Pop-up-Virus Firefox -> unerwünschte Werbung!

Ruggi · 16.05.2016, 16:26

Hallo zusammen,

ich hoffe ich habe das richtige Unterforum erwischt?.

Ich habe seit Wochen ein "größeres" Problem mit meinem Laptop und weiß nicht wie ich es beheben kann. Leider habe ich es nicht früher geschafft danach zu schauen da ich im Prüfungsstress stand.

Das Problem:

Wenn ich im Internet surfe (Firefox) öffnen sich ständig irgendwelche Pop-ups, Werbeseite + -Banner, Seiten für Onlinespiele etc. Dadurch ist das Internet und der PC an sich extrem langsam. Manchmal dauert es länger als eine Minute bis sich die Internetseite öffnet und dann werde ich gleich wieder auf einen unerwünschten Link weitergeleitet. Auch das das Hochfahren/Starten des Computers dauert manchmal ungewöhnlich lange.
Außerdem ist mir aufgefallen dass ich auf meinem E-Mail Account E-Mails von mir selbst bekomme mit merkwürdiger Werbung? Ich mache mit seither Sorgen um meine Daten (Bilder, Musik, Bankdaten etc.). Sind diese auf diesem PC noch sicher?

Habe das Sicherheitsprogramm "Norton Security mit Backup". Als der Virus auf dem PC kam war das Programm nicht aktiv, da Tage (anscheinend) abgelaufen waren. Habe mir dann gleich 1 Jahr Verlängerung gekauft. Beim System-Scan Und Power Eraser wurden keine schwerwiegenden Bedrohungen gefunden.

Ich hoffe, dass mir jemand helfen kann. Ich bedanke mich im Voraus.

Freundliche Grüße
Ruggi

PS: Suchmaschinen-Einstellungen und Startseite hatten sich auch verändert!

M-K-D-B · 17.05.2016, 09:34

Mein Name ist Matthias und ich werde dir bei der Bereinigung deines Computers helfen.

Bitte beachte folgende Hinweise:

Falls wir Hinweise auf illegal erworbene Software finden, werden wir den Support unterbrechen bis jegliche Art von illegaler Software vom Rechner entfernt wurde.
Lies dir die Anleitungen sorgfältig durch. Solltest du Probleme haben, stoppe mit deiner Bearbeitung und beschreibe mir dein Problem so gut es geht.
Solltest du mir nicht innerhalb von 3 Tagen antworten, gehe ich davon aus, dass du keine Hilfe mehr benötigst. Dann lösche ich dein Thema aus meinem Abo. Solltest du einmal länger abwesend sein, so gib mir bitte Bescheid!
Während der Bereinigung bitte nichts installieren oder deinstallieren, außer ich bitte dich darum!
Bitte beachten: Download bei filepony.de: So ladet Ihr unsere Tools richtig!
Alle zu verwendenen Programme sind auf dem Desktop abzuspeichern und von dort als Administrator zu starten!

Bitte arbeite alle Schritte in der vorgegebenen Reihefolge nacheinander ab und poste alle Logdateien in CODE-Tags:

So funktioniert es:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert deinem Helfer massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu groß für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:

Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
Klicke aauf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.

Danke für deine Mitarbeit!

Zur ersten Analyse bitte FRST und TDSS-Killer ausführen:

Schritt 1
Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:

FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)

Starte jetzt FRST.
Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

Schritt 2
Downloade dir bitte

TDSSKiller.exe und speichere diese Datei auf dem Desktop

Starte die TDSSKiller.exe - Einstellen wie in der Anleitung zu TDSSKiller beschrieben.
Drücke Start Scan
Sollten infizierte Objekte gefunden werden, wähle keinesfalls Cure. Wähle Skip und klicke auf Continue.
TDSSKiller wird eine Logfile auf deinem Systemlaufwerk speichern (Meistens C:\)
Als Beispiel: C:\TDSSKiller.<Version_Datum_Uhrzeit>log.txt

Poste den Inhalt bitte in jedem Fall hier in deinen Thread.

Bitte poste mit deiner nächsten Antwort

die Logdatei von TDSS-Killer,
die beiden neuen Logdateien von FRST.

Ruggi · 18.05.2016, 19:56

Hallo,
danke für die schnelle Antwort.
Ich muss die Beiträge aufspalten, da Text zu lang.

Teil 1

Code:

ATTFilter

Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:18-05-2016
durchgeführt von Marcel Ruckober (Administrator) auf MARCELRUCKOBER (18-05-2016 20:17:30)
Gestartet von C:\Users\Marcel Ruckober\Downloads
Geladene Profile: Marcel Ruckober (Verfügbare Profile: Marcel Ruckober)
Platform: Windows 10 Home Version 1511 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Intel Corporation) C:\Windows\SysWOW64\IntelCpHeciSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
() C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel(R) Corporation) C:\Program Files\Intel\BCA\pabeSvc64.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae-svc.exe
( ) C:\Windows\System32\lxctcoms.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Security with Backup\Engine\22.6.0.142\nsbu.exe
(Microsoft Corporation) C:\Windows\System32\mqsvc.exe
(Samsung Electronics CO., LTD.) C:\Program Files (x86)\Samsung\Settings\CmdServer\SettingsLauncher.exe
(SEIKO EPSON CORPORATION) C:\Program Files (x86)\epson\MyEpson Portal\mepService.exe
(Samsung Electronics Co., Ltd.) C:\ProgramData\SAMSUNG\SW Update Service\SWMAgent.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae64.exe
(Microsoft Corporation) C:\Windows\splwow64.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Symantec Corporation) C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe
(McAfee, Inc.) C:\Program Files\TrueKey\McTkSchedulerService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\Browny02\BrYNSvc.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Security with Backup\Engine\22.6.0.142\nsbu.exe
(SEIKO EPSON CORPORATION) C:\Program Files (x86)\epson\MyEpson Portal\mep.exe
(Samsung Electronics CO., LTD.) C:\Program Files (x86)\Samsung\Settings\CmdServer\SettingsCmdServer.exe
(Samsung Electronics CO., LTD.) C:\Program Files (x86)\Samsung\Settings\CmdServer\SettingsEventHandler.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel Corporation) C:\Windows\System32\igfxTray.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(CyberLink) C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD12\PDVD12Serv.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.11.309\SSScheduler.exe
(cyberlink) C:\Program Files (x86)\CyberLink\Shared files\brs.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\BrownyInd\Brother\BrIndicator.exe
(Samsung Electronics Co., Ltd.) C:\Program Files\Samsung\S Agent\CommonAgent.exe
(SEC) C:\Program Files (x86)\Samsung\Samsung Recovery Solution 5\WCScheduler.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
() C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeHost.exe
(Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe


==================== Registry (Nicht auf der Ausnahmeliste) ===========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2867984 2012-01-05] (Synaptics Incorporated)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [14040296 2015-08-29] (Realtek Semiconductor)
HKLM\...\Run: [LXCTCATS] => rundll32 C:\windows\system32\spool\DRIVERS\x64\3\LXCTtime.dll,RunDLLEntry
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [1795888 2015-08-08] (NVIDIA Corporation)
HKLM-x32\...\Run: [Norton Online Backup] => C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe [1155928 2010-06-01] (Symantec Corporation)
HKLM-x32\...\Run: [BDRegion] => C:\Program Files (x86)\Cyberlink\Shared files\brs.exe [179976 2013-09-25] (cyberlink)
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] => "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe"
HKLM-x32\...\Run: [CLMLServer] => C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe [103720 2009-11-02] (CyberLink)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [291608 2012-01-04] (Intel Corporation)
HKLM-x32\...\Run: [RemoteControl10] => C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [95192 2013-03-08] (CyberLink Corp.)
HKLM-x32\...\Run: [dply_en_015020294] => [X]
HKLM-x32\...\Run: [mbot_en_037050293] => [X]
HKLM-x32\...\Run: [Malwarebytes Anti-Exploit] => C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae.exe [2623456 2016-04-15] (Malwarebytes Corporation)
HKLM-x32\...\Run: [BrStsMon00] => C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe [4509184 2012-12-27] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [BrStsInd00] => C:\Program Files (x86)\BrownyInd\Brother\BrIndicator.exe [1885184 2012-12-18] (Brother Industries, Ltd.)
HKU\S-1-5-21-189922631-1767686969-1414721043-1001\...\Run: [EPLTarget\P0000000000000000] => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YATINEE.EXE /EPT "EPLTarget\P0000000000000000" /M "XP-322 323 325 Series"
HKU\S-1-5-21-189922631-1767686969-1414721043-1001\...\RunOnce: [Uninstall C:\Users\Marcel Ruckober\AppData\Local\Microsoft\OneDrive\17.3.6302.0225_1\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Marcel Ruckober\AppData\Local\Microsoft\OneDrive\17.3.6302.0225_1\amd64"
HKU\S-1-5-21-189922631-1767686969-1414721043-1001\...\RunOnce: [Uninstall C:\Users\Marcel Ruckober\AppData\Local\Microsoft\OneDrive\17.3.6302.0225_1] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Marcel Ruckober\AppData\Local\Microsoft\OneDrive\17.3.6302.0225_1"
HKU\S-1-5-21-189922631-1767686969-1414721043-1001\...\Policies\Explorer: [NoInstrumentation] 1
HKU\S-1-5-21-189922631-1767686969-1414721043-1001\...\MountPoints2: {b4f73855-0cb8-11e6-9bd3-c485081220fe} - "E:\autorun.exe" 
AppInit_DLLs: C:\PROGRA~2\SearchProtect\SearchProtect\bin\VC64Loader.dll => Keine Datei
AppInit_DLLs:  C:\windows\system32\nvinitx.dll => C:\windows\system32\nvinitx.dll [177088 2015-08-08] (NVIDIA Corporation)
Lsa: [Notification Packages] scecli C:\Program Files\TrueKey\McAfeeTrueKeyPasswordFilter
ShellIconOverlayIdentifiers: [  OverlayExcluded] -> {4433A54A-1AC8-432F-90FC-85F045CF383C} => C:\Program Files (x86)\Norton Security with Backup\Engine64\22.6.0.142\buShell.dll [2016-02-18] (Symantec Corporation)
ShellIconOverlayIdentifiers: [  OverlayPending] -> {F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225} => C:\Program Files (x86)\Norton Security with Backup\Engine64\22.6.0.142\buShell.dll [2016-02-18] (Symantec Corporation)
ShellIconOverlayIdentifiers: [  OverlayProtected] -> {476D0EA3-80F9-48B5-B70B-05E677C9C148} => C:\Program Files (x86)\Norton Security with Backup\Engine64\22.6.0.142\buShell.dll [2016-02-18] (Symantec Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk [2016-04-23]
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.11.309\SSScheduler.exe (McAfee, Inc.)
GroupPolicy: Beschränkung - Chrome <======= ACHTUNG
CHR HKLM\SOFTWARE\Policies\Google: Beschränkung <======= ACHTUNG

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

AutoConfigURL: [S-1-5-21-189922631-1767686969-1414721043-1001] => hxxp://un-stop.biz/wpad.dat?5723d85ec26485013c45b3d48517dae78703844
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{45ac3a6c-5ef8-4fd6-8dfa-35891d6dc772}: [NameServer] 104.197.191.4
Tcpip\..\Interfaces\{55bf2646-17fe-42eb-9c29-d95982c107a2}: [NameServer] 104.197.191.4
Tcpip\..\Interfaces\{60600b47-bbe8-44ad-ae5f-2109acb8be59}: [NameServer] 104.197.191.4
Tcpip\..\Interfaces\{6bb4f047-2706-11e5-9bbe-806e6f6e6963}: [NameServer] 104.197.191.4
Tcpip\..\Interfaces\{80a7a8ad-2145-49ed-929e-e91085b5ea76}: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{a599e370-1cca-4d19-b1a7-ce727e2a7ad3}: [NameServer] 104.197.191.4
Tcpip\..\Interfaces\{a599e370-1cca-4d19-b1a7-ce727e2a7ad3}: [DhcpNameServer] 192.168.0.1 127.0.0.1
Tcpip\..\Interfaces\{b9356221-42ef-412f-a502-c80cd5f0472b}: [NameServer] 104.197.191.4
Tcpip\..\Interfaces\{b9356221-42ef-412f-a502-c80cd5f0472b}: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{ba38839f-bd00-496b-8b21-1b9ccd84dd65}: [NameServer] 104.197.191.4
Tcpip\..\Interfaces\{bc470168-c171-4ff6-9dd0-7a9968f8bf0b}: [NameServer] 104.197.191.4
Tcpip\..\Interfaces\{ee5710d5-e308-4dcb-b977-512de9282ee2}: [NameServer] 104.197.191.4
Tcpip\..\Interfaces\{f3e40179-b189-11e5-9bc1-806e6f6e6963}: [NameServer] 104.197.191.4
ManualProxies: 0hxxp://un-stop.biz/wpad.dat?5723d85ec26485013c45b3d48517dae78703844

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.symantec.com/redirects/security_response/fix_homepage/index.jsp?lg=de&pid=NSBU&pvid=22.6.0.142
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=5.5&ar=msnhome
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=5.5&ar=msnhome
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.symantec.com/redirects/security_response/fix_homepage/index.jsp?lg=de&pid=NSBU&pvid=22.6.0.142
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-189922631-1767686969-1414721043-1001\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-189922631-1767686969-1414721043-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.symantec.com/redirects/security_response/fix_homepage/index.jsp?lg=de&pid=NSBU&pvid=22.6.0.142
HKU\S-1-5-21-189922631-1767686969-1414721043-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=5.5&ar=msnhome
HKU\S-1-5-21-189922631-1767686969-1414721043-1001\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
SearchScopes: HKLM -> DefaultScope Wert fehlt
SearchScopes: HKLM-x32 -> DefaultScope Wert fehlt
BHO: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton Security with Backup\Engine64\22.6.0.142\coIEPlg.dll [2016-02-21] (Symantec Corporation)
BHO: Behqec -> {AB11977A-6008-410E-8560-9D4F9C082BB1} -> C:\Program Files\Behqec\Oiloj64.dll => Keine Datei
BHO-x32: True Key Helper -> {0F4B8786-5502-4803-8EBC-F652A1153BB6} -> C:\Program Files\Intel Security\True Key\MSIE\truekey_ie.dll [2016-04-25] (Intel Security)
BHO-x32: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton Security with Backup\Engine\22.6.0.142\coIEPlg.dll [2016-02-21] (Symantec Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2014-07-09] (Oracle Corporation)
BHO-x32: Samsung BHO Class -> {AA609D72-8482-4076-8991-8CDAE5B93BCB} -> C:\Program Files\Samsung AnyWeb Print\W2PBrowser.dll [2010-10-25] ()
BHO-x32: Behqec -> {AB11977A-6008-410E-8560-9D4F9C082BB1} -> C:\Program Files\Behqec\Oiloj.dll => Keine Datei
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2014-07-09] (Oracle Corporation)
Toolbar: HKLM - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Security with Backup\Engine64\22.6.0.142\coIEPlg.dll [2016-02-21] (Symantec Corporation)
Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Security with Backup\Engine\22.6.0.142\coIEPlg.dll [2016-02-21] (Symantec Corporation)
Toolbar: HKLM-x32 - True Key - {4BAAC1B8-0800-42C9-8FA6-08B211F356B8} - C:\Program Files\Intel Security\True Key\MSIE\truekey_ie.dll [2016-04-25] (Intel Security)
Handler: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.dll Keine Datei
Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.dll Keine Datei
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Technologies)
Handler: wlmailhtml - {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files (x86)\Windows Live\Mail\mailcomm.dll Keine Datei
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll Keine Datei

FireFox:
========
FF ProfilePath: C:\Users\Marcel Ruckober\AppData\Roaming\Mozilla\Firefox\Profiles\bqh80c5u.default-1462043067999
FF DefaultSearchEngine: DuckDuckGo
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_21_0_0_213.dll [2016-05-03] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-12] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_21_0_0_213.dll [2016-05-03] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.59 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-01-06] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-01-06] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.65.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll [2014-07-09] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.65.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll [2014-07-09] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-12] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [Keine Datei]
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [Keine Datei]
FF Plugin-x32: @SonyCreativeSoftware.com/Media Go,version=1.0 -> C:\Program Files (x86)\Sony\Media Go\npmediago.dll [2010-01-20] (Sony Media Software and Services Inc)
FF Plugin-x32: @videolan.org/vlc,version=2.0.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-01-21] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.2 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-01-21] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.2 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-01-21] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-05-03] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-189922631-1767686969-1414721043-1001: @protectdisc.com/NPPDLicenseHelper -> C:\Users\Marcel Ruckober\AppData\Roaming\ProtectDisc\License Helper v2\NPPDLicenseHelper.dll [2009-06-25] ( )
FF Plugin HKU\S-1-5-21-189922631-1767686969-1414721043-1001: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll [2013-08-26] ()
FF HKLM\...\Firefox\Extensions: [{C1A2A613-35F1-4FCF-B27F-2840527B6556}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NSBU_22.1.0.9\coFFAddon
FF Extension: Norton Identity Safe - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NSBU_22.1.0.9\coFFAddon [2016-03-25]
FF HKLM-x32\...\Firefox\Extensions: [{C1A2A613-35F1-4FCF-B27F-2840527B6556}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NSBU_22.1.0.9\coFFAddon
FF HKU\S-1-5-21-189922631-1767686969-1414721043-1001\...\Firefox\Extensions: [cliqz@cliqz.com] - C:\Users\Marcel Ruckober\AppData\Roaming\Mozilla\Firefox\Profiles\1s42r4b0.default\extensions\cliqz@cliqz.com => nicht gefunden

Chrome: 
=======
CHR HKLM\...\Chrome\Extension: [cjabmdjcfcfdmffimndhafhblfmpjdpe] - C:\Program Files (x86)\Norton Security with Backup\Engine\22.6.0.142\Exts\Chrome.crx [2016-03-20]
CHR HKLM\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [cjabmdjcfcfdmffimndhafhblfmpjdpe] - C:\Program Files (x86)\Norton Security with Backup\Engine\22.6.0.142\Exts\Chrome.crx [2016-03-20]
CHR HKLM-x32\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - hxxps://clients2.google.com/service/update2/crx

==================== Dienste (Nicht auf der Ausnahmeliste) ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R3 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [282112 2012-10-26] (Brother Industries, Ltd.) [Datei ist nicht signiert]
S2 CLKMSVC10_38F51D56; C:\Program Files (x86)\CyberLink\PowerDVD10\NavFilter\kmsvc.exe [243464 2013-09-25] (CyberLink)
S2 CLKMSVC10_99E320F5; C:\Program Files (x86)\CyberLink\PowerDVD12\Common\NavFilter\kmsvc.exe [303544 2015-07-27] (CyberLink)
S4 HauppaugeTVServer; C:\Program Files (x86)\WinTV\TVServer\HauppaugeTVServer.exe [570368 2011-10-27] (Hauppauge Computer Works) [Datei ist nicht signiert]
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [328616 2016-01-03] (Intel Corporation)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [128280 2012-02-08] ()
R2 IntelBCAsvc; C:\Program Files\Intel\BCA\pabeSvc64.exe [3020440 2015-11-25] (Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [161560 2012-02-08] (Intel Corporation)
R2 lxct_device; C:\windows\system32\lxctcoms.exe [566192 2006-11-22] ( )
R2 MbaeSvc; C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae-svc.exe [742368 2016-04-15] (Malwarebytes Corporation)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.11.309\McCHSvc.exe [293128 2016-03-11] (McAfee, Inc.)
R2 MyEpson Portal Service; C:\Program Files (x86)\EPSON\MyEpson Portal\mepService.exe [703984 2014-09-22] (SEIKO EPSON CORPORATION)
R2 NOBU; C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [2804568 2010-06-01] (Symantec Corporation)
R2 NSBU; C:\Program Files (x86)\Norton Security with Backup\Engine\22.6.0.142\NSBU.exe [289080 2016-02-26] (Symantec Corporation)
S4 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [244904 2009-11-30] () [Datei ist nicht signiert]
R2 Settings Launcher; C:\Program Files (x86)\Samsung\Settings\CmdServer\SettingsLauncher.exe [1594176 2015-06-24] (Samsung Electronics CO., LTD.)
S4 Sony PC Companion; C:\Program Files (x86)\Sony\Sony PC Companion\PCCService.exe [155320 2012-01-18] (Avanquest Software) [Datei ist nicht signiert]
R2 SWUpdateService; C:\ProgramData\Samsung\SW Update Service\SWMAgent.exe [3195576 2015-12-22] (Samsung Electronics Co., Ltd.)
S2 TrueKey; C:\Program Files\TrueKey\McAfee.TrueKey.Service.exe [874784 2016-04-21] (McAfee, Inc.)
R2 TrueKeyScheduler; C:\Program Files\TrueKey\McTkSchedulerService.exe [15736 2016-04-21] (McAfee, Inc.)
S3 TrueKeyServiceHelper; C:\Program Files\TrueKey\McAfee.TrueKey.ServiceHelper.exe [86864 2016-04-21] (McAfee, Inc.)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [364464 2015-10-30] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-10-30] (Microsoft Corporation)
S2 InstallerService; "C:\Program Files\TrueKey\Mcafee.TrueKey.InstallerService.exe" [X]

===================== Treiber (Nicht auf der Ausnahmeliste) ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [314016 2013-10-27] ()
R1 BHDrvx64; C:\Program Files (x86)\Norton Security with Backup\NortonData\22.1.0.9\Definitions\BASHDefs\20160502.001\BHDrvx64.sys [1766640 2016-04-05] (Symantec Corporation)
R1 ccSet_NSBU; C:\Windows\system32\drivers\NSBUx64\1606000.08E\ccSetx64.sys [173808 2015-07-11] (Symantec Corporation)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [497392 2016-05-04] (Symantec Corporation)
R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [156912 2016-05-04] (Symantec Corporation)
S3 EsgScanner; C:\Windows\System32\DRIVERS\EsgScanner.sys [22704 2016-04-30] ()
R1 ESProtectionDriver; C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae64.sys [66080 2016-04-15] ()
R1 IDSVia64; C:\Program Files (x86)\Norton Security with Backup\NortonData\22.1.0.9\Definitions\IPSDefs\20160517.001\IDSvia64.sys [876248 2016-05-13] (Symantec Corporation)
R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [43680 2013-10-27] ()
R3 NAVENG; C:\Program Files (x86)\Norton Security with Backup\NortonData\22.1.0.9\Definitions\VirusDefs\20160518.003\ENG64.SYS [138456 2016-05-17] (Symantec Corporation)
R3 NAVEX15; C:\Program Files (x86)\Norton Security with Backup\NortonData\22.1.0.9\Definitions\VirusDefs\20160518.003\EX64.SYS [2148056 2016-05-17] (Symantec Corporation)
R3 NETwNe64; C:\Windows\System32\drivers\NETwew01.sys [3343872 2015-10-30] (Intel Corporation)
R3 RadioHIDMini; C:\Windows\System32\drivers\RadioHIDMini.sys [32168 2015-07-16] (Windows (R) Win 7 DDK provider)
R3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [895256 2015-06-23] (Realtek                                            )
R2 SGDrv; C:\Windows\System32\drivers\SGdrv64.sys [7680 2011-04-11] (Phoenix Technologies Ltd.)
R1 SRTSP; C:\Windows\System32\Drivers\NSBUx64\1606000.08E\SRTSP64.SYS [928504 2016-02-24] (Symantec Corporation)
R1 SRTSPX; C:\Windows\system32\drivers\NSBUx64\1606000.08E\SRTSPX64.SYS [50936 2015-07-11] (Symantec Corporation)
R0 SymEFASI; C:\Windows\System32\drivers\NSBUx64\1606000.08E\SYMEFASI64.SYS [1621232 2016-02-24] (Symantec Corporation)
S0 SymELAM; C:\Windows\System32\drivers\NSBUx64\1606000.08E\SymELAM.sys [24192 2015-07-11] (Symantec Corporation)
R3 SymEvent; C:\windows\system32\Drivers\SYMEVENT64x86.SYS [111344 2015-07-26] (Symantec Corporation)
R1 SymIRON; C:\Windows\system32\drivers\NSBUx64\1606000.08E\Ironx64.SYS [295664 2016-02-24] (Symantec Corporation)
R1 SymNetS; C:\Windows\System32\Drivers\NSBUx64\1606000.08E\SYMNETS.SYS [577768 2016-02-24] (Symantec Corporation)
R3 usb3Hub; C:\Windows\System32\drivers\usb3Hub.sys [47072 2012-10-09] (Windows (R) Win 7 DDK provider)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44568 2015-10-30] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [293216 2015-10-30] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [118112 2015-10-30] (Microsoft Corporation)
R3 XHCIPort; C:\Windows\System32\drivers\XHCIPort.sys [188896 2012-10-09] (Windows (R) Win 7 DDK provider)
U3 idsvc; kein ImagePath

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Ruggi · 18.05.2016, 20:00

Teil 2

Code:

