1L1F1GtRzxtR1PtA0NtD0Y0X0JtD0O1H0ZtC1S1H0NtD1T0Wzy2Y0K0G0U1E1PtB0R1I0Y1G0V1G0L1G1Q2U1T0X0R1I0K0C0J2T1Q0G0F2U1Q0C1N1E0O1L0B1K0Y0W2V1B0Z0W0Q1N0Z1Hzy2U0I0CtDtI0I0C0I1C0Z0SyD2W0Y0W0N1C0Y0W1Q1I0T1H0F2Z0Z0S2V1J0Z0W0JtC0Z2UyD0N0V0Fzy0J0T1J0Z0P0L0C0J2X0Y1H1E1I0YtA0R0T1S0W0F2U1Q0F1Q2U0Y0X0B2W0Z0X0I2Y1T1G0M1L0K0S2VtD1T0G1I2T0L1G0J1I1R0Gzy2U1Q0F0B2U1StB0RtC0YtA0Q1F0K0S2V1I0L1H0F1J0Z0E0J0J0U0G0F2U0Y0WtD1F0I1I0N1I0YtBzy2Y0Z0G0F2U1P0Vzy0T1Q0H0V1L0XtC0J1I1R0Gzy2U1Q0C0I1B1Q0G1M1E1R2UyD0T0Z0W0N2X1S1H0R1M1R1G1I0T1Q0H0V1L0U1H0V2W1StA0JtD0K0S2V1I0L1H0F1J0Z0E0VtB0Z0WyDtD0T0G1I2T1Q0G0V2Y0Z0X0I1F0U0G0F1K1TtB0F1G0Z0SyD0T0V0E0F0U0R0Vzy0D0S0E0F0O0RtD0V0E0L0H0R1F1T0X0M2Y1StByD0Q0Y0W0N1C0Y0W1Q1I0UtA0R1M1Q0G0V0D1T0G0F2Y0ZtB0V1J0K0S2V1I0L1H0R2X1QtByD1B1StB0F1J0K0G0U2Y1R0G0F1K1TtB0F1G0Z0Uzy2W1Q0G1I2X1S1G0M2Y1R0G0N1C0L1H0R2X1QtByD1B1StB0F1J0V0V0J0M1R2U2V1I0L1G0B1M0YtB2Z1M0ZtB0V0P1R0H0R1E1StByD2T0L1G0B1K1T2UyD1J0Z0X0NtD0R1H1I1B0Z0U0VyE1Q0C1J1B0Z0SyD1K1StByD1H1T0X0J2Z0K0C1Izy0L0H0J1I1R0Gzy2U1Q0F0B2U1StB0RtC0YtA0QyC0Z1G0V2Y0YtA0R1E1StByE1F0K0X2Z1J0Z0W0JtC0Z2UyDtA1R1H1ItD0Z0S1N1L1R1H0V2W1StA0JtD0U0H0J2X0Z0H0V1K1Q0C1N1E0I0H0NtD0Y0X0JtD0Z0W0Q1L0L0G0R1I0Y1G0V1G0L1JtC0U0XtD1I0O0R1Jzz1B0I1Hzy1L1T1H0V1K1Q0F0N2Z0Y0X0JtD0VtA0J1M1R0H0B1I1R1LyD1D1R2U0I1E0OtA0Z1M1R1L0B1I0L0G0E1B0Y2TtC1S0X0S2V1J0P0V2Z1Q0L0H0Qzy0WtCtD1B0Y1KtC1S0W2U0J1H0N0D1J2V0Y2T0UtD0Y1H0ItB0Z0D0Z1J0M0G0N1J0M0T0UtB0M0T0F1H0M1H0N1I0O0D0UtD0Y0W0IyD0YtB0N1L0M0D0EtC0Z1K0YtD0Y0W0UtC0M0W0M2W0N1K0EtA0N0D1JtC0N0G0V1K0M0T1NyE0M0D1NtA0Z0D0AyD0I1L2W1L0Y0T1J2T0Z0D0Y2U0N0D0Y2W0M0G0F1K0Y0T1I1M0N0G0YyE0N0D1Q1K0Y2T1Q1L0O0T0AyE0N1H0EtC0N1K0J1I0Z0D0B1K0N1H0E2T0M0T0U2U0N2T0I2W0N0D0Q2T0M0D1I1J0O0G0N1H0Y0W0J1J0Z0D0EtA0Y0W0Z1H0O0C0J1Q0L0F1B1L0YtB0EtC0Y2T1NtC0O0D0V1L0M0D1RtB0M0G0EtA0N1K0B1I0M0G0IyE0O0D1RyE0M0D0A2T0N1K0A2T0M0D0Z1L0N1K0A2U0O0D1M1M0Y0T1NtC0O0D0F1J0N0D1N2W0M0G0F1L0N0D0J1L0Y2T0J1K0M0G0QtC0O0T0F1M0N0S0J1Q0L0F1B1L0N0T0R1M0M0D0R1I0Z0W0UyD0YtB0YyE0M0D1J2W0Y0W0QyD0Z0D0I2U0Z0D0M2T0Y1K1N2U0O0D0UtC0M0G0YtA0M0G0UtB0M0D1R2W0N1H0E2T0M2T0YtA0N0T0Y2T0N0D0IyD0M2T1NtD0Z0D0M2W0N1K0AtB0Z0T0UyD0M0C0J1Q0L0F1B1L0N0T0Z1K0Y0T1NtA0O0T0I2T0YtB0Z1L0M0T1JtB0N1H0QtA0N1K0B1J0M0T1J2W0O0W0R1M0M0D0ItB0N1K0MtA0O0T0QyD0Y1H0M2U0Z1H0M2W0Y2T0EtD0O0G0MtD0M0D0F1M0Y2T0I2T0Y0T0E2V0Y0T0F1I0N2T1I1H0O0C0I1B0I1H0F1I0Y2T1M1M0Z0T0B1J0O0W0Q2W0M0T0ItA0MtB0N1I0Z1H0EtC0Y0W0N1K0Y0T0J1M0Z0W0F1L0Z1K0Z1K0N0T1M1K0N0W0R1M0Z0T0V1J0M0W0M2T0Y1H0E2U0Y2T0J1I0N0W0F1L0Z0D0Z1L0Y1K0N1I0O0T0ItD0N0W0U1L0L0C0ItA0Z1K0F1L0Y1K0YtD0M0T0QyE0Y0T1JyD0M0T0A2W0M0T0J1H0Z0T0EtC0N2T0A2V0Z1H0F1L0Z1K1R2V0Z0T0F1L0NtB0UyD0Y1K0M2W0N0D0MtD0M2T0N1I0Y1K0B1K0M2T0V1K0Z0G0Z1H0N0G0V1K0N0T0B1I0M0W0EyD0I1ItD1B0W2U0J1K0Z1K1I1L0Y1H0EtD0Y1H0E2T0YtB0MtC0N0G0YtB0Y2T0EtA0Z0G0F1M0Y0T0ItD0Z0W0I2T0M2T0V1I0Y2T0J1K0Z0G0U2U0Y2T0B1H0Y2T1N2U0Z0G0UtA0Z0W0N1L0Z0W0V1K0N2T1N2U0O0T0A2T0Y1K0UtC0N0D0YtD0I1ItD1B0W2U0J1L0M1H0ItC0Z1K0Z1I0Z0G0Y2W0Y2T1N2V0N2T0Q2V0N0T0EtA0N0G0V1M0Y1H0U2V0Y0W0M2U0Z0T0EtA0Z0G0MtA0M1H0E2T0Z0D0AyD0Z0G0I2U0M0D0J1J0O0T0F1H0O0W0E2V0Z0D1M1J0O0D0V1I0N2T0N1H0M1H0MyD0I1ItD1B0W2U0I2U0M0T0Z1M0MtB0F1K0N2T1N2U0Y1K0A2T0M0T1RtB0O0D0J1L0M2T0AtB0M0D0V1M0M0T1NtC0Z0G0J1L0Z0T1I1L0Y1H0MtC0Z0T0B1K0M0W0Z1M0Z0D0B1I0N1K0V1K0Y2T1M1M0O0W0IyE0Z0D0AtA0O0G0MtC0Z1K1N2V0I1ItD1B0W2U0IyE0N0T0Q2V0Z1H0QtD0Y1K1JyE0O0D1NtB0Z0T0AtB0M0G0IyD0Y1H0R1J0NtB0YtA0O0D1M1H0YtB0M2V0Z0T0F1H0Y1K1J2V0M1K1N2V0N0D0B1M0M0D0J1L0O0T0J1M0Z0T1RtC0O0G0Y2W0NtB0YtC0Z0T0F1K0O0D0EtA0I1ItD1B0W2U0ItC0N0T1Q1M0N0T0ItB0Y0T0B1L0M2T1NyE0N0T0N1L0Z0T1J2U0O0T1NyD0N0W0MtA0N0T0V1J0O0T0MtD0NtB0V1K0MtB0Y2V0Y0T0M2W0N2T1I1M0N0W0R1M0M0D0M2V0N0W0I2T0N1K0UtA0Z0T1J2V0N0G0UtD0N0G0YtD0I1ItD1B0W2U0J1H0M0G0EyD0Y0T1I1I0Z0T0N1J0N1K0J1I0N1K0N1L0O0T0F1I0M0T0J1M0Z0G0J1K0Z0T0N1K0N1K0ItA0N1K0Z1H0M2T0A2U0M1H0MtB0N0D0J1J0Y0W0ItB0Z0G0R1J0Z0D1NtD0M1K0E2T0Y2T0QtD0N2T1N2V0N1K0MyD0I1L2W1L0O0D0N1L0Z1K0EtB0Y0W0MtB0N0D1J2U0NtB0UyE0YtB0I2U0N1H0V1K0N0D1N2V0MtB0E2V0Z1K0Q2W0Z1K1NtB0O0T0M2W0M0T1JyE0Z0T1I1H0Y0T0MtC0Y0T0UtD0N0G0YtA0YtB0R1L0Z0D1JtB0Y2T1J2W0Y1H0R1L0Y0S0J1Q0L0F1B1L0N0D0J1I0Z1K0U2T0M1H0MtA0N0G0MyD0Y0T0UtD0NtB0Y2W0Y2T0AyE0O0D1RtD0M0W0V1K0Y0T0MyD0N0W0Z1L0N0T0AyE0O0T0B1H0M1K1JtD0N1K0B1J0N0D0UyD0Y1K1M1J0Z0D1NtC0N2T0R1H0N1H0R1H0MtB0YyD0M0S0I1B0I1K0V1K0N0G0EtB0N2T1N2T0O0W0M2T0Z1K1I1L0O0D0A2V0N2T0QtB0Y0W0Y2U0O0T0F1L0Z1K0V1J0Y1H0Q2W0Y0T0E2U0N0T0J1H0N0G0F1K0Y0T0QtC0M0T0YtA0Z1K1I1K0M0T0V1L0O0T1NtB0Z0D1J2V0MtB0I2W0N2T1R1L0L0C0ItC0O0T1JtB0M0G0R1H0Y2T1Q1K0M0D0EtA0M0D0U2U0N1K0Z1J0N0W0R1M0Y1K0YtB0Y1K0M2W0Y0W0M2T0M1K1RtC0N0T0MtB0N0G0EtB0N0G0M2W0M0W0U2U0O0T0U2V0M1H0J1H0Y1K0Q2U0Z0W0QyD0Z0W0U2U0Y0T0U2W0I1ItD1B0W2U0I2W0O0T0V1M0Z1K1JyE0Y2T0V1I0Y0W0UyD0Y0T0F1J0Z1K0B1J0Z1K0QtD0O0D1M1I0Y0T0ItA0Z0T0Z1I0N0T0A2W0Y2T0U2U0N0D0EyD0Y1H0U2T0N2T0J1M0YtB0ItC0M1K0N1J0N0D0F1K0M2T1JtA0Z0W0Z1L0Z0G0E2V0I1L2W1L0M0T1Q1K0Z0G0F1K0N2T0Y2T0Z0W0EtC0YtB0ItB0Y0W0Q2W0Z0D0Z1J0O0T0EtC0YtB0F1I0Y2T0AtD0N0W0EtD0O0D1N2V0Z0G0Y2U0N0T0V1J0M0D1NtB0N0W0YtA0M0W0F1H0N0T0QtD0N0D0UtA0Y0T1JtA0N2T0EtA0O0S0J1Q0L0F1B1L0Z0G0V1J0Z0D0Q2W0Z1H0E2U0N0T0MyE0O0T0YtC0N1K0IyD0Z1H0J1M0Z0D1JtB0Z0D0YtD0N1H0V1J0MtB0EyE0N0D0I2V0M0W0V1M0Y0W0MtB0N2T0Z1L0M0W0F1M0M1K1I1I0Y0T0YyD0Z0T0EyD0Y1K0I2U0Y1K0E2U0Z1L0J1Q0L0F1B1L0Z1K0ItA0Y0T0U2W0Z0W0QtB0M2T1N2V0Y2T1JtC0N0W0ItC0O0T0N1M0M1K0R1I0N0T0J1K0M1K0B1H0NtB0MyE0O0D0EtD0M0T0ItC0M1K0Z1M0Y0T0QtB0Z0D0U2T0MtB0R1J0Z0G0J1M0Y1K1J2U0M2T0J1M0N1K0R1L0O0C0J1Q0L0F1B1L0O0D0Q2V0N2T1J2V0O0T0Z1K0Y1K0A2W0Z0W0V1J0Z0G0F1K0O0D1NyE0M0T1Q1K0N1H0F1K0M2T0A2T0N0W0V1L0O0W0M2U0N1K0I2T0NtB0YyD0Z0T1NtD0M1H0R1I0M0D1RtD0M0D0MtC0Z0D0QyD0M1H0UyD0M0D0N1H0M2U0I1B0I1K0Q2V0Z1K1NyE0Y0W0QtB0N2T1RtC0Y1K1NtC0YtB0QtD0N0D0V1I0Z0D0Q2V0O0G0R1H0Z0D0N1J0N2T1JtA0M0T0Y2W0M0T0B1H0YtB0V1K0Y0T0B1I0O0W0EyE0N0D1NtA0Y0T0ItC0Z0G0U2V0N0W0J1K0N1K0M2U0YtB0I1L0X0S2V1S0I1K0AtC0Y1K0M2V0Y2T0F1M0Y1K0R1L0M1K0YtD0O0D1R2V0O0T1N2T0Z0T1I1H0N1K0V1H0Z0T0Z1K0Z1H0F1L0M0D0B1I0O0D1I1J0M0G0I2T0Z1H0N1M0Z1K0MtC0M2T0I2V0Y1H0MyD0Y0T0V1J0Z0G0R1L0N0T1R2T0M0G0Q1L0X0S2V1S0I1K0EyD0Z0T0MyE0M0T0EtD0M1K1JtB0M0G0I2W0MtB0F1K0M1K1NtC0Y0T0A2U0Z0D1JtC0Y0W0Q2V0M0D0E2T0N0T0AtA0O0W0M2U0Z1H0R1H0Z1K0Z1H0N0D0YtA0M0T0J1M0Y1H0Z1J0N2T0F1J0N1H0V1H0Z1K0I2U0Y1K0Q1L0X0S2V1S0I1K0ItB0Z0T1R2V0Y1H0V1H0Z1H0UtB0Z1H0M2T0Z1H0UtB0Z0T0B1M0Z1H0F1I0M0G0N1K0N0G0MyD0Z0G0MyE0M0G0J1M0Z0G0Y2T0N0T0UyD0N0D0QtB0Y2T0Z1K0O0T0YtD0Y1H0YtA0M0D0YtB0M1H0E2T0M1K0V1K0M0T0A1L0X0S2V1S0I1K0R1K0Y1K0UtD0Y2T0AtB0M0D1NyD0N1K0YyD0O0G0M2T0YtB0EtC0M0G0QtB0O0W0M2U0M1H0UtB0M0W0V1J0Y0T1M1J0Y2T0V1L0N1K0F1K0Y1K1JtC0N0T0I2T0N1K1NtC0N