ATTFilter

==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-05-18 20:17 - 2016-05-18 20:18 - 00026657 _____ C:\Users\Marcel Ruckober\Downloads\FRST.txt
2016-05-18 20:17 - 2016-05-18 20:17 - 00000000 ____D C:\FRST
2016-05-18 20:15 - 2016-05-18 20:15 - 02382336 _____ (Farbar) C:\Users\Marcel Ruckober\Downloads\FRST64.exe
2016-05-16 14:36 - 2016-05-16 14:36 - 00002132 _____ C:\Users\Public\Desktop\Brother Utilities.lnk
2016-05-16 14:36 - 2016-05-16 14:36 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Brother
2016-05-16 14:35 - 2016-05-16 14:35 - 00000000 ____D C:\Program Files (x86)\BrownyInd
2016-05-16 14:35 - 2016-05-16 14:35 - 00000000 ____D C:\Brother
2016-05-16 14:34 - 2016-05-16 14:35 - 00000000 ____D C:\Program Files (x86)\Brother
2016-05-16 14:34 - 2016-05-16 14:34 - 00000000 ____D C:\Program Files (x86)\Browny02
2016-05-16 14:34 - 2012-12-14 03:31 - 00180224 _____ (Brother Industries, Ltd.) C:\WINDOWS\SysWOW64\BROSNMP.DLL
2016-05-16 14:34 - 2012-12-14 03:31 - 00113744 _____ (Brother Industries Ltd) C:\WINDOWS\SysWOW64\BRRBTOOL.EXE
2016-05-16 14:34 - 2012-12-14 03:31 - 00077824 _____ (Brother Industries, Ltd.) C:\WINDOWS\SysWOW64\BRLMW03A.DLL
2016-05-16 14:34 - 2012-12-14 03:31 - 00045056 _____ C:\WINDOWS\SysWOW64\BRTCPCON.DLL
2016-05-16 14:34 - 2012-12-14 03:31 - 00025299 _____ (Brother Industries, Ltd) C:\WINDOWS\SysWOW64\BRLM03A.DLL
2016-05-16 14:34 - 2012-12-14 03:31 - 00000114 _____ C:\WINDOWS\SysWOW64\BRLMW03A.INI
2016-05-16 14:34 - 2012-12-14 03:29 - 00000050 _____ C:\WINDOWS\system32\BRADM12A.DAT
2016-05-16 14:34 - 2012-12-13 18:00 - 00226816 _____ (Brother Industries, Ltd.) C:\WINDOWS\system32\BRCOM12A.DLL
2016-05-16 14:32 - 2016-05-16 14:35 - 00000000 ____D C:\ProgramData\Brother
2016-05-16 14:24 - 2016-05-16 14:24 - 00190664 ____N (CyberLink Corp.) C:\WINDOWS\system32\Drivers\rikvm_99E320F5.sys
2016-05-16 14:24 - 2016-05-16 14:24 - 00147656 ____N (CyberLink Corp.) C:\WINDOWS\system32\Drivers\rikvm_38F51D56.sys
2016-05-15 10:25 - 2016-05-11 21:57 - 00829944 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2016-05-15 10:25 - 2016-05-11 21:57 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2016-05-14 11:36 - 2016-05-14 11:36 - 00003972 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task
2016-05-14 11:36 - 2016-05-14 11:36 - 00002487 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2016-05-12 19:47 - 2016-05-12 19:47 - 00015703 _____ C:\WINDOWS\system32\OEMDefaultAssociations.xml
2016-05-11 18:07 - 2016-04-23 06:31 - 13018112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2016-05-11 18:07 - 2016-04-23 06:30 - 22379008 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2016-05-11 18:07 - 2016-04-23 06:28 - 16984576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2016-05-11 18:07 - 2016-04-23 06:26 - 00059904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MosStorage.dll
2016-05-11 18:07 - 2016-04-23 06:25 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapsBtSvc.dll
2016-05-11 18:07 - 2016-04-23 06:22 - 00460800 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapConfiguration.dll
2016-05-11 18:07 - 2016-04-23 06:20 - 19344384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2016-05-11 18:07 - 2016-04-23 06:19 - 07977472 _____ (Microsoft Corporation) C:\WINDOWS\system32\mos.dll
2016-05-11 18:07 - 2016-04-23 06:19 - 01056256 _____ (Microsoft Corporation) C:\WINDOWS\system32\JpMapControl.dll
2016-05-11 18:07 - 2016-04-23 06:19 - 00970752 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2016-05-11 18:07 - 2016-04-23 06:19 - 00853504 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsStore.dll
2016-05-11 18:07 - 2016-04-23 06:18 - 24604672 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2016-05-11 18:07 - 2016-04-23 06:18 - 00988160 _____ (Microsoft Corporation) C:\WINDOWS\system32\NMAA.dll
2016-05-11 18:07 - 2016-04-23 06:18 - 00939520 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapControlCore.dll
2016-05-11 18:07 - 2016-04-23 06:18 - 00349696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapConfiguration.dll
2016-05-11 18:07 - 2016-04-23 06:16 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\JpMapControl.dll
2016-05-11 18:07 - 2016-04-23 06:15 - 00792064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2016-05-11 18:07 - 2016-04-23 06:15 - 00784896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NMAA.dll
2016-05-11 18:07 - 2016-04-23 06:14 - 00711680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapControlCore.dll
2016-05-11 18:07 - 2016-04-23 06:13 - 07200256 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll
2016-05-11 18:07 - 2016-04-23 06:13 - 06295552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mos.dll
2016-05-11 18:07 - 2016-04-23 06:09 - 02582016 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2016-05-11 18:07 - 2016-04-23 06:08 - 02061824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2016-05-11 18:07 - 2016-04-23 06:07 - 05205504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingMaps.dll
2016-05-11 18:06 - 2016-05-06 06:53 - 00095072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdport.sys
2016-05-11 18:06 - 2016-05-06 06:05 - 00241664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cryptngc.dll
2016-05-11 18:06 - 2016-05-06 06:03 - 00649216 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngcsvc.dll
2016-05-11 18:06 - 2016-05-06 05:53 - 00351232 _____ (Microsoft Corporation) C:\WINDOWS\system32\NgcCtnr.dll
2016-05-11 18:06 - 2016-05-06 05:49 - 00289792 _____ (Microsoft Corporation) C:\WINDOWS\system32\NgcCtnrSvc.dll
2016-05-11 18:06 - 2016-05-06 05:44 - 00582656 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngccredprov.dll
2016-05-11 18:06 - 2016-05-06 05:43 - 00320000 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptngc.dll
2016-05-11 18:06 - 2016-05-06 05:23 - 00076288 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngcpopkeysrv.dll
2016-05-11 18:06 - 2016-04-30 08:42 - 01387520 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2016-05-11 18:06 - 2016-04-30 08:31 - 03591168 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2016-05-11 18:06 - 2016-04-23 08:12 - 01401024 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2016-05-11 18:06 - 2016-04-23 08:12 - 01184960 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2016-05-11 18:06 - 2016-04-23 08:12 - 00713920 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2016-05-11 18:06 - 2016-04-23 08:12 - 00514752 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2016-05-11 18:06 - 2016-04-23 08:12 - 00294592 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2016-05-11 18:06 - 2016-04-23 08:12 - 00190144 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCensus.exe
2016-05-11 18:06 - 2016-04-23 08:12 - 00092352 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2016-05-11 18:06 - 2016-04-23 08:12 - 00046784 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2016-05-11 18:06 - 2016-04-23 07:28 - 01557768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2016-05-11 18:06 - 2016-04-23 07:28 - 01542816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2016-05-11 18:06 - 2016-04-23 07:26 - 00707608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpcrt4.dll
2016-05-11 18:06 - 2016-04-23 07:24 - 07474528 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2016-05-11 18:06 - 2016-04-23 07:24 - 01997328 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2016-05-11 18:06 - 2016-04-23 07:24 - 01819208 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2016-05-11 18:06 - 2016-04-23 07:24 - 00754664 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
2016-05-11 18:06 - 2016-04-23 07:24 - 00638816 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fvevol.sys
2016-05-11 18:06 - 2016-04-23 07:24 - 00335712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fastfat.sys
2016-05-11 18:06 - 2016-04-23 07:24 - 00099680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pdc.sys
2016-05-11 18:06 - 2016-04-23 07:22 - 01161120 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcrt4.dll
2016-05-11 18:06 - 2016-04-23 07:18 - 00026408 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2016-05-11 18:06 - 2016-04-23 07:13 - 00502104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupEngine.dll
2016-05-11 18:06 - 2016-04-23 07:13 - 00306832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlanapi.dll
2016-05-11 18:06 - 2016-04-23 07:13 - 00084832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupApi.dll
2016-05-11 18:06 - 2016-04-23 07:12 - 00925064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll
2016-05-11 18:06 - 2016-04-23 07:12 - 00451928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFCaptureEngine.dll
2016-05-11 18:06 - 2016-04-23 07:12 - 00413536 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifitask.exe
2016-05-11 18:06 - 2016-04-23 07:11 - 01092464 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll
2016-05-11 18:06 - 2016-04-23 07:11 - 00696672 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupEngine.dll
2016-05-11 18:06 - 2016-04-23 07:11 - 00498960 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFCaptureEngine.dll
2016-05-11 18:06 - 2016-04-23 07:11 - 00390496 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanapi.dll
2016-05-11 18:06 - 2016-04-23 07:11 - 00131424 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ufxsynopsys.sys
2016-05-11 18:06 - 2016-04-23 07:11 - 00115040 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupApi.dll
2016-05-11 18:06 - 2016-04-23 07:10 - 03673424 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2016-05-11 18:06 - 2016-04-23 07:10 - 02919832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2016-05-11 18:06 - 2016-04-23 07:10 - 00330072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys
2016-05-11 18:06 - 2016-04-23 07:09 - 22561256 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2016-05-11 18:06 - 2016-04-23 07:09 - 21123320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2016-05-11 18:06 - 2016-04-23 07:09 - 05240960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2016-05-11 18:06 - 2016-04-23 07:09 - 04074160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2016-05-11 18:06 - 2016-04-23 07:09 - 00569744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SHCore.dll
2016-05-11 18:06 - 2016-04-23 07:09 - 00565600 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe
2016-05-11 18:06 - 2016-04-23 07:09 - 00465760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe
2016-05-11 18:06 - 2016-04-23 07:09 - 00303216 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppHost.exe
2016-05-11 18:06 - 2016-04-23 07:09 - 00255168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LockAppHost.exe
2016-05-11 18:06 - 2016-04-23 07:08 - 06605504 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2016-05-11 18:06 - 2016-04-23 07:08 - 04515256 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2016-05-11 18:06 - 2016-04-23 07:08 - 00725776 _____ (Microsoft Corporation) C:\WINDOWS\system32\SHCore.dll
2016-05-11 18:06 - 2016-04-23 07:07 - 01848072 _____ (Microsoft Corporation) C:\WINDOWS\system32\crypt32.dll
2016-05-11 18:06 - 2016-04-23 07:07 - 01536088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\crypt32.dll
2016-05-11 18:06 - 2016-04-23 07:07 - 00204048 _____ (Microsoft Corporation) C:\WINDOWS\system32\rsaenh.dll
2016-05-11 18:06 - 2016-04-23 07:07 - 00183904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rsaenh.dll
2016-05-11 18:06 - 2016-04-23 07:06 - 00291360 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininit.exe
2016-05-11 18:06 - 2016-04-23 07:02 - 00188256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxAllUserStore.dll
2016-05-11 18:06 - 2016-04-23 07:01 - 01996640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2016-05-11 18:06 - 2016-04-23 07:01 - 00650304 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll
2016-05-11 18:06 - 2016-04-23 07:01 - 00619296 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d10level9.dll
2016-05-11 18:06 - 2016-04-23 07:01 - 00577368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2016-05-11 18:06 - 2016-04-23 07:01 - 00522176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxgi.dll
2016-05-11 18:06 - 2016-04-23 07:01 - 00513368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d10level9.dll
2016-05-11 18:06 - 2016-04-23 07:01 - 00393568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2016-05-11 18:06 - 2016-04-23 07:01 - 00217440 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll
2016-05-11 18:06 - 2016-04-23 07:00 - 01776768 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll
2016-05-11 18:06 - 2016-04-23 07:00 - 01594920 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll
2016-05-11 18:06 - 2016-04-23 07:00 - 01522152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecs.dll
2016-05-11 18:06 - 2016-04-23 07:00 - 01399224 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2016-05-11 18:06 - 2016-04-23 07:00 - 01372304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32.dll
2016-05-11 18:06 - 2016-04-23 07:00 - 01337240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2016-05-11 18:06 - 2016-04-23 07:00 - 00550656 _____ (Microsoft Corporation) C:\WINDOWS\system32\directmanipulation.dll
2016-05-11 18:06 - 2016-04-23 07:00 - 00453472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\directmanipulation.dll
2016-05-11 18:06 - 2016-04-23 07:00 - 00058208 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwminit.dll
2016-05-11 18:06 - 2016-04-23 06:56 - 00534872 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS
2016-05-11 18:06 - 2016-04-23 06:39 - 00089088 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsCSP.dll
2016-05-11 18:06 - 2016-04-23 06:35 - 00066560 _____ (Microsoft Corporation) C:\WINDOWS\system32\MosHostClient.dll
2016-05-11 18:06 - 2016-04-23 06:34 - 00067072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbser.sys
2016-05-11 18:06 - 2016-04-23 06:34 - 00059392 _____ (Microsoft Corporation) C:\WINDOWS\system32\hmkd.dll
2016-05-11 18:06 - 2016-04-23 06:34 - 00048128 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups.dll
2016-05-11 18:06 - 2016-04-23 06:33 - 00089600 _____ (Microsoft Corporation) C:\WINDOWS\system32\NFCProvisioningPlugin.dll
2016-05-11 18:06 - 2016-04-23 06:33 - 00063488 _____ (Microsoft Corporation) C:\WINDOWS\system32\wshbth.dll
2016-05-11 18:06 - 2016-04-23 06:33 - 00063488 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\UcmCx.sys
2016-05-11 18:06 - 2016-04-23 06:33 - 00038400 _____ (Microsoft Corporation) C:\WINDOWS\system32\ByteCodeGenerator.exe
2016-05-11 18:06 - 2016-04-23 06:32 - 00134656 _____ (Microsoft Corporation) C:\WINDOWS\system32\wificonnapi.dll
2016-05-11 18:06 - 2016-04-23 06:32 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseDesktopAppMgmtCSP.dll
2016-05-11 18:06 - 2016-04-23 06:32 - 00028672 _____ (Microsoft Corporation) C:\WINDOWS\system32\mapsupdatetask.dll
2016-05-11 18:06 - 2016-04-23 06:31 - 00074752 _____ (Microsoft Corporation) C:\WINDOWS\system32\MosStorage.dll
2016-05-11 18:06 - 2016-04-23 06:30 - 00120320 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsBtSvc.dll
2016-05-11 18:06 - 2016-04-23 06:30 - 00112640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthenum.sys
2016-05-11 18:06 - 2016-04-23 06:30 - 00050176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MosHostClient.dll
2016-05-11 18:06 - 2016-04-23 06:29 - 00192000 _____ (Microsoft Corporation) C:\WINDOWS\system32\provisioningcsp.dll
2016-05-11 18:06 - 2016-04-23 06:29 - 00151040 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEStoreEventHandlers.dll
2016-05-11 18:06 - 2016-04-23 06:29 - 00087552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\filecrypt.sys
2016-05-11 18:06 - 2016-04-23 06:29 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAppInstaller.exe
2016-05-11 18:06 - 2016-04-23 06:29 - 00072704 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshost.dll
2016-05-11 18:06 - 2016-04-23 06:29 - 00047104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hmkd.dll
2016-05-11 18:06 - 2016-04-23 06:29 - 00031232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ByteCodeGenerator.exe
2016-05-11 18:06 - 2016-04-23 06:29 - 00023552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wups.dll
2016-05-11 18:06 - 2016-04-23 06:28 - 00130560 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudDomainJoinDataModelServer.dll
2016-05-11 18:06 - 2016-04-23 06:28 - 00127488 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEDataLayerHelpers.dll
2016-05-11 18:06 - 2016-04-23 06:28 - 00104448 _____ (Microsoft Corporation) C:\WINDOWS\system32\BluetoothApis.dll
2016-05-11 18:06 - 2016-04-23 06:28 - 00086528 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppCapture.dll
2016-05-11 18:06 - 2016-04-23 06:28 - 00051712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wshbth.dll
2016-05-11 18:06 - 2016-04-23 06:27 - 00155136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidclass.sys
2016-05-11 18:06 - 2016-04-23 06:27 - 00039424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wfdprov.dll
2016-05-11 18:06 - 2016-04-23 06:26 - 00269824 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshostcore.dll
2016-05-11 18:06 - 2016-04-23 06:26 - 00086528 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpdbusenum.dll
2016-05-11 18:06 - 2016-04-23 06:25 - 00630784 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneProviders.dll
2016-05-11 18:06 - 2016-04-23 06:25 - 00617984 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll
2016-05-11 18:06 - 2016-04-23 06:25 - 00210432 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmcsp.dll
2016-05-11 18:06 - 2016-04-23 06:25 - 00207360 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupSvc.dll
2016-05-11 18:06 - 2016-04-23 06:24 - 00764928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2016-05-11 18:06 - 2016-04-23 06:24 - 00689152 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
2016-05-11 18:06 - 2016-04-23 06:24 - 00292864 _____ (Microsoft Corporation) C:\WINDOWS\system32\provengine.dll
2016-05-11 18:06 - 2016-04-23 06:24 - 00287232 _____ (Microsoft Corporation) C:\WINDOWS\system32\provhandlers.dll
2016-05-11 18:06 - 2016-04-23 06:24 - 00181248 _____ (Microsoft Corporation) C:\WINDOWS\system32\shacct.dll
2016-05-11 18:06 - 2016-04-23 06:24 - 00166400 _____ (Microsoft Corporation) C:\WINDOWS\system32\SubscriptionMgr.dll
2016-05-11 18:06 - 2016-04-23 06:24 - 00084480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VEDataLayerHelpers.dll
2016-05-11 18:06 - 2016-04-23 06:23 - 11545088 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2016-05-11 18:06 - 2016-04-23 06:23 - 00414720 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvr.exe
2016-05-11 18:06 - 2016-04-23 06:23 - 00279040 _____ (Microsoft Corporation) C:\WINDOWS\system32\ListSvc.dll
2016-05-11 18:06 - 2016-04-23 06:23 - 00179712 _____ (Microsoft Corporation) C:\WINDOWS\system32\BrowserSettingSync.dll
2016-05-11 18:06 - 2016-04-23 06:23 - 00080896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BluetoothApis.dll
2016-05-11 18:06 - 2016-04-23 06:22 - 09918976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2016-05-11 18:06 - 2016-04-23 06:22 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEEventDispatcher.dll
2016-05-11 18:06 - 2016-04-23 06:21 - 00479232 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2016-05-11 18:06 - 2016-04-23 06:21 - 00314880 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXTaskFactory.dll
2016-05-11 18:06 - 2016-04-23 06:20 - 18676224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2016-05-11 18:06 - 2016-04-23 06:20 - 00606720 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmsvc.dll
2016-05-11 18:06 - 2016-04-23 06:20 - 00497152 _____ (Microsoft Corporation) C:\WINDOWS\system32\tileobjserver.dll
2016-05-11 18:06 - 2016-04-23 06:20 - 00484352 _____ (Microsoft Corporation) C:\WINDOWS\system32\DataSenseHandlers.dll
2016-05-11 18:06 - 2016-04-23 06:20 - 00356864 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActivationManager.dll
2016-05-11 18:06 - 2016-04-23 06:20 - 00307200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
2016-05-11 18:06 - 2016-04-23 06:20 - 00137728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shacct.dll
2016-05-11 18:06 - 2016-04-23 06:19 - 00440320 _____ (Microsoft Corporation) C:\WINDOWS\system32\CredProvDataModel.dll
2016-05-11 18:06 - 2016-04-23 06:19 - 00395264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlansec.dll
2016-05-11 18:06 - 2016-04-23 06:19 - 00140800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BrowserSettingSync.dll
2016-05-11 18:06 - 2016-04-23 06:18 - 00988672 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedStartModel.dll
2016-05-11 18:06 - 2016-04-23 06:18 - 00954368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys
2016-05-11 18:06 - 2016-04-23 06:18 - 00870400 _____ (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll
2016-05-11 18:06 - 2016-04-23 06:18 - 00804352 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2016-05-11 18:06 - 2016-04-23 06:18 - 00605184 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2016-05-11 18:06 - 2016-04-23 06:18 - 00585728 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2016-05-11 18:06 - 2016-04-23 06:18 - 00515072 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneDriveSettingSyncProvider.dll
2016-05-11 18:06 - 2016-04-23 06:18 - 00471552 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupShim.dll
2016-05-11 18:06 - 2016-04-23 06:18 - 00436736 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2016-05-11 18:06 - 2016-04-23 06:18 - 00219648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VEEventDispatcher.dll
2016-05-11 18:06 - 2016-04-23 06:18 - 00084992 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BTHUSB.SYS
2016-05-11 18:06 - 2016-04-23 06:17 - 01213440 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2016-05-11 18:06 - 2016-04-23 06:17 - 00529920 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
2016-05-11 18:06 - 2016-04-23 06:17 - 00388608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll
2016-05-11 18:06 - 2016-04-23 06:17 - 00337920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlanmsm.dll
2016-05-11 18:06 - 2016-04-23 06:16 - 01319424 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifinetworkmanager.dll
2016-05-11 18:06 - 2016-04-23 06:16 - 00848896 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2016-05-11 18:06 - 2016-04-23 06:15 - 01073152 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXService.dll
2016-05-11 18:06 - 2016-04-23 06:15 - 00865792 _____ (Microsoft Corporation) C:\WINDOWS\system32\AzureSettingSyncProvider.dll
2016-05-11 18:06 - 2016-04-23 06:15 - 00673280 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.dll
2016-05-11 18:06 - 2016-04-23 06:15 - 00400896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OneDriveSettingSyncProvider.dll
2016-05-11 18:06 - 2016-04-23 06:15 - 00348672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CredProvDataModel.dll
2016-05-11 18:06 - 2016-04-23 06:14 - 13383168 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2016-05-11 18:06 - 2016-04-23 06:14 - 00870912 _____ (Microsoft Corporation) C:\WINDOWS\system32\MPSSVC.dll
2016-05-11 18:06 - 2016-04-23 06:14 - 00821760 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
2016-05-11 18:06 - 2016-04-23 06:14 - 00647680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2016-05-11 18:06 - 2016-04-23 06:14 - 00503296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2016-05-11 18:06 - 2016-04-23 06:14 - 00354304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupShim.dll
2016-05-11 18:06 - 2016-04-23 06:14 - 00342528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2016-05-11 18:06 - 2016-04-23 06:13 - 00705536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2016-05-11 18:06 - 2016-04-23 06:13 - 00489984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.dll
2016-05-11 18:06 - 2016-04-23 06:13 - 00434688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LogonController.dll
2016-05-11 18:06 - 2016-04-23 06:12 - 00667648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AzureSettingSyncProvider.dll
2016-05-11 18:06 - 2016-04-23 06:10 - 12125696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2016-05-11 18:06 - 2016-04-23 06:10 - 00639488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll
2016-05-11 18:06 - 2016-04-23 06:09 - 03666432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2016-05-11 18:06 - 2016-04-23 06:08 - 05324288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2016-05-11 18:06 - 2016-04-23 06:07 - 02598912 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll
2016-05-11 18:06 - 2016-04-23 06:07 - 01500160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2016-05-11 18:06 - 2016-04-23 06:07 - 00848896 _____ (Microsoft Corporation) C:\WINDOWS\system32\samsrv.dll
2016-05-11 18:06 - 2016-04-23 06:06 - 06974464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2016-05-11 18:06 - 2016-04-23 06:05 - 05502976 _____ (Microsoft Corporation) C:\WINDOWS\system32\d2d1.dll
2016-05-11 18:06 - 2016-04-23 06:05 - 02166784 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2016-05-11 18:06 - 2016-04-23 06:05 - 02066432 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll
2016-05-11 18:06 - 2016-04-23 06:05 - 01946112 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2016-05-11 18:06 - 2016-04-23 06:05 - 01626624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2016-05-11 18:06 - 2016-04-23 06:05 - 00613376 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSync.dll
2016-05-11 18:06 - 2016-04-23 06:05 - 00111616 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatepolicy.dll
2016-05-11 18:06 - 2016-04-23 06:05 - 00103936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\updatepolicy.dll
2016-05-11 18:06 - 2016-04-23 06:04 - 04759040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll
2016-05-11 18:06 - 2016-04-23 06:04 - 01731072 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2016-05-11 18:06 - 2016-04-23 06:03 - 05660160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2016-05-11 18:06 - 2016-04-23 06:03 - 04894208 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2016-05-11 18:06 - 2016-04-23 06:03 - 02280960 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2016-05-11 18:06 - 2016-04-23 06:03 - 02193408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll
2016-05-11 18:06 - 2016-04-23 06:03 - 02000896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.appcore.dll
2016-05-11 18:06 - 2016-04-23 06:03 - 00754176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncCore.dll
2016-05-11 18:06 - 2016-04-23 06:03 - 00503296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSync.dll
2016-05-11 18:06 - 2016-04-23 06:02 - 07832576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2016-05-11 18:06 - 2016-04-23 06:02 - 02444288 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.appcore.dll
2016-05-11 18:06 - 2016-04-23 06:01 - 04775424 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2016-05-11 18:06 - 2016-04-23 06:00 - 01390080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Shell.dll
2016-05-11 18:06 - 2016-04-23 06:00 - 00984576 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll
2016-05-11 18:06 - 2016-04-23 05:45 - 00461824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll
2016-05-11 18:06 - 2016-04-23 04:10 - 00215040 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2016-05-11 18:06 - 2016-04-23 04:10 - 00002186 _____ C:\WINDOWS\system32\AppxProvisioning.xml
2016-05-11 18:06 - 2016-04-19 00:30 - 00002186 _____ C:\WINDOWS\SysWOW64\AppxProvisioning.xml
2016-05-07 10:04 - 2016-05-16 17:59 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-05-05 14:33 - 2016-05-05 14:33 - 00716703 _____ C:\Users\Marcel Ruckober\Downloads\Scan0002.pdf
2016-05-05 14:32 - 2016-05-05 14:32 - 01884864 _____ C:\Users\Marcel Ruckober\Downloads\Scan.pdf
2016-05-03 17:16 - 2016-05-03 17:16 - 00402750 _____ C:\Users\Marcel Ruckober\Downloads\RBRE_FAQ_2015-2016.pdf
2016-05-03 17:01 - 2016-05-03 17:01 - 00551497 _____ C:\Users\Marcel Ruckober\Downloads\Reise_Zahlungsbedingungen_2016.pdf
2016-05-03 16:59 - 2016-05-03 16:59 - 00202619 _____ C:\Users\Marcel Ruckober\Downloads\84085536-02.pdf
2016-04-30 18:13 - 2016-04-30 18:13 - 00000000 _____ C:\autoexec.bat
2016-04-30 18:12 - 2016-04-30 18:12 - 00022704 _____ C:\WINDOWS\system32\Drivers\EsgScanner.sys
2016-04-25 21:27 - 2016-04-25 21:27 - 00002457 _____ C:\Users\Marcel Ruckober\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2016-04-24 19:59 - 2016-04-24 19:59 - 00000000 ____D C:\AdwCleaner
2016-04-24 17:49 - 2016-04-24 17:49 - 00000306 __RSH C:\ProgramData\ntuser.pol
2016-04-24 00:05 - 2016-04-24 00:05 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2016-04-23 22:29 - 2016-04-23 22:29 - 00002021 _____ C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk
2016-04-23 22:29 - 2016-04-23 22:29 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Security Scan Plus
2016-04-23 22:29 - 2016-04-23 22:29 - 00000000 ____D C:\Program Files\McAfee Security Scan
2016-04-23 22:10 - 2016-04-24 19:10 - 00000000 ____D C:\Users\Marcel Ruckober\AppData\Local\tkdata
2016-04-23 22:09 - 2016-04-23 22:09 - 00000000 ____D C:\ProgramData\TrueKey
2016-04-23 22:08 - 2016-05-16 14:24 - 00000000 ____D C:\Program Files (x86)\McAfee
2016-04-23 22:08 - 2016-05-15 10:16 - 00001247 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\True Key.lnk
2016-04-23 22:08 - 2016-04-24 22:09 - 00000000 ____D C:\Program Files\Common Files\McAfee
2016-04-23 22:08 - 2016-04-23 22:08 - 00000000 ____D C:\Program Files\Intel Security
2016-04-23 21:58 - 2016-04-23 21:58 - 00000000 ____D C:\ProgramData\McAfee Security Scan
2016-04-23 21:57 - 2016-05-16 14:23 - 00000000 ____D C:\Program Files\TrueKey
2016-04-23 21:56 - 2016-04-23 21:56 - 00000000 ____D C:\Program Files (x86)\Adobe
2016-04-19 22:01 - 2016-04-02 06:13 - 00369912 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe
2016-04-19 22:01 - 2016-04-02 06:10 - 00730344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Shell.Broker.dll
2016-04-19 22:01 - 2016-04-02 06:10 - 00374008 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlows.exe
2016-04-19 22:01 - 2016-04-02 05:19 - 01054208 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2016-04-19 22:01 - 2016-04-02 05:14 - 03994624 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2016-04-19 22:01 - 2016-04-02 05:07 - 03575296 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsThresholdAdminFlowUI.dll
2016-04-19 22:01 - 2016-03-29 12:22 - 01030416 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2016-04-19 22:01 - 2016-03-29 12:22 - 00874968 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2016-04-19 22:01 - 2016-03-29 12:20 - 02656952 _____ C:\WINDOWS\system32\CoreUIComponents.dll
2016-04-19 22:01 - 2016-03-29 12:20 - 01317640 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2016-04-19 22:01 - 2016-03-29 12:20 - 01141504 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2016-04-19 22:01 - 2016-03-29 12:18 - 02152280 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2016-04-19 22:01 - 2016-03-29 12:15 - 00100232 _____ (Microsoft Corporation) C:\WINDOWS\system32\omadmapi.dll
2016-04-19 22:01 - 2016-03-29 12:11 - 00686976 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsapi.dll
2016-04-19 22:01 - 2016-03-29 12:05 - 01152864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2016-04-19 22:01 - 2016-03-29 12:02 - 00989536 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2016-04-19 22:01 - 2016-03-29 12:02 - 00334736 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanager.dll
2016-04-19 22:01 - 2016-03-29 11:56 - 01297752 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll
2016-04-19 22:01 - 2016-03-29 11:37 - 01862008 _____ C:\WINDOWS\SysWOW64\CoreUIComponents.dll
2016-04-19 22:01 - 2016-03-29 11:28 - 00535080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dnsapi.dll
2016-04-19 22:01 - 2016-03-29 11:25 - 00258912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ufx01000.sys
2016-04-19 22:01 - 2016-03-29 11:19 - 00296488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\policymanager.dll
2016-04-19 22:01 - 2016-03-29 11:13 - 00986976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll
2016-04-19 22:01 - 2016-03-29 11:10 - 00110584 _____ (Microsoft Corporation) C:\WINDOWS\system32\srvcli.dll
2016-04-19 22:01 - 2016-03-29 11:09 - 00078040 _____ (Microsoft Corporation) C:\WINDOWS\system32\wkscli.dll
2016-04-19 22:01 - 2016-03-29 11:08 - 00358752 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2016-04-19 22:01 - 2016-03-29 11:08 - 00261376 _____ (Microsoft Corporation) C:\WINDOWS\system32\LsaIso.exe
2016-04-19 22:01 - 2016-03-29 11:07 - 00081144 _____ (Microsoft Corporation) C:\WINDOWS\system32\netapi32.dll
2016-04-19 22:01 - 2016-03-29 10:41 - 00630632 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2016-04-19 22:01 - 2016-03-29 10:26 - 02403680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2016-04-19 22:01 - 2016-03-29 10:26 - 01089888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\http.sys
2016-04-19 22:01 - 2016-03-29 10:26 - 00073872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\srvcli.dll
2016-04-19 22:01 - 2016-03-29 10:24 - 00294752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2016-04-19 22:01 - 2016-03-29 10:23 - 00069744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netapi32.dll
2016-04-19 22:01 - 2016-03-29 10:21 - 00378208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBXHCI.SYS
2016-04-19 22:01 - 2016-03-29 10:01 - 00541304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2016-04-19 22:01 - 2016-03-29 09:51 - 00181248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rfcomm.sys
2016-04-19 22:01 - 2016-03-29 09:51 - 00167936 _____ (Microsoft Corporation) C:\WINDOWS\system32\dafBth.dll
2016-04-19 22:01 - 2016-03-29 09:48 - 00144896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Devices.dll
2016-04-19 22:01 - 2016-03-29 09:46 - 00365568 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2016-04-19 22:01 - 2016-03-29 09:39 - 00550912 _____ (Microsoft Corporation) C:\WINDOWS\system32\StoreAgent.dll
2016-04-19 22:01 - 2016-03-29 09:36 - 00209408 _____ (Microsoft Corporation) C:\WINDOWS\system32\storewuauth.dll
2016-04-19 22:01 - 2016-03-29 09:34 - 00641536 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2016-04-19 22:01 - 2016-03-29 09:30 - 00328192 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvc.dll
2016-04-19 22:01 - 2016-03-29 09:27 - 00339968 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorService.dll
2016-04-19 22:01 - 2016-03-29 09:26 - 00169472 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmmigrator.dll
2016-04-19 22:01 - 2016-03-29 09:23 - 00628736 _____ (Microsoft Corporation) C:\WINDOWS\system32\MessagingDataModel2.dll
2016-04-19 22:01 - 2016-03-29 09:22 - 00438784 _____ (Microsoft Corporation) C:\WINDOWS\system32\AccountsRt.dll
2016-04-19 22:01 - 2016-03-29 09:20 - 00948736 _____ (Microsoft Corporation) C:\WINDOWS\system32\XblAuthManager.dll
2016-04-19 22:01 - 2016-03-29 09:20 - 00166400 _____ (Microsoft Corporation) C:\WINDOWS\system32\AboveLockAppHost.dll
2016-04-19 22:01 - 2016-03-29 09:19 - 00556032 _____ (Microsoft Corporation) C:\WINDOWS\system32\PsmServiceExtHost.dll
2016-04-19 22:01 - 2016-03-29 09:17 - 00708608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll
2016-04-19 22:01 - 2016-03-29 09:15 - 01714688 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRHInproc.dll
2016-04-19 22:01 - 2016-03-29 09:14 - 00965632 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRH.dll
2016-04-19 22:01 - 2016-03-29 09:14 - 00859136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2016-04-19 22:01 - 2016-03-29 09:13 - 00587776 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2016-04-19 22:01 - 2016-03-29 09:11 - 00881664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Input.Inking.dll
2016-04-19 22:01 - 2016-03-29 09:09 - 01239552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Bluetooth.dll
2016-04-19 22:01 - 2016-03-29 09:08 - 00888320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.dll
2016-04-19 22:01 - 2016-03-29 09:07 - 01902592 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2016-04-19 22:01 - 2016-03-29 09:06 - 01575936 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Speech.dll
2016-04-19 22:01 - 2016-03-29 09:05 - 01395712 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAutomationCore.dll
2016-04-19 22:01 - 2016-03-29 09:04 - 00103936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Devices.dll
2016-04-19 22:01 - 2016-03-29 09:03 - 00148480 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dfsc.sys
2016-04-19 22:01 - 2016-03-29 09:02 - 02624512 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputService.dll
2016-04-19 22:01 - 2016-03-29 09:02 - 01211904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Cred.dll
2016-04-19 22:01 - 2016-03-29 09:02 - 00303104 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll
2016-04-19 22:01 - 2016-03-29 09:00 - 00345600 _____ (Microsoft Corporation) C:\WINDOWS\system32\TextInputFramework.dll
2016-04-19 22:01 - 2016-03-29 08:56 - 00415232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StoreAgent.dll
2016-04-19 22:01 - 2016-03-29 08:55 - 01052160 _____ (Microsoft Corporation) C:\WINDOWS\system32\MsSpellCheckingFacility.dll
2016-04-19 22:01 - 2016-03-29 08:49 - 00288256 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveui.dll
2016-04-19 22:01 - 2016-03-29 08:44 - 00498176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MessagingDataModel2.dll
2016-04-19 22:01 - 2016-03-29 08:43 - 00358400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AccountsRt.dll
2016-04-19 22:01 - 2016-03-29 08:42 - 01410560 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.Http.dll
2016-04-19 22:01 - 2016-03-29 08:41 - 00129024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AboveLockAppHost.dll
2016-04-19 22:01 - 2016-03-29 08:40 - 00787456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.dll
2016-04-19 22:01 - 2016-03-29 08:37 - 01444352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRHInproc.dll
2016-04-19 22:01 - 2016-03-29 08:37 - 00799744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRH.dll
2016-04-19 22:01 - 2016-03-29 08:36 - 03351040 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2016-04-19 22:01 - 2016-03-29 08:36 - 00649728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll
2016-04-19 22:01 - 2016-03-29 08:34 - 00682496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Input.Inking.dll
2016-04-19 22:01 - 2016-03-29 08:34 - 00418304 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenrollengine.dll
2016-04-19 22:01 - 2016-03-29 08:32 - 01588224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll
2016-04-19 22:01 - 2016-03-29 08:32 - 01098240 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll
2016-04-19 22:01 - 2016-03-29 08:32 - 00854528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Bluetooth.dll
2016-04-19 22:01 - 2016-03-29 08:32 - 00176640 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmregistration.dll
2016-04-19 22:01 - 2016-03-29 08:32 - 00162816 _____ (Microsoft Corporation) C:\WINDOWS\system32\enrollmentapi.dll
2016-04-19 22:01 - 2016-03-29 08:31 - 01117184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Speech.dll
2016-04-19 22:01 - 2016-03-29 08:30 - 01139712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIAutomationCore.dll
2016-04-19 22:01 - 2016-03-29 08:29 - 00555520 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncController.dll
2016-04-19 22:01 - 2016-03-29 08:29 - 00256000 _____ (Microsoft Corporation) C:\WINDOWS\system32\accountaccessor.dll
2016-04-19 22:01 - 2016-03-29 08:28 - 01944576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputService.dll
2016-04-19 22:01 - 2016-03-29 08:28 - 00764928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Cred.dll
2016-04-19 22:01 - 2016-03-29 08:27 - 00245760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TextInputFramework.dll
2016-04-19 22:01 - 2016-03-29 08:26 - 02755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2016-04-19 22:01 - 2016-03-29 08:23 - 00777728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MsSpellCheckingFacility.dll
2016-04-19 22:01 - 2016-03-29 08:19 - 02635776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2016-04-19 22:01 - 2016-03-29 08:17 - 00765952 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll
2016-04-19 22:01 - 2016-03-29 08:14 - 01072128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.Http.dll
2016-04-19 22:01 - 2016-03-29 08:13 - 00592384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.dll
2016-04-19 22:01 - 2016-03-29 08:10 - 03671040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2016-04-19 22:01 - 2016-03-29 08:06 - 00151040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mdmregistration.dll
2016-04-19 22:01 - 2016-03-29 08:05 - 01388032 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2016-04-19 22:01 - 2016-03-29 08:05 - 00361472 _____ (Microsoft Corporation) C:\WINDOWS\system32\bdesvc.dll
2016-04-19 22:01 - 2016-03-29 08:04 - 00688640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.Connectivity.dll
2016-04-19 22:01 - 2016-03-29 08:02 - 02229760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2016-04-19 22:01 - 2016-03-29 07:58 - 01799680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Logon.dll
2016-04-19 22:01 - 2016-03-29 07:45 - 03078144 _____ (Microsoft Corporation) C:\WINDOWS\system32\esent.dll
2016-04-19 22:01 - 2016-03-29 07:45 - 00338432 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncbservice.dll
2016-04-19 22:01 - 2016-03-29 07:43 - 03428864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2016-04-19 22:01 - 2016-03-29 07:43 - 00521728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.Connectivity.dll
2016-04-19 22:01 - 2016-03-29 07:38 - 02798080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2016-04-19 22:01 - 2016-03-29 07:36 - 02722816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\esent.dll
2016-04-19 22:01 - 2016-03-29 07:26 - 00958976 _____ (Microsoft Corporation) C:\WINDOWS\system32\RemoteNaturalLanguage.dll
2016-04-19 22:01 - 2016-03-29 07:25 - 00712704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RemoteNaturalLanguage.dll
2016-04-19 22:00 - 2016-04-02 06:10 - 00770640 _____ (Microsoft Corporation) C:\WINDOWS\system32\iuilp.dll
2016-04-19 22:00 - 2016-04-02 05:25 - 00278528 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationObjFactory.dll
2016-04-19 22:00 - 2016-04-02 05:25 - 00239104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NotificationObjFactory.dll
2016-04-19 22:00 - 2016-03-29 12:23 - 00277856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys
2016-04-19 22:00 - 2016-03-29 11:25 - 00058400 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsNativeApi.dll
2016-04-19 22:00 - 2016-03-29 11:18 - 00185184 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsd.sys
2016-04-19 22:00 - 2016-03-29 11:11 - 00605440 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2016-04-19 22:00 - 2016-03-29 11:11 - 00074424 _____ (Microsoft Corporation) C:\WINDOWS\system32\easinvoker.exe
2016-04-19 22:00 - 2016-03-29 10:41 - 00051128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SensorsNativeApi.dll
2016-04-19 22:00 - 2016-03-29 10:25 - 00056320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wkscli.dll
2016-04-19 22:00 - 2016-03-29 10:16 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\xinputhid.sys
2016-04-19 22:00 - 2016-03-29 10:07 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsNativeApi.V2.dll
2016-04-19 22:00 - 2016-03-29 10:07 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanagerprecheck.dll
2016-04-19 22:00 - 2016-03-29 10:07 - 00034816 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenterprisediagnostics.dll
2016-04-19 22:00 - 2016-03-29 10:07 - 00031232 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsdchngr.dll
2016-04-19 22:00 - 2016-03-29 10:06 - 00045568 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2016-04-19 22:00 - 2016-03-29 10:06 - 00012800 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleacchooks.dll
2016-04-19 22:00 - 2016-03-29 10:02 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontsub.dll
2016-04-19 22:00 - 2016-03-29 10:00 - 00076800 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetCfgNotifyObjectHost.exe
2016-04-19 22:00 - 2016-03-29 10:00 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveskybackup.dll
2016-04-19 22:00 - 2016-03-29 09:59 - 00027648 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManagerShellext.exe
2016-04-19 22:00 - 2016-03-29 09:58 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininetlui.dll
2016-04-19 22:00 - 2016-03-29 09:58 - 00052224 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll
2016-04-19 22:00 - 2016-03-29 09:57 - 00199168 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe
2016-04-19 22:00 - 2016-03-29 09:57 - 00095744 _____ (Microsoft Corporation) C:\WINDOWS\system32\samlib.dll
2016-04-19 22:00 - 2016-03-29 09:57 - 00058368 _____ (Microsoft Corporation) C:\WINDOWS\system32\browcli.dll
2016-04-19 22:00 - 2016-03-29 09:55 - 00083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\serial.sys
2016-04-19 22:00 - 2016-03-29 09:55 - 00036352 _____ (Microsoft Corporation) C:\WINDOWS\system32\tbauth.dll
2016-04-19 22:00 - 2016-03-29 09:54 - 00147456 _____ (Microsoft Corporation) C:\WINDOWS\system32\mtxoci.dll
2016-04-19 22:00 - 2016-03-29 09:53 - 00116224 _____ (Microsoft Corporation) C:\WINDOWS\system32\FontProvider.dll
2016-04-19 22:00 - 2016-03-29 09:52 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBrokerCookies.exe
2016-04-19 22:00 - 2016-03-29 09:51 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzautoupdate.dll
2016-04-19 22:00 - 2016-03-29 09:50 - 00107520 _____ (Microsoft Corporation) C:\WINDOWS\system32\BdeHdCfgLib.dll
2016-04-19 22:00 - 2016-03-29 09:50 - 00088576 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxSysprep.dll
2016-04-19 22:00 - 2016-03-29 09:50 - 00066048 _____ (Microsoft Corporation) C:\WINDOWS\system32\OnDemandConnRouteHelper.dll
2016-04-19 22:00 - 2016-03-29 09:50 - 00033280 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuautoappupdate.dll
2016-04-19 22:00 - 2016-03-29 09:49 - 00245760 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BthLEEnum.sys
2016-04-19 22:00 - 2016-03-29 09:49 - 00091136 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2016-04-19 22:00 - 2016-03-29 09:46 - 00134656 _____ (Microsoft Corporation) C:\WINDOWS\system32\browser.dll
2016-04-19 22:00 - 2016-03-29 09:44 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\system32\DAFWSD.dll
2016-04-19 22:00 - 2016-03-29 09:36 - 00530432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\nwifi.sys
2016-04-19 22:00 - 2016-03-29 09:35 - 00411648 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleacc.dll
2016-04-19 22:00 - 2016-03-29 09:35 - 00239616 _____ (Microsoft Corporation) C:\WINDOWS\system32\credprovhost.dll
2016-04-19 22:00 - 2016-03-29 09:34 - 00333824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\portcls.sys
2016-04-19 22:00 - 2016-03-29 09:34 - 00284672 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsrslvr.dll
2016-04-19 22:00 - 2016-03-29 09:33 - 00174592 _____ (Microsoft Corporation) C:\WINDOWS\system32\easwrt.dll
2016-04-19 22:00 - 2016-03-29 09:30 - 00161792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msorcl32.dll
2016-04-19 22:00 - 2016-03-29 09:23 - 00694784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdiWiFi.sys
2016-04-19 22:00 - 2016-03-29 09:21 - 00330240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2016-04-19 22:00 - 2016-03-29 09:20 - 00080384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SensorsNativeApi.V2.dll
2016-04-19 22:00 - 2016-03-29 09:20 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsdchngr.dll
2016-04-19 22:00 - 2016-03-29 09:19 - 00037376 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2016-04-19 22:00 - 2016-03-29 09:19 - 00010240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleacchooks.dll
2016-04-19 22:00 - 2016-03-29 09:18 - 00676352 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSDApi.dll
2016-04-19 22:00 - 2016-03-29 09:16 - 00093696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontsub.dll
2016-04-19 22:00 - 2016-03-29 09:12 - 00065536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininetlui.dll
2016-04-19 22:00 - 2016-03-29 09:12 - 00045568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jsproxy.dll
2016-04-19 22:00 - 2016-03-29 09:11 - 00161280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgent.exe
2016-04-19 22:00 - 2016-03-29 09:11 - 00061440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\samlib.dll
2016-04-19 22:00 - 2016-03-29 09:11 - 00043520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\browcli.dll
2016-04-19 22:00 - 2016-03-29 09:09 - 00030208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tbauth.dll
2016-04-19 22:00 - 2016-03-29 09:08 - 00841216 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32spl.dll
2016-04-19 22:00 - 2016-03-29 09:08 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mtxoci.dll
2016-04-19 22:00 - 2016-03-29 09:06 - 00022528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBrokerCookies.exe
2016-04-19 22:00 - 2016-03-29 09:05 - 00052736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OnDemandConnRouteHelper.dll
2016-04-19 22:00 - 2016-03-29 09:00 - 00235008 _____ C:\WINDOWS\system32\MTF.dll
2016-04-19 22:00 - 2016-03-29 09:00 - 00176128 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.DeviceEncryptionHandlers.dll
2016-04-19 22:00 - 2016-03-29 09:00 - 00175616 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Core.TextInput.dll
2016-04-19 22:00 - 2016-03-29 08:59 - 00223232 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapibase.dll
2016-04-19 22:00 - 2016-03-29 08:59 - 00119808 _____ (Microsoft Corporation) C:\WINDOWS\system32\BitLockerDeviceEncryption.exe
2016-04-19 22:00 - 2016-03-29 08:59 - 00108544 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputLocaleManager.dll
2016-04-19 22:00 - 2016-03-29 08:53 - 00323072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleacc.dll
2016-04-19 22:00 - 2016-03-29 08:53 - 00193024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\credprovhost.dll
2016-04-19 22:00 - 2016-03-29 08:52 - 00141824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\easwrt.dll
2016-04-19 22:00 - 2016-03-29 08:42 - 00250880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2016-04-19 22:00 - 2016-03-29 08:39 - 00564224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSDApi.dll
2016-04-19 22:00 - 2016-03-29 08:39 - 00496128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Web.Core.dll
2016-04-19 22:00 - 2016-03-29 08:32 - 00638464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.dll
2016-04-19 22:00 - 2016-03-29 08:32 - 00128512 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcsps.dll
2016-04-19 22:00 - 2016-03-29 08:27 - 00162816 _____ C:\WINDOWS\SysWOW64\MTF.dll
2016-04-19 22:00 - 2016-03-29 08:27 - 00133632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Core.TextInput.dll
2016-04-19 22:00 - 2016-03-29 08:27 - 00083456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputLocaleManager.dll
2016-04-19 22:00 - 2016-03-29 08:05 - 00450560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SyncController.dll
2016-04-19 22:00 - 2016-03-29 08:01 - 00957952 _____ (Microsoft Corporation) C:\WINDOWS\system32\IKEEXT.DLL
2016-04-19 22:00 - 2016-03-29 07:35 - 00821248 _____ (Microsoft Corporation) C:\WINDOWS\system32\fvewiz.dll
2016-04-19 22:00 - 2016-03-29 07:28 - 00324608 _____ (Microsoft Corporation) C:\WINDOWS\system32\fvecpl.dll
2016-04-19 22:00 - 2016-03-29 07:27 - 00794112 _____ (Microsoft Corporation) C:\WINDOWS\system32\BFE.DLL
2016-04-19 22:00 - 2016-03-29 07:26 - 00402432 _____ (Microsoft Corporation) C:\WINDOWS\system32\FWPUCLNT.DLL
2016-04-19 22:00 - 2016-03-29 07:25 - 00269824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FWPUCLNT.DLL
2016-04-19 22:00 - 2016-03-29 07:21 - 00065536 _____ (Microsoft Corporation) C:\WINDOWS\system32\basesrv.dll
2016-04-19 20:10 - 2016-04-19 20:10 - 00000000 ____D C:\Users\Marcel Ruckober\AppData\Local\ActiveSync
2016-04-19 20:08 - 2016-04-19 20:08 - 00000451 _____ C:\WINDOWS\system32\{F33C3B9B-72AF-418A-B3FD-560646F7CDA2}.bat
2016-04-19 20:08 - 2016-04-19 20:08 - 00000020 ___SH C:\Users\Marcel Ruckober\ntuser.ini
2016-04-19 19:42 - 2016-04-20 19:56 - 00000000 ___DC C:\WINDOWS\Panther
2016-04-19 19:39 - 2016-04-19 19:39 - 00000000 ____D C:\Windows.old
2016-04-19 19:38 - 2016-04-19 19:38 - 14252544 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll
2016-04-19 19:38 - 2016-04-19 19:38 - 12586496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll
2016-04-19 19:38 - 2016-04-19 19:38 - 04412928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExplorerFrame.dll
2016-04-19 19:38 - 2016-04-19 19:38 - 02756096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2016-04-19 19:38 - 2016-04-19 19:38 - 02756096 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2016-04-19 19:38 - 2016-04-19 19:38 - 02587696 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2016-04-19 19:38 - 2016-04-19 19:38 - 02544264 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2016-04-19 19:38 - 2016-04-19 19:38 - 02180136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2016-04-19 19:38 - 2016-04-19 19:38 - 02155008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll
2016-04-19 19:38 - 2016-04-19 19:38 - 02127360 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2016-04-19 19:38 - 2016-04-19 19:38 - 02050048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2016-04-19 19:38 - 2016-04-19 19:38 - 01847808 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMPDMC.exe
2016-04-19 19:38 - 2016-04-19 19:38 - 01750440 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcMon.exe
2016-04-19 19:38 - 2016-04-19 19:38 - 01674240 _____ (Microsoft Corporation) C:\WINDOWS\system32\quartz.dll
2016-04-19 19:38 - 2016-04-19 19:38 - 01542656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\quartz.dll
2016-04-19 19:38 - 2016-04-19 19:38 - 01497088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMPDMC.exe
2016-04-19 19:38 - 2016-04-19 19:38 - 01299504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetsrc.dll
2016-04-19 19:38 - 2016-04-19 19:38 - 01255936 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMSPDMOE.DLL
2016-04-19 19:38 - 2016-04-19 19:38 - 01152328 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfasfsrcsnk.dll
2016-04-19 19:38 - 2016-04-19 19:38 - 01131520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Audio.dll
2016-04-19 19:38 - 2016-04-19 19:38 - 01118208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetsrc.dll
2016-04-19 19:38 - 2016-04-19 19:38 - 01105920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Audio.dll
2016-04-19 19:38 - 2016-04-19 19:38 - 01070080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMSPDMOE.DLL
2016-04-19 19:38 - 2016-04-19 19:38 - 01062480 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2016-04-19 19:38 - 2016-04-19 19:38 - 01017032 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsrcsnk.dll
2016-04-19 19:38 - 2016-04-19 19:38 - 00980352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfasfsrcsnk.dll
2016-04-19 19:38 - 2016-04-19 19:38 - 00931328 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSMPEG2ENC.DLL
2016-04-19 19:38 - 2016-04-19 19:38 - 00895080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsrcsnk.dll
2016-04-19 19:38 - 2016-04-19 19:38 - 00890880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMSPDMOD.DLL
2016-04-19 19:38 - 2016-04-19 19:38 - 00890368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxPackaging.dll
2016-04-19 19:38 - 2016-04-19 19:38 - 00882720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2016-04-19 19:38 - 2016-04-19 19:38 - 00871936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSMPEG2ENC.DLL
2016-04-19 19:38 - 2016-04-19 19:38 - 00870400 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpncore.dll
2016-04-19 19:38 - 2016-04-19 19:38 - 00858952 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetcore.dll
2016-04-19 19:38 - 2016-04-19 19:38 - 00848168 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2016-04-19 19:38 - 2016-04-19 19:38 - 00824320 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebFilter.dll
2016-04-19 19:38 - 2016-04-19 19:38 - 00819648 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2016-04-19 19:38 - 2016-04-19 19:38 - 00799744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasdlg.dll
2016-04-19 19:38 - 2016-04-19 19:38 - 00794888 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfds.dll
2016-04-19 19:38 - 2016-04-19 19:38 - 00786696 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMADMOD.DLL
2016-04-19 19:38 - 2016-04-19 19:38 - 00785088 _____ (Microsoft Corporation) C:\WINDOWS\system32\evr.dll
2016-04-19 19:38 - 2016-04-19 19:38 - 00784384 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2016-04-19 19:38 - 2016-04-19 19:38 - 00713824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll
2016-04-19 19:38 - 2016-04-19 19:38 - 00709688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2016-04-19 19:38 - 2016-04-19 19:38 - 00701384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetcore.dll
2016-04-19 19:38 - 2016-04-19 19:38 - 00695752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMADMOD.DLL
2016-04-19 19:38 - 2016-04-19 19:38 - 00687616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2016-04-19 19:38 - 2016-04-19 19:38 - 00683008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.BackgroundTransfer.dll
2016-04-19 19:38 - 2016-04-19 19:38 - 00671472 _____ (Microsoft Corporation) C:\WINDOWS\system32\advapi32.dll
2016-04-19 19:38 - 2016-04-19 19:38 - 00670928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfds.dll
2016-04-19 19:38 - 2016-04-19 19:38 - 00653312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasapi32.dll
2016-04-19 19:38 - 2016-04-19 19:38 - 00652312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\evr.dll
2016-04-19 19:38 - 2016-04-19 19:38 - 00578912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\afd.sys
2016-04-19 19:38 - 2016-04-19 19:38 - 00572928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WpcWebFilter.dll
2016-04-19 19:38 - 2016-04-19 19:38 - 00569856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\qdvd.dll
2016-04-19 19:38 - 2016-04-19 19:38 - 00567808 _____ (Microsoft Corporation) C:\WINDOWS\system32\MCRecvSrc.dll
2016-04-19 19:38 - 2016-04-19 19:38 - 00536256 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2016-04-19 19:38 - 2016-04-19 19:38 - 00526856 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfreadwrite.dll
2016-04-19 19:38 - 2016-04-19 19:38 - 00526336 _____ (Microsoft Corporation) C:\WINDOWS\system32\FirewallAPI.dll
2016-04-19 19:38 - 2016-04-19 19:38 - 00517632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToManager.dll
2016-04-19 19:38 - 2016-04-19 19:38 - 00516544 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2016-04-19 19:38 - 2016-04-19 19:38 - 00493568 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmkvsrcsnk.dll
2016-04-19 19:38 - 2016-04-19 19:38 - 00480256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MCRecvSrc.dll
2016-04-19 19:38 - 2016-04-19 19:38 - 00477696 _____ (Microsoft Corporation) C:\WINDOWS\system32\srcore.dll
2016-04-19 19:38 - 2016-04-19 19:38 - 00476728 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvproc.dll
2016-04-19 19:38 - 2016-04-19 19:38 - 00462760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfreadwrite.dll
2016-04-19 19:38 - 2016-04-19 19:38 - 00454056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioEng.dll
2016-04-19 19:38 - 2016-04-19 19:38 - 00430944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
2016-04-19 19:38 - 2016-04-19 19:38 - 00420928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvproc.dll
2016-04-19 19:38 - 2016-04-19 19:38 - 00408120 _____ (Microsoft Corporation) C:\WINDOWS\system32\AUDIOKSE.dll
2016-04-19 19:38 - 2016-04-19 19:38 - 00405568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2016-04-19 19:38 - 2016-04-19 19:38 - 00401408 _____ (Microsoft Corporation) C:\WINDOWS\system32\sharemediacpl.dll
2016-04-19 19:38 - 2016-04-19 19:38 - 00400896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv
2016-04-19 19:38 - 2016-04-19 19:38 - 00387072 _____ (Microsoft Corporation) C:\WINDOWS\system32\qdvd.dll
2016-04-19 19:38 - 2016-04-19 19:38 - 00383488 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2016-04-19 19:38 - 2016-04-19 19:38 - 00379392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmkvsrcsnk.dll
2016-04-19 19:38 - 2016-04-19 19:38 - 00372224 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDEServer.exe
2016-04-19 19:38 - 2016-04-19 19:38 - 00369664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FirewallAPI.dll
2016-04-19 19:38 - 2016-04-19 19:38 - 00366224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AUDIOKSE.dll
2016-04-19 19:38 - 2016-04-19 19:38 - 00343552 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsApi.dll
2016-04-19 19:38 - 2016-04-19 19:38 - 00340480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToDevice.dll
2016-04-19 19:38 - 2016-04-19 19:38 - 00337840 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFPlay.dll
2016-04-19 19:38 - 2016-04-19 19:38 - 00335872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2016-04-19 19:38 - 2016-04-19 19:38 - 00334336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcastdvr.exe
2016-04-19 19:38 - 2016-04-19 19:38 - 00320000 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSFlacDecoder.dll
2016-04-19 19:38 - 2016-04-19 19:38 - 00305664 _____ (Microsoft Corporation) C:\WINDOWS\system32\ksproxy.ax
2016-04-19 19:38 - 2016-04-19 19:38 - 00289248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFPlay.dll
2016-04-19 19:38 - 2016-04-19 19:38 - 00287712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.MediaControl.dll
2016-04-19 19:38 - 2016-04-19 19:38 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb10.sys
2016-04-19 19:38 - 2016-04-19 19:38 - 00275456 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2016-04-19 19:38 - 2016-04-19 19:38 - 00273408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SensorsApi.dll
2016-04-19 19:38 - 2016-04-19 19:38 - 00266752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSFlacDecoder.dll
2016-04-19 19:38 - 2016-04-19 19:38 - 00245840 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2016-04-19 19:38 - 2016-04-19 19:38 - 00235008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ksproxy.ax
2016-04-19 19:38 - 2016-04-19 19:38 - 00234504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mftranscode.dll
2016-04-19 19:38 - 2016-04-19 19:38 - 00221696 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2016-04-19 19:38 - 2016-04-19 19:38 - 00208176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mftranscode.dll
2016-04-19 19:38 - 2016-04-19 19:38 - 00196608 _____ (Microsoft Corporation) C:\WINDOWS\system32\fwpolicyiomgr.dll
2016-04-19 19:38 - 2016-04-19 19:38 - 00184320 _____ (Microsoft Corporation) C:\WINDOWS\system32\fwbase.dll
2016-04-19 19:38 - 2016-04-19 19:38 - 00168448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Scanners.dll
2016-04-19 19:38 - 2016-04-19 19:38 - 00164864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fwpolicyiomgr.dll
2016-04-19 19:38 - 2016-04-19 19:38 - 00163328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fwbase.dll
2016-04-19 19:38 - 2016-04-19 19:38 - 00157696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SimCfg.dll
2016-04-19 19:38 - 2016-04-19 19:38 - 00129536 _____ (Microsoft Corporation) C:\WINDOWS\system32\flvprophandler.dll
2016-04-19 19:38 - 2016-04-19 19:38 - 00129024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SimAuth.dll
2016-04-19 19:38 - 2016-04-19 19:38 - 00126464 _____ (Microsoft Corporation) C:\WINDOWS\system32\dialserver.dll
2016-04-19 19:38 - 2016-04-19 19:38 - 00119320 _____ (Microsoft Corporation) C:\WINDOWS\system32\MP3DMOD.DLL
2016-04-19 19:38 - 2016-04-19 19:38 - 00118624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tdx.sys
2016-04-19 19:38 - 2016-04-19 19:38 - 00116728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfps.dll
2016-04-19 19:38 - 2016-04-19 19:38 - 00110032 _____ (Microsoft Corporation) C:\WINDOWS\system32\EncDump.dll
2016-04-19 19:38 - 2016-04-19 19:38 - 00100160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MP3DMOD.DLL
2016-04-19 19:38 - 2016-04-19 19:38 - 00093184 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpninprc.dll
2016-04-19 19:38 - 2016-04-19 19:38 - 00088392 _____ (Microsoft Corporation) C:\WINDOWS\system32\remoteaudioendpoint.dll
2016-04-19 19:38 - 2016-04-19 19:38 - 00081112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OpenWith.exe
2016-04-19 19:38 - 2016-04-19 19:38 - 00076288 _____ (Microsoft Corporation) C:\WINDOWS\system32\RMSRoamingSecurity.dll
2016-04-19 19:38 - 2016-04-19 19:38 - 00073360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\remoteaudioendpoint.dll
2016-04-19 19:38 - 2016-04-19 19:38 - 00070656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppCapture.dll
2016-04-19 19:38 - 2016-04-19 19:38 - 00066560 _____ (Microsoft Corporation) C:\WINDOWS\system32\iesetup.dll
2016-04-19 19:38 - 2016-04-19 19:38 - 00034304 _____ (Microsoft Corporation) C:\WINDOWS\system32\iernonce.dll
2016-04-19 19:38 - 2016-04-19 19:38 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LaunchWinApp.exe
2016-04-19 19:38 - 2016-04-19 19:38 - 00027136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcastdvr.proxy.dll
2016-04-19 19:38 - 2016-04-19 19:38 - 00025600 _____ (Microsoft Corporation) C:\WINDOWS\system32\wfapigp.dll
2016-04-19 19:38 - 2016-04-19 19:38 - 00020480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wfapigp.dll
2016-04-19 19:38 - 2016-04-19 19:38 - 00017408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasautou.exe
2016-04-19 19:38 - 2016-04-19 19:38 - 00013312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasadhlp.dll
2016-04-19 19:38 - 2016-04-19 19:38 - 00007680 _____ (Microsoft Corporation) C:\WINDOWS\system32\readingviewresources.dll
2016-04-19 19:37 - 2016-04-19 19:37 - 08705672 _____ (Microsoft Corp.) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2016-04-19 19:37 - 2016-04-19 19:37 - 07533568 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2016-04-19 19:37 - 2016-04-19 19:37 - 06952088 _____ (Microsoft Corp.) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2016-04-19 19:37 - 2016-04-19 19:37 - 06740992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2016-04-19 19:37 - 2016-04-19 19:37 - 06572032 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanmm.dll
2016-04-19 19:37 - 2016-04-19 19:37 - 04827136 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExplorerFrame.dll
2016-04-19 19:37 - 2016-04-19 19:37 - 03449168 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSService.dll
2016-04-19 19:37 - 2016-04-19 19:37 - 03355136 _____ (Microsoft Corporation) C:\WINDOWS\system32\msftedit.dll
2016-04-19 19:37 - 2016-04-19 19:37 - 02912256 _____ (Microsoft Corporation) C:\WINDOWS\system32\CertEnroll.dll
2016-04-19 19:37 - 2016-04-19 19:37 - 02843136 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdp.dll
2016-04-19 19:37 - 2016-04-19 19:37 - 02773096 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d11.dll
2016-04-19 19:37 - 2016-04-19 19:37 - 02680320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msftedit.dll
2016-04-19 19:37 - 2016-04-19 19:37 - 02606824 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2016-04-19 19:37 - 2016-04-19 19:37 - 02604032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CertEnroll.dll
2016-04-19 19:37 - 2016-04-19 19:37 - 02352128 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2016-04-19 19:37 - 2016-04-19 19:37 - 02295808 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll
2016-04-19 19:37 - 2016-04-19 19:37 - 02186864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d11.dll
2016-04-19 19:37 - 2016-04-19 19:37 - 02057216 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidsvc.dll
2016-04-19 19:37 - 2016-04-19 19:37 - 02026736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2016-04-19 19:37 - 2016-04-19 19:37 - 01996288 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActiveSyncProvider.dll
2016-04-19 19:37 - 2016-04-19 19:37 - 01860096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cdp.dll
2016-04-19 19:37 - 2016-04-19 19:37 - 01824264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2016-04-19 19:37 - 2016-04-19 19:37 - 01814528 _____ (Microsoft Corporation) C:\WINDOWS\system32\pnidui.dll
2016-04-19 19:37 - 2016-04-19 19:37 - 01804664 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMALFXGFXDSP.dll
2016-04-19 19:37 - 2016-04-19 19:37 - 01717248 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2016-04-19 19:37 - 2016-04-19 19:37 - 01707520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActiveSyncProvider.dll
2016-04-19 19:37 - 2016-04-19 19:37 - 01648640 _____ (Microsoft Corporation) C:\WINDOWS\system32\comsvcs.dll
2016-04-19 19:37 - 2016-04-19 19:37 - 01613664 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2016-04-19 19:37 - 2016-04-19 19:37 - 01582080 _____ (Microsoft Corporation) C:\WINDOWS\system32\aitstatic.exe
2016-04-19 19:37 - 2016-04-19 19:37 - 01500672 _____ (Microsoft Corporation) C:\WINDOWS\system32\RecoveryDrive.exe
2016-04-19 19:37 - 2016-04-19 19:37 - 01490432 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataService.dll
2016-04-19 19:37 - 2016-04-19 19:37 - 01467392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2016-04-19 19:37 - 2016-04-19 19:37 - 01415200 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2016-04-19 19:37 - 2016-04-19 19:37 - 01328128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comsvcs.dll
2016-04-19 19:37 - 2016-04-19 19:37 - 01322248 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2016-04-19 19:37 - 2016-04-19 19:37 - 01270072 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll
2016-04-19 19:37 - 2016-04-19 19:37 - 01268736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Resources.dll
2016-04-19 19:37 - 2016-04-19 19:37 - 01268736 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.dll
2016-04-19 19:37 - 2016-04-19 19:37 - 01224704 _____ (Microsoft Corporation) C:\WINDOWS\system32\Unistore.dll
2016-04-19 19:37 - 2016-04-19 19:37 - 01174008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2016-04-19 19:37 - 2016-04-19 19:37 - 01139712 _____ (Microsoft Corporation) C:\WINDOWS\system32\XblGameSave.dll
2016-04-19 19:37 - 2016-04-19 19:37 - 01118208 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2016-04-19 19:37 - 2016-04-19 19:37 - 01042432 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingOnlineServices.dll
2016-04-19 19:37 - 2016-04-19 19:37 - 01035776 _____ (Microsoft Corporation) C:\WINDOWS\system32\XboxNetApiSvc.dll
2016-04-19 19:37 - 2016-04-19 19:37 - 01009152 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMSPDMOD.DLL
2016-04-19 19:37 - 2016-04-19 19:37 - 00997376 _____ (Microsoft Corporation) C:\WINDOWS\system32\schedsvc.dll
2016-04-19 19:37 - 2016-04-19 19:37 - 00982016 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxPackaging.dll
2016-04-19 19:37 - 2016-04-19 19:37 - 00957608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2016-04-19 19:37 - 2016-04-19 19:37 - 00949248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Unistore.dll
2016-04-19 19:37 - 2016-04-19 19:37 - 00938496 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContactApis.dll
2016-04-19 19:37 - 2016-04-19 19:37 - 00915456 _____ (Microsoft Corporation) C:\WINDOWS\system32\configurationclient.dll
2016-04-19 19:37 - 2016-04-19 19:37 - 00912384 _____ (Microsoft Corporation) C:\WINDOWS\system32\usermgr.dll
2016-04-19 19:37 - 2016-04-19 19:37 - 00911648 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcomp.dll
2016-04-19 19:37 - 2016-04-19 19:37 - 00900608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.BackgroundTransfer.dll
2016-04-19 19:37 - 2016-04-19 19:37 - 00884736 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasdlg.dll
2016-04-19 19:37 - 2016-04-19 19:37 - 00847360 _____ (Microsoft Corporation) C:\WINDOWS\system32\netlogon.dll
2016-04-19 19:37 - 2016-04-19 19:37 - 00838144 _____ (Microsoft Corporation) C:\WINDOWS\system32\uDWM.dll
2016-04-19 19:37 - 2016-04-19 19:37 - 00828928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.AccountsControl.dll
2016-04-19 19:37 - 2016-04-19 19:37 - 00820704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinTypes.dll
2016-04-19 19:37 - 2016-04-19 19:37 - 00808800 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
2016-04-19 19:37 - 2016-04-19 19:37 - 00794112 _____ (Microsoft Corporation) C:\WINDOWS\system32\winhttp.dll
2016-04-19 19:37 - 2016-04-19 19:37 - 00790528 _____ (Microsoft Corporation) C:\WINDOWS\system32\EmailApis.dll
2016-04-19 19:37 - 2016-04-19 19:37 - 00779384 _____ (Microsoft Corporation) C:\WINDOWS\system32\taskschd.dll
2016-04-19 19:37 - 2016-04-19 19:37 - 00769536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ContactApis.dll
2016-04-19 19:37 - 2016-04-19 19:37 - 00755712 _____ (Microsoft Corporation) C:\WINDOWS\system32\spoolsv.exe
2016-04-19 19:37 - 2016-04-19 19:37 - 00749056 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneService.dll
2016-04-19 19:37 - 2016-04-19 19:37 - 00733184 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasapi32.dll
2016-04-19 19:37 - 2016-04-19 19:37 - 00726528 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidcli.dll
2016-04-19 19:37 - 2016-04-19 19:37 - 00726528 _____ (Microsoft Corporation) C:\WINDOWS\system32\ChatApis.dll
2016-04-19 19:37 - 2016-04-19 19:37 - 00713728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netlogon.dll
2016-04-19 19:37 - 2016-04-19 19:37 - 00709120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingOnlineServices.dll
2016-04-19 19:37 - 2016-04-19 19:37 - 00704000 _____ (Microsoft Corporation) C:\WINDOWS\system32\CellularAPI.dll
2016-04-19 19:37 - 2016-04-19 19:37 - 00703840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe
2016-04-19 19:37 - 2016-04-19 19:37 - 00700416 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppointmentApis.dll
2016-04-19 19:37 - 2016-04-19 19:37 - 00698208 _____ (Microsoft Corporation) C:\WINDOWS\system32\wimgapi.dll
2016-04-19 19:37 - 2016-04-19 19:37 - 00697856 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToManager.dll
2016-04-19 19:37 - 2016-04-19 19:37 - 00685568 _____ (Microsoft Corporation) C:\WINDOWS\system32\scapi.dll
2016-04-19 19:37 - 2016-04-19 19:37 - 00678912 _____ (Microsoft Corporation) C:\WINDOWS\system32\qedit.dll
2016-04-19 19:37 - 2016-04-19 19:37 - 00675064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dcomp.dll
2016-04-19 19:37 - 2016-04-19 19:37 - 00644096 _____ (Microsoft Corporation) C:\WINDOWS\system32\uReFS.dll
2016-04-19 19:37 - 2016-04-19 19:37 - 00640472 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2016-04-19 19:37 - 2016-04-19 19:37 - 00625000 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipSVC.dll
2016-04-19 19:37 - 2016-04-19 19:37 - 00621568 _____ (Microsoft Corporation) C:\WINDOWS\system32\wbiosrvc.dll
2016-04-19 19:37 - 2016-04-19 19:37 - 00613888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winhttp.dll
2016-04-19 19:37 - 2016-04-19 19:37 - 00610816 _____ (Microsoft Corporation) C:\WINDOWS\system32\rastls.dll
2016-04-19 19:37 - 2016-04-19 19:37 - 00591872 _____ (Microsoft Corporation) C:\WINDOWS\system32\SmsRouterSvc.dll
2016-04-19 19:37 - 2016-04-19 19:37 - 00589312 _____ (Microsoft Corporation) C:\WINDOWS\system32\MbaeApi.dll
2016-04-19 19:37 - 2016-04-19 19:37 - 00586208 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf.dll
2016-04-19 19:37 - 2016-04-19 19:37 - 00586080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wimgapi.dll
2016-04-19 19:37 - 2016-04-19 19:37 - 00585216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.AccountsControl.dll
2016-04-19 19:37 - 2016-04-19 19:37 - 00575488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EmailApis.dll
2016-04-19 19:37 - 2016-04-19 19:37 - 00574976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.UX.EapRequestHandler.dll
2016-04-19 19:37 - 2016-04-19 19:37 - 00573440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\qedit.dll
2016-04-19 19:37 - 2016-04-19 19:37 - 00572272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\taskschd.dll
2016-04-19 19:37 - 2016-04-19 19:37 - 00563552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\acpi.sys
2016-04-19 19:37 - 2016-04-19 19:37 - 00558592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\uReFS.dll
2016-04-19 19:37 - 2016-04-19 19:37 - 00558080 _____ (Microsoft Corporation) C:\WINDOWS\system32\MBMediaManager.dll
2016-04-19 19:37 - 2016-04-19 19:37 - 00552960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppointmentApis.dll
2016-04-19 19:37 - 2016-04-19 19:37 - 00540160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ChatApis.dll
2016-04-19 19:37 - 2016-04-19 19:37 - 00538736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll
2016-04-19 19:37 - 2016-04-19 19:37 - 00538632 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWanAPI.dll
2016-04-19 19:37 - 2016-04-19 19:37 - 00535040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rastls.dll
2016-04-19 19:37 - 2016-04-19 19:37 - 00523776 _____ (Microsoft Corporation) C:\WINDOWS\system32\catsrvut.dll
2016-04-19 19:37 - 2016-04-19 19:37 - 00523616 _____ (Microsoft Corporation) C:\WINDOWS\system32\wimserv.exe
2016-04-19 19:37 - 2016-04-19 19:37 - 00517632 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2016-04-19 19:37 - 2016-04-19 19:37 - 00511320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf.dll
2016-04-19 19:37 - 2016-04-19 19:37 - 00510976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlidcli.dll
2016-04-19 19:37 - 2016-04-19 19:37 - 00499432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\advapi32.dll
2016-04-19 19:37 - 2016-04-19 19:37 - 00475648 _____ (Microsoft Corporation) C:\WINDOWS\system32\DDDS.dll
2016-04-19 19:37 - 2016-04-19 19:37 - 00472576 _____ (Microsoft Corporation) C:\WINDOWS\system32\DscCore.dll
2016-04-19 19:37 - 2016-04-19 19:37 - 00470528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MbaeApi.dll
2016-04-19 19:37 - 2016-04-19 19:37 - 00465920 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanconn.dll
2016-04-19 19:37 - 2016-04-19 19:37 - 00463360 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansec.dll
2016-04-19 19:37 - 2016-04-19 19:37 - 00458752 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToDevice.dll
2016-04-19 19:37 - 2016-04-19 19:37 - 00456704 _____ (Microsoft Corporation) C:\WINDOWS\system32\ipnathlp.dll
2016-04-19 19:37 - 2016-04-19 19:37 - 00451584 _____ (Microsoft Corporation) C:\WINDOWS\system32\werui.dll
2016-04-19 19:37 - 2016-04-19 19:37 - 00450560 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Bluetooth.dll
2016-04-19 19:37 - 2016-04-19 19:37 - 00440152 _____ (Microsoft Corporation) C:\WINDOWS\system32\services.exe
2016-04-19 19:37 - 2016-04-19 19:37 - 00431240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWanAPI.dll
2016-04-19 19:37 - 2016-04-19 19:37 - 00415744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\catsrvut.dll
2016-04-19 19:37 - 2016-04-19 19:37 - 00412672 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanmsm.dll
2016-04-19 19:37 - 2016-04-19 19:37 - 00406528 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2016-04-19 19:37 - 2016-04-19 19:37 - 00394752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\werui.dll
2016-04-19 19:37 - 2016-04-19 19:37 - 00382464 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2016-04-19 19:37 - 2016-04-19 19:37 - 00376536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.MediaControl.dll
2016-04-19 19:37 - 2016-04-19 19:37 - 00360448 _____ (Microsoft Corporation) C:\WINDOWS\system32\vaultsvc.dll
2016-04-19 19:37 - 2016-04-19 19:37 - 00318976 _____ (Microsoft Corporation) C:\WINDOWS\system32\domgmt.dll
2016-04-19 19:37 - 2016-04-19 19:37 - 00315904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Bluetooth.dll
2016-04-19 19:37 - 2016-04-19 19:37 - 00307712 _____ (Microsoft Corporation) C:\WINDOWS\system32\usbmon.dll
2016-04-19 19:37 - 2016-04-19 19:37 - 00305664 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifiprofilessettinghandler.dll
2016-04-19 19:37 - 2016-04-19 19:37 - 00299008 _____ (Microsoft Corporation) C:\WINDOWS\system32\microsoft-windows-system-events.dll
2016-04-19 19:37 - 2016-04-19 19:37 - 00297472 _____ (Microsoft Corporation) C:\WINDOWS\system32\thumbcache.dll
2016-04-19 19:37 - 2016-04-19 19:37 - 00288768 _____ (Microsoft Corporation) C:\WINDOWS\system32\vaultcli.dll
2016-04-19 19:37 - 2016-04-19 19:37 - 00286720 _____ (Microsoft Corporation) C:\WINDOWS\system32\deviceaccess.dll
2016-04-19 19:37 - 2016-04-19 19:37 - 00275968 _____ (Microsoft Corporation) C:\WINDOWS\system32\facecredentialprovider.dll
2016-04-19 19:37 - 2016-04-19 19:37 - 00274944 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExSMime.dll
2016-04-19 19:37 - 2016-04-19 19:37 - 00274944 _____ (Microsoft Corporation) C:\WINDOWS\system32\DisplayManager.dll
2016-04-19 19:37 - 2016-04-19 19:37 - 00264544 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContentDeliveryManager.Utilities.dll
2016-04-19 19:37 - 2016-04-19 19:37 - 00264192 _____ (Nokia) C:\WINDOWS\system32\NmaDirect.dll
2016-04-19 19:37 - 2016-04-19 19:37 - 00260608 _____ C:\WINDOWS\system32\MTFServer.dll
2016-04-19 19:37 - 2016-04-19 19:37 - 00258560 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataAccountApis.dll
2016-04-19 19:37 - 2016-04-19 19:37 - 00258280 _____ (Microsoft Corporation) C:\WINDOWS\system32\sqmapi.dll
2016-04-19 19:37 - 2016-04-19 19:37 - 00258048 _____ (Microsoft Corporation) C:\WINDOWS\system32\iassam.dll
2016-04-19 19:37 - 2016-04-19 19:37 - 00252928 _____ (Microsoft Corporation) C:\WINDOWS\system32\PimIndexMaintenance.dll
2016-04-19 19:37 - 2016-04-19 19:37 - 00248832 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserMgrProxy.dll
2016-04-19 19:37 - 2016-04-19 19:37 - 00243712 _____ (Microsoft Corporation) C:\WINDOWS\system32\cemapi.dll
2016-04-19 19:37 - 2016-04-19 19:37 - 00238592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\xboxgip.sys
2016-04-19 19:37 - 2016-04-19 19:37 - 00237056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\thumbcache.dll
2016-04-19 19:37 - 2016-04-19 19:37 - 00231936 _____ (Microsoft Corporation) C:\WINDOWS\system32\KnobsCore.dll
2016-04-19 19:37 - 2016-04-19 19:37 - 00228352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\deviceaccess.dll
2016-04-19 19:37 - 2016-04-19 19:37 - 00228352 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsqmcons.exe
2016-04-19 19:37 - 2016-04-19 19:37 - 00224256 _____ (Microsoft Corporation) C:\WINDOWS\system32\PackageStateRoaming.dll
2016-04-19 19:37 - 2016-04-19 19:37 - 00223744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExSMime.dll
2016-04-19 19:37 - 2016-04-19 19:37 - 00221184 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneCallHistoryApis.dll
2016-04-19 19:37 - 2016-04-19 19:37 - 00220064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sqmapi.dll
2016-04-19 19:37 - 2016-04-19 19:37 - 00216576 _____ (Microsoft Corporation) C:\WINDOWS\system32\QuickActionsDataModel.dll
2016-04-19 19:37 - 2016-04-19 19:37 - 00214528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Scanners.dll
2016-04-19 19:37 - 2016-04-19 19:37 - 00205824 _____ (Nokia) C:\WINDOWS\SysWOW64\NmaDirect.dll
2016-04-19 19:37 - 2016-04-19 19:37 - 00204800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft-Windows-AppModelExecEvents.dll
2016-04-19 19:37 - 2016-04-19 19:37 - 00203264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iassam.dll
2016-04-19 19:37 - 2016-04-19 19:37 - 00202472 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscapi.dll
2016-04-19 19:37 - 2016-04-19 19:37 - 00200704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DisplayManager.dll
2016-04-19 19:37 - 2016-04-19 19:37 - 00200704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cemapi.dll
2016-04-19 19:37 - 2016-04-19 19:37 - 00196608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataAccountApis.dll
2016-04-19 19:37 - 2016-04-19 19:37 - 00195072 _____ (Microsoft Corporation) C:\WINDOWS\system32\VCardParser.dll
2016-04-19 19:37 - 2016-04-19 19:37 - 00193024 _____ (Microsoft Corporation) C:\WINDOWS\system32\SimCfg.dll
2016-04-19 19:37 - 2016-04-19 19:37 - 00190464 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscsvc.dll
2016-04-19 19:37 - 2016-04-19 19:37 - 00189952 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiFiDisplay.dll
2016-04-19 19:37 - 2016-04-19 19:37 - 00184832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PackageStateRoaming.dll
2016-04-19 19:37 - 2016-04-19 19:37 - 00182784 _____ (Microsoft Corporation) C:\WINDOWS\system32\shutdownux.dll
2016-04-19 19:37 - 2016-04-19 19:37 - 00178176 _____ (Microsoft Corporation) C:\WINDOWS\system32\psmsrv.dll
2016-04-19 19:37 - 2016-04-19 19:37 - 00169984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PhoneCallHistoryApis.dll
2016-04-19 19:37 - 2016-04-19 19:37 - 00167936 _____ (Microsoft Corporation) C:\WINDOWS\system32\ProximityCommon.dll
2016-04-19 19:37 - 2016-04-19 19:37 - 00166912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserMgrProxy.dll
2016-04-19 19:37 - 2016-04-19 19:37 - 00166400 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2016-04-19 19:37 - 2016-04-19 19:37 - 00165376 _____ (Microsoft Corporation) C:\WINDOWS\system32\provdatastore.dll
2016-04-19 19:37 - 2016-04-19 19:37 - 00163840 _____ (Microsoft Corporation) C:\WINDOWS\system32\TimeBrokerServer.dll
2016-04-19 19:37 - 2016-04-19 19:37 - 00163328 _____ (Microsoft Corporation) C:\WINDOWS\system32\provops.dll
2016-04-19 19:37 - 2016-04-19 19:37 - 00162304 _____ (Microsoft Corporation) C:\WINDOWS\system32\tetheringservice.dll
2016-04-19 19:37 - 2016-04-19 19:37 - 00161792 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxSip.dll
2016-04-19 19:37 - 2016-04-19 19:37 - 00161632 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2016-04-19 19:37 - 2016-04-19 19:37 - 00161280 _____ (Microsoft Corporation) C:\WINDOWS\system32\CallHistoryClient.dll
2016-04-19 19:37 - 2016-04-19 19:37 - 00160768 _____ (Microsoft Corporation) C:\WINDOWS\system32\SimAuth.dll
2016-04-19 19:37 - 2016-04-19 19:37 - 00157184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WiFiDisplay.dll
2016-04-19 19:37 - 2016-04-19 19:37 - 00157184 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcertinst.exe
2016-04-19 19:37 - 2016-04-19 19:37 - 00150528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VCardParser.dll
2016-04-19 19:37 - 2016-04-19 19:37 - 00149504 _____ (Microsoft Corporation) C:\WINDOWS\system32\FilterDS.dll
2016-04-19 19:37 - 2016-04-19 19:37 - 00148992 _____ (Microsoft Corporation) C:\WINDOWS\system32\wshom.ocx
2016-04-19 19:37 - 2016-04-19 19:37 - 00147968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rmcast.sys
2016-04-19 19:37 - 2016-04-19 19:37 - 00147808 _____ (Microsoft Corporation) C:\WINDOWS\system32\wermgr.exe
2016-04-19 19:37 - 2016-04-19 19:37 - 00146432 _____ (Microsoft Corporation) C:\WINDOWS\system32\AuthBroker.dll
2016-04-19 19:37 - 2016-04-19 19:37 - 00146272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\appid.sys
2016-04-19 19:37 - 2016-04-19 19:37 - 00145920 _____ (Microsoft Corporation) C:\WINDOWS\system32\omadmclient.exe
2016-04-19 19:37 - 2016-04-19 19:37 - 00145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\dssvc.dll
2016-04-19 19:37 - 2016-04-19 19:37 - 00144384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxdav.sys
2016-04-19 19:37 - 2016-04-19 19:37 - 00141664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wermgr.exe
2016-04-19 19:37 - 2016-04-19 19:37 - 00141560 _____ (Microsoft Corporation) C:\WINDOWS\system32\AuthHost.exe
2016-04-19 19:37 - 2016-04-19 19:37 - 00138240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ETWCoreUIComponentsResources.dll
2016-04-19 19:37 - 2016-04-19 19:37 - 00138240 _____ (Microsoft Corporation) C:\WINDOWS\system32\ETWCoreUIComponentsResources.dll
2016-04-19 19:37 - 2016-04-19 19:37 - 00135168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxSip.dll
2016-04-19 19:37 - 2016-04-19 19:37 - 00130560 _____ (Microsoft Corporation) C:\WINDOWS\system32\winbio.dll
2016-04-19 19:37 - 2016-04-19 19:37 - 00129024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CallHistoryClient.dll
2016-04-19 19:37 - 2016-04-19 19:37 - 00127840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBSTOR.SYS
2016-04-19 19:37 - 2016-04-19 19:37 - 00125440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wshom.ocx
2016-04-19 19:37 - 2016-04-19 19:37 - 00123392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ProximityCommon.dll
2016-04-19 19:37 - 2016-04-19 19:37 - 00122368 _____ (Microsoft Corporation) C:\WINDOWS\system32\KnobsCsp.dll
2016-04-19 19:37 - 2016-04-19 19:37 - 00121856 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppointmentActivation.dll
2016-04-19 19:37 - 2016-04-19 19:37 - 00117248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\capimg.sys
2016-04-19 19:37 - 2016-04-19 19:37 - 00115712 _____ (Microsoft Corporation) C:\WINDOWS\system32\srpapi.dll
2016-04-19 19:37 - 2016-04-19 19:37 - 00115200 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2016-04-19 19:37 - 2016-04-19 19:37 - 00114688 _____ (Microsoft Corporation) C:\WINDOWS\system32\offlinelsa.dll
2016-04-19 19:37 - 2016-04-19 19:37 - 00114688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bridge.sys
2016-04-19 19:37 - 2016-04-19 19:37 - 00111616 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataTimeUtil.dll
2016-04-19 19:37 - 2016-04-19 19:37 - 00110592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Microsoft-Windows-MapControls.dll
2016-04-19 19:37 - 2016-04-19 19:37 - 00110592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft-Windows-MapControls.dll
2016-04-19 19:37 - 2016-04-19 19:37 - 00109056 _____ (Microsoft Corporation) C:\WINDOWS\system32\hlink.dll
2016-04-19 19:37 - 2016-04-19 19:37 - 00106496 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasauto.dll
2016-04-19 19:37 - 2016-04-19 19:37 - 00104960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rasl2tp.sys
2016-04-19 19:37 - 2016-04-19 19:37 - 00100864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\offlinelsa.dll
2016-04-19 19:37 - 2016-04-19 19:37 - 00099840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hlink.dll
2016-04-19 19:37 - 2016-04-19 19:37 - 00099328 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngckeyenum.dll
2016-04-19 19:37 - 2016-04-19 19:37 - 00098304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppointmentActivation.dll
2016-04-19 19:37 - 2016-04-19 19:37 - 00097280 _____ (Microsoft Corporation) C:\WINDOWS\system32\winhttpcom.dll
2016-04-19 19:37 - 2016-04-19 19:37 - 00095072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdstor.sys
2016-04-19 19:37 - 2016-04-19 19:37 - 00093696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winbio.dll
2016-04-19 19:37 - 2016-04-19 19:37 - 00091648 _____ (Microsoft Corporation) C:\WINDOWS\system32\asycfilt.dll
2016-04-19 19:37 - 2016-04-19 19:37 - 00089088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataTimeUtil.dll
2016-04-19 19:37 - 2016-04-19 19:37 - 00088576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\olepro32.dll
2016-04-19 19:37 - 2016-04-19 19:37 - 00086016 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceEnroller.exe
2016-04-19 19:37 - 2016-04-19 19:37 - 00085320 _____ (Microsoft Corporation) C:\WINDOWS\system32\OpenWith.exe
2016-04-19 19:37 - 2016-04-19 19:37 - 00080600 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwapi.dll
2016-04-19 19:37 - 2016-04-19 19:37 - 00079360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winhttpcom.dll
2016-04-19 19:37 - 2016-04-19 19:37 - 00079360 _____ (Microsoft Corporation) C:\WINDOWS\system32\cfgbkend.dll
2016-04-19 19:37 - 2016-04-19 19:37 - 00078848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\asycfilt.dll
2016-04-19 19:37 - 2016-04-19 19:37 - 00078336 _____ (Microsoft Corporation) C:\WINDOWS\system32\BarcodeProvisioningPlugin.dll
2016-04-19 19:37 - 2016-04-19 19:37 - 00077824 _____ (Microsoft Corporation) C:\WINDOWS\system32\provpackageapidll.dll
2016-04-19 19:37 - 2016-04-19 19:37 - 00077312 _____ (Microsoft Corporation) C:\WINDOWS\system32\ProvPluginEng.dll
2016-04-19 19:37 - 2016-04-19 19:37 - 00075776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.XboxLive.ProxyStub.dll
2016-04-19 19:37 - 2016-04-19 19:37 - 00075264 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanprotdim.dll
2016-04-19 19:37 - 2016-04-19 19:37 - 00075264 _____ (Microsoft Corporation) C:\WINDOWS\system32\EditBufferTestHook.dll
2016-04-19 19:37 - 2016-04-19 19:37 - 00074240 _____ (Microsoft Corporation) C:\WINDOWS\system32\SMSRouter.dll
2016-04-19 19:37 - 2016-04-19 19:37 - 00074240 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssign32.dll
2016-04-19 19:37 - 2016-04-19 19:37 - 00073728 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwancfg.dll
2016-04-19 19:37 - 2016-04-19 19:37 - 00070656 _____ (Microsoft Corporation) C:\WINDOWS\system32\XblAuthManagerProxy.dll
2016-04-19 19:37 - 2016-04-19 19:37 - 00070656 _____ (Microsoft Corporation) C:\WINDOWS\system32\POSyncServices.dll
2016-04-19 19:37 - 2016-04-19 19:37 - 00068096 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataPlatformHelperUtil.dll
2016-04-19 19:37 - 2016-04-19 19:37 - 00067584 _____ (Microsoft Corporation) C:\WINDOWS\system32\profext.dll
2016-04-19 19:37 - 2016-04-19 19:37 - 00064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\ihvrilproxy.dll
2016-04-19 19:37 - 2016-04-19 19:37 - 00063528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wwapi.dll
2016-04-19 19:37 - 2016-04-19 19:37 - 00063488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cfgbkend.dll
2016-04-19 19:37 - 2016-04-19 19:37 - 00060928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssign32.dll
2016-04-19 19:37 - 2016-04-19 19:37 - 00060928 _____ (Microsoft Corporation) C:\WINDOWS\system32\XblAuthTokenBrokerExt.dll
2016-04-19 19:37 - 2016-04-19 19:37 - 00060416 _____ (Microsoft Corporation) C:\WINDOWS\system32\PimIndexMaintenanceClient.dll
2016-04-19 19:37 - 2016-04-19 19:37 - 00059904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EditBufferTestHook.dll
2016-04-19 19:37 - 2016-04-19 19:37 - 00058368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MosResource.dll
2016-04-19 19:37 - 2016-04-19 19:37 - 00058368 _____ (Microsoft Corporation) C:\WINDOWS\system32\MosResource.dll
2016-04-19 19:37 - 2016-04-19 19:37 - 00056320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataPlatformHelperUtil.dll
2016-04-19 19:37 - 2016-04-19 19:37 - 00056320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\POSyncServices.dll
2016-04-19 19:37 - 2016-04-19 19:37 - 00056320 _____ (Microsoft Corporation) C:\WINDOWS\system32\provtool.exe
2016-04-19 19:37 - 2016-04-19 19:37 - 00055808 _____ (Microsoft Corporation) C:\WINDOWS\system32\rilproxy.dll
2016-04-19 19:37 - 2016-04-19 19:37 - 00055296 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe
2016-04-19 19:37 - 2016-04-19 19:37 - 00053248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\profext.dll
2016-04-19 19:37 - 2016-04-19 19:37 - 00052736 _____ (Microsoft Corporation) C:\WINDOWS\system32\tetheringclient.dll
2016-04-19 19:37 - 2016-04-19 19:37 - 00052736 _____ (Microsoft Corporation) C:\WINDOWS\system32\RemovableMediaProvisioningPlugin.dll
2016-04-19 19:37 - 2016-04-19 19:37 - 00052224 _____ (Microsoft Corporation) C:\WINDOWS\system32\Wwanpref.dll
2016-04-19 19:37 - 2016-04-19 19:37 - 00051680 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsUtilsV2.dll
2016-04-19 19:37 - 2016-04-19 19:37 - 00049152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XblAuthTokenBrokerExt.dll
2016-04-19 19:37 - 2016-04-19 19:37 - 00049152 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcaui.exe
2016-04-19 19:37 - 2016-04-19 19:37 - 00048640 _____ (Microsoft Corporation) C:\WINDOWS\system32\wfdprov.dll
2016-04-19 19:37 - 2016-04-19 19:37 - 00048128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PimIndexMaintenanceClient.dll
2016-04-19 19:37 - 2016-04-19 19:37 - 00045568 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataTypeHelperUtil.dll
2016-04-19 19:37 - 2016-04-19 19:37 - 00045056 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataLanguageUtil.dll
2016-04-19 19:37 - 2016-04-19 19:37 - 00044032 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsplib.dll
2016-04-19 19:37 - 2016-04-19 19:37 - 00043520 _____ (Microsoft Corporation) C:\WINDOWS\system32\usermgrcli.dll
2016-04-19 19:37 - 2016-04-19 19:37 - 00043520 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvr.proxy.dll
2016-04-19 19:37 - 2016-04-19 19:37 - 00042496 _____ (Microsoft Corporation) C:\WINDOWS\system32\mapstoasttask.dll
2016-04-19 19:37 - 2016-04-19 19:37 - 00041984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XblAuthManagerProxy.dll
2016-04-19 19:37 - 2016-04-19 19:37 - 00041984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\pcaui.exe
2016-04-19 19:37 - 2016-04-19 19:37 - 00041984 _____ (Microsoft Corporation) C:\WINDOWS\system32\TimeBrokerClient.dll
2016-04-19 19:37 - 2016-04-19 19:37 - 00037888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataTypeHelperUtil.dll
2016-04-19 19:37 - 2016-04-19 19:37 - 00037888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataLanguageUtil.dll
2016-04-19 19:37 - 2016-04-19 19:37 - 00037376 _____ (Microsoft Corporation) C:\WINDOWS\system32\LaunchWinApp.exe
2016-04-19 19:37 - 2016-04-19 19:37 - 00036864 _____ (Microsoft Corporation) C:\WINDOWS\system32\ztrace_maps.dll
2016-04-19 19:37 - 2016-04-19 19:37 - 00036864 _____ (Microsoft Corporation) C:\WINDOWS\system32\BackgroundTransferHost.exe
2016-04-19 19:37 - 2016-04-19 19:37 - 00036352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIAutomationCoreRes.dll
2016-04-19 19:37 - 2016-04-19 19:37 - 00036352 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAutomationCoreRes.dll
2016-04-19 19:37 - 2016-04-19 19:37 - 00035680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wimmount.sys
2016-04-19 19:37 - 2016-04-19 19:37 - 00035656 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfpmp.exe
2016-04-19 19:37 - 2016-04-19 19:37 - 00034816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usermgrcli.dll
2016-04-19 19:37 - 2016-04-19 19:37 - 00034304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BackgroundTransferHost.exe
2016-04-19 19:37 - 2016-04-19 19:37 - 00032256 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups2.dll
2016-04-19 19:37 - 2016-04-19 19:37 - 00032040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfpmp.exe
2016-04-19 19:37 - 2016-04-19 19:37 - 00031744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TimeBrokerClient.dll
2016-04-19 19:37 - 2016-04-19 19:37 - 00031232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ztrace_maps.dll
2016-04-19 19:37 - 2016-04-19 19:37 - 00031232 _____ (Microsoft Corporation) C:\WINDOWS\system32\seclogon.dll
2016-04-19 19:37 - 2016-04-19 19:37 - 00030720 _____ (Microsoft Corporation) C:\WINDOWS\system32\tetheringconfigsp.dll
2016-04-19 19:37 - 2016-04-19 19:37 - 00030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorageUsage.dll
2016-04-19 19:37 - 2016-04-19 19:37 - 00028672 _____ (Microsoft Corporation) C:\WINDOWS\system32\WordBreakers.dll
2016-04-19 19:37 - 2016-04-19 19:37 - 00028160 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Management.Provisioning.ProxyStub.dll
2016-04-19 19:37 - 2016-04-19 19:37 - 00028160 _____ (Microsoft Corporation) C:\WINDOWS\system32\nativemap.dll
2016-04-19 19:37 - 2016-04-19 19:37 - 00027648 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiFiConfigSP.dll
2016-04-19 19:37 - 2016-04-19 19:37 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvcpal.dll
2016-04-19 19:37 - 2016-04-19 19:37 - 00025088 _____ (Microsoft Corporation) C:\WINDOWS\system32\irmon.dll
2016-04-19 19:37 - 2016-04-19 19:37 - 00024064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WordBreakers.dll
2016-04-19 19:37 - 2016-04-19 19:37 - 00023552 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExtrasXmlParser.dll
2016-04-19 19:37 - 2016-04-19 19:37 - 00019456 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasautou.exe
2016-04-19 19:37 - 2016-04-19 19:37 - 00018944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExtrasXmlParser.dll
2016-04-19 19:37 - 2016-04-19 19:37 - 00018944 _____ (Microsoft Corporation) C:\WINDOWS\system32\wshrm.dll
2016-04-19 19:37 - 2016-04-19 19:37 - 00017408 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasadhlp.dll
2016-04-19 19:37 - 2016-04-19 19:37 - 00017408 _____ (Microsoft Corporation) C:\WINDOWS\system32\IcsEntitlementHost.exe
2016-04-19 19:37 - 2016-04-19 19:37 - 00014336 _____ (Microsoft Corporation) C:\WINDOWS\system32\dciman32.dll
2016-04-19 19:37 - 2016-04-19 19:37 - 00013824 _____ (Microsoft Corporation) C:\WINDOWS\system32\sscoreext.dll
2016-04-19 19:37 - 2016-04-19 19:37 - 00013824 _____ (Microsoft Corporation) C:\WINDOWS\system32\rastlsext.dll
2016-04-19 19:37 - 2016-04-19 19:37 - 00013312 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsBtSvcProxy.dll
2016-04-19 19:37 - 2016-04-19 19:37 - 00011776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rastlsext.dll
2016-04-19 19:37 - 2016-04-19 19:37 - 00011776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dciman32.dll
2016-04-19 19:37 - 2016-04-19 19:37 - 00010240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Microsoft-Windows-MosTrace.dll
2016-04-19 19:37 - 2016-04-19 19:37 - 00010240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft-Windows-MosTrace.dll
2016-04-19 19:37 - 2016-04-19 19:37 - 00009728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Microsoft-Windows-MosHost.dll
2016-04-19 19:37 - 2016-04-19 19:37 - 00009728 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft-Windows-MosHost.dll
2016-04-19 19:37 - 2016-04-19 19:37 - 00003072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapControlStringsRes.dll
2016-04-19 19:37 - 2016-04-19 19:37 - 00003072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\lpk.dll
2016-04-19 19:37 - 2016-04-19 19:37 - 00003072 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapControlStringsRes.dll
2016-04-19 19:37 - 2016-04-19 19:37 - 00003072 _____ (Microsoft Corporation) C:\WINDOWS\system32\lpk.dll
2016-04-19 19:33 - 2015-10-29 20:43 - 05739520 _____ (Microsoft Corporation) C:\WINDOWS\system32\prm0009.dll
2016-04-19 19:33 - 2015-10-29 20:43 - 02629632 _____ (Microsoft Corporation) C:\WINDOWS\system32\NlsLexicons0009.dll
2016-04-19 19:33 - 2015-10-29 20:41 - 02629632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NlsLexicons0009.dll
2016-04-19 19:33 - 2015-10-29 20:25 - 06359040 _____ (Microsoft Corporation) C:\WINDOWS\system32\NlsData0009.dll
2016-04-19 19:33 - 2015-10-29 20:24 - 04847616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NlsData0009.dll
2016-04-19 19:32 - 2016-04-19 19:32 - 00008192 _____ C:\WINDOWS\system32\config\userdiff
2016-04-19 19:23 - 2016-04-21 21:46 - 00000000 ____D C:\WINDOWS\system32\msmq
2016-04-19 19:23 - 2016-04-19 19:23 - 00000000 ____D C:\WINDOWS\SysWOW64\XPSViewer
2016-04-19 19:23 - 2016-04-19 19:23 - 00000000 ____D C:\WINDOWS\SysWOW64\BestPractices
2016-04-19 19:23 - 2016-04-19 19:23 - 00000000 ____D C:\WINDOWS\system32\BestPractices
2016-04-19 19:23 - 2016-04-19 19:23 - 00000000 ____D C:\Program Files\Reference Assemblies
2016-04-19 19:23 - 2016-04-19 19:23 - 00000000 ____D C:\Program Files\MSBuild
2016-04-19 19:23 - 2016-04-19 19:23 - 00000000 ____D C:\Program Files (x86)\Reference Assemblies
2016-04-19 19:23 - 2016-04-19 19:23 - 00000000 ____D C:\Program Files (x86)\MSBuild
2016-04-19 19:23 - 2016-04-19 19:23 - 00000000 ____D C:\inetpub
2016-04-19 19:23 - 2015-10-23 18:47 - 00778936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationNative_v0300.dll
2016-04-19 19:23 - 2015-10-23 18:47 - 00103120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2016-04-19 19:23 - 2015-10-23 18:47 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TsWpfWrp.exe
2016-04-19 19:22 - 2016-04-19 19:22 - 01087488 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll
2016-04-19 19:22 - 2016-04-19 19:22 - 00304752 _____ (Microsoft Corporation) C:\WINDOWS\system32\systemreset.exe
2016-04-19 19:22 - 2016-04-19 19:22 - 00000000 _SHDL C:\Users\Default\Vorlagen
2016-04-19 19:22 - 2016-04-19 19:22 - 00000000 _SHDL C:\Users\Default\Startmenü
2016-04-19 19:22 - 2016-04-19 19:22 - 00000000 _SHDL C:\Users\Default\Netzwerkumgebung
2016-04-19 19:22 - 2016-04-19 19:22 - 00000000 _SHDL C:\Users\Default\Lokale Einstellungen
2016-04-19 19:22 - 2016-04-19 19:22 - 00000000 _SHDL C:\Users\Default\Eigene Dateien
2016-04-19 19:22 - 2016-04-19 19:22 - 00000000 _SHDL C:\Users\Default\Druckumgebung
2016-04-19 19:22 - 2016-04-19 19:22 - 00000000 _SHDL C:\Users\Default\Documents\Eigene Videos
2016-04-19 19:22 - 2016-04-19 19:22 - 00000000 _SHDL C:\Users\Default\Documents\Eigene Musik
2016-04-19 19:22 - 2016-04-19 19:22 - 00000000 _SHDL C:\Users\Default\Documents\Eigene Bilder
2016-04-19 19:22 - 2016-04-19 19:22 - 00000000 _SHDL C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2016-04-19 19:22 - 2016-04-19 19:22 - 00000000 _SHDL C:\Users\Default\AppData\Local\Verlauf
2016-04-19 19:22 - 2016-04-19 19:22 - 00000000 _SHDL C:\Users\Default\AppData\Local\Anwendungsdaten
2016-04-19 19:22 - 2016-04-19 19:22 - 00000000 _SHDL C:\Users\Default\Anwendungsdaten
2016-04-19 19:22 - 2016-04-19 19:22 - 00000000 _SHDL C:\Users\Default User\Documents\Eigene Videos
2016-04-19 19:22 - 2016-04-19 19:22 - 00000000 _SHDL C:\Users\Default User\Documents\Eigene Musik
2016-04-19 19:22 - 2016-04-19 19:22 - 00000000 _SHDL C:\Users\Default User\Documents\Eigene Bilder
2016-04-19 19:22 - 2016-04-19 19:22 - 00000000 _SHDL C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2016-04-19 19:22 - 2016-04-19 19:22 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Verlauf
2016-04-19 19:22 - 2016-04-19 19:22 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Anwendungsdaten
2016-04-19 19:22 - 2015-10-23 18:46 - 01166520 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationNative_v0300.dll
2016-04-19 19:22 - 2015-10-23 18:46 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe
2016-04-19 19:22 - 2015-10-23 18:45 - 00124624 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2016-04-19 19:18 - 2016-05-16 14:29 - 00000000 ____D C:\WINDOWS\System32\Tasks\Norton Security with Backup
2016-04-19 19:15 - 2016-05-16 14:23 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-04-19 19:15 - 2016-04-19 19:15 - 00000000 ____D C:\WINDOWS\System32\Tasks\Remediation
2016-04-19 19:07 - 2016-04-19 19:07 - 00001519 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2016-04-19 19:07 - 2016-04-19 19:07 - 00000000 ____D C:\Users\Default\AppData\Roaming\Media Center Programs
2016-04-19 19:07 - 2016-04-19 19:07 - 00000000 ____D C:\Users\Default User\AppData\Roaming\Media Center Programs
2016-04-19 19:01 - 2016-04-19 19:01 - 00000000 ____D C:\Program Files\Common Files\SpeechEngines
2016-04-19 19:00 - 2016-04-30 17:54 - 00000000 ____D C:\Users\Marcel Ruckober\unwesentlich
2016-04-19 19:00 - 2016-04-19 19:00 - 00000000 ____D C:\WINDOWS\system32\config\bbimigrate
2016-04-19 18:59 - 2016-05-14 12:01 - 00000000 ____D C:\Users\Marcel Ruckober
2016-04-19 18:59 - 2016-04-19 18:59 - 00000000 _SHDL C:\Users\Marcel Ruckober\Vorlagen
2016-04-19 18:59 - 2016-04-19 18:59 - 00000000 _SHDL C:\Users\Marcel Ruckober\Startmenü
2016-04-19 18:59 - 2016-04-19 18:59 - 00000000 _SHDL C:\Users\Marcel Ruckober\Netzwerkumgebung
2016-04-19 18:59 - 2016-04-19 18:59 - 00000000 _SHDL C:\Users\Marcel Ruckober\Lokale Einstellungen
2016-04-19 18:59 - 2016-04-19 18:59 - 00000000 _SHDL C:\Users\Marcel Ruckober\Eigene Dateien
2016-04-19 18:59 - 2016-04-19 18:59 - 00000000 _SHDL C:\Users\Marcel Ruckober\Druckumgebung
2016-04-19 18:59 - 2016-04-19 18:59 - 00000000 _SHDL C:\Users\Marcel Ruckober\Documents\Eigene Videos
2016-04-19 18:59 - 2016-04-19 18:59 - 00000000 _SHDL C:\Users\Marcel Ruckober\Documents\Eigene Musik
2016-04-19 18:59 - 2016-04-19 18:59 - 00000000 _SHDL C:\Users\Marcel Ruckober\Documents\Eigene Bilder
2016-04-19 18:59 - 2016-04-19 18:59 - 00000000 _SHDL C:\Users\Marcel Ruckober\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2016-04-19 18:59 - 2016-04-19 18:59 - 00000000 _SHDL C:\Users\Marcel Ruckober\AppData\Local\Verlauf
2016-04-19 18:59 - 2016-04-19 18:59 - 00000000 _SHDL C:\Users\Marcel Ruckober\AppData\Local\Anwendungsdaten
2016-04-19 18:59 - 2016-04-19 18:59 - 00000000 _SHDL C:\Users\Marcel Ruckober\Anwendungsdaten
2016-04-19 18:56 - 2016-05-16 14:29 - 02114982 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-04-19 18:56 - 2016-04-19 18:56 - 01989310 _____ C:\WINDOWS\SysWOW64\PerfStringBackup.INI
2016-04-19 18:52 - 2016-04-19 18:52 - 00000000 ____H C:\ProgramData\DP45977C.lfl
2016-04-19 18:52 - 2016-04-19 18:52 - 00000000 ____D C:\WINDOWS\SysWOW64\RTCOM
2016-04-19 18:52 - 2016-04-19 18:52 - 00000000 ____D C:\WINDOWS\system32\SRSLabs
2016-04-19 18:52 - 2016-04-19 18:52 - 00000000 ____D C:\ProgramData\NVIDIA
2016-04-19 18:52 - 2016-04-19 18:52 - 00000000 ____D C:\Program Files\Realtek
2016-04-19 18:52 - 2015-08-07 19:18 - 06875440 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2016-04-19 18:52 - 2015-08-07 19:18 - 03495544 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc64.dll
2016-04-19 18:52 - 2015-08-07 19:18 - 02558768 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll
2016-04-19 18:52 - 2015-08-07 19:18 - 01059960 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshext.dll
2016-04-19 18:52 - 2015-08-07 19:18 - 00937592 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvvsvc.exe
2016-04-19 18:52 - 2015-08-07 19:18 - 00385144 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmctray.dll
2016-04-19 18:52 - 2015-08-07 19:18 - 00074872 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshextr.dll
2016-04-19 18:52 - 2015-08-07 19:18 - 00062584 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll
2016-04-19 18:52 - 2015-08-03 15:06 - 05133709 _____ C:\WINDOWS\system32\nvcoproc.bin
2016-04-19 18:51 - 2016-04-19 19:01 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2016-04-19 18:51 - 2016-04-19 19:01 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2016-04-19 18:51 - 2016-04-19 18:51 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2016-04-19 18:51 - 2016-01-03 00:18 - 00072696 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.DLL
2016-04-19 18:51 - 2016-01-03 00:18 - 00069120 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.DLL
2016-04-19 18:50 - 2016-04-23 22:09 - 00000000 ____D C:\Program Files\Intel
2016-04-19 18:50 - 2016-04-19 18:50 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_SynTP_01009.Wdf
2016-04-19 18:50 - 2016-04-19 18:50 - 00000000 ____D C:\Program Files\Synaptics
2016-04-19 18:45 - 2015-10-30 09:17 - 02718208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2016-04-19 18:44 - 2016-04-24 17:46 - 00232624 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2016-04-18 22:27 - 2016-04-18 22:27 - 00178544 _____ (Emsisoft Ltd) C:\WINDOWS\system32\eamclean.exe
2016-04-18 22:27 - 2016-04-18 22:27 - 00000114 _____ C:\WINDOWS\system32\eamclean.dat
2016-04-18 22:14 - 2016-05-16 17:39 - 00000000 ____D C:\ProgramData\Malwarebytes Anti-Exploit
2016-04-18 22:14 - 2016-05-06 21:06 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Exploit
2016-04-18 22:14 - 2016-05-06 21:06 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Exploit
2016-04-18 22:02 - 2016-04-18 22:43 - 00000000 ____D C:\EEK