0T0N1K0N0G0ItB0Y1K1RtD0MtB0F1H0M2T0Q1L0X0S2V1S0I1H0F1J0N0T0Z1I0Z1K0J1L0M0W0F1M0O0T0EtB0N2T0Z1H0M0D0E2W0M2T0QtD0O0W0MtD0O0T0MtB0N1K0QtD0M1K0QtC0Y0T1I1M0M2T1RtB0Y1K0B1K0M2T0QyD0NtB0R1M0N1H0M2V0M2T0ItC0N0T1I1H0M0W0I2W0Y0T1J1L0X0S2V1S0I1H0YyE0O0T0Q2W0Y2T1N2T0Z0D1N2U0Y0T1RyE0Z0D0R1M0Y0T0YyE0Z0T0Q2V0M0T0ItA0M0G0Y2U0Y1K0B1L0Z1H0F1M0YtB0E2V0M2T1Q1K0Y1K0U2T0N0T1M1H0Z0W0QtA0Y0T1RtC0N0G0Q2T0Z0W0U2W0MtB0E2T0Y1K0I1L0X0S2V1S0I1K0U2V0Y2T0AtC0Z0G0F1L0Z0D0QtA0M2T0Z1I0YtB0YtD0Z0W0Q2U0Y2T0B1I0M0T0M2U0NtB0F1J0Z1H0V1I0Y1H0F1H0Y2T0E2T0Y1H0I2W0M1H0R1J0O0T0ItD0O0D0B1I0M0G0N1L0N0T0J1K0N1H0I2V0NtB0J1K0NtB0I1L0X0S2V1S0I1K0J1L0Y2T0IyD0Z0W0I2U0Y0T0QtA0M1H0IyE0Z0D1Q1M0Z0W0Q2V0Y0W0J1L0Y0T0F1H0M2T1Q1H0O0D1J2T0Z0G0UtD0Z0D0Z1L0Z0G0EyD0M0D0J1H0O0D0MtB0Y2T1NtC0Y0T1RyD0M1K0N1H0Z1K0U2V0O0T1NyE0Y2T0A1L0L0C0I2V0O0W0QtB0M0T0EtC0Y0W0J1J0O0T0U2T0Z0W0EyE0M0T0U2U0Y1K0Z1J0N0G0Q2V0N2T1I1J0Z1H0UtD0Z0T1N2W0O0T1JyE0M1K1NtC0Y0W0M2T0Z0D1I1J0O0G0Y2T0M2T0QyE0O0T0Z1L0M0T0R1I0Z1K0QtC0M1H0Z1J0I1ItD1B0W2U0ItB0N1K0IyD0M1H0Z1J0N1H0N1J0M0T0J1I0Y1K0A2W0Z0T0UyD0O0T1NtB0M1K0Z1L0Z1K0QtC0NtB0R1I0Z1K0U2W0N2T0U2T0O0T0YyD0YtB0QtD0N2T0N1J0M0T1RtB0O0D0A2T0Y1H0Q2T0M2T0N1I0M1K1Q1K0NtB0MtA0I1ItD1B0W2U0J1L0M2T0V1I0Y1K0AtA0N0G0MtB0N0G0Q2V0N1H0YyD0M2T0UtC0Z1K0Z1K0N1H0J1L0Z1H0Y2U0Y2T0B1L0N1K1JyE0Y0T0YyE0N0G0UtB0M1H0ItC0O0T0V1H0M1H0R1I0O0G0E2U0O0D0N1K0N0T0Y2U0Y2T0A2V0Y2T0I2T0I1ItD1B0W2U0I2U0Z0T1Q1H0Y0T0B1H0NtB0ItD0MtB0N1M0O0D0V1H0Z0D0I2W0O0T1RtB0Z1K0J1H0M2T0Y2U0M2T1Q1J0N0W0Y2V0O0W0M2T0M0D1I1K0M0T0I2V0Z0D0Z1M0M0D0Z1M0YtB0F1L0M0D0EyD0M2T0UtD0O0T0B1L0N0W0J1H0I1ItD1B0W2U0I2W0N0T1JtC0N0T1R2W0O0T0Y2W0Z0G0QyE0Z1K0AtD0M2T0Q2U0N0T0M2T0N1K0V1J0N2T1M1K0M0D1M1I0MtB0M2U0Z1K0IyD0M1K0MtA0Z1K0UtD0N0T0YyE0Y1K1JtD0Y0W0V1M0YtB0Q2T0M2T0B1K0O0T1I1L0N0T0IyE0I1L2W1L0N0W0EtA0Y2T0Z1L0Y1K0J1K0O0D0R1J0NtB0ItB0O0D0AtB0Z0D0N1K0Y2T0J1M0N0W0Q2U0M0T1JtD0Y0T0QtB0Z1K0J1L0N2T0J1J0Y0T0Z1L0YtB0I2U0Z0D0I2U0Y0T0YyE0M0T0B1J0Z0T1M1M0N0W0Y2W0Y0T0QyD0M1L0J1Q0X0S2V1H0P0W0I2Y1S0G0V2Y0ZtA0R1F0L0H0Mzy0WtA0NyD1RtA0R1I1S0SyD2U0Z0W1Q0M1T0X0NtD0StB0VyD0StB0VyD1R2U1N1L0UtDzy0G0V0F1Q0B0U1J0U1L0L0H0NyD1RtA0R1I1S0SyD0I0StD0V0Z0XtD2V0P0QtD0F0M0XtDtC0B0QtD1M0J0T1J0U1B0I0T0A1E0L0H0NyD1RtA0R1I1S0SyD2U0Z0W1Q0M1T0X0NtD0StB0VyD0StB0VyD1R2U1N1L0UtDzy0G0V0F1Q0B0U1J0U1L0L0H0NyD1RtA0R1I1S0SyD0I0StD0V0Z0XtD2V0P0QtD0F0M0XtDtC0B0QtD1M0J0T1J0U1B0I0T0E1E0L0H0NyD1RtA0R1I1S0SyD2U0Z0W1Q0M1T0X0NtD0StB0VyD0StB0VyD1R2U1N1L0UtDzy0G0V0F1Q0B0U1J0U1L0L0H0NyD1RtA0R1I1S0SyD0I0StD0V0Z0XtD0N0V0U1I0J0F0T1I0R1O0V0V0N0F0U1L1I1Q0L0H0Izy1T0WyD2T1Q0G0F1B1S0G0V2U0L1H1Q1I1Q0F0B1B0Y0X0R1H1StA0J2Z0V1H0V2U0J1L0Z1E1S1G0NtD0Y0W2V1B0Z0X0I2Y0ZtB0VtD0U0G2V1M1Q0G0Z2X1R1HtC0W0Z0X0I1F0K0TyEzy0N2UyE2T0N1L2V2Y0P0W0ZtC1S1H0NtD1T0Wzy2Y0K0G0U1E1PtA0J1I1Q0H0V2U1S1L0B2U0PtB0VyE1Q0G0V2U1S1H0F1B0L1H1I2U1RtBzy0I0Y0X0N1F0UtA0R2U1T0WyD1G0K0G0U2Y1Q0Gzy0M1StA1Q1I1R1J0N1M1RtB0U1F0K0S2V2T1P0X0NtD0Z0WtD2Y0S0E0F0T0S0Fzy0T0S0E0E2U0N0T0Y1E0O1H0VyE1Q0G0V2U1S1H0F1B0L1H1I2U1RtBzy0T0S0E0E2U0N0T0Y1F0Z0SyDtD1StD2V2X1QtB0V2U0QtB0F2T0Z0S1N1E0K0XtDyB0Z1Hzy2U0K0G0Uzy0M0D2Z1I0P0H0M2Y1S0G0V2Y0ZtA0R1F0OtB0U1C0K2U1I1H1StA0I1F0Y0TtD2W0OtB0Ezz1RtC2Z1I0X0SyD1B0Z0WyD1G1Q0G1NyB0Y0S1B1C0K0X0Q2Y1R0H0V2T1T0C1M2Y0K0H0N1S0Z0VtC1S0Y0VtD1E0K0T2Z1H1StA0I1F0Z0TtD2W0OtB0YtI0Z0T2Z1I0K2U1B1E1Q0G1M1E1R2UyD1E1RtC0B2U1StB0R0L0Z0X1I0F1P0G1I2T1Q0H0M1F0Y1I2Z1I0X0S2VtD0K0S0Y1H0Y2UyD2W1Q0X0N1F0K0G0U1C0M0S1JyB1Q1H0F2U0I0G1Jzy0Y2UyD1B0Z0WyD1G1Q0G1NyB1R1H0VtD1Q0X0J2Y0I0H0R1F1T0X0M2Y0UtB0V1K1StByD1J0Y0X0JyD0UtA0RtC0Y1I0J1I1R0Gzy2U1Q0DtD1L0I1L2V1E0P1K0A1H0J1L1MtD1T0G1I2T0L1I0N1I0YtBzy2Y0Z0G0F2U1P0V0NtD1Q0W0J0S0Z0X0B2X1R1G0Qzy0Y2UyD1D1StB1I2Y0K0C1J1E0L0G0Q2Y1S0G0V2Y0ZtA0R1F0P1K0AtE0Z0F1B2W0X0T1F2W1O0S2V1E1RtC0B2U1StB0R0L0Z0X1I0F1P0G1I2T1Q0H0MyC0Z1G0V2Y0YtA0R1E1StByE1F0Z0S2V1M0K0X2ZtB0Y0X0I1N0Y2U2V1J0OtB0Z2X1R1L1M1K0P0T0AyB0Y2T2V1I0L1H2V1I1S1H1QtD1T0D2Z1K0K2U1B1E0Z1Hzy2U0K0G0Qzy0M0D2Z1J0P0G0E2Y1S0G0V2Y0ZtA0R1F0OtB0Q1C0K2U1I1E0Z1L1M1I0WtB0N1Q0P0TtC1M0WtB0R1Q0K0X0J1I1Q0H0V2U1S1L0E2W0OtA0J1I1Q0H0V2U1S1L0E2V1O0S2V2X1S1I0B1M0YtB2Z1M0ZtB0V0T1Q0G0FtD0Z0U0N1F0Y0WyD1G0Z0W0QyC0Z1G0V2Y0YtA0R1E1StByE1F0Z0S2V1M0K0X2Z1E0Z1L1M1J0Z0W0JtC0Z2UyDtA1R1H1ItD0Z0S1N1L1StByD0Q0Y0W0N1C0Y0W1Q1I0UtA0R1M1Q0G0V0D1T0G0F2Y0ZtB0V1J0K0C1JyC0I0G0N1M1S0G2V1I0Z0C0B1H1StA0I1N0L0TyE1N0I1L2Z1I0L1G0B1M0YtB2Z1M0ZtB0V0O0Y0WtC1I0K2U0I1N1QtB1ItD1T0C0B2T1Q0G0FtD0Z0S0A2Z0P1L0A1L0KtB0E1B0Z0G0V1L1Q0W1R2Y0T0V0R1O0S0UyD0G0T2U2W1L1StB0J1D0Z0W0NtD0UtBtC1M1R1G0R0X1R1H0F2W1R0G0V2U0L1H1E2T0I1L1J1B0Y0TtDzy0P0V0B1M0YtB2Z1M0ZtB0U2Y0U0E2Z0H0XtC0N0U0Q0V0R0F0XtD0R0P0VtDyD0M0TtD0F0E0XtD0Z0J0T1J1I0T0S0C0Y1H0Z0SyD1I1P0H0R2U0Y0W0NtD0K0C1J1B0Y0TtDzy0P0V0B1M0YtB2Z1M0ZtB0U2Y0U0E2Z0H0XtC0N0U0Q0V0R0F0XtD0V0Y0V0F0J0B0QtC0R1O0R1J1I0O0S0V0N0I0K0X2ZtB0Y0X0I1N0Y2TtC1I0L1G0B1M0YtB2Z1M0ZtB0V0P1R0H0R1E1StByD2T0L1H0VyE0Z0V0B1M1R1H0F2Z1RtC0NtD1R1H1I2Y0Z2T2Z1I0L1H0VyE0Z0W0NtC1Q0G0U1F0Z0SyD2W0Y0W0N1C0Y0W1Q1I0TtA0BtD1T0Wzy2Y1R2UyD2W0YtB1B2Y0Z0X1M1I0L0G0M1B0I0T0A1E0L0G0U2Y0Y0W0R1J0Q1J1I0Q0Y0X0J1M1S0S1N1L0YtBtC1J1R0G0F2U0Y0WtC2T0I1L2V1K0K0XtC1E0Z1L1M1M0P0TtDzy0U0G0F1K1TtB0F1G0Z0SyD0Q0StD1Q1O0UtC0R0B0V0E0V1O0R0V1M0F0QtCzy0T0V0E0F0S0V0C2V1M0P0TtDzy0U0G0F1K1TtB0F1G0Z0SyD0Q0StD1Q1O0UtC0R0B0V0E0V1O0R0V1M0F0QtCzy0G0S0UyD0J0UtD1N1E1PtA0Z1M1R1L0B1J0P0S0J0Q1R1H1I1K0Z0U0Z2X1Q0WyDtD0Y0W1I2Y0I1L2VtD0P0X0NyD1RtA0R1I1S0SyD1D1StB1I2Y0U0G0FtD1T0C1M2T1P0X0NtD0Z0WtD2Y0ZtB0VtD0S0Gzy2T1Q0F0B1M1R1H0F2Z0K0H0NyD1RtA0R1I1S0SyD0Q0Q0V0J0B0T0Vzy0M0TtD0N0B0T0Fzy0B0U0F0B0E0Q0V0R0B0XtD0R0J0U1L1J1B0Z0C1J1B0Y1KtC2T1P0X0NtD0Z0WtD2Y1T0X0N0E1T0X0J0F1P0G1I2T1Q0H0M1F1Q0C1J1B0Z1KtD1L1R0H0J1E0YtB0V1H1StA0V2Y1Q0G0F1E1S1LyD1I1P0G0U1L0L0H0Mzy0I1G0B2U1T0W0N1I0Z1HzytC1S1G0R1M1T0WyDtA0L1H0VyE0Z0S0I1B1R1KtD1L0U0H0J1E0YtB0V0G1StA0V2Y1Q0G0F1E1S1I0V2W0Z0G0FtD0Z0V0Z1I1R1LyD1I1P0G0U1L0L0GyEzy1RtA1I2T1Q0G0V2Z0L1H1I2T0U1H0V1G1T0X0NtD1R1G1I0W0Y0W2VtC0Z0U0VyE1T0X0NtD1R2U1N1L0UtDzy0G0V0F1Q0B0U1J0U1L0L0C0J0Q1R1H1I1K0Z0U0Z2X1Q0WyDtD0Y0W1I2Y0I1L2V2T1P0X0NtD0Z0WtD2Y0S0E2Z0F0W0Vzy0D0V0V0J0S0R0UyD0U0XtC0V0T0R0V0I1B0I0T0E1E0OtB0U2Y0Y0W0R1J0Q1J1I0Q0Y0X0J1M1S0S1N1L1T0X0N0S0Z0W1Q0W0Y0W2VtC0Z0U0VyE1T0X0NtD0I1L2V2Y0P2U0J0Z0I1K1F1L0T1L0I1E0L0G0U2Y0Y0W0R1J0Q1J1I0Q0Y0X0J1M1S0S1N1L1T0X0N2W1R1Hzy1K0Z0X0N2T1R1G0V2Y1S1H1I2Y0ZtCzz2V0I1L2V2T1P0X0NtD0Z0WtD2Y1T0X0N0Q1R1Hzy1K0Z0X0N2T0U1G0V2Y1S1H1I2Y0Z2U1M1H0K0Tzz1L0W0S0IyC0I1JyE1L0K0S2V1I0L1H0F1J0Z0E0J0J0U0G0F2U0Y0WtD1F0I1H1I2T1R0H0J2X0YtB0V2T1RtA0JtC1S1HyD1E1S1H1Q1O0M1L0I1B1RtA1I2T1Q0G0V2Z0L1H1I2T0U0H0J2X0YtB0V2T1RtC0JtC1S1HyD1E1S1H1R1F1R2U1JtE0I1I1J1L0O1L0J0O0I1L1J1B0Z0SyD1M0Z0G0R0C0S0V0B1M1R1H0F2Z0K0C0J1E1RtA0B2U1StB0N1I1RtA0N2U1Q0WyD2Y1T0WyD1G0X2T0M1L0L0H0NyD1RtA0R1I1S0SyD1E1RtC0B2U1StB0N1I1RtA0N0S1Q0WyD2Y1T0WyD1G0K0H0I1E0P2U0J0Z0I1K1F1L0T1L0I1E0L0G0U2Y0Y0W0R1J0Q1J1I0Q0Y0X0J1M1S0S1N1L1T0X0N0G1StB2V1J0Z0X0J0F1P0G1I2T1Q0C0I1B0Y1Kzz1L0W0S0IyC0I1JyE1L0K0T2ZtD1R1G1IyB1Q1H0F2U0I0G1Jzy0Z0X1MtD0Z0X0J2Y0Y0W2W2Y1T0X0J2T1StD0V2Y0YtBzy1J0Z0V0NtD1R1H1I2Y0Z2U1N1L0U0H0J1E0YtB0V0G1StA0V2Y1Q0G0F1E1S1L0I1E0L0Gzzzy0WtA2Z2Y0Y0WtC1I0O1L0JtC1S1H1I2Y1RtA0R1M1S0G2W1L0L0G0R1M1Q0G0EyC0Z0X1MtD0Z0X0J2Y0Y0W2W2Y1T0X0J2T1StD0V2Y0YtBzy1J0Z0V0NtD1R1H1I2Y0Z2U1N1L0U0H0J1E0YtB0V0G1StA0V2Y1Q0G0F1E1S1L0I1E1O0VtDyB1RtA1I2T1Q0G0V2Z0L1H1I2T0U1H0V1G1T0X0NtD1R1G1I0L0Z0X1I0F1P0G1I2T1Q0H0M1F0I1I0N0P0R1I0R0X0Q0V0J0F0X0F2V0Q1R1Hzy1J1Q0W0NtD0UtB0VtD1Q0X0A1L0L0C0J0V1S1H1I2Y1RtA0R1M1S0G2W1L0L0H0NyD1RtA0R1I1S0SyD0I0StD0V0Z0XtD0N0V0U1I0J0F0T1I0R1O0V0V0N0F0U1L1Izz1O0H0NyD1RtA0R1I1S0SyD1K1R1H0V1M1Q0G0V0S0Z0W1Q1E1RtA0R2U1P0U2Z1I1P0V0R2U0Z0W0U1F0I1I0N0P0R1I0R0X0Q0V0J0F0X0F2V0Q1R1Hzy1J1Q0W0NtD0UtB0VtD1Q0X0B1R0X0F0V2Y1T0WyD2T1Q0G0F1B1S0C0I1B1RtA1I2T1Q0G0V2Z0L1J1M0L0R0V1I1O0QtC0V0S0U1J0V0O0V0Fzy0V0UtD0V0S0K0S2V2T1P0X0NtD0Z0WtD2Y1T0X0N0S0Z0W1Q1E1RtA0R2U1P0U2Z1I1P0U0VyE1T0X0NtD1R2U1N1L0UtDzy0G0V0F1Q0B0U1J0V1R0X0F0B2U1StB0RtC0YtA0R0T0Z0X0RtC1R0F2V1R0V0WyD1E1S1G0NtD0Y0W2V1B0I1L2V1E0L0H0NyD1RtA0R1I1S0SyD0I0StD0V0Z0XtD0N0V0U1I0J0F0T1I0R1O0V0V0N0F0U1L1Izz1O0H0NyD1RtA0R1I1S0SyD1K1R1H0V1M1Q0G0V0S0Z0W1Q1E1RtA0R2U1P0U2Z1I1P0V0R2U0Z0W0U1F0I1I0N0P0R1I0R0X0Q0V0J0F0X0F2V0Q1R1Hzy1J1Q0W0NtD0UtB0VtD1Q0X0B1R0X0F0V2Y1T0WyD2T1Q0G0F1B1S0F2V1R0I1L2Z1E0L0H0NyD1RtA0R1I1S0SyD0I0StD0V0Z0XtD0N0V0U1I0J0F0T1I0R1O0V0V0N0F0U1L1J1B1RtA1I2T1Q0G0V2Z0L1G1Q2U1T0X0R1I0U1H0V1G1T0X0NtD1R1G1I0W0Y0W2VtC0Z0X0M1F0I1I0N0P0R1I0R0X0Q0V0J0F0X0F2V0Q1R1Hzy1J1Q0W0NtD0UtB0VtD1Q0X0B1R0X0F0V2Y1T0WyD2T1Q0G0F1B1S0F2V1R0I1L2Z1E0L0Gzz1B1RtA1I2T1Q0G0V2Z0L1J1M0L0R0V1I1O0QtC0V0S0U1J0V0O0V0Fzy0V0UtD0V0S0K0XtC1K0Y0X0R1K1T0C1M0F0K0X2Z1J0Z0W0JtC0Z2UyDtA1R1H1ItD0Z0S1N1L1T0X0N0J1S1G0NtD0Y0W2V1B0UtA0V1K0YtB0V1I0Z0C1N1E0I0D1F1N0Z0X1M1K0Z0X0BtD1T0Wzy2Y0I0C0I1C0R0SyD2Z0Z0X0N2T0Y0W1Q1I0L0G0R1I0Y1G0V1G0L1JtC0U0XtD1I0O0R1Jzz1B0Z0C1B1L0I0E0N1F0Z0W0N1C0Z0X0I1L0K0XtC1I0L1G0J1I1R0Gzy2U1Q0F0NtC0YtB0N1I1RtA0M1F0K0XtCzy1O0T1BzutRtHtR1L1G1B2Z1T1I1I1P1C0S1Q2ZtRzxtRtBtDtCyDtCtCtBzztCtCtByBtAyBtAtDtAtRtHtR1L1G1B2Z1T1I1I1P1C0B1L0P1T1C1T1H1BtRzxtR0A0Czu0P1F1E1T0J1T1CtN0P1C0I0Dzu0P1F1E1T0J1T1CtN0P1C0S2Y1SzutJ1V0P1C1L1R1P0F1F2Y1G2Z1T1L1G1V0P0P0ItN0R0SzutN0T0KzutAyEtDtCtCtBzztN2Z1E1IzutCtDtAyCtAyEtN0R1P1E0C1G2ZzutCtCtN0U0I0Dzu0CtDtAzzzyyCzz0CtD0C0D0EtB0FyDzytN0U0I0D0N1P2Wzu0CtDtAzzzyyCzz0CtD0C0D0EtB0FyDzytN0M0G0U0I0DzutB1RtC1RyDzytDtAtGtCyD1T1TtGyE1P1RyEtGzzyEyBzytGtC1StCtB1OyEyC1T1PyEtAtDtN0M0S0I0DzutCzzzzyEzzzytDyCtBzytGtAyCtDtDzytBtDzyyEtGtBtAtDtAyDtBzztDyEyBtN0U0S0I0Dzu0StGtCtGyDtGtBtCtGtCzzzzyEzzzytDyCtBzytGtAyCtDtDzytBtDzyyEtGtBtAtDtAyDtBzztDyEyBtN0S0I0D0U0I0DzuyBtDyDzytByCtDyDtCyDyByCzytC0B0EzzzyyE0DtD0CyC0F0D0A0FzytB0FyDzytN0M0A0C1V0Lzu0V1L1C2Z2Y1P1I1I1P1CtOtBtD0M1L1R1C1F1B1F1O2ZtG0A1Q1T1E2Z1P1CtOtBtD1OtO0CtAtO0B0C1CtOtBtD1Q1L1C1P1J2Z1P1BtOtBtD0W1L0F1LtOtBtDtOtBtAtBtOtA0A0CtDtAzzzyyCzz