Ruggi · 18.05.2016, 20:02

Teil 3

Code:

ATTFilter

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-05-18 20:16 - 2013-01-13 22:45 - 00000884 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2016-05-18 19:55 - 2015-10-30 09:24 - 00000000 ___HD C:\Program Files\WindowsApps
2016-05-18 19:55 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\AppReadiness
2016-05-18 19:51 - 2016-04-11 09:35 - 00004188 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{7173B62E-BFFB-4E84-BCDC-870F90852538}
2016-05-18 19:49 - 2016-01-02 22:28 - 00000000 __SHD C:\Users\Marcel Ruckober\IntelGraphicsProfiles
2016-05-18 19:49 - 2012-03-12 14:36 - 00000828 _____ C:\WINDOWS\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon.job
2016-05-16 23:34 - 2012-03-12 14:58 - 00000328 _____ C:\WINDOWS\Tasks\Xerox PhotoCafe Communicator.job
2016-05-16 23:30 - 2015-02-28 17:30 - 00000911 _____ C:\WINDOWS\Tasks\EPSON XP-322 323 325 Series Update {C69226D6-BAF3-498A-A0CB-E4B5F2A5D953}.job
2016-05-16 15:52 - 2015-10-30 09:21 - 00000000 ____D C:\WINDOWS\INF
2016-05-16 15:36 - 2013-01-27 23:51 - 00000000 ____D C:\Program Files (x86)\Steam
2016-05-16 15:28 - 2015-01-09 19:19 - 00000000 ____D C:\ProgramData\Epson
2016-05-16 15:28 - 2013-04-02 21:52 - 00000000 ____D C:\Users\Marcel Ruckober\AppData\Roaming\vlc
2016-05-16 15:15 - 2015-02-28 17:31 - 00000000 ____D C:\Program Files (x86)\EPSON Software
2016-05-16 15:15 - 2015-01-09 19:23 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EPSON Software
2016-05-16 15:14 - 2013-01-09 18:12 - 00000000 ____D C:\ProgramData\Sony Corporation
2016-05-16 15:14 - 2012-03-12 14:39 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2016-05-16 15:11 - 2015-01-09 19:23 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EPSON
2016-05-16 15:11 - 2015-01-09 19:22 - 00000000 ____D C:\Program Files (x86)\epson
2016-05-16 14:41 - 2016-04-10 22:57 - 00000000 ____D C:\Users\Marcel Ruckober\Documents\Briefvorlagen
2016-05-16 14:40 - 2013-01-09 23:26 - 00000000 ____D C:\Users\Marcel Ruckober\AppData\Local\CrashDumps
2016-05-16 14:29 - 2015-10-30 20:35 - 00899798 _____ C:\WINDOWS\system32\perfh007.dat
2016-05-16 14:29 - 2015-10-30 20:35 - 00201990 _____ C:\WINDOWS\system32\perfc007.dat
2016-05-16 14:22 - 2015-10-30 08:28 - 00262144 ___SH C:\WINDOWS\system32\config\BBI
2016-05-16 13:24 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\rescache
2016-05-15 10:25 - 2015-10-30 09:11 - 00000000 ____D C:\WINDOWS\CbsTemp
2016-05-15 10:16 - 2013-02-14 23:07 - 00000000 ____D C:\ProgramData\McAfee
2016-05-13 18:38 - 2012-03-12 14:36 - 00000830 _____ C:\WINDOWS\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d.job
2016-05-13 18:23 - 2016-04-11 22:47 - 00000000 ____D C:\Users\Marcel Ruckober\AppData\Local\NPE
2016-05-13 17:55 - 2016-01-02 22:29 - 00000000 __RHD C:\Users\Public\AccountPictures
2016-05-13 17:28 - 2015-10-30 08:28 - 00008192 ___SH C:\WINDOWS\system32\config\ELAM
2016-05-13 17:27 - 2016-04-11 09:41 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-05-12 19:48 - 2015-10-30 20:44 - 00000000 ____D C:\Program Files\Windows Journal
2016-05-12 19:48 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\system32\oobe
2016-05-12 19:48 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\system32\appraiser
2016-05-12 19:48 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\Provisioning
2016-05-12 19:48 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\bcastdvr
2016-05-12 18:37 - 2013-07-25 20:31 - 00000000 ____D C:\WINDOWS\system32\MRT
2016-05-11 18:17 - 2013-01-21 21:20 - 139319312 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2016-05-03 12:10 - 2014-11-05 22:42 - 00000000 ____D C:\Users\Marcel Ruckober\AppData\Local\Packages
2016-04-25 21:27 - 2016-01-02 22:33 - 00000000 ___RD C:\Users\Marcel Ruckober\OneDrive
2016-04-24 20:51 - 2016-04-11 22:51 - 00000083 _____ C:\WINDOWS\system32\Drivers\etc\hosts.bak
2016-04-24 17:55 - 2013-01-18 21:10 - 00000000 ____D C:\Users\Marcel Ruckober\AppData\Local\Adobe
2016-04-24 17:41 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2016-04-24 17:40 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\PolicyDefinitions
2016-04-23 22:09 - 2012-03-12 14:37 - 00000000 ____D C:\Program Files\Common Files\Intel
2016-04-23 22:08 - 2015-12-04 23:50 - 00000000 ____D C:\Program Files\Common Files\AV
2016-04-23 22:08 - 2013-06-29 21:29 - 00000000 ____D C:\ProgramData\Package Cache
2016-04-23 22:01 - 2016-04-11 09:41 - 00001234 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2016-04-23 22:01 - 2016-04-11 09:41 - 00001222 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2016-04-23 21:56 - 2013-01-09 23:59 - 00000000 ____D C:\ProgramData\Adobe
2016-04-21 21:45 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\Registration
2016-04-20 19:56 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\appcompat
2016-04-19 20:25 - 2015-10-30 09:24 - 00000000 ___RD C:\WINDOWS\DevicesFlow
2016-04-19 20:08 - 2015-10-30 09:24 - 00000000 ___RD C:\WINDOWS\PrintDialog
2016-04-19 20:08 - 2015-10-30 09:24 - 00000000 ___RD C:\WINDOWS\MiracastView
2016-04-19 20:08 - 2015-10-30 09:24 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2016-04-19 19:42 - 2015-10-30 09:24 - 00028672 _____ C:\WINDOWS\system32\config\BCD-Template
2016-04-19 19:39 - 2015-10-30 09:24 - 00000000 ___SD C:\WINDOWS\system32\F12
2016-04-19 19:39 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2016-04-19 19:39 - 2015-10-30 09:24 - 00000000 ____D C:\Program Files\Windows Portable Devices
2016-04-19 19:39 - 2015-10-30 09:24 - 00000000 ____D C:\Program Files\Windows Multimedia Platform
2016-04-19 19:39 - 2015-10-30 09:24 - 00000000 ____D C:\Program Files (x86)\Windows Portable Devices
2016-04-19 19:39 - 2015-10-30 09:24 - 00000000 ____D C:\Program Files (x86)\Windows Multimedia Platform
2016-04-19 19:39 - 2015-10-30 08:28 - 00000000 ____D C:\WINDOWS\SysWOW64\Dism
2016-04-19 19:39 - 2015-10-30 08:28 - 00000000 ____D C:\WINDOWS\system32\Dism
2016-04-19 19:23 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\SysWOW64\MUI
2016-04-19 19:23 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\SysWOW64\inetsrv
2016-04-19 19:23 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\system32\MUI
2016-04-19 19:23 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\system32\inetsrv
2016-04-19 19:23 - 2015-10-30 09:19 - 00635904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqsnap.dll
2016-04-19 19:23 - 2015-10-30 09:19 - 00562176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqutil.dll
2016-04-19 19:23 - 2015-10-30 09:19 - 00266240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqoa.dll
2016-04-19 19:23 - 2015-10-30 09:19 - 00168960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iisRtl.dll
2016-04-19 19:23 - 2015-10-30 09:19 - 00161792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqrt.dll
2016-04-19 19:23 - 2015-10-30 09:19 - 00096768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqoa.tlb
2016-04-19 19:23 - 2015-10-30 09:19 - 00091136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqoa30.tlb
2016-04-19 19:23 - 2015-10-30 09:19 - 00055808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqoa20.tlb
2016-04-19 19:23 - 2015-10-30 09:19 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\admwprox.dll
2016-04-19 19:23 - 2015-10-30 09:19 - 00037376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqoa10.tlb
2016-04-19 19:23 - 2015-10-30 09:19 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ahadmin.dll
2016-04-19 19:23 - 2015-10-30 09:19 - 00017408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iisreset.exe
2016-04-19 19:23 - 2015-10-30 09:19 - 00014848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqcertui.dll
2016-04-19 19:23 - 2015-10-30 09:19 - 00011264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wamregps.dll
2016-04-19 19:23 - 2015-10-30 09:19 - 00010240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iisrstap.dll
2016-04-19 19:23 - 2015-10-30 09:19 - 00009096 _____ C:\WINDOWS\SysWOW64\msmqtrc.mof
2016-04-19 19:23 - 2015-10-30 09:18 - 01417728 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqqm.dll
2016-04-19 19:23 - 2015-10-30 09:18 - 00813056 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqsnap.dll
2016-04-19 19:23 - 2015-10-30 09:18 - 00564224 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqutil.dll
2016-04-19 19:23 - 2015-10-30 09:18 - 00317440 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqoa.dll
2016-04-19 19:23 - 2015-10-30 09:18 - 00229888 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqrt.dll
2016-04-19 19:23 - 2015-10-30 09:18 - 00202240 _____ (Microsoft Corporation) C:\WINDOWS\system32\iisRtl.dll
2016-04-19 19:23 - 2015-10-30 09:18 - 00175616 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mqac.sys
2016-04-19 19:23 - 2015-10-30 09:18 - 00130048 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqlogmgr.dll
2016-04-19 19:23 - 2015-10-30 09:18 - 00096768 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqoa.tlb
2016-04-19 19:23 - 2015-10-30 09:18 - 00091136 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqoa30.tlb
2016-04-19 19:23 - 2015-10-30 09:18 - 00056320 _____ (Microsoft Corporation) C:\WINDOWS\system32\admwprox.dll
2016-04-19 19:23 - 2015-10-30 09:18 - 00055808 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqoa20.tlb
2016-04-19 19:23 - 2015-10-30 09:18 - 00053248 _____ (Microsoft Corporation) C:\WINDOWS\system32\ahadmin.dll
2016-04-19 19:23 - 2015-10-30 09:18 - 00052736 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqbkup.exe
2016-04-19 19:23 - 2015-10-30 09:18 - 00037376 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqoa10.tlb
2016-04-19 19:23 - 2015-10-30 09:18 - 00026624 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqsvc.exe
2016-04-19 19:23 - 2015-10-30 09:18 - 00019456 _____ (Microsoft Corporation) C:\WINDOWS\system32\iisreset.exe
2016-04-19 19:23 - 2015-10-30 09:18 - 00018944 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqcertui.dll
2016-04-19 19:23 - 2015-10-30 09:18 - 00015360 _____ (Microsoft Corporation) C:\WINDOWS\system32\wamregps.dll
2016-04-19 19:23 - 2015-10-30 09:18 - 00013312 _____ (Microsoft Corporation) C:\WINDOWS\system32\iisrstap.dll
2016-04-19 19:23 - 2015-10-30 09:18 - 00009096 _____ C:\WINDOWS\system32\msmqtrc.mof
2016-04-19 19:23 - 2015-10-30 09:17 - 00480256 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnet.dll
2016-04-19 19:23 - 2015-10-30 09:17 - 00395264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnet.dll
2016-04-19 19:23 - 2015-10-30 09:17 - 00220160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dplayx.dll
2016-04-19 19:23 - 2015-10-30 09:17 - 00069120 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnathlp.dll
2016-04-19 19:23 - 2015-10-30 09:17 - 00061952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnathlp.dll
2016-04-19 19:23 - 2015-10-30 09:17 - 00047104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpwsockx.dll
2016-04-19 19:23 - 2015-10-30 09:17 - 00027648 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnsvr.exe
2016-04-19 19:23 - 2015-10-30 09:17 - 00025088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpmodemx.dll
2016-04-19 19:23 - 2015-10-30 09:17 - 00023040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnsvr.exe
2016-04-19 19:23 - 2015-10-30 09:17 - 00020992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dplaysvr.exe
2016-04-19 19:23 - 2015-10-30 09:17 - 00010240 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnhupnp.dll
2016-04-19 19:23 - 2015-10-30 09:17 - 00010240 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnhpast.dll
2016-04-19 19:23 - 2015-10-30 09:17 - 00008704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnhupnp.dll
2016-04-19 19:23 - 2015-10-30 09:17 - 00008704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnhpast.dll
2016-04-19 19:23 - 2015-10-30 09:17 - 00005632 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnlobby.dll
2016-04-19 19:23 - 2015-10-30 09:17 - 00005632 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnaddr.dll
2016-04-19 19:23 - 2015-10-30 09:17 - 00004608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnlobby.dll
2016-04-19 19:23 - 2015-10-30 09:17 - 00004608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnaddr.dll
2016-04-19 19:22 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\system32\WinBioDatabase
2016-04-19 19:22 - 2015-10-30 09:24 - 00000000 ____D C:\Program Files\Windows NT
2016-04-19 19:21 - 2016-01-02 21:17 - 00023784 _____ C:\WINDOWS\diagerr.xml
2016-04-19 19:21 - 2016-01-02 21:17 - 00022863 _____ C:\WINDOWS\diagwrn.xml
2016-04-19 19:19 - 2016-01-02 22:23 - 00023056 _____ C:\WINDOWS\system32\emptyregdb.dat
2016-04-19 19:19 - 2015-10-30 09:24 - 00000000 __RSD C:\WINDOWS\Media
2016-04-19 19:19 - 2015-10-30 09:24 - 00000000 __RHD C:\Users\Public\Libraries
2016-04-19 19:03 - 2015-10-30 20:35 - 00000000 ____D C:\WINDOWS\SysWOW64\sysprep
2016-04-19 19:03 - 2012-03-12 15:43 - 00000000 ____D C:\WINDOWS\tr
2016-04-19 19:03 - 2012-03-12 15:43 - 00000000 ____D C:\WINDOWS\th
2016-04-19 19:02 - 2016-04-10 21:31 - 00000000 ____D C:\WINDOWS\system32\puol
2016-04-19 19:02 - 2016-04-10 21:31 - 00000000 ____D C:\WINDOWS\system32\fibh
2016-04-19 19:02 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\SysWOW64\migwiz
2016-04-19 19:02 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\SysWOW64\IME
2016-04-19 19:02 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\SysWOW64\GroupPolicy
2016-04-19 19:02 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\system32\spool
2016-04-19 19:02 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\system32\NDF
2016-04-19 19:02 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\system32\IME
2016-04-19 19:02 - 2012-03-12 15:19 - 00000000 ___HD C:\WINDOWS\system32\WLANProfiles
2016-04-19 19:01 - 2016-04-10 23:25 - 00000000 ____D C:\WINDOWS\system32\abu
2016-04-19 19:01 - 2016-02-20 19:23 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ANNO 1602
2016-04-19 19:01 - 2015-10-30 20:36 - 00000000 ____D C:\WINDOWS\OCR
2016-04-19 19:01 - 2015-10-30 20:35 - 00000000 ____D C:\WINDOWS\DigitalLocker
2016-04-19 19:01 - 2015-10-30 09:24 - 00000000 __SHD C:\Program Files\Windows Sidebar
2016-04-19 19:01 - 2015-10-30 09:24 - 00000000 __SHD C:\Program Files (x86)\Windows Sidebar
2016-04-19 19:01 - 2015-10-30 09:24 - 00000000 ___RD C:\WINDOWS\PurchaseDialog
2016-04-19 19:01 - 2015-10-30 09:24 - 00000000 ___HD C:\WINDOWS\ELAMBKUP
2016-04-19 19:01 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\schemas
2016-04-19 19:01 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\LiveKernelReports
2016-04-19 19:01 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\IME
2016-04-19 19:01 - 2015-10-30 09:24 - 00000000 ____D C:\ProgramData\USOPrivate
2016-04-19 19:01 - 2015-10-30 09:24 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2016-04-19 19:01 - 2015-08-22 22:46 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink PowerDVD 12
2016-04-19 19:01 - 2015-03-16 14:48 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton Security with Backup
2016-04-19 19:01 - 2014-12-13 23:03 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Deep Silver
2016-04-19 19:01 - 2014-11-05 22:41 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink PowerDVD 10
2016-04-19 19:01 - 2014-09-16 22:09 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2016-04-19 19:01 - 2014-07-15 20:54 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2016-04-19 19:01 - 2014-05-01 23:59 - 00000000 ___SD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.1.0
2016-04-19 19:01 - 2014-02-20 23:25 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tivola
2016-04-19 19:01 - 2013-09-30 14:12 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TIPP10
2016-04-19 19:01 - 2013-05-05 18:18 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
2016-04-19 19:01 - 2013-04-02 21:50 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2016-04-19 19:01 - 2013-03-14 15:57 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2016-04-19 19:01 - 2013-03-10 17:52 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hauppauge WinTV
2016-04-19 19:01 - 2013-01-27 23:51 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
2016-04-19 19:01 - 2013-01-27 23:36 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Fresh Minder 2
2016-04-19 19:01 - 2013-01-10 15:26 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Starter (Deutsch)
2016-04-19 19:01 - 2013-01-10 13:47 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung Printers
2016-04-19 19:01 - 2013-01-09 23:21 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ABBYY FineReader 6.0 Sprint
2016-04-19 19:01 - 2013-01-09 18:12 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sony
2016-04-19 19:01 - 2012-03-13 06:08 - 00000000 ___RD C:\Users\Public\Recorded TV
2016-04-19 19:01 - 2012-03-12 15:53 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink YouCam
2016-04-19 19:01 - 2012-03-12 15:47 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink Media Suite
2016-04-19 19:01 - 2012-03-12 15:43 - 00000000 ____D C:\WINDOWS\sv
2016-04-19 19:01 - 2012-03-12 15:43 - 00000000 ____D C:\WINDOWS\sl
2016-04-19 19:01 - 2012-03-12 15:43 - 00000000 ____D C:\WINDOWS\sk
2016-04-19 19:01 - 2012-03-12 15:43 - 00000000 ____D C:\WINDOWS\ru
2016-04-19 19:01 - 2012-03-12 15:43 - 00000000 ____D C:\WINDOWS\ro
2016-04-19 19:01 - 2012-03-12 15:43 - 00000000 ____D C:\WINDOWS\pl
2016-04-19 19:01 - 2012-03-12 15:37 - 00000000 ____D C:\WINDOWS\en
2016-04-19 19:01 - 2012-03-12 15:36 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live
2016-04-19 19:01 - 2012-03-12 15:36 - 00000000 ____D C:\WINDOWS\no
2016-04-19 19:01 - 2012-03-12 15:36 - 00000000 ____D C:\WINDOWS\nl
2016-04-19 19:01 - 2012-03-12 15:36 - 00000000 ____D C:\WINDOWS\lv
2016-04-19 19:01 - 2012-03-12 15:36 - 00000000 ____D C:\WINDOWS\lt
2016-04-19 19:01 - 2012-03-12 15:36 - 00000000 ____D C:\WINDOWS\ko
2016-04-19 19:01 - 2012-03-12 15:36 - 00000000 ____D C:\WINDOWS\it
2016-04-19 19:01 - 2012-03-12 15:36 - 00000000 ____D C:\WINDOWS\hu
2016-04-19 19:01 - 2012-03-12 15:36 - 00000000 ____D C:\WINDOWS\hr
2016-04-19 19:01 - 2012-03-12 15:36 - 00000000 ____D C:\WINDOWS\he
2016-04-19 19:01 - 2012-03-12 15:36 - 00000000 ____D C:\WINDOWS\fr
2016-04-19 19:01 - 2012-03-12 15:36 - 00000000 ____D C:\WINDOWS\fi
2016-04-19 19:01 - 2012-03-12 15:36 - 00000000 ____D C:\WINDOWS\es
2016-04-19 19:01 - 2012-03-12 15:36 - 00000000 ____D C:\WINDOWS\el
2016-04-19 19:01 - 2012-03-12 15:36 - 00000000 ____D C:\WINDOWS\de
2016-04-19 19:01 - 2012-03-12 15:36 - 00000000 ____D C:\WINDOWS\da
2016-04-19 19:01 - 2012-03-12 15:36 - 00000000 ____D C:\WINDOWS\cs
2016-04-19 19:01 - 2012-03-12 15:36 - 00000000 ____D C:\WINDOWS\bg
2016-04-19 19:01 - 2012-03-12 15:35 - 00000000 ____D C:\WINDOWS\ar
2016-04-19 19:01 - 2012-03-12 14:58 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Xerox
2016-04-19 19:01 - 2012-03-12 14:54 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton Online Backup
2016-04-19 19:01 - 2012-03-12 14:44 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung
2016-04-19 19:01 - 2012-03-12 14:36 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel
2016-04-19 19:01 - 2009-07-14 07:32 - 00000000 ____D C:\Program Files\Microsoft Games
2016-04-19 19:00 - 2015-03-16 14:43 - 00000000 ____D C:\Users\Marcel Ruckober\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Norton
2016-04-19 19:00 - 2014-11-29 17:13 - 00000000 ____D C:\Users\Marcel Ruckober\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
2016-04-19 19:00 - 2014-02-20 23:25 - 00000000 ____D C:\Users\Marcel Ruckober\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Tivola
2016-04-19 19:00 - 2013-01-27 19:55 - 00000000 ____D C:\Users\Marcel Ruckober\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\The Rockin' Dead
2016-04-19 19:00 - 2009-07-14 05:20 - 00000000 ___HD C:\WINDOWS\system32\GroupPolicy
2016-04-19 18:56 - 2015-10-30 08:28 - 00000000 ____D C:\WINDOWS\system32\Sysprep
2016-04-19 18:52 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\Help
2016-04-19 18:44 - 2015-10-30 20:55 - 00000000 ____D C:\WINDOWS\ServiceProfiles
2016-04-19 17:44 - 2015-10-30 21:27 - 00000000 ___HD C:\$WINDOWS.~BT
2016-04-18 22:27 - 2016-04-10 21:23 - 00000000 ____D C:\Users\Marcel Ruckober\AppData\Local\5CF850B8-1460323420-11E1-9BA1-5F9695D7DCB4
2016-04-18 20:06 - 2014-05-01 17:26 - 00000000 ____D C:\Program Files (x86)\PhoneCrypt
2016-04-18 20:00 - 2016-04-10 21:54 - 00000000 ____D C:\Users\Marcel Ruckober\AppData\Local\bvyvave

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2013-01-27 23:26 - 2013-01-27 23:26 - 0000103 _____ () C:\Users\Marcel Ruckober\AppData\Local\fusioncache.dat
2015-08-21 18:39 - 2015-08-21 18:39 - 0000862 _____ () C:\Users\Marcel Ruckober\AppData\Local\recently-used.xbel
2013-01-10 14:42 - 2013-01-10 14:44 - 0027606 _____ () C:\Users\Marcel Ruckober\AppData\Local\WiDiSetupLog.20130110.134251.txt
2016-04-19 18:52 - 2016-04-19 18:52 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2013-01-08 21:43 - 2013-01-08 21:43 - 0000056 ____H () C:\ProgramData\ezsidmv.dat
2012-03-12 15:50 - 2012-03-12 15:50 - 0000109 _____ () C:\ProgramData\{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}.log
2012-03-12 15:47 - 2012-03-12 15:48 - 0000105 _____ () C:\ProgramData\{40BF1E83-20EB-11D8-97C5-0009C5020658}.log
2012-03-12 15:46 - 2012-03-12 15:47 - 0000106 _____ () C:\ProgramData\{80E158EA-7181-40FE-A701-301CE6BE64AB}.log
2012-03-12 15:48 - 2012-03-12 15:49 - 0000110 _____ () C:\ProgramData\{CB099890-1D5F-11D5-9EA9-0050BAE317E1}.log
2012-03-12 15:49 - 2012-03-12 15:50 - 0000108 _____ () C:\ProgramData\{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}.log

Einige Dateien in TEMP:
====================
C:\Users\Marcel Ruckober\AppData\Local\Temp\_is3DAE.exe


==================== Bamital & volsnap =================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert


LastRegBack: 2016-05-08 20:59

==================== Ende von FRST.txt ============================

Scan:

Code:

ATTFilter

Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:18-05-2016
durchgeführt von Marcel Ruckober (2016-05-18 20:19:20)
Gestartet von C:\Users\Marcel Ruckober\Downloads
Windows 10 Home Version 1511 (X64) (2016-04-19 17:22:49)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-189922631-1767686969-1414721043-500 - Administrator - Disabled)
ASPNET (S-1-5-21-189922631-1767686969-1414721043-1006 - Limited - Enabled)
DefaultAccount (S-1-5-21-189922631-1767686969-1414721043-503 - Limited - Disabled)
Gast (S-1-5-21-189922631-1767686969-1414721043-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-189922631-1767686969-1414721043-1003 - Limited - Enabled)
Marcel Ruckober (S-1-5-21-189922631-1767686969-1414721043-1001 - Administrator - Enabled) => C:\Users\Marcel Ruckober

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Norton Security mit Backup (Enabled - Up to date) {53C7D717-52E2-B95E-FA61-6F32ECC805DB}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Norton Security mit Backup (Enabled - Up to date) {E8A636F3-74D8-B6D0-C0D1-5440974F4F66}
FW: Norton Security mit Backup (Enabled) {6BFC5632-188D-B806-D13E-C607121B42A0}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

„Windows Live Essentials“ (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
„Windows Live Mail“ (x32 Version: 15.4.3502.0922 - „Microsoft Corporation“) Hidden
„Windows Live Messenger“ (x32 Version: 15.4.3538.0513 - „Microsoft Corporation“) Hidden
„Windows Live“ fotogalerija (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
7-Zip 9.20 (HKLM-x32\...\7-Zip) (Version:  - )
ABBYY FineReader 6.0 Sprint (HKLM-x32\...\{ACF60000-22B9-4CE9-98D6-2CCF359BAC07}) (Version: 6.00.1784.41616 - ABBYY Software House)
Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 15.016.20039 - Adobe Systems Incorporated)
Adobe Flash Player 21 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 21.0.0.213 - Adobe Systems Incorporated)
ANNO 1602 (HKLM-x32\...\{84F7CAD9-2316-4701-B5CA-E90FD60029E9}) (Version:  - )
CyberLink Media Suite (HKLM-x32\...\InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}) (Version: 8.0.2227 - CyberLink Corp.)
CyberLink MediaShow (HKLM-x32\...\InstallShield_{80E158EA-7181-40FE-A701-301CE6BE64AB}) (Version: 5.0.1130a - CyberLink Corp.)
CyberLink Power2Go (HKLM-x32\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.1.4813b - CyberLink Corp.)
CyberLink PowerDirector (HKLM-x32\...\InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}) (Version: 8.0.4207 - CyberLink Corp.)
CyberLink PowerDVD 10 (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.5509.52 - CyberLink Corp.)
CyberLink PowerDVD 12 (HKLM-x32\...\InstallShield_{B46BEA36-0B71-4A4E-AE41-87241643FA0A}) (Version: 12.0.5522.55 - CyberLink Corp.)
CyberLink YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 3.1.4417 - CyberLink Corp.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Deadlight (HKLM-x32\...\Steam App 211400) (Version:  - )
Easy File Share (HKLM-x32\...\{12F81925-F3C1-40DB-91F7-777817974319}) (Version: 1.3.1 - Samsung Electronics CO., LTD.)
Easy Migration (HKLM-x32\...\{AD86049C-3D9C-43E1-BE73-643F57D83D50}) (Version: 1.0 - Samsung Electronics Co., Ltd.)
Easy Support Center (HKLM\...\{0738F5F1-8E70-49A6-8692-F5722E1E5A4D}) (Version: 1.2.32 - Samsung Electronics CO., LTD.)
E-POP (HKLM-x32\...\{F06DD8D9-9DC8-430C-835C-C9BF21E05CC1}) (Version: 1.0.1 - Samsung)
EPSON-Handbücher (HKLM-x32\...\{84CECC1B-21EF-41B1-9A91-3E724E5D99D3}) (Version: 1.50.0.0 - SEIKO EPSON CORPORATION)
FaxRedist (HKLM-x32\...\{2C8CC208-965C-48A1-90A8-DFB484358F1C}) (Version: 1.0.0 -  )
Fotogalerija Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Fresh Minder 2 (HKLM-x32\...\{8DBBABF7-15C7-4B1A-AE40-E95D3DB8EBCC}) (Version: 2.0.0 - Fresh Minder - Vertrieb)
Galeria de Fotografias do Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galería fotográfica de Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galeria fotografii usługi Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galerie de photos Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galerie foto Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Geheimakte 3 (HKLM-x32\...\{765BF404-2FEE-492B-9E7F-A55143796EF1}) (Version: 1.00 - Deep Silver)
GIMP 2.8.4 (HKLM\...\GIMP-2_is1) (Version: 2.8.4 - The GIMP Team)
Hauppauge WinTV 7 (HKLM-x32\...\Hauppauge WinTV 7) (Version: v7.0.29302 (CD 2.4d) - Hauppauge Computer Works)
HL-1110 series (HKLM-x32\...\{4F2442B7-A89E-42A4-8F0E-6937499855CA}) (Version: 1.0.0.0 - Brother Industries, Ltd.)
Intel Security True Key (HKLM\...\TrueKey) (Version: 4.0.157.1 - Intel Security)
Intel(R) Manageability Engine Firmware Recovery Agent (HKLM-x32\...\{A6C48A9F-694A-4234-B3AA-62590B668927}) (Version: 1.0.0.35342 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.0.2.1410 - Intel Corporation)
Intel(R) OpenCL CPU Runtime (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version:  - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.4242 - Intel Corporation)
Intel(R) PROSet/Wireless Software for Bluetooth(R) Technology (HKLM\...\{F0932859-AA60-459E-B843-0BDECA34E2C7}) (Version: 2.0.0.0086 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.0.0.1032 - Intel Corporation)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 1.0.1.209 - Intel Corporation)
Intel(R) WiDi (HKLM\...\{6097158B-0184-4140-BEC3-7885794D2571}) (Version: 3.5.40.0 - Intel Corporation)
Intel(R) Wireless Display (HKLM\...\{28EF7372-9087-4AC3-9B9F-D9751FCDF830}) (Version:  - )
Intel® PROSet/Wireless Software (HKLM-x32\...\{ae509f68-6982-4506-befc-f2218d72cd5e}) (Version: 15.8.0 - Intel Corporation)
Intel® Trusted Connect Service Client (HKLM\...\{09536BA1-E498-4CC3-B834-D884A67D7E34}) (Version: 1.23.605.1 - Intel Corporation)
Java 7 Update 65 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217017FF}) (Version: 7.0.650 - Oracle)
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Malwarebytes Anti-Exploit version 1.8.1.1196 (HKLM\...\Malwarebytes Anti-Exploit_is1) (Version: 1.8.1.1196 - Malwarebytes)
McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.11.309.1 - McAfee, Inc.)
Media Go (HKLM-x32\...\{520CD4F0-9DAC-4C5C-8CA1-D0210CFF6062}) (Version: 1.4.269 - Sony)
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft .NET Framework 1.1 (HKLM-x32\...\Microsoft .NET Framework 1.1  (1033)) (Version:  - )
Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Klick-und-Los 2010 (HKLM-x32\...\Office14.Click2Run) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Starter 2010 - Deutsch (HKLM-x32\...\{90140011-0066-0407-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.41212.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{402ED4A1-8F5B-387A-8688-997ABF58B8F2}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Mozilla Firefox 46.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 46.0.1 (x86 de)) (Version: 46.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 46.0.1.5966 - Mozilla)
Mozilla Thunderbird 24.6.0 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 24.6.0 (x86 de)) (Version: 24.6.0 - Mozilla)
Multimedia POP (HKLM-x32\...\{A86C7338-BE18-4770-AA25-138513D89B0D}) (Version: 1.1 - )
MyEpson Portal (HKLM-x32\...\MyEpson Portal) (Version:  - SEIKO EPSON Corporation)
MyEpson Portal (x32 Version: 1.1.1.0 - SEIKO EPSON CORPORATION) Hidden
Norton Online Backup (HKLM-x32\...\{40A66DF6-22D3-44B5-A7D3-83B118A2C0DC}) (Version: 2.1.17869 - Symantec Corporation)
Norton Security mit Backup (HKLM-x32\...\NSBU) (Version: 22.6.0.142 - Symantec Corporation)
NVIDIA Grafiktreiber 353.84 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 353.84 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation)
OpenOffice 4.1.0 (HKLM-x32\...\{E19483E2-6C18-494D-A307-D4498BCFD2C7}) (Version: 4.10.9764 - Apache Software Foundation)
PhoneCrypt Client Version PhoneCrypt  2.9.17.2128 (HKLM-x32\...\PhoneCrypt_is1) (Version: PhoneCrypt  2.9.17.2128 - SecurStar, Inc.)
PlayStation(R)Network Downloader (HKLM-x32\...\{B6659DD8-00A7-4A24-BBFB-C1F6982E5D66}) (Version: 2.02.00076 - Sony Computer Entertainment Inc.)
PlayStation(R)Store (HKLM-x32\...\{0E532C84-4275-41B3-9D81-D4A1A20D8EE7}) (Version: 3.1.8.07881 - Sony Computer Entertainment Inc.)
Poczta usługi Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Podstawowe programy Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Pošta Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Protect Disc License Helper 1.0.125 (IE) (HKU\S-1-5-21-189922631-1767686969-1414721043-1001\...\Protect Disc License Helper) (Version: 1.0.125 - Protect Disc)
ProtectDisc Driver, Version 11 (HKLM-x32\...\ProtectDisc Driver 11) (Version: 11.0.0.14 - ProtectDisc Software GmbH)
Raccolta foto di Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.1.505.2015 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7543 - Realtek Semiconductor Corp.)
S Agent (Version: 1.1.55 - Samsung Electronics Co., Ltd.) Hidden
Samsung AllShare (HKLM-x32\...\InstallShield_{DF47ACA3-7C78-4C08-8007-AC682563C9F1}) (Version: 2.1.0.12031_10 - Samsung Electronics Co., Ltd.)
Samsung AllShare (x32 Version: 2.1.0.12031_10 - Samsung Electronics Co., Ltd.) Hidden
Samsung AnyWeb Print (HKLM-x32\...\{318DBE01-1E6B-4243-84B0-210391FE789A}) (Version: 2.0.67.1 - Samsung Electronics Co., Ltd.)
Samsung Recovery Solution 5 (HKLM-x32\...\{145DE957-0679-4A2A-BB5C-1D3E9808FAB2}) (Version: 5.7.0.1 - Samsung Electronics CO., LTD.)
Samsung Settings (HKLM-x32\...\{3BB58176-B3A7-47FD-9F18-C3576431D193}) (Version: 2.2.0 - Samsung Electronics CO., LTD.)
Samsung Universal Print Driver (HKLM-x32\...\Samsung Universal Print Driver) (Version: 2.03.01.00:36 - Samsung Electronics Co., Ltd.)
Samsung Universal Scan Driver (HKLM-x32\...\Samsung Universal Scan Driver) (Version: 1.2.6.0 - Samsung Electronics Co., Ltd.)
Samsung Update (HKLM-x32\...\{0B601907-A730-40D3-9DFC-A8452D45491F}) (Version: 2.2.25 - Samsung Electronics Co., Ltd.)
Skype™ 7.0 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.0.102 - Skype Technologies S.A.)
Software Launcher (HKLM-x32\...\{B750B5C2-CC17-4967-905B-29F4EB986131}) (Version: 1.0.2 - Samsung)
Software Updater (HKLM-x32\...\{E1BAD1BA-C0E8-4018-9281-E7D2C6B07474}) (Version: 4.3.6 - SEIKO EPSON CORPORATION)
Sony PC Companion 2.10.115 (HKLM-x32\...\{F09EF8F2-0976-42C1-8D9D-8DF78337C6E3}) (Version: 2.10.115 - Sony)
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 15.3.40.0 - Synaptics Incorporated)
The Rockin' Dead (HKLM-x32\...\The Rockin' Dead) (Version:  - bitComposer Games GmbH)
TIPP10 Version 2.1.0 (HKLM-x32\...\TIPP10_is1) (Version:  - (c) 2006-2011, Tom Thielicke IT Solutions)
Ubisoft Game Launcher (HKLM-x32\...\{888F1505-C2B3-4FDE-835D-36353EBD4754}) (Version: 1.0.0.0 - UBISOFT)
User Guide (HKLM-x32\...\{BAE68339-B0F6-4D33-9554-5A3DB2DFF5DA}) (Version: 1.1 - )
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.2 - VideoLAN)
Windows Live 程式集 (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3538.0513 - Microsoft Corporation)
Windows-Treiberpaket - Samsung Electronics Co. Ltd. (RadioHIDMini) HIDClass  (08/23/2013 6.2.8400.4218) (HKLM\...\26BFE384C802803107F583AE1A739E4FEB56134B) (Version: 08/23/2013 6.2.8400.4218 - Samsung Electronics Co. Ltd.)
Xerox PhotoCafe (HKLM-x32\...\Xerox PhotoCafe) (Version: 1.0.0.6162 - Xerox)
Συλλογή φωτογραφιών του Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Основные компоненты Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Почта Windows Live (x32 Version: 15.4.3502.0922 - Корпорация Майкрософт) Hidden
Фотоальбом Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Фотогалерия на Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
גלריית התמונות של Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
بريد Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
معرض صور Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

CustomCLSID: HKU\S-1-5-21-189922631-1767686969-1414721043-1001_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\Marcel Ruckober\AppData\Local\Microsoft\OneDrive\17.3.6386.0412\FileCoAuth.exe (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-189922631-1767686969-1414721043-1001_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\WINDOWS\system32\igfxEM.exe (Intel Corporation)

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {02CFDED1-4428-41AE-9B04-1EA2806052EA} - System32\Tasks\kze3024 => C:\Program Files (x86)\QuickSearch\kze3024.exe <==== ACHTUNG
Task: {05D93C23-0339-4783-BAC1-437D147AD3C9} - System32\Tasks\Microsoft\Windows\Media Center\StartRecording => C:\Windows\ehome\ehrec.exe
Task: {072AA169-5ACD-42C7-A791-DFC6B1AF4371} - System32\Tasks\bvyvave => C:\Users\Marcel Ruckober\AppData\Local\bvyvave\bvyvave.exe <==== ACHTUNG
Task: {0AA7DD8D-C143-4EB2-A91D-B2CA92480A32} - System32\Tasks\Norton Security with Backup\Norton Error Processor => C:\Program Files (x86)\Norton Security with Backup\Engine\22.6.0.142\SymErr.exe [2016-02-10] (Symantec Corporation)
Task: {179ADBFC-E116-4C10-B76E-38BEF94C913C} - \PC Speed Maximizer Schedule -> Keine Datei <==== ACHTUNG
Task: {1A8BEC5A-ED2B-45F1-B109-41F3E9B8B826} - System32\Tasks\{105F6E78-7D1E-4F67-96E2-FDFAFC55ACD7} => C:\Windows\twain_32\escndv\escndv.exe
Task: {1AF8604F-C7FA-4FC1-8DBA-76423F7872F7} - System32\Tasks\EPSON XP-322 323 325 Series Update {C69226D6-BAF3-498A-A0CB-E4B5F2A5D953} => C:\windows\system32\spool\DRIVERS\x64\3\E_YTSNEE.EXE
Task: {1B911769-259D-4D0D-A77D-9E71AC42251D} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\Windows\ehome\ehPrivJob.exe
Task: {1DD3FFCF-7DDB-4542-B045-1B517DDF1C82} - System32\Tasks\advSRS5 => C:\Program Files (x86)\Samsung\Samsung Recovery Solution 5\WCScheduler.exe [2015-07-06] (SEC)
Task: {22F2EBEB-0A87-4A01-990C-BBAA81DE241B} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\Windows\ehome\ehPrivJob.exe
Task: {238B96E3-4B82-4B32-8443-9F95AD659799} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Keine Datei <==== ACHTUNG
Task: {246A5DC2-DECE-40E9-A5D5-2F5221A8BD74} - System32\Tasks\SettingsEventHandlerMonitor => C:\Program Files (x86)\Samsung\Settings\CmdServer\RSSettingEventHandler.exe [2015-06-24] (Samsung Electronics CO., LTD.)
Task: {2ACAD73D-22A1-4C63-A0A4-D2B2D4A4AC0A} - System32\Tasks\Xerox PhotoCafe Communicator => C:\ProgramData\Xerox PhotoCafe\MessageCheck.exe [2011-10-26] ()
Task: {3130A9DB-956B-4BB6-96C4-64B56F4086FC} - System32\Tasks\Norton Security with Backup\Norton Autofix => C:\Program Files (x86)\Norton Security with Backup\Engine\22.6.0.142\SymErr.exe [2016-02-10] (Symantec Corporation)
Task: {332BC97F-CFD6-41F1-98C5-B3FC161912E3} - System32\Tasks\CreateChoiceProcessTask => C:\Windows\System32\browserchoice.exe
Task: {37092E36-A8AB-49BA-808A-A119F209868F} - System32\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe [2011-11-25] (Intel Corporation)
Task: {375230AC-2076-4485-A0D3-8265E0E33B9A} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime -> Keine Datei <==== ACHTUNG
Task: {4BC11492-1C6C-4FA9-A3EB-B577E5C7C803} - System32\Tasks\Calpukp => C:\PROGRA~1\Nulufomp\Foxsafz.bat <==== ACHTUNG
Task: {4D328541-C819-4278-BF50-8FFE5EF143C6} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\Windows\ehome\ehPrivJob.exe
Task: {4E9B123A-AD6B-4761-A560-6E321FFC6163} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-04-22] (Adobe Systems Incorporated)
Task: {53B1C0B2-F6AD-4100-BFC0-0F7ADCBD39ED} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\Windows\ehome\MCUpdate.exe
Task: {56CEDDC4-43F2-4D8E-863A-0F4D16E824F4} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {58770DF5-2FF1-4476-8386-001589974321} - System32\Tasks\PDVDServ12 Task => C:\Program Files (x86)\CyberLink\PowerDVD12\PDVD12Serv.exe [2015-07-27] (CyberLink Corp.)
Task: {5A6B9439-0178-4339-9EFE-0F7604DFADDA} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\Windows\ehome\ehPrivJob.exe
Task: {5CA1A10D-5CAB-4159-BD43-D8AE78CCF101} - System32\Tasks\LaunchSettings => C:\Program Files (x86)\Samsung\Settings\Settings.exe [2015-06-24] ()
Task: {6BD33652-27F8-4ABA-BFB7-961246B22B69} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {6C5C30A8-F7D0-468D-87AD-4FA8D92C5DD0} - System32\Tasks\EasySupportCenter => C:\Program Files\Samsung\Easy Support Center\SamoyedAgent.exe
Task: {6CE69357-A236-493C-B638-D3CFBF0B8DA2} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\Windows\ehome\ehPrivJob.exe
Task: {7058D631-AF91-46FD-8C52-58A3B3D18FFF} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\Windows\ehome\ehPrivJob.exe
Task: {7479C151-9FAD-4AC8-A651-06B0AC54DEC2} - System32\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe [2011-11-25] (Intel Corporation)
Task: {74FC3B4D-CB8C-40F5-9B3E-0B9AB859133A} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\Windows\ehome\ehrec.exe
Task: {75370740-1078-4EBE-B331-CCF4DF9D7744} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\Windows\ehome\mcupdate.exe
Task: {777BC7CD-52FD-4045-8866-5A527BCAC9B5} - System32\Tasks\WinTsks => C:\Program Files (x86)\WinTsks\WinTsks\WinTsks.exe <==== ACHTUNG
Task: {791CD5ED-B441-4817-992A-B72AA6E97D3A} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Keine Datei <==== ACHTUNG
Task: {7CA5E8FA-58C6-40EC-B4EA-2A427B23E279} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Keine Datei <==== ACHTUNG
Task: {7CBBCDDE-148D-45BC-B22B-0C66633ADC0A} - System32\Tasks\Ypufko => C:\PROGRA~1\Behqec\Digolorf.bat <==== ACHTUNG
Task: {8B8F036D-500F-44A6-8999-A38E6C570134} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime -> Keine Datei <==== ACHTUNG
Task: {90170080-4A42-4C38-89F3-3F4B3B8289EC} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Keine Datei <==== ACHTUNG
Task: {9A17F065-9771-4632-9EA3-D2E0D12B1821} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\Windows\ehome\ehPrivJob.exe
Task: {9C6CBEAD-8C12-4BC7-BA94-AC6F05170EF8} - System32\Tasks\{15088E54-DFAB-4EEB-B577-D1A91023FE95} => pcalua.exe -a C:\windows\system32\pcwrun.exe -c "C:\Program Files (x86)\Savvy TV\dvbttv.exe"
Task: {9F2B3EA1-41F3-49BA-B959-8F7356AE42DA} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Keine Datei <==== ACHTUNG
Task: {A175A859-CBFE-47FA-914D-7F3EA5E9EA34} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\Windows\ehome\ehPrivJob.exe
Task: {A37A37B2-BA2A-43C0-9225-C8855F17AA77} - System32\Tasks\Adobe Flash Player Updater => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-05-03] (Adobe Systems Incorporated)
Task: {A3ED3617-E2CD-44B4-BCF5-222E57F3C58C} - System32\Tasks\{61057125-BE50-4F81-8CFA-122F0CD8FAA2} => C:\Windows\twain_32\escndv\escndv.exe
Task: {A5B3B78B-6194-48E0-AFD5-B2BD4036B89B} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Keine Datei <==== ACHTUNG
Task: {A72F9F4D-609B-48CB-BE1C-9BF073676366} - System32\Tasks\Inst_Rep => C:\Users\Marcel Ruckober\AppData\Local\Installer\Install_1919\QO1Z84K1D.exe <==== ACHTUNG
Task: {B7EE7BC6-2052-4A85-805B-4C4B6B4E8A2E} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Keine Datei <==== ACHTUNG
Task: {B9372182-3368-4DEB-9588-3FF621BF9B64} - System32\Tasks\FastBrowsing2 => C:\Windows\Temp\FastBrowsing2.exe <==== ACHTUNG
Task: {B9BC9E63-94F9-43DC-B483-4FD7F489123D} - System32\Tasks\MirageAgent => C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe [2011-08-17] (CyberLink)
Task: {BC36E4D2-7394-4384-92A0-260FCD041EFA} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {BF4ED1B7-E8EA-42A7-A3AD-59F1B434659C} - System32\Tasks\SAgent => C:\Program Files\Samsung\S Agent\CommonAgent.exe [2015-12-09] (Samsung Electronics Co., Ltd.)
Task: {C8FC4AB1-1D14-42D8-88D6-24FC1DD1DD2E} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Keine Datei <==== ACHTUNG
Task: {CC0FF2A1-4767-45CA-8955-5568496031B9} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\Windows\ehome\ehPrivJob.exe
Task: {CC3D9102-7427-4590-9DB0-2110570B2C80} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\Windows\ehome\mcupdate.exe
Task: {CE3EEA6A-B631-4959-8390-4F83A2F76B6B} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Keine Datei <==== ACHTUNG
Task: {DAFA2957-F27A-4ABB-BFD6-D43A2AC09616} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {DBB7882B-DEF9-4853-BA27-BFBF2A20B483} - System32\Tasks\Norton WSC Integration => C:\Program Files (x86)\Norton Security with Backup\Engine\22.6.0.142\WSCStub.exe [2016-02-26] (Symantec Corporation)
Task: {E1AAF74D-9B9E-495A-80BC-EF889EDD94FF} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Keine Datei <==== ACHTUNG
Task: {E2933A1A-CC2E-471E-B56C-6D0F0667CF92} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2016-05-11] (Microsoft Corporation)
Task: {E9E275E1-0DC4-4E8D-8A3D-B6EDD2DA7EDD} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\Windows\ehome\mcupdate.exe
Task: {ED86F757-395A-4F01-A083-D290133347B0} - System32\Tasks\{CD8C37B6-1DA2-4A9A-B2FA-833C841F2606} => pcalua.exe -a D:\setup.exe -d D:\
Task: {EF7343DE-4375-49A3-8492-31255CA3BBF7} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\Windows\ehome\ehPrivJob.exe
Task: {F0D26271-0802-459B-99A3-B6C3F8655CAB} - System32\Tasks\{EC5838CF-3B72-4FCB-AEA3-73238E53A909} => pcalua.exe -a "C:\Users\Marcel Ruckober\Downloads\7kaa_full_2.13.0_setup.exe" -d "C:\Users\Marcel Ruckober\Downloads"
Task: {F1512E10-BDE2-4450-9B44-B8B205D60D4E} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\Windows\ehome\ehPrivJob.exe
Task: {F7447D3D-330C-4124-A8E5-E729317870FB} - System32\Tasks\Remediation\AntimalwareMigrationTask => C:\Program Files\Common Files\AV\Norton Security mit Backup\Upgrade.exe [2016-02-26] (Symantec Corporation)
Task: {F8058B55-1D4E-4FC3-A925-8766B87C0CEF} - System32\Tasks\Norton Security with Backup\Norton Error Analyzer => C:\Program Files (x86)\Norton Security with Backup\Engine\22.6.0.142\SymErr.exe [2016-02-10] (Symantec Corporation)
Task: {F8AB40FC-8C63-45C1-B7BA-BA60938A5202} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\Windows\ehome\ehPrivJob.exe
Task: {F9685B2C-DFF7-4B6F-8F93-7B15DF9422CE} - System32\Tasks\SettingsHibernateMonitor => C:\Program Files (x86)\Samsung\Settings\SettingsHibernateMonitor.exe [2015-06-24] (Samsung Electronics CO., LTD.)
Task: {FED68B58-2AC6-4594-B955-C4B87170DDB1} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\Windows\ehome\ehPrivJob.exe
Task: {FF614CB2-492A-4FD0-BADB-6523CA2F5B8F} - System32\Tasks\IBUpd2 => C:\Users\Marcel <==== ACHTUNG

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\EPSON XP-322 323 325 Series Update {C69226D6-BAF3-498A-A0CB-E4B5F2A5D953}.job => C:\windows\system32\spool\DRIVERS\x64\3\E_YTSNEE.EXE:/EXE:{C69226D6-BAF3-498A-A0CB-E4B5F2A5D953} /F:UpdateSYSTEMĊSearches for EPSON software updates, and notifies you when updates are available.If this task is disabled or stopped, your EPSON software will not be automatically kept up to date.Thi
Task: C:\WINDOWS\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon.job => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe
Task: C:\WINDOWS\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d.job => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe
Task: C:\WINDOWS\Tasks\Xerox PhotoCafe Communicator.job => C:\ProgramData\Xerox PhotoCafe\MessageCheck.exe

==================== Verknüpfungen =============================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)

ShortcutWithArgument: C:\Users\Marcel Ruckober\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Internet Explorer.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> "hxxp://trustedsurf.com/?ssid=1460315916&a=1024132&src=sh&uuid=fda8bf6d-6a0d-4c4d-a8c4-665ee8d01a2e"
ShortcutWithArgument: C:\Users\Marcel Ruckober\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk -> C:\Program Files (x86)\Internet Explorer\iexplore.exe (Microsoft Corporation) -> "hxxp://trustedsurf.com/?ssid=1460315916&a=1024132&src=sh&uuid=fda8bf6d-6a0d-4c4d-a8c4-665ee8d01a2e"

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2016-01-02 22:21 - 2006-11-13 05:40 - 00146432 _____ () C:\WINDOWS\system32\spool\PRTPROCS\x64\lxctdrpp.dll
2012-03-12 14:36 - 2012-02-08 04:03 - 00128280 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
2015-10-30 09:18 - 2015-10-30 09:18 - 00185856 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2016-04-19 18:52 - 2015-08-07 19:18 - 00116528 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2016-04-19 22:01 - 2016-03-29 12:20 - 02656952 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2016-04-19 22:01 - 2016-03-29 12:20 - 02656952 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
2016-04-25 21:27 - 2016-04-25 21:27 - 00959176 _____ () C:\Users\Marcel Ruckober\AppData\Local\Microsoft\OneDrive\17.3.6386.0412\amd64\ClientTelemetry.dll
2016-04-19 19:38 - 2016-04-19 19:38 - 00093696 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\Windows.UI.Shell.SharedUtilities.dll
2016-05-11 18:06 - 2016-04-23 06:25 - 00472064 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll
2016-05-11 18:07 - 2016-04-23 06:02 - 07992832 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2016-05-11 18:06 - 2016-04-23 05:58 - 00591360 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2016-05-11 18:07 - 2016-04-23 05:58 - 02483200 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2016-05-11 18:07 - 2016-04-23 06:01 - 04089856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2016-04-19 20:48 - 2016-04-19 20:48 - 00144384 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeHost.exe
2012-03-12 14:36 - 2012-02-08 03:39 - 01198872 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll
2016-05-16 14:34 - 2009-02-27 16:38 - 00139264 ____R () C:\Program Files (x86)\Brother\BrUtilities\BrLogAPI.dll
2015-06-24 17:05 - 2015-06-24 17:05 - 00211064 _____ () C:\Program Files (x86)\Samsung\Settings\CmdServer\WinCRT.dll
2009-11-02 07:20 - 2009-11-02 07:20 - 00619816 _____ () C:\Program Files (x86)\CyberLink\Power2Go\CLMediaLibrary.dll
2009-11-02 07:23 - 2009-11-02 07:23 - 00013096 _____ () C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvcPS.dll
2016-01-04 15:06 - 2011-09-08 20:40 - 01645056 _____ () C:\Program Files (x86)\Samsung\Samsung Recovery Solution 5\Resdll.dll
2016-04-19 20:48 - 2016-04-19 20:48 - 00141312 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeBackgroundTasks.dll
2016-04-19 20:48 - 2016-04-19 20:48 - 22284800 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkyWrap.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)