0CtD0C0D0DtOtA0AtOtA0AyBtCtOtA0AtDtOyB0C0R1P1T1I2Z1P1JtOtBtD0R0T0LzzyBtBtA0B0EtOtBtDzztDtBtFtCtCtOtBtD1StOtB0F1NtOtB0F1GtOtBtD0W1LtG0F1LtOtBtD0A1Q1T1E2Z1P1CtOtA0A0CtDtAzzzyyCzz0CtD0C0D0DtOtA0AtCzytBtFtCyCzztFtCyBzztFtBzytOtA0AyBtCtOtA0AtCtOyB0C0B1I2Y1P2Z1F1F2Z1MtG0G1P1CtO0CtAtO0AyE2ZtOtBtDtL0P0A0NtKtOtA0A0CtDtAzzzyyCzz0CtD0C0D0EtOtA0AtOtA0AyCtOtA0AtDtOyB0C0R1P1T1I2Z1P1JtOtBtD0P0C0I1PtN0S0D0TzutBtDtCyDtCtCtBzztCtCtByBtAyBtAtDtAtN1I1E2Z1EzutCtN0P0E1V0M0O0D0Ezu0D0L0LtN1I1L2ZzutAtAzyyDtCyEtDtN1L1Q1B1RzuyDtN0D0E0P1V0M0O0DzutBtN1L1B0U1T1R0O1GzutCtN1L1B0A1Q1H1L1GzutCtN1L1B0U1B1P1C0A1Q1H1L1GzutCtN1L1B0S1P1B1B1L1F1G0U1B1P1CzutCtN0R0N1T1H1Pzu0CtOtA0AtOyD0C0U1B1P1C1BtOyD0C0A1G1Q1C1P1T1BtOyD0C0D1F2W1G1I1F1T1Q1BtOyD0C1B1P2Z2Y1EtF1P2V1PtN1L1H1N0A1C1N1BzutOtB0F0R0S0FtOtBtDtOtB0F1E1E1GtOtA0A0Y0W0VyE1Q0QtD0K0C1M0A1K1StA0JtC0F0Q0U0ItOtBtDtOtB0F1H1G1ItN0O0S0L1T1G1Nzu1Q1PtN0O0S0P1I1T2ZzutCtN0O0S0V1P1CzuyCtFtAtN0O0S0V1P1C0E1C1CzutDtN0O0S0S0P0V1P1CzutDtN0O0S0N1T1H1Pzu0W1L1G1Q1F2W1BtOtBtDzztFtCtOtBtD0C1F1G1G1P1R2Z1P1QtN0O0S2VyCyEzutCtN0P0P0Nzu1L1P2V1E1I1F1C1PtF1P2V1PtN1L1H1N0D0TzutBtDtCyDtCtCtBzztCtCtByBtBzztDtDtDtN1L1H1N0S0ZzuzyyCtByCzyyCtN0M1P1H0P1M0AzutCyEyEtBtN0M1P1H0P1M0TzutAzyzzyEtN0M1P1H0V1L1C0AzutCzyyEyEtN0M1P1H0V1L1C0TzutBtDyEyBtN1E1L1QzuyByBzyyCtN1L1B0P1C1F2V2UzutDtN1L1B0V1E1GzutDtN2X1E1G0I1G1O1Fzu0M1L1R1C1F1B1F1O2ZtGyC2T2YyEtG0A1Q1T1E2Z1P1CtOtA0AtCtAtCtOtA0AtDtOyB0C0M1L1R1C1F1B1F1O2ZtG0I0S0A0T0A0PtG0A1Q1T1E2Z1P1CtOtA0AtCtAtCtOtA0AtDtN1B2U1B1V1S1L1F1Bzu0H0P0Q0O0E0MtOtBtDtGtOtBtDtAtOtBtD0FtFtBtAtOtBtD0I0N0S0Y0D0EtOtBtD0C1F1C1EtFtOtBtDtGtOtBtDyDtAyEyBtDtDtBtCtN1B2U1B1V1H1T1G1Ozu0H1P2W1I1P2Z2ZtG0P1T1R1J1T1C1QtN1B2U1B1V1E1C1F1Qzu0C1F1H1E1T1DtOtBtDtCyDtOtBtD0N1F2Z1P1S1F1F1JtOtBtD0P0CtN1R1E2Y1V1G1T1H1Pzu0I1G2Z1P1ItL0RtKtOtBtD0C1P1I1P1C1F1GtL0RtKtOtBtD0C0P0UtOtBtDtOtBtD0NtBzzyEtDtOtBtDtOtBtDtOyEtDtOtBtDtBtFtCyC0G0H2TtN1R1E2Y1V1I1F1N0C1F1C1P1BzutBtN1B2U1B1V2X1F1I0I0Dzu0D0A0FzytB0FyDzytN1R1E2Y1L1Q1V1G1T1H1Pzu0I1G2Z1P1ItL0RtKtOtBtD0C1P1I1P1C1F1GtL0RtKtOtBtD0C0P0UtOtBtDtOtBtD0NtBzzyEtDtOtBtDtOtBtDtOyEtDtOtBtDtBtFtCyC0G0H2TtN1R1E2Y1L1Q1V1E1L1Qzu0B0F0E0B0F0B0F0FtDtDtDtAtDyCyBzztN2W1L1G0I0Dzu1TtByC1QyDtDtC1Q1Tzy1Q1QyD1RyC1QtB1S1PyDzztAyDyB1OtDyD1TtC1OzztAtN1H1Q1I1V2Z2Z1IzutCtDtAtN1H1Q1I1V1R1F1Q1P1BzutN1H1Q1I1V1G1T1H1P1BzutN1H1Q1I1V1Q1S2X1P1CzuyEyCtCtDtDtN1E1C1R1V1R1F1Q1P1Bzu0F0M0C0AtH0V0M0C0AtN1E1C1R1V1G1T1H1P1BzutD1PyCzzyCyC1PtBtHtCtDyEyD1Q1P1PyBtHtA1S1TzzyDtB1PzytHyE1P1O1QtBzytDyCtHyDtDyEyD1Rzz1OzytHyDyC1StByCzy1P1PtHyCyCyEyC1Q1SyCzytHyCzyyEtBzz1QtCyEtHyC1PzyzzyByCyE1TtN1E1C1R1V1Q1S2X1P1CzuyEyCtCtDtDtN0I0R0V0E0RzuyBtFtAzytN0B0R0Wzu0C0H0R0O0M0O0D0OtF0E0X0EtN0I0E0V1P1CzutCtCtFtDtFzyyCtDtDtFtCyBzzyEtDtN0C1T1C1C1L1P1C0N1T1H1Pzu0J1T2X1TtN0C0H0N0Lzu1O1T1StD1O1S1QtD1Q1P1RtAyE1TyEyDzyzyyE1OyB1R1TtAzzzytDyD1S1StB1OtN0P1T1Q0T1F2Z1T1IzuyCtBtAtBtN0P1T1Q0S1L2T1PzutDtN0P1T1Q0V1P1CzuyEtN1R1V2X1P1CzutCtFtDtFyDtF1TtDtFtC1VyEzztByBtBtN1V1H1T1J1P0D1T2Z1PzutBtDtCyDtCtCtByDtCyByDyCyEyBzztAzztN1V1H1T1J1P1C0V1P1CzutAtFtCyDtFzytFyEyEyDzytN1E1P1V1R1P1C2ZzutFtFtOtB0F0C1P1C2Z1L1O1L1R1T2Z1P1BtOtB0F0O0StBtDtCyDtCtDtBzyyCtBtBtC0P0O0P0A1G1F2XtBtDtCyDtF1E1O2VtN1V1L1B0D1S1NzutDtN1L0H1F1B2Z0V