AlternateDataStreams: C:\ProgramData\Temp:D1B5B4F1 [226]

==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)


==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)


==================== Hosts Inhalt: ===============================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2016-04-24 20:51 - 2016-04-24 20:51 - 00000054 ____N C:\WINDOWS\system32\Drivers\etc\hosts

127.0.0.1       localhost
::1             localhost

==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-189922631-1767686969-1414721043-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Marcel Ruckober\AppData\Roaming\Mozilla\Firefox\Desktop-Hintergrund.bmp
DNS Servers: 104.197.191.4
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

MSCONFIG\Services: AdobeARMservice => 2
MSCONFIG\Services: AdobeFlashPlayerUpdateSvc => 3
MSCONFIG\Services: Apple Mobile Device => 2
MSCONFIG\Services: Bluetooth Device Monitor => 2
MSCONFIG\Services: Bluetooth Media Service => 3
MSCONFIG\Services: Bluetooth OBEX Service => 2
MSCONFIG\Services: Bonjour Service => 2
MSCONFIG\Services: CltMngSvc => 2
MSCONFIG\Services: GameConsoleService => 3
MSCONFIG\Services: globalUpdate => 2
MSCONFIG\Services: globalUpdatem => 3
MSCONFIG\Services: HauppaugeTVServer => 2
MSCONFIG\Services: lxct_device => 2
MSCONFIG\Services: McComponentHostService => 3
MSCONFIG\Services: MozillaMaintenance => 3
MSCONFIG\Services: RichVideo => 2
MSCONFIG\Services: Samsung UPD Service2 => 3
MSCONFIG\Services: SamsungAllShareV2.0 => 2
MSCONFIG\Services: SamsungDeviceConfigurationWinService => 2
MSCONFIG\Services: SimpleSlideShowServer => 3
MSCONFIG\Services: SkypeUpdate => 2
MSCONFIG\Services: Sony PC Companion => 3
MSCONFIG\Services: Steam Client Service => 3
MSCONFIG\Services: SWUpdateService => 2
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^AutoStart IR.lnk => C:\windows\pss\AutoStart IR.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^McAfee Security Scan Plus.lnk => C:\windows\pss\McAfee Security Scan Plus.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^WinTV Recording Status.lnk => C:\windows\pss\WinTV Recording Status.lnk.CommonStartup
MSCONFIG\startupfolder: C:^Users^Marcel Ruckober^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OpenOffice.org 3.4.1.lnk => C:\windows\pss\OpenOffice.org 3.4.1.lnk.Startup
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: AllShareAgent => C:\Program Files (x86)\Samsung\AllShare\AllShareAgent.exe
MSCONFIG\startupreg: APSDaemon => "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
MSCONFIG\startupreg: BTMTrayAgent => rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll",TrayApp
MSCONFIG\startupreg: iTunesHelper => "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: Quick Starter => C:\Program Files (x86)\Samsung\Quick Starter\Quick Starter.exe
MSCONFIG\startupreg: QuickTime Task => "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
MSCONFIG\startupreg: SynTPEnh => %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe
HKLM\...\StartupApproved\Run: => "LXCTCATS"
HKLM\...\StartupApproved\Run32: => "RemoteControl10"
HKLM\...\StartupApproved\Run32: => "Malwarebytes Anti-Exploit"
HKU\S-1-5-21-189922631-1767686969-1414721043-1001\...\StartupApproved\Run: => "OneDrive"

==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [MSMQ-In-TCP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-Out-TCP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-In-UDP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-Out-UDP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [WCF-NetTcpActivator-In-TCP-64bit] => (Allow) LPort=808
FirewallRules: [{3E3A50BF-897D-4CE4-B222-D03CA3264CBF}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{97330C28-405B-48C9-8367-436FEBA20742}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{57FE0EDE-20DD-454B-82E7-26C04F296456}] => (Allow) C:\Program Files\NewExt\jsinjector.exe
FirewallRules: [{D92BAEBA-E1F3-451F-A017-1993251D059A}] => (Allow) C:\Program Files (x86)\RelevantKnowledge\rlvknlg.exe
FirewallRules: [{C687FBC2-5CCC-4A0E-A641-34CD2256F548}] => (Allow) C:\Program Files (x86)\RelevantKnowledge\rlvknlg.exe
FirewallRules: [{4087576E-F7B0-4664-8127-DE2504FE55B4}] => (Allow) C:\Program Files\NewExt\jsinjector.exe
FirewallRules: [{DA51BDD9-88D4-4E2E-B81F-06FAE507B55F}] => (Allow) C:\Program Files\NewExt\jsinjector.exe
FirewallRules: [{DC48FABE-D23E-4131-99DB-4EFFD8D0CC2D}] => (Allow) C:\Program Files\NewExt\jsinjector.exe
FirewallRules: [{3C0DA513-33E2-4538-BE13-E59579CA3303}] => (Allow) C:\Users\Marcel Ruckober\AppData\Local\BrowserAir\Application\BrowserAir.exe
FirewallRules: [{C5F8BB96-472D-4711-AE54-562F94F6D735}] => (Allow) C:\Program Files\NewExt\jsinjector.exe
FirewallRules: [{43409EB3-1413-4F6A-A9F0-DFA3BC6BDB13}] => (Allow) C:\Program Files (x86)\Max Driver Updater\maxdu.exe
FirewallRules: [{32E70450-74F9-424F-AB90-4D9B43D10547}] => (Allow) C:\Program Files (x86)\SrpnFiles\downloader.exe
FirewallRules: [{1C40F724-1547-4D61-97CA-552F4B2727A0}] => (Allow) C:\Program Files (x86)\SrpnFiles\downloader.exe
FirewallRules: [{EFABD9E3-17CA-4E87-BB3A-D2D034EE6D62}] => (Allow) C:\Program Files (x86)\SrpnFiles\SrpnFiles.exe
FirewallRules: [{4066D601-E701-4BDE-8BAA-D59329541AEF}] => (Allow) C:\Program Files (x86)\SrpnFiles\SrpnFiles.exe
FirewallRules: [{85840B35-D713-4C67-9B0A-8BE1235F656F}] => (Allow) C:\Windows\System32\SUPDSvc2.exe
FirewallRules: [{501B1B43-15D2-4B66-8FA3-7B886F346591}] => (Allow) C:\Windows\System32\SUPDSvc2.exe
FirewallRules: [{7E6836E1-8989-4DE6-93FE-B8950B83D389}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{1BE9B972-DAE0-48CD-A9B6-9CEB98759624}] => (Allow) LPort=2869
FirewallRules: [{B13CA439-8EF8-4D53-8443-28A12EC11B63}] => (Allow) LPort=1900
FirewallRules: [{63A253C7-D068-4B36-B4A1-132D085EC016}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [{61D3400D-D686-436D-95EE-F9EA2FE47995}] => (Allow) C:\Program Files (x86)\Windows Live\Mesh\MOE.exe
FirewallRules: [{7EC42911-FCF2-471B-8D1F-310FE1787C83}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDirector\PDR8.EXE
FirewallRules: [{14F738A6-B1E8-4EDE-99D1-E6E307E7596F}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{42A4DFD3-28E6-42E4-9030-78E0B81FFAC8}] => (Allow) C:\Windows\SysWOW64\lxctcoms.exe
FirewallRules: [{69DE5FFB-5951-43F1-AD5A-40929E875FF0}] => (Allow) C:\Windows\SysWOW64\lxctcoms.exe
FirewallRules: [{A1C20B44-BE3D-4C37-88E9-BAFC9264F4FF}] => (Allow) C:\Windows\System32\lxctcoms.exe
FirewallRules: [{C624898D-329A-4ADD-8CA0-A8F51BF91684}] => (Allow) C:\Windows\System32\lxctcoms.exe
FirewallRules: [{C6AD9B4D-7A56-4550-95CD-62DF0D31D30E}] => (Allow) C:\Windows\System32\lxctcoms.exe
FirewallRules: [{965D4D8E-CD29-4E49-BA40-904DCA4D4172}] => (Allow) C:\Windows\System32\lxctcoms.exe
FirewallRules: [{F80A10D6-A08A-4C95-9307-EA1B3AE85D61}] => (Allow) C:\Program Files (x86)\Lexmark 5400 Series\lxctmon.exe
FirewallRules: [{C7112327-A3F9-49CF-8369-D624A8EF0597}] => (Allow) C:\Program Files (x86)\Lexmark 5400 Series\lxctmon.exe
FirewallRules: [{63238E8E-A296-4F27-9FE8-69BBBEE8B1FF}] => (Allow) C:\Program Files (x86)\Lexmark 5400 Series\LXCTaiox.exe
FirewallRules: [{DC587CA0-E0CD-4786-A1E5-407359D712D8}] => (Allow) C:\Program Files (x86)\Lexmark 5400 Series\LXCTaiox.exe
FirewallRules: [{6B7FFFD6-011D-4469-B960-2B4CB9C259A0}] => (Allow) C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\AllShareDMS.exe
FirewallRules: [{E56085E3-42DE-4801-8C12-15C5DA6BB7D6}] => (Allow) C:\Program Files (x86)\Samsung\AllShare\AllShare.exe
FirewallRules: [{0CACABAE-0E2A-4ABB-839A-CC393528692D}] => (Allow) C:\Program Files (x86)\Samsung\AllShare\AllShareAgent.exe
FirewallRules: [{758FCFBB-49B0-4F88-930F-99E4AF2DD0D0}] => (Allow) C:\Windows\System32\SUPDSvc2.exe
FirewallRules: [{5F65B320-0674-4307-AAC9-90D0FAEEF276}] => (Allow) C:\Windows\System32\SUPDSvc2.exe
FirewallRules: [{93869AE1-D806-4F22-B6AF-FEBECB1AE772}] => (Allow) C:\Program Files (x86)\Samsung\Samsung Universal Scan Driver\USDAgent.exe
FirewallRules: [{73B6EB83-4732-437D-BA8D-20713EA316EB}] => (Allow) C:\Program Files (x86)\Samsung\Samsung Universal Scan Driver\USDAgent.exe
FirewallRules: [{CC813E8F-A319-4848-978E-F7916B95BAF0}] => (Allow) C:\Program Files (x86)\Samsung\Samsung Universal Scan Driver\ICCUpdater.exe
FirewallRules: [{9FA39599-840B-4EB7-9ADF-CE3A2332911C}] => (Allow) C:\Program Files (x86)\Samsung\Samsung Universal Scan Driver\ICCUpdater.exe
FirewallRules: [{DC771AD2-E3C1-48CE-9CFC-F842AEFA4076}] => (Allow) C:\Program Files\Intel Corporation\Intel WiDi\WiDiApp.exe
FirewallRules: [{29A4C86B-1724-4811-9082-17A4B28D0F41}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{2A74722F-68D0-418B-BA19-434333F20A94}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{B0679410-AD00-40E4-BF35-3D53E8F29BCB}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Deadlight\Binaries\Win32\LOTDGame.exe
FirewallRules: [{DC992950-F370-4751-886E-84AFB918ECFA}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Deadlight\Binaries\Win32\LOTDGame.exe
FirewallRules: [{DF2ED592-D5E6-4572-B53C-D1BA958236E8}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{BE0F143C-238F-41B6-A8B7-B8435288A0F8}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{18D18801-574A-4FC0-9CCD-63D5A112C428}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\I am Alive\src\SYSTEM\IAmAlive_game.exe
FirewallRules: [{2AFBD8E6-E297-4038-A5F1-CB05C3612358}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\I am Alive\src\SYSTEM\IAmAlive_game.exe
FirewallRules: [{91FDAD9A-A75D-44D0-85A9-D2BAEC144E82}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{C03C5111-1FA5-4645-A919-4934EB3B4AB3}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{1C927BD8-7587-4000-8E20-8AE8CF02B59D}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{E27813A0-9078-4A01-86FA-6B005AE8F3F2}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{16D27818-428F-42DE-B9A0-988080C0E2B9}] => (Allow) C:\Program Files (x86)\WinTV\WinTV7\WinTV7.exe
FirewallRules: [{7D6CD9E6-E93D-42FB-8031-B003CDCB520F}] => (Allow) C:\Program Files (x86)\WinTV\WinTV7\WinTV7.exe
FirewallRules: [{E5C8E5E2-DDC2-4798-8836-3DB80FEF3BA2}] => (Allow) C:\Program Files (x86)\WinTV\WinTV7\WinTV7.exe
FirewallRules: [{9BC329C6-4A28-4674-BE6F-6931997A7722}] => (Allow) C:\Program Files (x86)\WinTV\WinTV7\WinTV7.exe
FirewallRules: [{58C24914-CB7C-458E-8FF3-01B3FC3FDCBA}] => (Allow) C:\Program Files (x86)\Samsung\Easy File Share\EasyFileShare.EXE
FirewallRules: [{F6CCB615-F57E-4F54-B6F7-3236C55CBCCB}] => (Allow) C:\Program Files (x86)\Samsung\Easy File Share\EasyFileShare.EXE
FirewallRules: [{FE4FE5EC-746D-4FD0-B24E-CD96A1B8B06B}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
FirewallRules: [{12396307-2D48-4F66-9E8C-A4402CA4451E}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe
FirewallRules: [{15E81DEF-D442-4615-B1AE-E43ED2348555}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe
FirewallRules: [{5FDA6A27-7D0E-4403-9332-D1F2B818B1DA}] => (Allow) C:\Program Files (x86)\Ubisoft\Related Designs\ANNO 2070\Anno5.exe
FirewallRules: [{C49CAF00-82FB-4CD3-AF32-BDBFF9BF0651}] => (Allow) C:\Program Files (x86)\Ubisoft\Related Designs\ANNO 2070\Anno5.exe
FirewallRules: [{A5E8616D-D25A-484D-ACB7-C9E0F496F74B}] => (Allow) C:\Program Files (x86)\Ubisoft\Related Designs\ANNO 2070\AutoPatcher.exe
FirewallRules: [{EE77C25E-21FC-49D2-9808-1B130E762572}] => (Allow) C:\Program Files (x86)\Ubisoft\Related Designs\ANNO 2070\AutoPatcher.exe
FirewallRules: [{A8E22F75-C7B9-47C2-8AF1-8E7E76DD2043}] => (Allow) C:\Program Files (x86)\Ubisoft\Related Designs\ANNO 2070\InitEngine.exe
FirewallRules: [{A18ACCE6-C138-4E26-8003-F6E2DF5DB393}] => (Allow) C:\Program Files (x86)\Ubisoft\Related Designs\ANNO 2070\InitEngine.exe
FirewallRules: [{FCF48798-622E-4644-8E1B-18B8D7A3C6B8}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD10\PowerDVD Cinema\PowerDVDCinema10.exe
FirewallRules: [{11D0B109-E345-46EB-BAB5-2DF6055F320A}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD10\PowerDVD10.EXE
FirewallRules: [{F526A782-56FA-4B57-B066-31C3D1AB0B64}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{49CF409B-37F1-43DE-AFBA-8E01987CB602}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{998951D6-4256-4C18-BB47-B07A86D170AF}] => (Allow) C:\Users\Marcel Ruckober\AppData\Local\Temp\EpInsNav\DL\3013\Network\EpsonNetSetup\EpsonNetSetup\Data\ENEasyApp.exe
FirewallRules: [{7FF46C24-5F41-4867-82E2-6052BAE21427}] => (Allow) C:\Users\Marcel Ruckober\AppData\Local\Temp\EpInsNav\DL\3013\Network\EpsonNetSetup\EpsonNetSetup\Data\ENEasyApp.exe
FirewallRules: [TCP Query User{8E44AB57-5099-4649-8A85-5C2041B07DED}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{2997AE29-FAA9-4922-8C1C-812AA5FB6009}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [{361CB675-1E63-4320-B2D4-B3C2C4596410}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\Movie\PowerDVD Cinema\PowerDVDCinema12.exe
FirewallRules: [{18233D0B-3398-4FAA-A121-ECFD3B899E5D}] => (Allow) C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe
FirewallRules: [{9239827F-49DD-4DB6-8B5D-CA3788BE61D1}] => (Allow) C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe

==================== Wiederherstellungspunkte =========================

03-05-2016 16:30:14 Installed Epson Event Manager
05-05-2016 14:40:49 Installed Epson Printer Connection Checker
11-05-2016 18:15:01 Windows Update
11-05-2016 18:16:03 Windows Update
15-05-2016 10:24:18 Windows Update
16-05-2016 14:33:09 Installiert Brother Software Suite

==================== Fehlerhafte Geräte im Gerätemanager =============


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (05/16/2016 05:54:51 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: BITSC:\Windows\System32\bitsperf.dll8

Error: (05/16/2016 04:09:03 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: MarcelRuckober)
Description: Bei der Aktivierung der App „Microsoft.Windows.Photos_8wekyb3d8bbwe!App“ ist folgender Fehler aufgetreten: -2144927141. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.

Error: (05/16/2016 02:40:19 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: taskhostw.exe, Version: 10.0.10586.0, Zeitstempel: 0x5632d756
Name des fehlerhaften Moduls: ntdll.dll, Version: 10.0.10586.306, Zeitstempel: 0x571af2eb
Ausnahmecode: 0xc0000374
Fehleroffset: 0x00000000000ee6fc
ID des fehlerhaften Prozesses: 0x18c8
Startzeit der fehlerhaften Anwendung: 0xtaskhostw.exe0
Pfad der fehlerhaften Anwendung: taskhostw.exe1
Pfad des fehlerhaften Moduls: taskhostw.exe2
Berichtskennung: taskhostw.exe3
Vollständiger Name des fehlerhaften Pakets: taskhostw.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: taskhostw.exe5

Error: (05/16/2016 02:33:42 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".

Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft-Verbindungsschichterkennungsprotokoll.

System Error:
Zugriff verweigert
.

Error: (05/16/2016 02:27:49 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: EEventManager.exe, Version: 3.2.0.0, Zeitstempel: 0x569efb0c
Name des fehlerhaften Moduls: lxcttwds.ds, Version: 0.0.0.0, Zeitstempel: 0x44d8ebfc
Ausnahmecode: 0xc0000005
Fehleroffset: 0x000073a8
ID des fehlerhaften Prozesses: 0x1784
Startzeit der fehlerhaften Anwendung: 0xEEventManager.exe0
Pfad der fehlerhaften Anwendung: EEventManager.exe1
Pfad des fehlerhaften Moduls: EEventManager.exe2
Berichtskennung: EEventManager.exe3
Vollständiger Name des fehlerhaften Pakets: EEventManager.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: EEventManager.exe5

Error: (05/16/2016 12:15:53 PM) (Source: SideBySide) (EventID: 35) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Sony.Mrs,processorArchitecture="AMD64",type="win32",version="2.2.0.0"1". Fehler in Manifest- oder Richtliniendatei "Sony.Mrs,processorArchitecture="AMD64",type="win32",version="2.2.0.0"2" in Zeile  Sony.Mrs,processorArchitecture="AMD64",type="win32",version="2.2.0.0"3.
Die im Manifest gefundene Komponenten-ID stimmt nicht mit der ID der angeforderten Komponente überein.
Verweis: Sony.Mrs,processorArchitecture="AMD64",type="win32",version="2.2.0.0".
Definition: Sony.Mrs,processorArchitecture="x86",type="win32",version="2.2.0.0".
Verwenden Sie das Programm "sxstrace.exe" für eine detaillierte Diagnose.

Error: (05/16/2016 11:36:36 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: EEventManager.exe, Version: 3.2.0.0, Zeitstempel: 0x569efb0c
Name des fehlerhaften Moduls: lxcttwds.ds, Version: 0.0.0.0, Zeitstempel: 0x44d8ebfc
Ausnahmecode: 0xc0000005
Fehleroffset: 0x000073a8
ID des fehlerhaften Prozesses: 0x26e0
Startzeit der fehlerhaften Anwendung: 0xEEventManager.exe0
Pfad der fehlerhaften Anwendung: EEventManager.exe1
Pfad des fehlerhaften Moduls: EEventManager.exe2
Berichtskennung: EEventManager.exe3
Vollständiger Name des fehlerhaften Pakets: EEventManager.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: EEventManager.exe5

Error: (05/15/2016 08:53:24 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: EEventManager.exe, Version: 3.2.0.0, Zeitstempel: 0x569efb0c
Name des fehlerhaften Moduls: lxcttwds.ds, Version: 0.0.0.0, Zeitstempel: 0x44d8ebfc
Ausnahmecode: 0xc0000005
Fehleroffset: 0x000073a8
ID des fehlerhaften Prozesses: 0x1458
Startzeit der fehlerhaften Anwendung: 0xEEventManager.exe0
Pfad der fehlerhaften Anwendung: EEventManager.exe1
Pfad des fehlerhaften Moduls: EEventManager.exe2
Berichtskennung: EEventManager.exe3
Vollständiger Name des fehlerhaften Pakets: EEventManager.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: EEventManager.exe5

Error: (05/15/2016 08:51:52 PM) (Source: Windows Backup) (EventID: 4103) (User: )
Description: Die Sicherung wurde aufgrund eines Fehlers beim Schreiben am Sicherungsort "E:\" nicht abgeschlossen. Fehler: Der Sicherungsort wurde nicht gefunden oder ist ungültig. Überprüfen Sie die Sicherungseinstellungen und den Sicherungsort. (0x81000006).

Error: (05/15/2016 01:27:40 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: EEventManager.exe, Version: 3.2.0.0, Zeitstempel: 0x569efb0c
Name des fehlerhaften Moduls: lxcttwds.ds, Version: 0.0.0.0, Zeitstempel: 0x44d8ebfc
Ausnahmecode: 0xc0000005
Fehleroffset: 0x000073a8
ID des fehlerhaften Prozesses: 0x1b5c
Startzeit der fehlerhaften Anwendung: 0xEEventManager.exe0
Pfad der fehlerhaften Anwendung: EEventManager.exe1
Pfad des fehlerhaften Moduls: EEventManager.exe2
Berichtskennung: EEventManager.exe3
Vollständiger Name des fehlerhaften Pakets: EEventManager.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: EEventManager.exe5


Systemfehler:
=============
Error: (05/18/2016 07:56:43 PM) (Source: DCOM) (EventID: 10016) (User: MarcelRuckober)
Description: ComputerstandardLokalAktivierung{C2F03A33-21F5-47FA-B4BB-156362A2F239}{316CDED5-E4AE-4B15-9113-7055D84DCC97}MarcelRuckoberMarcel RuckoberS-1-5-21-189922631-1767686969-1414721043-1001LocalHost (unter Verwendung von LRPC)Microsoft.WindowsStore_11602.1.26.0_x64__8wekyb3d8bbweS-1-15-2-1609473798-1231923017-684268153-4268514328-882773646-2760585773-1760938157

Error: (05/17/2016 10:10:49 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Synchronisierungshost_68715e2" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (05/17/2016 09:48:47 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Windows Presentation Foundation-Schriftartcache 3.0.0.0" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1053

Error: (05/17/2016 09:48:47 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Windows Presentation Foundation-Schriftartcache 3.0.0.0 erreicht.

Error: (05/17/2016 12:23:09 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Synchronisierungshost_3546891" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (05/16/2016 09:48:06 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Windows Presentation Foundation-Schriftartcache 3.0.0.0" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1053

Error: (05/16/2016 09:48:06 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Windows Presentation Foundation-Schriftartcache 3.0.0.0 erreicht.

Error: (05/16/2016 09:47:36 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Windows Presentation Foundation-Schriftartcache 3.0.0.0" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1053

Error: (05/16/2016 09:47:36 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Windows Presentation Foundation-Schriftartcache 3.0.0.0 erreicht.

Error: (05/16/2016 06:13:18 PM) (Source: DCOM) (EventID: 10010) (User: NT-AUTORITÄT)
Description: {7006698D-2974-4091-A424-85DD0B909E23}


CodeIntegrity:
===================================
  Date: 2016-05-16 14:17:47.958
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-05-16 11:38:54.814
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-05-13 17:29:59.238
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-05-12 18:36:44.881
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-04-26 21:23:42.932
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-04-24 17:48:40.687
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-04-23 22:30:40.726
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-04-23 21:36:38.710
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-04-19 19:22:22.192
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-04-19 19:19:27.918
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.


==================== Speicherinformationen =========================== 

Prozessor: Intel(R) Core(TM) i7-3610QM CPU @ 2.30GHz
Prozentuale Nutzung des RAM: 33%
Installierter physikalischer RAM: 8089.38 MB
Verfügbarer physikalischer RAM: 5402.18 MB
Summe virtueller Speicher: 16281.38 MB
Verfügbarer virtueller Speicher: 13711.2 MB

==================== Laufwerke ================================

Drive c: () (Fixed) (Total:905.99 GB) (Free:612.86 GB) NTFS

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 8D8AB3F7)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=906 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=450 MB) - (Type=27)
Partition 4: (Not Active) - (Size=25 GB) - (Type=27)

==================== Ende von Addition.txt ============================

Ruggi · 18.05.2016, 20:08

Zu guter Letzt TDSS:

Code:

ATTFilter

20:31:24.0592 0x1d80  TDSS rootkit removing tool 3.1.0.9 Dec 11 2015 22:49:12
20:31:31.0388 0x1d80  ============================================================
20:31:31.0388 0x1d80  Current date / time: 2016/05/18 20:31:31.0388
20:31:31.0388 0x1d80  SystemInfo:
20:31:31.0388 0x1d80  
20:31:31.0388 0x1d80  OS Version: 10.0.10586 ServicePack: 0.0
20:31:31.0389 0x1d80  Product type: Workstation
20:31:31.0389 0x1d80  ComputerName: MARCELRUCKOBER
20:31:31.0389 0x1d80  UserName: Marcel Ruckober
20:31:31.0389 0x1d80  Windows directory: C:\WINDOWS
20:31:31.0389 0x1d80  System windows directory: C:\WINDOWS
20:31:31.0389 0x1d80  Running under WOW64
20:31:31.0390 0x1d80  Processor architecture: Intel x64
20:31:31.0390 0x1d80  Number of processors: 8
20:31:31.0390 0x1d80  Page size: 0x1000
20:31:31.0390 0x1d80  Boot type: Normal boot
20:31:31.0390 0x1d80  ============================================================
20:31:32.0241 0x1d80  KLMD registered as C:\WINDOWS\system32\drivers\92790710.sys
20:31:34.0500 0x1d80  System UUID: {DABA6823-AE20-E478-27B8-8111D1AA77E5}
20:31:39.0322 0x1d80  Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 ( 931.51 Gb ), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
20:31:39.0324 0x1d80  ============================================================
20:31:39.0324 0x1d80  \Device\Harddisk0\DR0:
20:31:39.0324 0x1d80  MBR partitions:
20:31:39.0324 0x1d80  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
20:31:39.0324 0x1d80  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x713FC816
20:31:39.0324 0x1d80  ============================================================
20:31:39.0362 0x1d80  C: <-> \Device\Harddisk0\DR0\Partition2
20:31:39.0362 0x1d80  ============================================================
20:31:39.0362 0x1d80  Initialize success
20:31:39.0362 0x1d80  ============================================================
20:34:19.0700 0x1354  ============================================================
20:34:19.0701 0x1354  Scan started
20:34:19.0701 0x1354  Mode: Manual; SigCheck; TDLFS; 
20:34:19.0701 0x1354  ============================================================
20:34:19.0701 0x1354  KSN ping started
20:34:22.0362 0x1354  KSN ping finished: true
20:34:29.0099 0x1354  ================ Scan system memory ========================
20:34:29.0099 0x1354  System memory - ok
20:34:29.0100 0x1354  ================ Scan services =============================
20:34:29.0250 0x1354  1394ohci - ok
20:34:29.0253 0x1354  3ware - ok
20:34:29.0295 0x1354  [ A3769020F7E8A70FD3E824C050F33306, BAAB18DD28C753EC90E9552BD5FFC316AD8815505A7998BCE51D21448B373D86 ] acedrv11        C:\windows\system32\drivers\acedrv11.sys
20:34:29.0360 0x1354  acedrv11 - ok
20:34:29.0408 0x1354  ACPI - ok
20:34:29.0428 0x1354  acpiex - ok
20:34:29.0431 0x1354  acpipagr - ok
20:34:29.0457 0x1354  AcpiPmi - ok
20:34:29.0460 0x1354  acpitime - ok
20:34:29.0582 0x1354  [ 36114214BF8D7C464D1E92E4EB6B2DD3, 8E7CB266D4ABCDF332A3D4D341753811D51B72985E36F24A7E757DCA11A65A2A ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
20:34:29.0591 0x1354  AdobeARMservice - ok
20:34:29.0715 0x1354  [ 28FFB14117CCEDD7D2F124596AA9B785, 8FC482C6444C904B5536979B3354597FD714634EC7372B464118C42AA9DCB58A ] AdobeFlashPlayerUpdateSvc C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
20:34:29.0726 0x1354  AdobeFlashPlayerUpdateSvc - ok
20:34:29.0731 0x1354  ADP80XX - ok
20:34:29.0757 0x1354  AFD - ok
20:34:29.0772 0x1354  agp440 - ok
20:34:29.0774 0x1354  ahcache - ok
20:34:29.0782 0x1354  AJRouter - ok
20:34:29.0799 0x1354  ALG - ok
20:34:29.0802 0x1354  AmdK8 - ok
20:34:29.0805 0x1354  AmdPPM - ok
20:34:29.0808 0x1354  amdsata - ok
20:34:29.0811 0x1354  amdsbs - ok
20:34:29.0813 0x1354  amdxata - ok
20:34:29.0868 0x1354  [ 9C385432C11AECC647E8D0BC7663AB48, 4DDD1DCA5FD515EA95AD12BAEE42082BE4111B9FA13FFC101F5E7BD83290AC0F ] AMPPAL          C:\WINDOWS\System32\drivers\AMPPAL.sys
20:34:29.0877 0x1354  AMPPAL - ok
20:34:29.0883 0x1354  [ 9C385432C11AECC647E8D0BC7663AB48, 4DDD1DCA5FD515EA95AD12BAEE42082BE4111B9FA13FFC101F5E7BD83290AC0F ] AMPPALP         C:\WINDOWS\system32\DRIVERS\amppal.sys
20:34:29.0920 0x1354  AMPPALP - ok
20:34:29.0981 0x1354  AppHostSvc - ok
20:34:29.0997 0x1354  AppID - ok
20:34:30.0015 0x1354  AppIDSvc - ok
20:34:30.0018 0x1354  Appinfo - ok
20:34:30.0020 0x1354  AppReadiness - ok
20:34:30.0050 0x1354  AppXSvc - ok
20:34:30.0071 0x1354  arcsas - ok
20:34:30.0190 0x1354  aspnet_state - ok
20:34:30.0193 0x1354  AsyncMac - ok
20:34:30.0195 0x1354  atapi - ok
20:34:30.0241 0x1354  [ FC0E8778C000291CAF60EB88C011E931, 09BCCA3DE01021AEF76DFB46F01D21BA6FF409E816FA7547E5C3DFBF3A615ED2 ] atksgt          C:\WINDOWS\system32\DRIVERS\atksgt.sys
20:34:30.0253 0x1354  atksgt - ok
20:34:30.0280 0x1354  AudioEndpointBuilder - ok
20:34:30.0288 0x1354  Audiosrv - ok
20:34:30.0301 0x1354  AxInstSV - ok
20:34:30.0315 0x1354  b06bdrv - ok
20:34:30.0327 0x1354  BasicDisplay - ok
20:34:30.0330 0x1354  BasicRender - ok
20:34:30.0334 0x1354  bcmfn - ok
20:34:30.0336 0x1354  bcmfn2 - ok
20:34:30.0360 0x1354  BDESVC - ok
20:34:30.0367 0x1354  Beep - ok
20:34:30.0380 0x1354  BFE - ok
20:34:30.0612 0x1354  [ 21F9843380D6151AE0E220B6CE73B9E4, 295142D36FEB1A993DACAA3302789877DDCB3EB527E4B0BA6A55AAC8975600D6 ] BHDrvx64        C:\Program Files (x86)\Norton Security with Backup\NortonData\22.1.0.9\Definitions\BASHDefs\20160502.001\BHDrvx64.sys
20:34:30.0648 0x1354  BHDrvx64 - ok
20:34:30.0669 0x1354  BITS - ok
20:34:30.0672 0x1354  bowser - ok
20:34:30.0679 0x1354  BrokerInfrastructure - ok
20:34:30.0691 0x1354  Browser - ok
20:34:30.0817 0x1354  [ 0E03E300CB28F30843F40069563CE2AD, 8D1E78A847B548F32E15573A39E403E6A65838C77628B9F9BFBDED527BAE9054 ] BrYNSvc         C:\Program Files (x86)\Browny02\BrYNSvc.exe
20:34:30.0847 0x1354  BrYNSvc - detected UnsignedFile.Multi.Generic ( 1 )
20:34:34.0495 0x1354  Detect skipped due to KSN trusted
20:34:34.0496 0x1354  BrYNSvc - ok
20:34:34.0529 0x1354  BthAvrcpTg - ok
20:34:34.0572 0x1354  BthEnum - ok
20:34:34.0576 0x1354  BthHFEnum - ok
20:34:34.0578 0x1354  bthhfhid - ok
20:34:34.0597 0x1354  BthHFSrv - ok
20:34:34.0621 0x1354  BthLEEnum - ok
20:34:34.0624 0x1354  BTHMODEM - ok
20:34:34.0627 0x1354  BthPan - ok
20:34:34.0653 0x1354  BTHPORT - ok
20:34:34.0656 0x1354  bthserv - ok
20:34:34.0680 0x1354  BTHUSB - ok
20:34:34.0687 0x1354  buttonconverter - ok
20:34:34.0701 0x1354  CapImg - ok
20:34:34.0760 0x1354  [ 5A1C7DBDDB001BC6F1D1720E655445E2, 07A766C804D0709936FF18A2F67C49D6499BEF9CEEB1EF69F654A35268A11027 ] ccSet_NSBU      C:\WINDOWS\system32\drivers\NSBUx64\1606000.08E\ccSetx64.sys
20:34:34.0770 0x1354  ccSet_NSBU - ok
20:34:34.0786 0x1354  cdfs - ok
20:34:34.0790 0x1354  CDPSvc - ok
20:34:34.0792 0x1354  cdrom - ok
20:34:34.0794 0x1354  CertPropSvc - ok
20:34:34.0797 0x1354  circlass - ok
20:34:34.0799 0x1354  CLFS - ok
20:34:34.0820 0x1354  ClipSVC - ok
20:34:34.0931 0x1354  [ 0505BFD7D30036DCB39EAFC5ADF07437, 1FB8D9CCA42C1E0757FC744623A668BDA5EA8A1C74201A8BB1A3B056EB1D3DFC ] CLKMSVC10_38F51D56 C:\Program Files (x86)\CyberLink\PowerDVD10\NavFilter\kmsvc.exe
20:34:34.0941 0x1354  CLKMSVC10_38F51D56 - ok
20:34:35.0087 0x1354  [ 99852A765657AD45597FBA12CD09623F, 3559F1471BBF3E1643670FBA31215ADBB3BE56C7BDAD7DB9A23D36D8034EE088 ] CLKMSVC10_99E320F5 C:\Program Files (x86)\CyberLink\PowerDVD12\Common\NavFilter\kmsvc.exe
20:34:35.0100 0x1354  CLKMSVC10_99E320F5 - ok
20:34:35.0148 0x1354  [ E13A438F9E51DD034730678E33B73290, 3BB111DFDAEAB8DA6124600C7F6E080C2950A0BB420803FC12560343E1A9280A ] clwvd           C:\WINDOWS\system32\DRIVERS\clwvd.sys
20:34:35.0155 0x1354  clwvd - ok
20:34:35.0158 0x1354  CmBatt - ok
20:34:35.0174 0x1354  CNG - ok
20:34:35.0177 0x1354  cnghwassist - ok
20:34:35.0259 0x1354  CompositeBus - ok
20:34:35.0262 0x1354  COMSysApp - ok
20:34:35.0285 0x1354  condrv - ok
20:34:35.0307 0x1354  CoreMessagingRegistrar - ok
20:34:35.0393 0x1354  [ 04EDA9CCE0DAF2D1D2461DB137A77D92, C3F9AF6B21ADF9DF623D989E6F0EA46EEFB802E1D421453007E5658BA3902AC1 ] cphs            C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
20:34:35.0429 0x1354  cphs - ok
20:34:35.0456 0x1354  CryptSvc - ok
20:34:35.0553 0x1354  [ B4D1D62A09F09CB2DFD55628350CDAFB, 7DD3CE77D88B5AFAC4B6187F4CA6D50B7BD3398207163B2A1E4C76467801FF28 ] cvhsvc          C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
20:34:35.0576 0x1354  cvhsvc - ok
20:34:35.0580 0x1354  dam - ok
20:34:35.0608 0x1354  DcomLaunch - ok
20:34:35.0625 0x1354  DcpSvc - ok
20:34:35.0628 0x1354  defragsvc - ok
20:34:35.0631 0x1354  DeviceAssociationService - ok
20:34:35.0633 0x1354  DeviceInstall - ok
20:34:35.0636 0x1354  DevQueryBroker - ok
20:34:35.0652 0x1354  Dfsc - ok
20:34:35.0654 0x1354  Dhcp - ok
20:34:35.0711 0x1354  diagnosticshub.standardcollector.service - ok
20:34:35.0735 0x1354  DiagTrack - ok
20:34:35.0752 0x1354  disk - ok
20:34:35.0780 0x1354  DmEnrollmentSvc - ok
20:34:35.0783 0x1354  dmvsc - ok
20:34:35.0792 0x1354  dmwappushservice - ok
20:34:35.0806 0x1354  Dnscache - ok
20:34:35.0810 0x1354  dot3svc - ok
20:34:35.0813 0x1354  DPS - ok
20:34:35.0848 0x1354  drmkaud - ok
20:34:35.0851 0x1354  DsmSvc - ok
20:34:35.0859 0x1354  DsSvc - ok
20:34:35.0874 0x1354  DXGKrnl - ok
20:34:35.0902 0x1354  Eaphost - ok
20:34:35.0905 0x1354  ebdrv - ok
20:34:35.0970 0x1354  [ E5C10FCFA331D2BA13B211D0454FEA38, 9363545317C655EED282BA1FE7C71B26E2C3599F35E42E7496F413961303A24D ] eeCtrl          C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys
20:34:35.0984 0x1354  eeCtrl - ok
20:34:36.0000 0x1354  EFS - ok
20:34:36.0002 0x1354  EhStorClass - ok
20:34:36.0007 0x1354  EhStorTcgDrv - ok
20:34:36.0009 0x1354  embeddedmode - ok
20:34:36.0012 0x1354  EntAppSvc - ok
20:34:36.0044 0x1354  [ 2BD3F1059975CE90F8D968DADD790DFF, 9FD4FA7DB54B0E1E4A48863435F728220978A271D2A28BB3E9E112C1A59B1D4C ] EraserUtilRebootDrv C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys
20:34:36.0052 0x1354  EraserUtilRebootDrv - ok
20:34:36.0056 0x1354  ErrDev - ok
20:34:36.0084 0x1354  [ 3B32CAA07D672F8A2E0DF5CB3A873F45, 09687E30FA5779C3593769D66CAEBED95C932746EDD6E83DABE3DCFD126AB5EC ] EsgScanner      C:\WINDOWS\system32\DRIVERS\EsgScanner.sys
20:34:36.0091 0x1354  EsgScanner - ok
20:34:36.0156 0x1354  [ 5DEB98736E142C943F27EDBD6A048BC7, D9514CC98E23969C577277756197C888A0D0B3D439340899B32D84D2675903A7 ] ESProtectionDriver C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae64.sys
20:34:36.0165 0x1354  ESProtectionDriver - ok
20:34:36.0194 0x1354  EventSystem - ok
20:34:36.0197 0x1354  exfat - ok
20:34:36.0215 0x1354  fastfat - ok
20:34:36.0239 0x1354  Fax - ok
20:34:36.0241 0x1354  fdc - ok
20:34:36.0244 0x1354  fdPHost - ok
20:34:36.0247 0x1354  FDResPub - ok
20:34:36.0250 0x1354  fhsvc - ok
20:34:36.0252 0x1354  FileCrypt - ok
20:34:36.0255 0x1354  FileInfo - ok
20:34:36.0258 0x1354  Filetrace - ok
20:34:36.0261 0x1354  flpydisk - ok
20:34:36.0284 0x1354  FltMgr - ok
20:34:36.0287 0x1354  FontCache - ok
20:34:36.0377 0x1354  FontCache3.0.0.0 - ok
20:34:36.0380 0x1354  FsDepends - ok
20:34:36.0383 0x1354  Fs_Rec - ok
20:34:36.0386 0x1354  fvevol - ok
20:34:36.0388 0x1354  gagp30kx - ok
20:34:36.0406 0x1354  gencounter - ok
20:34:36.0429 0x1354  genericusbfn - ok
20:34:36.0432 0x1354  GPIOClx0101 - ok
20:34:36.0446 0x1354  gpsvc - ok
20:34:36.0468 0x1354  GpuEnergyDrv - ok
20:34:36.0528 0x1354  [ 615CF0ACE0B3BD7931E6BB4653E27523, 7FAE3411FE5484CEDEA7998179106B246F03BDD76879B37AD089B25880CBE2F9 ] HauppaugeTVServer C:\Program Files (x86)\WinTV\TVServer\HauppaugeTVServer.exe
20:34:36.0548 0x1354  HauppaugeTVServer - detected UnsignedFile.Multi.Generic ( 1 )
20:34:39.0381 0x1354  HauppaugeTVServer ( UnsignedFile.Multi.Generic ) - warning
20:34:42.0708 0x1354  HDAudBus - ok
20:34:42.0711 0x1354  HidBatt - ok
20:34:42.0725 0x1354  HidBth - ok
20:34:42.0728 0x1354  hidi2c - ok
20:34:42.0730 0x1354  hidinterrupt - ok
20:34:42.0733 0x1354  HidIr - ok
20:34:42.0747 0x1354  hidserv - ok
20:34:42.0781 0x1354  HidUsb - ok
20:34:42.0805 0x1354  HomeGroupListener - ok
20:34:42.0828 0x1354  HomeGroupProvider - ok
20:34:42.0831 0x1354  HpSAMD - ok
20:34:42.0841 0x1354  HTTP - ok
20:34:42.0844 0x1354  hwpolicy - ok
20:34:42.0847 0x1354  hyperkbd - ok
20:34:42.0848 0x1354  i8042prt - ok
20:34:42.0852 0x1354  iai2c - ok
20:34:42.0874 0x1354  iaLPSS2i_I2C - ok
20:34:42.0877 0x1354  iaLPSSi_GPIO - ok
20:34:42.0881 0x1354  iaLPSSi_I2C - ok
20:34:42.0922 0x1354  [ C224331A54571C8C9162F7714400BBBD, C2CA4881ACD46071E67435BE5E3DB133D0743B026FD20D6D6E26B2FE7A03FCAA ] iaStor          C:\WINDOWS\system32\drivers\iaStor.sys
20:34:42.0939 0x1354  iaStor - ok
20:34:42.0959 0x1354  iaStorAV - ok
20:34:42.0962 0x1354  iaStorV - ok
20:34:42.0965 0x1354  ibbus - ok
20:34:43.0003 0x1354  [ 62F0CB0A54EAF37E15EC385300957BB8, 55FCF7068D84D5AEEAF3149A5349BF13F1D18E34956217916ED7C1950885E63C ] ibtfltcoex      C:\WINDOWS\system32\DRIVERS\ibtfltcoex.sys
20:34:43.0013 0x1354  ibtfltcoex - ok
20:34:43.0039 0x1354  icssvc - ok
20:34:43.0243 0x1354  [ 743E15B12449F1C5CCC6EE8A17465CAF, 1402280D5E5A3269F6ADF9F6AEDEEE7DE3D67F32EFBFA3671DACE0DE890065EA ] IDSVia64        C:\Program Files (x86)\Norton Security with Backup\NortonData\22.1.0.9\Definitions\IPSDefs\20160517.001\IDSvia64.sys
20:34:43.0265 0x1354  IDSVia64 - ok
20:34:43.0268 0x1354  IEEtwCollectorService - ok
20:34:43.0384 0x1354  [ 0AB45BA6F556AC59C6B9A4CD8F7B6299, 8500385E2E5F5CF5E9FC24007A0D224F018EFE8295802D07C6F7DD2A424D25CE ] igfx            C:\WINDOWS\system32\DRIVERS\igdkmd64.sys
20:34:43.0467 0x1354  igfx - ok
20:34:43.0526 0x1354  [ 2B0FA85AAFCC1B972EDD5C582094C777, 4EFA0C13BFF8B218E98ED2CECE2CF8685CFD5F8145AA6F1F7ABC197E5D5258B9 ] igfxCUIService1.0.0.0 C:\WINDOWS\system32\igfxCUIService.exe
20:34:43.0543 0x1354  igfxCUIService1.0.0.0 - ok
20:34:43.0546 0x1354  IKEEXT - ok
20:34:43.0593 0x1354  InstallerService - ok
20:34:43.0638 0x1354  [ 7BFAE7031DFCD04017680D23ADBCA2F0, D2B76BA288E7B594E346709E8A4A4C8FDD5990A87F456ED24F5BDE90424F6BD8 ] intaud_WaveExtensible C:\WINDOWS\system32\drivers\intelaud.sys
20:34:43.0649 0x1354  intaud_WaveExtensible - ok
20:34:43.0791 0x1354  [ 8DEDB08D32562867A3E83F0184F39ED4, 48D5A490C436386BA9BD0F9173E96346118C5E584099F2F31B0E931FF96BB4B9 ] IntcAzAudAddService C:\WINDOWS\system32\drivers\RTKVHD64.sys
20:34:43.0875 0x1354  IntcAzAudAddService - ok
20:34:43.0919 0x1354  [ 6C9FFFECA9FED31347D211C5D1FFBD2D, 36CF8B847FAED0D978B3169ED550CC958025902CAC1D7D304E2684B2483E72B8 ] IntcDAud        C:\WINDOWS\system32\DRIVERS\IntcDAud.sys
20:34:44.0014 0x1354  IntcDAud - ok
20:34:44.0085 0x1354  [ 832CE330DD987227B7DEA8C03F22AEFA, 3DE64D9519D9D865D4C1AA7483D846F0154392B6685BDC451DEC7DA5EA0E2B2E ] Intel(R) Capability Licensing Service Interface C:\Program Files\Intel\iCLS Client\HeciServer.exe
20:34:44.0101 0x1354  Intel(R) Capability Licensing Service Interface - ok
20:34:44.0207 0x1354  [ 9571D8BDB56EBC52280E8020574508E6, 0BF66B718E8261D3964CE0B24785F265DD31D4002CDA6F8AE24DDB4D66BF9DD0 ] Intel(R) ME Service C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
20:34:44.0215 0x1354  Intel(R) ME Service - ok
20:34:44.0363 0x1354  [ E155915445C9EFE0724A6C0DEF3DBD32, D7DE0ABDBADE647A3C6000AB44C942A7A027416590608E13508F54D314E5F344 ] IntelBCAsvc     C:\Program Files\Intel\BCA\pabeSvc64.exe
20:34:44.0422 0x1354  IntelBCAsvc - ok
20:34:44.0450 0x1354  intelide - ok
20:34:44.0452 0x1354  intelpep - ok
20:34:44.0454 0x1354  intelppm - ok
20:34:44.0457 0x1354  IoQos - ok
20:34:44.0479 0x1354  IpFilterDriver - ok
20:34:44.0489 0x1354  iphlpsvc - ok
20:34:44.0492 0x1354  IPMIDRV - ok
20:34:44.0494 0x1354  IPNAT - ok
20:34:44.0497 0x1354  IRENUM - ok
20:34:44.0500 0x1354  isapnp - ok
20:34:44.0502 0x1354  iScsiPrt - ok
20:34:44.0533 0x1354  [ F9E3612053E0947166037CB8EFEF7FB8, A73E9FC0BAFEC4F4AB114BC1C882CC6B4C0681554C2E7AD21AB0AAF372C87CE5 ] iwdbus          C:\WINDOWS\System32\drivers\iwdbus.sys
20:34:44.0541 0x1354  iwdbus - ok
20:34:44.0574 0x1354  [ DBD76BC1D498FE368F2C8CB76C3E00A4, CDFB082B57807CE89509A16D1C8A5BAEEC026EDD7068F5E359AA50557D2525DC ] jhi_service     C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
20:34:44.0582 0x1354  jhi_service - ok
20:34:44.0585 0x1354  kbdclass - ok
20:34:44.0588 0x1354  kbdhid - ok
20:34:44.0591 0x1354  kdnic - ok
20:34:44.0594 0x1354  KeyIso - ok
20:34:44.0596 0x1354  KSecDD - ok
20:34:44.0614 0x1354  KSecPkg - ok
20:34:44.0616 0x1354  ksthunk - ok
20:34:44.0627 0x1354  KtmRm - ok
20:34:44.0650 0x1354  LanmanServer - ok
20:34:44.0653 0x1354  LanmanWorkstation - ok
20:34:44.0656 0x1354  lfsvc - ok
20:34:44.0659 0x1354  LicenseManager - ok
20:34:44.0681 0x1354  [ 156AB2E56DC3CA0B582E3362E07CDED7, 7B03929273861690DC42E4C686E655BE5A1C60136AE5E739D7E62306AFD4AB9A ] lirsgt          C:\WINDOWS\system32\DRIVERS\lirsgt.sys
20:34:44.0688 0x1354  lirsgt - ok
20:34:44.0691 0x1354  lltdio - ok
20:34:44.0693 0x1354  lltdsvc - ok
20:34:44.0703 0x1354  lmhosts - ok
20:34:44.0728 0x1354  [ 86E4CC39C953D11EF57CF54C4DC78238, 076973CA22E8BA94877241EC39D97612C32F3E744E026FA0E518C4DDE8277A55 ] LMS             C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
20:34:44.0738 0x1354  LMS - ok
20:34:44.0743 0x1354  LSI_SAS - ok
20:34:44.0761 0x1354  LSI_SAS2i - ok
20:34:44.0763 0x1354  LSI_SAS3i - ok
20:34:44.0766 0x1354  LSI_SSS - ok
20:34:44.0768 0x1354  LSM - ok
20:34:44.0771 0x1354  luafv - ok
20:34:44.0774 0x1354  lxct_device - ok
20:34:44.0794 0x1354  MapsBroker - ok
20:34:44.0837 0x1354  [ 8DBF3E38A0AA715FFB0C86FFDCF052B4, 4BBF101976637EEE0CC9D3053687328020C1E9133F363B1B30C713CB7EF7ABAF ] MbaeSvc         C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae-svc.exe
20:34:44.0856 0x1354  MbaeSvc - ok
20:34:44.0924 0x1354  [ 504B5C84672392496BBE68FF450F9215, 19665E6A8E04729D45E0EE6C5A2E798ED76102949BF8342877041BE2C871042B ] McComponentHostService C:\Program Files\McAfee Security Scan\3.11.309\McCHSvc.exe
20:34:44.0936 0x1354  McComponentHostService - ok
20:34:44.0948 0x1354  megasas - ok
20:34:44.0952 0x1354  megasr - ok
20:34:44.0971 0x1354  [ 772A1DEEDFDBC244183B5C805D1B7D85, 7D821B8DF1F174E5414FFDEAB5207DB687740E9842F7203600AEBA086945AFC9 ] MEIx64          C:\WINDOWS\System32\drivers\HECIx64.sys
20:34:44.0978 0x1354  MEIx64 - ok
20:34:45.0015 0x1354  MessagingService - ok
20:34:45.0053 0x1354  mlx4_bus - ok
20:34:45.0078 0x1354  MMCSS - ok
20:34:45.0080 0x1354  Modem - ok
20:34:45.0083 0x1354  monitor - ok
20:34:45.0085 0x1354  mouclass - ok
20:34:45.0088 0x1354  mouhid - ok
20:34:45.0091 0x1354  mountmgr - ok
20:34:45.0156 0x1354  [ FC9A9C09B35A93F76A03D5E355FA862C, B7ED57B9D39D547BA2927FC5F02C2475BF131FDB8AD40FFDE72C966506756B56 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
20:34:45.0166 0x1354  MozillaMaintenance - ok
20:34:45.0169 0x1354  mpsdrv - ok
20:34:45.0192 0x1354  MpsSvc - ok
20:34:45.0218 0x1354  MQAC - ok
20:34:45.0225 0x1354  MRxDAV - ok
20:34:45.0232 0x1354  mrxsmb - ok
20:34:45.0235 0x1354  mrxsmb10 - ok
20:34:45.0238 0x1354  mrxsmb20 - ok
20:34:45.0240 0x1354  MsBridge - ok
20:34:45.0248 0x1354  MSDTC - ok
20:34:45.0254 0x1354  Msfs - ok
20:34:45.0292 0x1354  msgpiowin32 - ok
20:34:45.0294 0x1354  mshidkmdf - ok
20:34:45.0297 0x1354  mshidumdf - ok
20:34:45.0300 0x1354  msisadrv - ok
20:34:45.0322 0x1354  MSiSCSI - ok
20:34:45.0324 0x1354  msiserver - ok
20:34:45.0327 0x1354  MSKSSRV - ok
20:34:45.0330 0x1354  MsLldp - ok
20:34:45.0338 0x1354  MSMQ - ok
20:34:45.0341 0x1354  MSPCLOCK - ok
20:34:45.0345 0x1354  MSPQM - ok
20:34:45.0348 0x1354  MsRPC - ok
20:34:45.0352 0x1354  mssmbios - ok
20:34:45.0354 0x1354  MSTEE - ok
20:34:45.0371 0x1354  MTConfig - ok
20:34:45.0373 0x1354  Mup - ok
20:34:45.0376 0x1354  mvumis - ok
20:34:45.0444 0x1354  [ E605F35F03C881DC46902E0E2F5985B3, C97F0C733377E35B463EF7F6A5B879DA21AB512719899160C09278615FE39A21 ] MyEpson Portal Service C:\Program Files (x86)\EPSON\MyEpson Portal\mepService.exe
20:34:45.0465 0x1354  MyEpson Portal Service - ok
20:34:45.0492 0x1354  NativeWifiP - ok
20:34:45.0595 0x1354  [ 2892939B5ED33D1D90B6DECBFE0DED19, 86E4BDD283351B6B700DF34D101C230ACABAF27866CDA19EAEBF215EA557B3A6 ] NAVENG          C:\Program Files (x86)\Norton Security with Backup\NortonData\22.1.0.9\Definitions\VirusDefs\20160518.003\ENG64.SYS
20:34:45.0605 0x1354  NAVENG - ok
20:34:45.0673 0x1354  [ 967CC229AB24D8576F8D4494E91400BC, 8EE751756668934DB2A63EFECDE0A355E28AC7C5820EC22FF750528FACF30E70 ] NAVEX15         C:\Program Files (x86)\Norton Security with Backup\NortonData\22.1.0.9\Definitions\VirusDefs\20160518.003\EX64.SYS
20:34:45.0716 0x1354  NAVEX15 - ok
20:34:45.0742 0x1354  NcaSvc - ok
20:34:45.0758 0x1354  NcbService - ok
20:34:45.0761 0x1354  NcdAutoSetup - ok
20:34:45.0764 0x1354  ndfltr - ok
20:34:45.0776 0x1354  NDIS - ok
20:34:45.0779 0x1354  NdisCap - ok
20:34:45.0782 0x1354  NdisImPlatform - ok
20:34:45.0803 0x1354  NdisTapi - ok
20:34:45.0806 0x1354  Ndisuio - ok
20:34:45.0809 0x1354  NdisVirtualBus - ok
20:34:45.0812 0x1354  NdisWan - ok
20:34:45.0814 0x1354  ndiswanlegacy - ok
20:34:45.0817 0x1354  ndproxy - ok
20:34:45.0832 0x1354  Ndu - ok
20:34:45.0835 0x1354  NetBIOS - ok
20:34:45.0838 0x1354  NetBT - ok
20:34:45.0841 0x1354  Netlogon - ok
20:34:45.0857 0x1354  Netman - ok
20:34:45.0890 0x1354  NetMsmqActivator - ok
20:34:45.0892 0x1354  NetPipeActivator - ok
20:34:45.0896 0x1354  netprofm - ok
20:34:45.0921 0x1354  NetSetupSvc - ok
20:34:45.0922 0x1354  NetTcpActivator - ok
20:34:45.0925 0x1354  NetTcpPortSharing - ok
20:34:45.0930 0x1354  NETwNe64 - ok
20:34:45.0932 0x1354  NgcCtnrSvc - ok
20:34:45.0935 0x1354  NgcSvc - ok
20:34:45.0938 0x1354  NlaSvc - ok
20:34:46.0060 0x1354  [ 5839A8027D6D324A7CD494051A96628C, 474F2D0BB463ABE68D7C4D2C630860AED4B722EC62C616C91EE00AA965378382 ] NOBU            C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe
20:34:46.0113 0x1354  NOBU - ok
20:34:46.0125 0x1354  Npfs - ok
20:34:46.0146 0x1354  npsvctrig - ok
20:34:46.0207 0x1354  [ 79C88E3F65A8248DE45D59E2AECE1DD0, 2E1CB7AD5E6C5CF9B26476985CF0285B3DFFD0FC719B2DB1ED8D83BA167AFF2A ] NSBU            C:\Program Files (x86)\Norton Security with Backup\Engine\22.6.0.142\NSBU.exe
20:34:46.0220 0x1354  NSBU - ok
20:34:46.0234 0x1354  nsi - ok
20:34:46.0237 0x1354  nsiproxy - ok
20:34:46.0262 0x1354  NTFS - ok
20:34:46.0265 0x1354  Null - ok
20:34:46.0538 0x1354  [ CA845A43C0840A3654FD3E49FA753043, FEC24570D919E46927EA5ACFDA9DD3DEDBC6545A336FA9A27A375572D7884FBC ] nvlddmkm        C:\WINDOWS\system32\DRIVERS\nvlddmkm.sys
20:34:46.0732 0x1354  nvlddmkm - ok
20:34:46.0777 0x1354  [ 6402DEEA671AF70CFE44770A527085DA, 4B6DFA5884CD8336002E92B5923BD1AF0929454506E92760A848DAD07D105E5B ] nvpciflt        C:\WINDOWS\system32\DRIVERS\nvpciflt.sys
20:34:46.0784 0x1354  nvpciflt - ok
20:34:46.0802 0x1354  nvraid - ok
20:34:46.0805 0x1354  nvstor - ok
20:34:46.0860 0x1354  [ 8194FC1EC2EE36F63CFDC62595444FB2, E91EE3CCD98624E867FAA65E6007AE1FF6718FFAA0C6C29871D934B315D5FDA8 ] nvsvc           C:\WINDOWS\system32\nvvsvc.exe
20:34:46.0887 0x1354  nvsvc - ok
20:34:46.0897 0x1354  nv_agp - ok
20:34:46.0911 0x1354  OneSyncSvc - ok
20:34:47.0001 0x1354  [ 9D10F99A6712E28F8ACD5641E3A7EA6B, 70964A0ED9011EA94044E15FA77EDD9CF535CC79ED8E03A3721FF007E69595CC ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
20:34:47.0011 0x1354  ose - ok
20:34:47.0212 0x1354  [ 61BFFB5F57AD12F83AB64B7181829B34, 1DD0DD35E4158F95765EE6639F217DF03A0A19E624E020DBA609268C08A13846 ] osppsvc         C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
20:34:47.0303 0x1354  osppsvc - ok
20:34:47.0333 0x1354  p2pimsvc - ok
20:34:47.0341 0x1354  p2psvc - ok
20:34:47.0374 0x1354  Parport - ok
20:34:47.0376 0x1354  partmgr - ok
20:34:47.0391 0x1354  PcaSvc - ok
20:34:47.0410 0x1354  pci - ok
20:34:47.0434 0x1354  pciide - ok
20:34:47.0437 0x1354  pcmcia - ok
20:34:47.0440 0x1354  pcw - ok
20:34:47.0464 0x1354  pdc - ok
20:34:47.0485 0x1354  PEAUTH - ok
20:34:47.0502 0x1354  percsas2i - ok
20:34:47.0505 0x1354  percsas3i - ok
20:34:47.0557 0x1354  PerfHost - ok
20:34:47.0570 0x1354  PhoneSvc - ok
20:34:47.0577 0x1354  PimIndexMaintenanceSvc - ok
20:34:47.0643 0x1354  pla - ok
20:34:47.0657 0x1354  PlugPlay - ok
20:34:47.0660 0x1354  PNRPAutoReg - ok
20:34:47.0662 0x1354  PNRPsvc - ok
20:34:47.0674 0x1354  PolicyAgent - ok
20:34:47.0678 0x1354  Power - ok
20:34:47.0690 0x1354  PptpMiniport - ok
20:34:47.0825 0x1354  [ 959F94AD1255BC749884EDDD14EC29C4, 2CD6DA9778EA36FA0B4080F6DB1C634712238E014E47546403CD3CDB35A1DCA8 ] PrintNotify     C:\WINDOWS\system32\spool\drivers\x64\3\PrintConfig.dll
20:34:47.0981 0x1354  PrintNotify - ok
20:34:48.0012 0x1354  Processor - ok
20:34:48.0028 0x1354  ProfSvc - ok
20:34:48.0040 0x1354  Psched - ok
20:34:48.0053 0x1354  QWAVE - ok
20:34:48.0056 0x1354  QWAVEdrv - ok
20:34:48.0081 0x1354  [ 45F4CEF43389C69641B56DD9E0618422, D7003038EA3414B08211C1203B5A94072FA719BFC1B7A142FBDB5E7D12F728C4 ] RadioHIDMini    C:\WINDOWS\System32\drivers\RadioHIDMini.sys
20:34:48.0094 0x1354  RadioHIDMini - ok
20:34:48.0113 0x1354  RasAcd - ok
20:34:48.0132 0x1354  RasAgileVpn - ok
20:34:48.0147 0x1354  RasAuto - ok
20:34:48.0161 0x1354  Rasl2tp - ok
20:34:48.0177 0x1354  RasMan - ok
20:34:48.0180 0x1354  RasPppoe - ok
20:34:48.0182 0x1354  RasSstp - ok
20:34:48.0185 0x1354  rdbss - ok
20:34:48.0188 0x1354  rdpbus - ok
20:34:48.0191 0x1354  RDPDR - ok
20:34:48.0195 0x1354  RdpVideoMiniport - ok
20:34:48.0198 0x1354  rdyboost - ok
20:34:48.0200 0x1354  ReFSv1 - ok
20:34:48.0219 0x1354  RemoteAccess - ok
20:34:48.0221 0x1354  RemoteRegistry - ok
20:34:48.0243 0x1354  RetailDemo - ok
20:34:48.0276 0x1354  RFCOMM - ok
20:34:48.0380 0x1354  [ F12A68ED55053940CADD59CA5E3468DD, 75331E6DA4E30717085E7D8131989241EBC492DC3EE455546F91DA9DFFFD2BFC ] RichVideo       C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
20:34:48.0391 0x1354  RichVideo - detected UnsignedFile.Multi.Generic ( 1 )
20:34:51.0948 0x1354  Detect skipped due to KSN trusted
20:34:51.0948 0x1354  RichVideo - ok
20:34:51.0953 0x1354  RpcEptMapper - ok
20:34:51.0982 0x1354  RpcLocator - ok
20:34:51.0985 0x1354  RpcSs - ok
20:34:52.0001 0x1354  rspndr - ok
20:34:52.0061 0x1354  [ FA00B16D06217288AFD700223DA131BA, 90688C3A8403FEF2A90550781CBA932A522125B47D71F3F0AF73E21E43BC5564 ] rt640x64        C:\WINDOWS\System32\drivers\rt640x64.sys
20:34:52.0084 0x1354  rt640x64 - ok
20:34:52.0087 0x1354  s3cap - ok
20:34:52.0115 0x1354  [ 62DB6CC4B0818F1B5F3441241B098F12, 7A53B3FBA3F82EDE6FA688E531FBE7EC9E1AE329090C0AFE0DCD64F65BD90F21 ] SABI            C:\windows\system32\Drivers\SABI.sys
20:34:52.0125 0x1354  SABI - ok
20:34:52.0141 0x1354  SamSs - ok
20:34:52.0249 0x1354  [ 9D19E17449C8E8759D6872F662104321, CB9D2216D100A5B03EC36E4EAD66252EFF102024805DEE65DCE06CC61B34BD7E ] SamsungAllShareV2.0 C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\AllShareDMS.exe
20:34:52.0256 0x1354  SamsungAllShareV2.0 - ok
20:34:52.0272 0x1354  sbp2port - ok
20:34:52.0294 0x1354  SCardSvr - ok
20:34:52.0297 0x1354  ScDeviceEnum - ok
20:34:52.0311 0x1354  scfilter - ok
20:34:52.0326 0x1354  Schedule - ok
20:34:52.0337 0x1354  SCPolicySvc - ok
20:34:52.0348 0x1354  sdbus - ok
20:34:52.0351 0x1354  SDRSVC - ok
20:34:52.0362 0x1354  sdstor - ok
20:34:52.0373 0x1354  seclogon - ok
20:34:52.0376 0x1354  SENS - ok
20:34:52.0389 0x1354  SensorDataService - ok
20:34:52.0397 0x1354  SensorService - ok
20:34:52.0400 0x1354  SensrSvc - ok
20:34:52.0403 0x1354  SerCx - ok
20:34:52.0405 0x1354  SerCx2 - ok
20:34:52.0433 0x1354  Serenum - ok
20:34:52.0446 0x1354  Serial - ok
20:34:52.0448 0x1354  sermouse - ok
20:34:52.0455 0x1354  SessionEnv - ok
20:34:52.0553 0x1354  [ E62DACE1C081A463B90BF8B76FA19514, 68C73A579B872988A75FFB42662C5D40D4BC343B34DE8178AA1EC5E0AB696217 ] Settings Launcher C:\Program Files (x86)\Samsung\Settings\CmdServer\SettingsLauncher.exe
20:34:52.0586 0x1354  Settings Launcher - ok
20:34:52.0593 0x1354  sfloppy - ok
20:34:52.0636 0x1354  [ 21AB491BBCC8C1B26FDC402A374AB196, DD973C9963C840200D153A15078152D499639730D065BB8122C6BE65D4372300 ] Sftfs           C:\WINDOWS\system32\DRIVERS\Sftfslh.sys
20:34:52.0657 0x1354  Sftfs - ok
20:34:52.0730 0x1354  [ 4E1BB8A9CCDB4BAF41F7F9A930EB121D, D994B20DACEB187BEB6530309E2185040B58105E4FD5AC1DA435712F9DE027D0 ] sftlist         C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
20:34:52.0747 0x1354  sftlist - ok
20:34:52.0787 0x1354  [ 3B8D43FEEFF7A187534DDDFD675FE123, 9308D5C552FE3AF1121A3F7B7595547C6B892FF500377953F3B623511D84698C ] Sftplay         C:\WINDOWS\system32\DRIVERS\Sftplaylh.sys
20:34:52.0800 0x1354  Sftplay - ok
20:34:52.0810 0x1354  [ F1D1B1DC7A8765A09D7640FBF8D20970, 72E59B04BC44DAFFB88987C16CF3F9DC35438B15879E102FD83013673E0DB66F ] Sftredir        C:\WINDOWS\system32\DRIVERS\Sftredirlh.sys
20:34:52.0819 0x1354  Sftredir - ok
20:34:52.0835 0x1354  [ B3B9ADE7F8C4AF0C20E712E040588543, 9A6BB11DA046BF6F0239952871263E148FAE91FB21065613645114B5FA054EC5 ] Sftvol          C:\WINDOWS\system32\DRIVERS\Sftvollh.sys
20:34:52.0842 0x1354  Sftvol - ok
20:34:52.0887 0x1354  [ CECFDE5D3701B2D914862F5E6C3DFE18, E7627F90630C306324A39DC3C652B37D255F90636AC19D3302EE5B85BD504BD5 ] sftvsa          C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
20:34:52.0899 0x1354  sftvsa - ok
20:34:52.0941 0x1354  [ 2FE1CD3AA602414841DB10AD96C95A5E, 1A2489DF37C13B578E69AA0D3D5DB3627C77750C45D78BB2872E29DD10253326 ] SGDrv           C:\WINDOWS\System32\drivers\SGdrv64.sys
20:34:52.0950 0x1354  SGDrv - ok
20:34:52.0984 0x1354  SharedAccess - ok
20:34:53.0028 0x1354  ShellHWDetection - ok
20:34:53.0053 0x1354  [ 1980FE1F5A32067DAD1D8776B63C2669, 26B53EAF89CDBBA8FFA154DBB1F1DA348F894FE1F1D0CA4060E32496464DD5D2 ] SimpleSlideShowServer C:\Program Files (x86)\Samsung\AllShare\AllShareSlideShowService.exe
20:34:53.0067 0x1354  SimpleSlideShowServer - ok
20:34:53.0070 0x1354  SiSRaid2 - ok
20:34:53.0072 0x1354  SiSRaid4 - ok
20:34:53.0125 0x1354  [ F6EF225A23D336CA30001E5007644C24, B0A4B1256C1074F1B4F73E3BBA16FD4683D6EEA583DEEF8E11EFD29BA7541F2A ] SkypeUpdate     C:\Program Files (x86)\Skype\Updater\Updater.exe
20:34:53.0138 0x1354  SkypeUpdate - ok
20:34:53.0148 0x1354  smphost - ok
20:34:53.0151 0x1354  SmsRouter - ok
20:34:53.0179 0x1354  SNMPTRAP - ok
20:34:53.0268 0x1354  [ 5177D14A78E60FD61DCFC6B388E7E971, 19BE5CCF035C5E6C42DB299FBF39AB93E8B25AF56E903735D80F52FE7FFE8389 ] Sony PC Companion C:\Program Files (x86)\Sony\Sony PC Companion\PCCService.exe
20:34:53.0277 0x1354  Sony PC Companion - detected UnsignedFile.Multi.Generic ( 1 )
20:34:54.0192 0x14d0  Object required for P2P: [ 8DEDB08D32562867A3E83F0184F39ED4 ] IntcAzAudAddService
20:34:56.0155 0x1354  Detect skipped due to KSN trusted
20:34:56.0155 0x1354  Sony PC Companion - ok
20:34:56.0200 0x1354  spaceport - ok
20:34:56.0203 0x1354  SpbCx - ok
20:34:56.0223 0x1354  Spooler - ok
20:34:56.0226 0x1354  sppsvc - ok
20:34:56.0309 0x1354  [ D6786650A26543FFF83806057458B96E, 1002A5E6338255ACF9E7DD901378CB8BCE0FC6A7503C6D78EEBF8BAD619ECBC4 ] SRTSP           C:\WINDOWS\System32\Drivers\NSBUx64\1606000.08E\SRTSP64.SYS
20:34:56.0333 0x1354  SRTSP - ok
20:34:56.0359 0x1354  [ BA2ABBEA69BD1866C973DE11CB0CE9F8, 7A04BC2F4DA9A69A996911CC429064D24CF51F4046A2EE688D4326B44C9EDAFB ] SRTSPX          C:\WINDOWS\system32\drivers\NSBUx64\1606000.08E\SRTSPX64.SYS
20:34:56.0366 0x1354  SRTSPX - ok
20:34:56.0369 0x1354  srv - ok
20:34:56.0377 0x1354  srv2 - ok
20:34:56.0378 0x1354  srvnet - ok
20:34:56.0403 0x1354  SSDPSRV - ok
20:34:56.0420 0x1354  SstpSvc - ok
20:34:56.0433 0x1354  StateRepository - ok
20:34:56.0503 0x1354  [ A831D5A4D2F5138E332AC1B98315EBB1, 2FF5C256A83ACFB5CEC17B9FA7875048F770B793C37657D6D4E37C70B2F857A8 ] Steam Client Service C:\Program Files (x86)\Common Files\Steam\SteamService.exe
20:34:56.0540 0x1354  Steam Client Service - ok
20:34:56.0544 0x1354  stexstor - ok
20:34:56.0572 0x1354  stisvc - ok
20:34:56.0575 0x1354  storahci - ok
20:34:56.0578 0x1354  storflt - ok
20:34:56.0581 0x1354  stornvme - ok
20:34:56.0583 0x1354  storqosflt - ok
20:34:56.0607 0x1354  StorSvc - ok
20:34:56.0610 0x1354  storufs - ok
20:34:56.0612 0x1354  storvsc - ok
20:34:56.0615 0x1354  svsvc - ok
20:34:56.0618 0x1354  swenum - ok
20:34:56.0620 0x1354  swprv - ok
20:34:56.0707 0x1354  SWUpdateService - ok
20:34:56.0768 0x1354  [ 6F227CF9E64364578E2DABD1EF6E51A4, D5223B441A319D4C57FDBEA9BFBB8E5C95CA6F7B6AE6F4029BCE84A5CCE51B33 ] SymEFASI        C:\WINDOWS\system32\drivers\NSBUx64\1606000.08E\SYMEFASI64.SYS
20:34:56.0802 0x1354  SymEFASI - ok
20:34:56.0832 0x1354  [ 1DE0CBF15AC67AE0E5B456ADEFB89493, C764815313BB4332279730AA02531A448A1D32F5B6D5689FF04549406A5B5212 ] SymELAM         C:\WINDOWS\system32\drivers\NSBUx64\1606000.08E\SymELAM.sys
20:34:56.0843 0x1354  SymELAM - ok
20:34:56.0880 0x1354  [ 6DF8F618B93C821630C9BAA8DA3FAAAF, 553972D63F3347291EC8370AB910F741EF1DA61BC74FBA4192EF6E1DF567FB99 ] SymEvent        C:\windows\system32\Drivers\SYMEVENT64x86.SYS
20:34:56.0889 0x1354  SymEvent - ok
20:34:56.0909 0x1354  [ EC8538693C84E5B85014CB0F4174A8B7, 570D4193A5616A65962D086048D51C37BE166B77ED7293DF3E8871A502831261 ] SymIRON         C:\WINDOWS\system32\drivers\NSBUx64\1606000.08E\Ironx64.SYS
20:34:56.0919 0x1354  SymIRON - ok
20:34:56.0959 0x1354  [ 751C968945EFD42469FE52D6CE384196, 3386681036909F60A249951009822190EFB1C390D2F46E7EFE44893F28D0F31C ] SymNetS         C:\WINDOWS\System32\Drivers\NSBUx64\1606000.08E\SYMNETS.SYS
20:34:56.0974 0x1354  SymNetS - ok
20:34:56.0996 0x1354  Synth3dVsc - ok
20:34:57.0028 0x1354  [ 7E488378004FF5F9DCD1711522B1241A, 5A5BF12C6650E7CAFA4892A6961D2E09AC33CE2920EDB0730143D0ADCDBFC0FC ] SynTP           C:\WINDOWS\system32\DRIVERS\SynTP.sys
20:34:57.0041 0x1354  SynTP - ok
20:34:57.0060 0x1354  SysMain - ok
20:34:57.0087 0x1354  SystemEventsBroker - ok
20:34:57.0106 0x1354  TabletInputService - ok
20:34:57.0109 0x1354  TapiSrv - ok
20:34:57.0118 0x1354  Tcpip - ok
20:34:57.0121 0x1354  Tcpip6 - ok
20:34:57.0125 0x1354  tcpipreg - ok
20:34:57.0138 0x1354  tdx - ok
20:34:57.0141 0x1354  terminpt - ok
20:34:57.0143 0x1354  TermService - ok
20:34:57.0146 0x1354  Themes - ok
20:34:57.0152 0x1354  TieringEngineService - ok
20:34:57.0173 0x1354  tiledatamodelsvc - ok
20:34:57.0196 0x1354  TimeBroker - ok
20:34:57.0220 0x1354  TPM - ok
20:34:57.0223 0x1354  TrkWks - ok
20:34:57.0310 0x1354  [ DED933679714745D0D1A49BF97F92F16, 35231D91A52A9D027557901CE3AD348F9868F73C35DD5AE2B73872505FE4EE51 ] TrueKey         C:\Program Files\TrueKey\McAfee.TrueKey.Service.exe
20:34:57.0331 0x1354  TrueKey - ok
20:34:57.0348 0x1354  [ 4C3EA33A9F670629F4BF6DA88AF91F77, FFB3F6A87DD9B0652C3AEC7768EACBA5984795A377D06A08278C37D138543CCF ] TrueKeyScheduler C:\Program Files\TrueKey\McTkSchedulerService.exe
20:34:57.0354 0x1354  TrueKeyScheduler - ok
20:34:57.0391 0x1354  [ 1D6453238BE242D578F5BF365BE9D2FE, 51608E2DE456958A72AD424EE37441D5BFB44F832A4359DA99ABA11261B410B7 ] TrueKeyServiceHelper C:\Program Files\TrueKey\McAfee.TrueKey.ServiceHelper.exe
20:34:57.0399 0x1354  TrueKeyServiceHelper - ok
20:34:57.0444 0x1354  TrustedInstaller - ok
20:34:57.0470 0x1354  tsusbflt - ok
20:34:57.0473 0x1354  TsUsbGD - ok
20:34:57.0483 0x1354  tzautoupdate - ok
20:34:57.0497 0x1354  uagp35 - ok
20:34:57.0500 0x1354  UASPStor - ok
20:34:57.0526 0x1354  UcmCx0101 - ok
20:34:57.0529 0x1354  UcmUcsi - ok
20:34:57.0532 0x1354  Ucx01000 - ok
20:34:57.0535 0x1354  UdeCx - ok
20:34:57.0537 0x1354  udfs - ok
20:34:57.0541 0x1354  UEFI - ok
20:34:57.0561 0x1354  Ufx01000 - ok
20:34:57.0576 0x1354  UfxChipidea - ok
20:34:57.0578 0x1354  ufxsynopsys - ok
20:34:57.0588 0x14d0  Object send P2P result: true
20:34:57.0592 0x14d0  Object required for P2P: [ 79C88E3F65A8248DE45D59E2AECE1DD0 ] NSBU
20:34:57.0597 0x1354  UI0Detect - ok
20:34:57.0600 0x1354  uliagpkx - ok
20:34:57.0603 0x1354  umbus - ok
20:34:57.0605 0x1354  UmPass - ok
20:34:57.0620 0x1354  UmRdpService - ok
20:34:57.0628 0x1354  UnistoreSvc - ok
20:34:57.0779 0x1354  [ D80B1075B69B57A3AB78F750CE463ECE, E8435B723C3D9F5B28D5588365E7D6BED298565BCF61240C2B505B1033180DAA ] UNS             C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
20:34:57.0790 0x1354  UNS - ok
20:34:57.0793 0x1354  upnphost - ok
20:34:57.0817 0x1354  UrsChipidea - ok
20:34:57.0820 0x1354  UrsCx01000 - ok
20:34:57.0823 0x1354  UrsSynopsys - ok
20:34:57.0857 0x1354  [ 8047D8AFA070A4C3B9FCBDBF77A84C45, D8B47716EE57391E3B9CBE3B35FF1F933F08E40B1C8C12EB5BE2438D9E409FF0 ] usb3Hub         C:\WINDOWS\System32\drivers\usb3Hub.sys
20:34:57.0863 0x1354  usb3Hub - ok
20:34:57.0866 0x1354  usbccgp - ok
20:34:57.0869 0x1354  usbcir - ok
20:34:57.0871 0x1354  usbehci - ok
20:34:57.0874 0x1354  usbhub - ok
20:34:57.0877 0x1354  USBHUB3 - ok
20:34:57.0919 0x1354  usbohci - ok
20:34:57.0922 0x1354  usbprint - ok
20:34:57.0974 0x1354  [ D67B6A4A6FB99D29444C2DBA2B636799, 62BC778D60593B2AB0DA13C4DB3EA5971895AE09DA06E8AB2D03973C940C890C ] usbscan         C:\WINDOWS\system32\DRIVERS\usbscan.sys
20:34:57.0986 0x1354  usbscan - ok
20:34:58.0014 0x1354  usbser - ok
20:34:58.0031 0x1354  USBSTOR - ok
20:34:58.0034 0x1354  usbuhci - ok
20:34:58.0037 0x1354  usbvideo - ok
20:34:58.0048 0x1354  USBXHCI - ok
20:34:58.0061 0x1354  UserDataSvc - ok
20:34:58.0066 0x1354  UserManager - ok
20:34:58.0076 0x1354  UsoSvc - ok
20:34:58.0078 0x1354  VaultSvc - ok
20:34:58.0081 0x1354  vdrvroot - ok
20:34:58.0099 0x1354  vds - ok
20:34:58.0101 0x1354  VerifierExt - ok
20:34:58.0104 0x1354  vhdmp - ok
20:34:58.0107 0x1354  vhf - ok
20:34:58.0109 0x1354  vmbus - ok
20:34:58.0112 0x1354  VMBusHID - ok
20:34:58.0131 0x1354  vmicguestinterface - ok
20:34:58.0133 0x1354  vmicheartbeat - ok
20:34:58.0137 0x1354  vmickvpexchange - ok
20:34:58.0139 0x1354  vmicrdv - ok
20:34:58.0142 0x1354  vmicshutdown - ok
20:34:58.0144 0x1354  vmictimesync - ok
20:34:58.0147 0x1354  vmicvmsession - ok
20:34:58.0149 0x1354  vmicvss - ok
20:34:58.0152 0x1354  volmgr - ok
20:34:58.0154 0x1354  volmgrx - ok
20:34:58.0157 0x1354  volsnap - ok
20:34:58.0170 0x1354  vpci - ok
20:34:58.0173 0x1354  vsmraid - ok
20:34:58.0175 0x1354  VSS - ok
20:34:58.0178 0x1354  VSTXRAID - ok
20:34:58.0180 0x1354  vwifibus - ok
20:34:58.0183 0x1354  vwififlt - ok
20:34:58.0185 0x1354  vwifimp - ok
20:34:58.0207 0x1354  W32Time - ok
20:34:58.0238 0x1354  w3logsvc - ok
20:34:58.0259 0x1354  W3SVC - ok
20:34:58.0261 0x1354  WacomPen - ok
20:34:58.0264 0x1354  WalletService - ok
20:34:58.0267 0x1354  wanarp - ok
20:34:58.0269 0x1354  wanarpv6 - ok
20:34:58.0272 0x1354  WAS - ok
20:34:58.0275 0x1354  wbengine - ok
20:34:58.0291 0x1354  WbioSrvc - ok
20:34:58.0317 0x1354  Wcmsvc - ok
20:34:58.0320 0x1354  wcncsvc - ok
20:34:58.0323 0x1354  WcsPlugInService - ok
20:34:58.0325 0x1354  WdBoot - ok
20:34:58.0328 0x1354  Wdf01000 - ok
20:34:58.0331 0x1354  WdFilter - ok
20:34:58.0333 0x1354  WdiServiceHost - ok
20:34:58.0336 0x1354  WdiSystemHost - ok
20:34:58.0360 0x1354  wdiwifi - ok
20:34:58.0363 0x1354  WdNisDrv - ok
20:34:58.0389 0x1354  WdNisSvc - ok
20:34:58.0412 0x1354  WebClient - ok
20:34:58.0415 0x1354  Wecsvc - ok
20:34:58.0418 0x1354  WEPHOSTSVC - ok
20:34:58.0420 0x1354  wercplsupport - ok
20:34:58.0423 0x1354  WerSvc - ok
20:34:58.0431 0x1354  WFPLWFS - ok
20:34:58.0434 0x1354  WiaRpc - ok
20:34:58.0437 0x1354  WIMMount - ok
20:34:58.0438 0x1354  WinDefend - ok
20:34:58.0444 0x1354  WindowsTrustedRT - ok
20:34:58.0450 0x1354  WindowsTrustedRTProxy - ok
20:34:58.0453 0x1354  WinHttpAutoProxySvc - ok
20:34:58.0474 0x1354  WinMad - ok
20:34:58.0508 0x1354  Winmgmt - ok
20:34:58.0531 0x1354  WinRM - ok
20:34:58.0558 0x1354  WINUSB - ok
20:34:58.0561 0x1354  WinVerbs - ok
20:34:58.0575 0x1354  WlanSvc - ok
20:34:58.0620 0x1354  [ 06C8FA1CF39DE6A735B54D906BA791C6, D8FEC7DE227781CDA876904701B2AA995268F74DCD6CB34AA0296C557FC283B6 ] wlcrasvc        C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
20:34:58.0626 0x1354  wlcrasvc - ok
20:34:58.0646 0x1354  wlidsvc - ok
20:34:58.0648 0x1354  WmiAcpi - ok
20:34:58.0652 0x1354  wmiApSrv - ok
20:34:58.0680 0x1354  WMPNetworkSvc - ok
20:34:58.0696 0x1354  [ 2A9650FCC696DB28E45EA8B33B99B8E6, FBEBC6C05D50F578C6EEE0A7285EBE1DEADB08DD21FA3232630FD8D5A68FC3FB ] Wof             C:\WINDOWS\system32\drivers\Wof.sys
20:34:58.0711 0x1354  Wof - ok
20:34:58.0727 0x1354  workfolderssvc - ok
20:34:58.0731 0x1354  wpcfltr - ok
20:34:58.0747 0x1354  WPDBusEnum - ok
20:34:58.0749 0x1354  WpdUpFltr - ok
20:34:58.0753 0x1354  WpnService - ok
20:34:58.0756 0x1354  ws2ifsl - ok
20:34:58.0771 0x1354  wscsvc - ok
20:34:58.0774 0x1354  WSearch - ok
20:34:58.0778 0x1354  WSService - ok
20:34:58.0781 0x1354  wuauserv - ok
20:34:58.0784 0x1354  WudfPf - ok
20:34:58.0786 0x1354  WUDFRd - ok
20:34:58.0789 0x1354  wudfsvc - ok
20:34:58.0791 0x1354  WUDFWpdFs - ok
20:34:58.0794 0x1354  WUDFWpdMtp - ok
20:34:58.0797 0x1354  WwanSvc - ok
20:34:58.0810 0x1354  XblAuthManager - ok
20:34:58.0825 0x1354  XblGameSave - ok
20:34:58.0841 0x1354  xboxgip - ok
20:34:58.0844 0x1354  XboxNetApiSvc - ok
20:34:58.0876 0x1354  [ 24E57041608ED6A9D7FDAD0D9EC214E2, 895A16072F5EFFF57A7DCA21917540726BF816A2746EC47A066AAD363F69E5D7 ] XHCIPort        C:\WINDOWS\System32\drivers\XHCIPort.sys
20:34:58.0884 0x1354  XHCIPort - ok
20:34:58.0901 0x1354  xinputhid - ok
20:34:58.0903 0x1354  ================ Scan global ===============================
20:34:58.0952 0x1354  [ Global ] - ok
20:34:58.0953 0x1354  ================ Scan MBR ==================================
20:34:58.0967 0x1354  [ 2E5DEBB2116B3417023E0D6562D7ED07 ] \Device\Harddisk0\DR0
20:34:59.0328 0x1354  \Device\Harddisk0\DR0 - ok
20:34:59.0328 0x1354  ================ Scan VBR ==================================
20:34:59.0329 0x1354  [ 606E6395589E802C7B326D10202265F4 ] \Device\Harddisk0\DR0\Partition1
20:34:59.0396 0x1354  \Device\Harddisk0\DR0\Partition1 - ok
20:34:59.0399 0x1354  [ C2104D507B7D8B86576199B578789A0E ] \Device\Harddisk0\DR0\Partition2
20:34:59.0455 0x1354  \Device\Harddisk0\DR0\Partition2 - ok
20:34:59.0456 0x1354  ================ Scan generic autorun ======================
20:34:59.0456 0x1354  SynTPEnh - ok
20:34:59.0808 0x1354  [ C6992F5730886B6977313918583D13C7, 5D75DBF4D272BD4A8DDF40C7D9D8044621EFD12AB4303DBF90538AFBE2FEFD42 ] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
20:35:00.0170 0x1354  RtHDVCpl - ok
20:35:00.0183 0x1354  LXCTCATS - ok
20:35:00.0249 0x14d0  Object send P2P result: true
20:35:00.0251 0x14d0  Object required for P2P: [ 8194FC1EC2EE36F63CFDC62595444FB2 ] nvsvc
20:35:00.0270 0x1354  [ 011D734B5D81C2CCDC290C6CAB13B827, D1AE27341931C982C4EC0040D9EF78320105A86645FEA4C0A43E2B4C43964836 ] C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
20:35:00.0311 0x1354  NvBackend - ok
20:35:00.0383 0x1354  [ D3E69D500466C17498AAF7F83D12FFF0, F5723FC28396489EADDDCAD67A0E46B56D859590823E3CFA7254BA6709DC5AE6 ] C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe
20:35:00.0411 0x1354  Norton Online Backup - ok
20:35:00.0515 0x1354  [ 7D2A9D5B29A486B55E54AD89B6BFBF23, B5483058BB3255139CBFCB67CA7735197FA6C72BC42F004E51F13C139962E71E ] C:\Program Files (x86)\Cyberlink\Shared files\brs.exe
20:35:00.0524 0x1354  BDRegion - ok
20:35:00.0532 0x1354  Adobe Reader Speed Launcher - ok
20:35:00.0606 0x1354  [ 57B4D34232852BFE4453BE571DF90D21, 3D329499D7BCACAE5F6377F988B90714F5A8301784CDB22D5B54A2266AC50D79 ] C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
20:35:00.0613 0x1354  CLMLServer - ok
20:35:00.0687 0x1354  [ 6364FA7D825B600251A4D1DE7D6FF695, 1BEDD2E9DCE4C50FE7FE644D5DDD447DF79975D666CE128F945DD776E46AFC60 ] C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
20:35:00.0699 0x1354  USB3MON - ok
20:35:00.0760 0x1354  [ C049C40CAEE8900130BD5F80B594CC7B, F54FC31662A9B8032B380793D534F34A0C63FED9C84DE313D17A61612EB31DC4 ] C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
20:35:00.0768 0x1354  RemoteControl10 - ok
20:35:00.0889 0x1354  [ E91BD985B61AFCE072217D7AEBA599A8, 2B0AD1FF5103330B18699130001EDB27EB3B9C4D7937FC69D742D8CC936974F4 ] C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae.exe
20:35:00.0939 0x1354  Malwarebytes Anti-Exploit - ok
20:35:01.0286 0x1354  [ F5281FA7188154C928ED27911B0BA6FD, 6CBF1F4E0D04986EF60A42A8A826FDB9681370EB30DB37958716FBB717757DEA ] C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe
20:35:01.0432 0x1354  BrStsMon00 - detected UnsignedFile.Multi.Generic ( 1 )
20:35:03.0698 0x14d0  Object send P2P result: true
20:35:04.0312 0x1354  Detect skipped due to KSN trusted
20:35:04.0312 0x1354  BrStsMon00 - ok
20:35:04.0523 0x1354  [ 9DEF1B844FF294FE5900711764F82B72, 155BC2F63E395D4A20073329044A9D6AB13CCC6CA14DF63B43DE34C5F5ED035F ] C:\Program Files (x86)\BrownyInd\Brother\BrIndicator.exe
20:35:04.0597 0x1354  BrStsInd00 - detected UnsignedFile.Multi.Generic ( 1 )
20:35:06.0184 0x222c  Object required for P2P: [ EC8538693C84E5B85014CB0F4174A8B7 ] SymIRON
20:35:08.0493 0x1354  Detect skipped due to KSN trusted
20:35:08.0493 0x1354  BrStsInd00 - ok
20:35:08.0568 0x1354  OneDriveSetup - ok
20:35:08.0570 0x1354  OneDriveSetup - ok
20:35:08.0750 0x1354  [ F9387D080BF8566354CDB0445AB8F87B, 4EE5D4A15E2D3DF578FA0370449C0894166B1B2998B63D9F02A994845350B86A ] C:\Users\Marcel Ruckober\AppData\Local\Microsoft\OneDrive\OneDrive.exe
20:35:08.0771 0x1354  OneDrive - ok
20:35:08.0844 0x222c  Object send P2P result: true
20:35:08.0845 0x222c  Object required for P2P: [ 4C3EA33A9F670629F4BF6DA88AF91F77 ] TrueKeyScheduler
20:35:08.0871 0x1354  EPLTarget\P0000000000000000 - ok
20:35:08.0893 0x1354  Uninstall C:\Users\Marcel Ruckober\AppData\Local\Microsoft\OneDrive\17.3.6302.0225_1\amd64 - ok
20:35:08.0898 0x1354  Uninstall C:\Users\Marcel Ruckober\AppData\Local\Microsoft\OneDrive\17.3.6302.0225_1 - ok
20:35:08.0899 0x1354  Waiting for KSN requests completion. In queue: 17
20:35:09.0899 0x1354  Waiting for KSN requests completion. In queue: 17
20:35:10.0899 0x1354  Waiting for KSN requests completion. In queue: 17
20:35:11.0900 0x1354  Waiting for KSN requests completion. In queue: 17
20:35:12.0900 0x1354  Waiting for KSN requests completion. In queue: 16
20:35:13.0900 0x1354  Waiting for KSN requests completion. In queue: 16
20:35:14.0900 0x1354  Waiting for KSN requests completion. In queue: 16
20:35:15.0901 0x1354  Waiting for KSN requests completion. In queue: 16
20:35:16.0901 0x1354  Waiting for KSN requests completion. In queue: 16
20:35:17.0901 0x1354  Waiting for KSN requests completion. In queue: 16
20:35:18.0901 0x1354  Waiting for KSN requests completion. In queue: 16
20:35:19.0901 0x1354  Waiting for KSN requests completion. In queue: 16
20:35:20.0901 0x1354  Waiting for KSN requests completion. In queue: 16
20:35:21.0902 0x1354  Waiting for KSN requests completion. In queue: 16
20:35:22.0902 0x1354  Waiting for KSN requests completion. In queue: 16
20:35:23.0902 0x1354  Waiting for KSN requests completion. In queue: 16
20:35:24.0902 0x1354  Waiting for KSN requests completion. In queue: 16
20:35:25.0902 0x1354  Waiting for KSN requests completion. In queue: 16
20:35:26.0815 0x222c  Object send P2P result: true
20:35:26.0914 0x1354  AV detected via SS2: Norton Security mit Backup, C:\Program Files (x86)\Norton Security with Backup\Engine\22.6.0.142\WSCStub.exe ( 22.6.0.0 ), 0x51000 ( enabled : updated )
20:35:26.0971 0x1354  AV detected via SS2: Windows Defender, C:\Program Files\Windows Defender\MSASCui.exe ( 4.9.10586.0 ), 0x60100 ( disabled : updated )
20:35:26.0973 0x1354  FW detected via SS2: Norton Security mit Backup, C:\Program Files (x86)\Norton Security with Backup\Engine\22.6.0.142\WSCStub.exe ( 22.6.0.0 ), 0x51010 ( enabled )
20:35:29.0560 0x1354  ============================================================
20:35:29.0560 0x1354  Scan finished
20:35:29.0560 0x1354  ============================================================
20:35:29.0566 0x2b1c  Detected object count: 1
20:35:29.0566 0x2b1c  Actual detected object count: 1
20:36:04.0846 0x2b1c  HauppaugeTVServer ( UnsignedFile.Multi.Generic ) - skipped by user
20:36:04.0846 0x2b1c  HauppaugeTVServer ( UnsignedFile.Multi.Generic ) - User select action: Skip 
20:36:17.0570 0x2018  Deinitialize success