1P1CzuyDtFtCzytN1S0H1F1B2Z0V1P1CzuzztFtDtCtN1M1F1B2Z0B2Y1L1I1QzuyEyEyByEtN1B2X1G0R1P2XzuyEzztByBtBtN1B2X1G0P1T2Z1Mzu0D1F2W1G1I1F1T1Q1P1C1BtOyD0C0P1F1E1T0J1T1CtOyD0C0P1F1E1T0J1T1CtOyD0C2Z1C2Y1G1JtOyD0C0R1P1I1P1T1B1P1V0O0StBtDtCyDtCtDtBzyyCtBtBtC0P0O0P0A1G1F2XtBtDtCyD1V1B2Z2Y1StF1L1G1LtN2Z1H1E0D1L1C0S2Z1BzutCtN1B1R1C1V0M1F1G0C1G2ZzutCtN1B1R1C1V0H0S2T0M0MzutAyEtDtN1B1R1C1V0V0S2T0M0MzutCzytDtN1B1R1C1V0H0R1P1BzutCtAyCyCtN1B1R1C1V0V0R1P1BzuyByCzztN1B1R1C1V1Q1E1LzuzyyCtN1B1LtF1Q1E1R2Z1FzutDtN1B1LtF1L1T1F1LzutCtN1B1LtF1Q1E1OzutDtN1B1LtF1F1E1L2Z1BzutDtN2W2Z1R0M0T0W0FzuzzyDtAyEtN0J0SzutCtN2Z1H1E1I0V1P1CzutCtFyEtAtN1L0C1I1G2Z0S1Q1J0V1P1CzutAtFtBtCtN1L0S1Q1J0V1P1CzutAtFtBtCtN1L0S1Q1J0H1F1B2Z0V1P1CzuyDtFtCzytN1S0S1Q1J0V1P1CzuyEtFtCzztN1S0S1Q1J0H1F1B2Z0V1P1CzuzztFtDtCtN1E1I1T2Z1O1F1C1H0V1P1CzuyBtFtAzytN1S0C1I1G2Z0S1Q1J0V1P1CzuyEtFtCzztN0L0M1V0S0E0CzutBtN0F1F1C1H0W1L1Q2Z1MzuyCyDtBtN0F1F1C1H0H1P1L1N1M2ZzuyDtAtAtN1L1Q1E0C1BzutCyEyByByByDzytAyEtDtN1L1Q1E0T1HzuyEtCyCyCtN1G1P2W0D1F1EzutCtN0P2Y1S0E2V2Z0C0H0N0Lzu1O1T1StD1O1S1QtD1Q1P1RtAyE1TyEyDzyzyyE1OyB1R1TtAzzzytDyD1S1StB1OtN0P0R0O0D1V0T0I0T0L0Ezu0J1T2X1TtN0B0N0D1V0S0T0TzutBtN0B0N0D1V0B0K0U0P1V0E0X0I0S0TzutCtN0B0N0D1V0F0W0T0MzutDtN0B0N0D1V0S0ZzuyCtDyEtCyDyDtN0B0N0D1V0C0N0TzutCtN0B0N0D1V0S0T0T1V0M0A0I0NzutBtN1T1Q1B1V2X1P1CzutCtFtAtFtDtN1T1Q1B1V1B1Gzu1T1Q1BtF1B1I1T2X1PtGtCtAtDtG1TtG1P2YtG2W1P1B2ZtGtC1RtGyB1P1OtByEtA1QtBtN0B0N0D1V0T0MzuyBzztCtBtN1L1G1B2Z1V1O1I2Xzu0AtN1L1B1E1V1S1C2Wzu1L1PtN2Y1B1C0H1F1QzutCtCtN1H1Q1I0M1G1N1C1V2X1P1CzutCtFtCtN1H1Q1I0M1G1N1C1V1I1Bzu0G0I0C1V1K1B1F1GtBtH0G0I0C1V1G1P2Z1B1MtH0G0I0C1V1B2Z1F1C1P0U2Z1L1I1BtH0G0I0C1V0A0S1V0M0O0OtH0G0I0C1V0A0S1V1B2W0M1G1NtH0G0I0C1V0A0S1V0B1C1F2W1B1P1C0U2Z1L1I1BtH0G0I0C1V0A0S1V0U0S0MtH0G0I0C1V0A0S1V0G0S0R0TtH0G0I0C1V0A0S1V0I0C0U0TtH0G0I0C1V0A0S1V0C1F1H1E1T2Z1L1S1L1I1L2Z2UtH0G0I0C1V0A0S1V0P0DtH0G0I0C1V1Q1P1P1E0S1R1T1GtH0G0I0C1V0A0S1V0B0D0OtH0G0I0C1V0A0S1V0M0A0C0StH0G0I0C1V0A0S1V0P1C1F1Q2Y1R2Z1B0L1L1B2ZtH0G0I0C1V0A0S1V0R0P0StH0G0I0C1V0A0S1V0Z0UtH0G0I0C1V0A0S1V0M0O0DtH0G0I0C1V0A0S1V0I0R0StH0G0I0C1V0A0S1V0D1P2Z1P1R2Z1L1F1G0T1F1F1ItH0G0I0C1V0A0S1V0R1P1E1F1C2ZtH0G0I0C1V0A0S1V0L1L2X1P0D1P1S2Y1N1N1L1G1NtN1H1Q1I0M1G1N1C1V1I1B1I1Qzu0G0I0C1V1K1B1F1GtBtH0G0I0C1V1G1P2Z1B1MtH0G0I0C1V1B2Z1F1C1P0U2Z1L1I1BtH0G0I0C1V0A0S1V0M0O0OtH0G0I0C1V0A0S1V1B2W0M1G1NtH0G0I0C1V0A0S1V0B1C1F2W1B1P1C0U2Z1L1I1BtH0G0I0C1V0A0S1V0U0S0MtH0G0I0C1V0A0S1V0G0S0R0TtH0G0I0C1V0A0S1V0I0C0U0TtH0G0I0C1V0A0S1V0C1F1H1E1T2Z1L1S1L1I1L2Z2UtH0G0I0C1V0A0S1V0P0DtH0G0I0C1V1Q1P1P1E0S1R1T1GtH0G0I0C1V0A0S1V0B0D0OtH0G0I0C1V0A0S1V0M0A0C0StH0G0I0C1V0A0S1V0P1C1F1Q2Y1R2Z1B0L1L1B2ZtH0G0I0C1V0A0S1V0R0P0StH0G0I0C1V0A0S1V0Z0UtH0G0I0C1V0A0S1V0M0O0DtH0G0I0C1V0A0S1V0I0R0StH0G0I0C1V0A0S1V0D1P2Z1P1R2Z1L1F1G0T1F1F1ItH0G0I0C1V0A0S1V0R1P1E1F1C2ZtH0G0I0C1V0A0S1V0L1L2X1P0D1P1S2Y1N1N1L1G1NtN1T1Q1BzutCtN1L1B0A2Y2Z1F0F1I1F2WzutCtN1B1R1M1P1H1P0N1T1H1Pzu0P1F1E1T0J1T1CtN1N1I1S1V1R1Rzu0D0EtN0I0R0S1V0B0R0Wzu0C0H0R0O0M0O0D0OtF0E0X0EtN0I0R0S1V0T0I0M0EzutAtN1E1T1C1B1P1Q0F1I1F2WzutDtN1N1I1S0V1P1CzutCtFtAyBtFyBtN1L1R1R1V2X1P1CzutCtFtCtN2Z1E1I0S2Z2Z1VtDzuyEzytAzzyDtN1E1J1N0T2U1EzutBtN1O1I2Z1C1EzutOyD0BtDtFyCtCyCtHtDtFyBtAyByEzzyEzztDtByEtByEtAyDtHtDtFtDtByDzyyEtBtCyEyDzzyByEtDyCyEtHyDtFyBzytDyEtHtDtFtAtDyEtDyByDtBtAyCzztByEtBtCzyyEyEtH1G2Y1I1ItH1G2Y1I1ItOyD0DtN1F1O1C0L1G1Nzu0D0EtN0P1V0C0H0N0LzutC1VtCyD1VyEzz1V1F2Z1M1P1CtN0O1O1C0E2V2Z0C0H0N0LzutC1VtCyD1VyEzz1V1F2Z1M1P1CtN0P1V0T0Y0P0Ezu0S0H0O0P0P0I0N0GtN0F1V0S1I1F2Zzu1H1T1L1GtN0F1V0P1F1BzuyDtN0F0R1V0P1F1BzuyDtN0O1O1O1P1C0F1I1T2X1F1Czu0P1C1L1R1P1V0B1L1B1I1L1V0MtN0O1O1O1P1C0F1I1T2X1F1C0I0DzutByEyDtDtN1B2W1F1O1O1P1CzutCtN1B2W1H2X1P1CzutCtFtCyBtN1Q1L1B0D2Y1C1T2Z1L1F1GzutByBtAtDtN2Y1B1P1C0A1R2Z1L1F1GzuyEtN0L1T1B2Z0S2Z2ZzutDtN0S2Z2ZzutDtN1I1F1N1V1P1C1C0C1G2ZzutCtN1I1F1N1V1I1T1B2Z0E1C1CzutOyD0ByByBzyyCtOyD0DtOyD0ByCtBtCyCtOyD0DtOtDzytBtDtCyDtOtB0FtCtCtOtB0FtBzztOtBtDtCtCtOtA0AtBzztOtA0AtDyBtOtA0AzzyEtAtOtDzy0E0R0R0O0RtOtDzy0J0A0V0A0S0C0R0I0P0TtOtA0AtOtBtD0D1L1PtOtBtD0E1L1N1P1G1B1R1M1T1O2ZtOtBtDtOtBtB1N1T1H1P1O1F1C1N1PtF1R1F1HtOtBtBtOtBtD1P1L1G1P1BtOtBtD2Y1G1Q1P1O1L1G1L1P1C2Z1P1GtOtBtD1F1Q1P1CtOtBtD0N2Y1I1I2X1P1C2W1P1L1B1P1BtOtBtD1J1T1G1GtOtBtD1G1L1R1M2ZtOtBtD1T1S1N1P1C2Y1O1P1GtOtBtD2W1P1C1Q1P1GtFtOtA0BtOtBtDtOyD0B1I1F1R1T2Z1L1F1GtOtA0AtOtBtDtOtA0BtOtBtD1I1L1G1PtOtA0AtOtBtDzyyEzzyCtOyD0DtRtHtR1Q1L1B1E1I1T2U0N1T1H1PtRzxtR0P1C1L1R1P0F1F2Y1G2Z1T1L1GtR2Q
========= Ende von CMD: =========
EmptyTemp: => 42.4 MB temporäre Dateien entfernt.
Das System musste neu gestartet werden.
==== Ende von Fixlog 17:53:08 ====
|
|
04.12.2015, 23:32
| #14 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Direkt nach dem Start erscheint "Modul nicht gefunden". Ok, die eine Datei muss noch weg. FRST-Fix Virenscanner jetzt bitte komplett deaktivieren, damit sichergestellt ist, dass der Fix sauber durchläuft! Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster. Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument Code:
ATTFilter C:\Users\Andreas\AppData\Roaming\ICSW_0P1F1E1T0J1T1CtJ1V0P1C1L1R1P0F1F2Y1G2Z1T1L1G1V0P0P0I.txt
Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
__________________ Logfiles bitte immer in CODE-Tags posten |
|
04.12.2015, 23:47
| #15 |
| | Direkt nach dem Start erscheint "Modul nicht gefunden".Code:
ATTFilter Entferungsergebnis von Farbar Recovery Scan Tool (x64) Version:01-12-2015
durchgeführt von Andreas (2015-12-04 23:44:37) Run:2
Gestartet von C:\Users\Andreas\Desktop\F
Geladene Profile: Andreas (Verfügbare Profile: Andreas)
Start-Modus: Normal
==============================================
fixlist Inhalt:
*****************
C:\Users\Andreas\AppData\Roaming\ICSW_0P1F1E1T0J1T1CtJ1V0P1C1L1R1P0F1F2Y1G2Z1T1L1G1V0P0P0I.txt
*****************
C:\Users\Andreas\AppData\Roaming\ICSW_0P1F1E1T0J1T1CtJ1V0P1C1L1R1P0F1F2Y1G2Z1T1L1G1V0P0P0I.txt => erfolgreich verschoben
==== Ende von Fixlog 23:44:37 ====
vielen dank schonmal für die Geduld |
|
| Themen zu Direkt nach dem Start erscheint "Modul nicht gefunden". |
| .dll, antivirus, avg, bonjour, defender, device driver, dnsapi.dll, explorer, frage, home, homepage, installation, malware, neustart, onedrive, problem, prozesse, realtek, registry, rundll, scan, security, services.exe, software, svchost.exe, system, windows, windowsapps, winlogon.exe, winzipdriverupdater |
Linear-Darstellung