M-K-D-B · 19.05.2016, 14:24

Servus,

Zukünftig bitte beachten:

Zitat:

Gestartet von C:\Users\Marcel Ruckober\Downloads

Leider hast du unsere Anleitung nicht richtig befolgt:
Bitte alle Tools direkt auf den Desktop downloaden bzw. dorthin verschieben und vom Desktop starten, da unsere Anleitungen daraufhin ausgelegt sind.
Zudem lassen sich dann am Ende der Bereinigung alle verwendeten Tools sehr einfach entfernen.
Alle Tools bis zum Ende der Bereinigung auf dem Desktop lassen, evtl. benötigen wir manche öfter.

Schritt 1
Downloade Dir bitte

AdwCleaner auf deinen Desktop.

Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
Starte die AdwCleaner.exe mit einem Doppelklick.
Stimme den Nutzungsbedingungen zu.
Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
- "Tracing" Schlüssel löschen
- Winsock Einstellungen zurücksetzen
- Proxy Einstellungen zurücksetzen
- Internet Explorer Richtlinien zurücksetzen
- Chrome Richtlinien zurücksetzen
- Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Schritt 2
Downloade Dir bitte

Malwarebytes Anti-Malware

Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
Starte Malwarebytes' Anti-Malware (MBAM).
Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.

Schritt 3

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
Drücke eine beliebige Taste, um das Tool zu starten.
Je nach System kann der Scan eine Weile dauern.
Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.

Schritt 4

Starte die FRST.exe erneut. Setze einen Haken vor Addition.txt und drücke auf Scan.
FRST erstellt nun zwei Logdateien (FRST.txt und Addition.txt).
Poste mir beide Logdateien mit deiner nächsten Antwort.

Bitte poste mit deiner nächsten Antwort

die Logdatei von AdwCleaner,
die Logdatei von MBAM,
die Logdatei von JRT,
die beiden neuen Logdateien von FRST.

M-K-D-B · 22.05.2016, 13:10

Fehlende Rückmeldung
Dieses Thema wurde aus den Abos gelöscht. Somit bekomme ich keine Benachrichtigung über neue Antworten.
PM an mich falls Du denoch weiter machen willst.

Hinweis: Das Verschwinden der Symptome bedeutet nicht, dass Dein Rechner schon sauber ist.

Jeder andere bitte hier klicken und einen eigenen Thread erstellen!

Ruggi · 24.05.2016, 20:56

Servus,

Adw:

Code:

ATTFilter

# AdwCleaner v5.117 - Bericht erstellt am 23/05/2016 um 23:04:41
# Aktualisiert am 15/05/2016 von Xplode
# Datenbank : 2016-05-23.3 [Server]
# Betriebssystem : Windows 10 Home  (X64)
# Benutzername : Marcel Ruckober - MARCELRUCKOBER
# Gestartet von : C:\Users\Marcel Ruckober\unwesentlich\Desktop\AdwCleaner_5.117.exe
# Option : Löschen
# Unterstützung : hxxp://toolslib.net/forum

***** [ Dienste ] *****


***** [ Ordner ] *****

[-] Ordner gelöscht : C:\ProgramData\SearchModule
[-] Ordner gelöscht : C:\Users\Marcel Ruckober\AppData\Local\BrowserAir
[-] Ordner gelöscht : C:\Users\Marcel Ruckober\AppData\Local\5CF850B8-1460323420-11E1-9BA1-5F9695D7DCB4
[-] Ordner gelöscht : C:\Users\Marcel Ruckober\AppData\Local\csdi_monetize_120160408
[-] Ordner gelöscht : C:\Users\Marcel Ruckober\AppData\Local\csdi_monetize_220160408
[-] Ordner gelöscht : C:\Users\Marcel Ruckober\AppData\Local\dply_en_015020294
[-] Ordner gelöscht : C:\Users\Marcel Ruckober\AppData\Local\Installer\Install_1919
[-] Ordner gelöscht : C:\Users\Marcel Ruckober\AppData\Local\Installer\Install_5088
[-] Ordner gelöscht : C:\Program Files\Common Files\Soobzo

***** [ Dateien ] *****

[-] Datei gelöscht : C:\END
[-] Datei gelöscht : C:\Users\Marcel Ruckober\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\BrowserAir.lnk
[-] Datei gelöscht : C:\WINDOWS\SysNative\rlls64.dll

***** [ DLLs ] *****


***** [ WMI ] *****


***** [ Verknüpfungen ] *****

[-] Verknüpfung desinfiziert : C:\Users\Marcel Ruckober\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Internet Explorer.lnk
[-] Verknüpfung desinfiziert : C:\Users\Marcel Ruckober\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk

***** [ Aufgabenplanung ] *****

[-] Geplante Aufgabe gelöscht : Inst_Rep
[-] Geplante Aufgabe gelöscht : IBUpd2
[-] Geplante Aufgabe gelöscht : WinTsks
[-] Geplante Aufgabe gelöscht : kze3024

***** [ Registrierungsdatenbank ] *****

[-] Schlüssel gelöscht : HKLM\SOFTWARE\Microsoft\MediaPlayer\ShimInclusionList\BrowserAir.exe
[-] Schlüssel gelöscht : HKLM\SOFTWARE\MICROSOFT\SYSTEMCERTIFICATES\ROOT\CERTIFICATES\26D9E607FFF0C58C7844B47FF8B6E079E5A2220E
[-] Schlüssel gelöscht : HKCU\SOFTWARE\Mozilla\Firefox\{EB52F1AB-3C2B-424F-9794-833C687025CF}
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Mozilla\Firefox\{EB52F1AB-3C2B-424F-9794-833C687025CF}
[-] Wert gelöscht : HKCU\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BROWSER_EMULATION [DeskBar.exe]
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Classes\WinZipper.001
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Classes\WinZipper.7z
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Classes\WinZipper.arj
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Classes\WinZipper.bz2
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Classes\WinZipper.bzip2
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Classes\WinZipper.cab
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Classes\WinZipper.cpio
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Classes\WinZipper.deb
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Classes\WinZipper.dmg
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Classes\WinZipper.fat
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Classes\WinZipper.gz
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Classes\WinZipper.gzip
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Classes\WinZipper.hfs
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Classes\WinZipper.iso
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Classes\WinZipper.lha
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Classes\WinZipper.lzh
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Classes\WinZipper.lzma
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Classes\WinZipper.ntfs
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Classes\WinZipper.rar
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Classes\WinZipper.rpm
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Classes\WinZipper.squashfs
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Classes\WinZipper.swm
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Classes\WinZipper.tar
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Classes\WinZipper.taz
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Classes\WinZipper.tbz
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Classes\WinZipper.tbz2
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Classes\WinZipper.tgz
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Classes\WinZipper.tpz
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Classes\WinZipper.txz
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Classes\WinZipper.vhd
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Classes\WinZipper.wim
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Classes\WinZipper.xar
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Classes\WinZipper.xz
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Classes\WinZipper.z
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Classes\WinZipper.zip
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Classes\CLSID\{8FF10FED-2F0A-4F7F-BE87-B04F1DCD4319}
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Classes\Interface\{A8F7D0A5-7074-40B8-9BDC-1174BDD0A132}
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Classes\Interface\{D14D64BC-A0E4-42E3-BB72-FB41EA43C198}
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Classes\Interface\{DD1F043F-ABC8-4643-8B95-D2C5B22BB019}
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Classes\Interface\{E3F3E8F9-F747-4DD6-BA6B-82A6CE1E0860}
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Classes\Interface\{ED0B64D4-BF27-4521-AD27-190F49BF5EA7}
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Classes\Interface\{023E9EC8-B147-40EB-B0B3-DF90618FB371}
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Classes\Interface\{0522D9A4-4D57-437D-978D-E5B3B6C9005D}
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Classes\Interface\{07F41522-AF7D-4F26-B394-094F059FDB8A}
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Classes\Interface\{0C40F472-7407-4467-8914-1DEA7C326972}
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Classes\Interface\{212E6D43-6062-492A-B8CC-144669FF11ED}
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Classes\Interface\{224FE662-1E6D-4BC0-AEBB-9E2FB4057BE9}
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Classes\Interface\{3A807417-B46D-4D37-8C9A-19AC6DE204F9}
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Classes\Interface\{3CC60715-D6C5-429D-830E-43FA3F86C61D}
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Classes\Interface\{4517D94C-19BA-46FA-BE66-2A30CEAC4A85}
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Classes\Interface\{555D7146-94A8-4C94-AE76-C39CDC7F7705}
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Classes\Interface\{59D188FA-757A-424E-8C93-F58FFD896BD7}
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Classes\Interface\{8120D9D6-785C-4413-9C0C-DF2028C56FAD}
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Classes\Interface\{823AE2EB-E62C-4847-B192-C99B91B92416}
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Classes\Interface\{9B4F7CFE-987D-410E-A8E4-20182E0B3C24}
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Classes\Interface\{9B9A45F4-18FC-484A-BACA-076D78273D8E}
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Classes\Interface\{A6D54287-7939-466A-8579-92546D946C8C}
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Classes\Interface\{A78EDAFB-926F-4D93-AB13-8232D7378EB1}
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
[-] Schlüssel gelöscht : HKCU\Software\BrowserAir
[-] Schlüssel gelöscht : HKCU\Software\Microsoft\Tinstalls
[-] Schlüssel gelöscht : HKCU\Software\OB
[-] Schlüssel gelöscht : HKCU\Software\MICROSOFT\OTUT
[-] Schlüssel gelöscht : HKCU\Software\SrpnFiles
[-] Schlüssel gelöscht : HKCU\Software\Wizzlabs
[-] Schlüssel gelöscht : HKCU\Software\MICROSOFT\IDSC
[-] Schlüssel gelöscht : HKLM\SOFTWARE\ORBTR
[-] Schlüssel gelöscht : HKLM\SOFTWARE\hohosearchSoftware
[-] Schlüssel gelöscht : HKLM\SOFTWARE\SrpnFiles
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Wizzlabs
[-] Schlüssel gelöscht : HKLM\SOFTWARE\{A16B1AF7-982D-40C3-B5C1-633E1A6A6678}
[-] Schlüssel gelöscht : HKLM\SOFTWARE\{E6276374-DE18-4AA5-A365-9016A2F98A2D}
[-] Schlüssel gelöscht : HKLM\SOFTWARE\{G6276374-DEEE-4AAA-A355-9016A2F98A2D}
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Microsoft\{94ebd7b5-82ae-449t-b679-3d04078ed154}
[-] Schlüssel gelöscht : [x64] HKLM\SOFTWARE\imalcom
[-] Schlüssel gelöscht : [x64] HKLM\SOFTWARE\{A16B1AF7-982D-40C3-B5C1-633E1A6A6678}
[-] Schlüssel gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{E1527582-8509-4011-B922-29E3FB548882}_is1
[-] Schlüssel gelöscht : HKU\.DEFAULT\Software\{A16B1AF7-982D-40C3-B5C1-633E1A6A6678}
[-] Schlüssel gelöscht : HKU\.DEFAULT\Software\AppDataLow\Software\Rewin_Cinematic 1.1
[-] Wert gelöscht : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules [{D92BAEBA-E1F3-451F-A017-1993251D059A}]
[-] Wert gelöscht : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules [{C687FBC2-5CCC-4A0E-A641-34CD2256F548}]
[-] Wert gelöscht : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules [{3C0DA513-33E2-4538-BE13-E59579CA3303}]
[-] Wert gelöscht : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules [{43409EB3-1413-4F6A-A9F0-DFA3BC6BDB13}]
[-] Wert gelöscht : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules [{32E70450-74F9-424F-AB90-4D9B43D10547}]
[-] Wert gelöscht : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules [{1C40F724-1547-4D61-97CA-552F4B2727A0}]
[-] Wert gelöscht : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules [{EFABD9E3-17CA-4E87-BB3A-D2D034EE6D62}]
[-] Wert gelöscht : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules [{4066D601-E701-4BDE-8BAA-D59329541AEF}]
[-] Daten wiederhergestellt : [x64] HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs]
[-] Daten wiederhergestellt : HKLM\SYSTEM\CurrentControlSet\services\Tcpip\Parameters\Interfaces\{45ac3a6c-5ef8-4fd6-8dfa-35891d6dc772} [NameServer]
[-] Daten wiederhergestellt : HKLM\SYSTEM\CurrentControlSet\services\Tcpip\Parameters\Interfaces\{55bf2646-17fe-42eb-9c29-d95982c107a2} [NameServer]
[-] Daten wiederhergestellt : HKLM\SYSTEM\CurrentControlSet\services\Tcpip\Parameters\Interfaces\{60600b47-bbe8-44ad-ae5f-2109acb8be59} [NameServer]
[-] Daten wiederhergestellt : HKLM\SYSTEM\CurrentControlSet\services\Tcpip\Parameters\Interfaces\{6bb4f047-2706-11e5-9bbe-806e6f6e6963} [NameServer]
[-] Daten wiederhergestellt : HKLM\SYSTEM\CurrentControlSet\services\Tcpip\Parameters\Interfaces\{a599e370-1cca-4d19-b1a7-ce727e2a7ad3} [NameServer]
[-] Daten wiederhergestellt : HKLM\SYSTEM\CurrentControlSet\services\Tcpip\Parameters\Interfaces\{b9356221-42ef-412f-a502-c80cd5f0472b} [NameServer]
[-] Daten wiederhergestellt : HKLM\SYSTEM\CurrentControlSet\services\Tcpip\Parameters\Interfaces\{ba38839f-bd00-496b-8b21-1b9ccd84dd65} [NameServer]
[-] Daten wiederhergestellt : HKLM\SYSTEM\CurrentControlSet\services\Tcpip\Parameters\Interfaces\{bc470168-c171-4ff6-9dd0-7a9968f8bf0b} [NameServer]
[-] Daten wiederhergestellt : HKLM\SYSTEM\CurrentControlSet\services\Tcpip\Parameters\Interfaces\{ee5710d5-e308-4dcb-b977-512de9282ee2} [NameServer]
[-] Daten wiederhergestellt : HKLM\SYSTEM\CurrentControlSet\services\Tcpip\Parameters\Interfaces\{f3e40179-b189-11e5-9bc1-806e6f6e6963} [NameServer]

***** [ Internetbrowser ] *****


*************************

:: "Tracing" Schlüssel gelöscht
:: Proxy Einstellungen zurückgesetzt
:: Winsock Einstellungen zurückgesetzt
:: Internet Explorer Richtlinien gelöscht
:: Chrome Richtlinien gelöscht

*************************

C:\AdwCleaner\AdwCleaner[C1].txt - [11854 Bytes] - [23/05/2016 23:04:41]
C:\AdwCleaner\AdwCleaner[S1].txt - [12387 Bytes] - [23/05/2016 23:01:53]

########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt - [12002 Bytes] ##########

mbam:

Code:

ATTFilter

 Malwarebytes Anti-Malware 
www.malwarebytes.org


Protection, 24.05.2016 21:28, SYSTEM, MARCELRUCKOBER, Protection, Malware Protection, Starting, 
Protection, 24.05.2016 21:28, SYSTEM, MARCELRUCKOBER, Protection, Malware Protection, Started, 
Protection, 24.05.2016 21:28, SYSTEM, MARCELRUCKOBER, Protection, Malicious Website Protection, Starting, 
Update, 24.05.2016 21:28, SYSTEM, MARCELRUCKOBER, Scheduler, IP Database, 2016.5.23.1, 2016.5.24.2, 
Protection, 24.05.2016 21:28, SYSTEM, MARCELRUCKOBER, Protection, Malicious Website Protection, Started, 
Update, 24.05.2016 21:28, SYSTEM, MARCELRUCKOBER, Scheduler, Domain Database, 2016.5.23.7, 2016.5.24.8, 
Update, 24.05.2016 21:28, SYSTEM, MARCELRUCKOBER, Scheduler, Malware Database, 2016.5.23.6, 2016.5.24.5, 
Protection, 24.05.2016 21:28, SYSTEM, MARCELRUCKOBER, Protection, Refresh, Starting, 
Protection, 24.05.2016 21:28, SYSTEM, MARCELRUCKOBER, Protection, Malicious Website Protection, Stopping, 
Protection, 24.05.2016 21:28, SYSTEM, MARCELRUCKOBER, Protection, Malicious Website Protection, Stopped, 
Protection, 24.05.2016 21:28, SYSTEM, MARCELRUCKOBER, Protection, Refresh, Success, 
Protection, 24.05.2016 21:28, SYSTEM, MARCELRUCKOBER, Protection, Malicious Website Protection, Starting, 
Protection, 24.05.2016 21:28, SYSTEM, MARCELRUCKOBER, Protection, Malicious Website Protection, Started, 

(end)

JRT:

Code:

ATTFilter

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.0.6 (04.25.2016)
Operating System: Windows 10 Home x64 
Ran by Marcel Ruckober (Administrator) on 24.05.2016 at 21:35:32,35
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




File System: 202 

Successfully deleted: C:\Users\Marcel Ruckober\AppData\Local\{007E46F6-7BB4-4733-B969-F2E0577280EE} (Empty Folder)
Successfully deleted: C:\Users\Marcel Ruckober\AppData\Local\{00B7744B-9926-4A95-8288-ABF051A9EB2B} (Empty Folder)
Successfully deleted: C:\Users\Marcel Ruckober\AppData\Local\{03F2F50B-6A94-42EE-A844-7CEF8B19078A} (Empty Folder)
Successfully deleted: C:\Users\Marcel Ruckober\AppData\Local\{051E9990-E9B6-4AC3-B8D8-B65E60E98489} (Empty Folder)
Successfully deleted: C:\Users\Marcel Ruckober\AppData\Local\{078E83C2-AFDE-4B3E-A027-BEB5A5300FEF} (Empty Folder)
Successfully deleted: C:\Users\Marcel Ruckober\AppData\Local\{0A843765-1B69-41D9-B80F-5B28E3476F34} (Empty Folder)
Successfully deleted: C:\Users\Marcel Ruckober\AppData\Local\{0C548208-219B-4538-A72B-CE9925D39EEE} (Empty Folder)
Successfully deleted: C:\Users\Marcel Ruckober\AppData\Local\{0C6CB68D-C4BD-48DD-B7C6-D6DD80F6F5DC} (Empty Folder)
Successfully deleted: C:\Users\Marcel Ruckober\AppData\Local\{0D5EA03E-DC3E-4144-8AF8-4FE6C4125355} (Empty Folder)
Successfully deleted: C:\Users\Marcel Ruckober\AppData\Local\{14F8EDE0-37C3-4D4E-BE22-BE6E04AFA54A} (Empty Folder)
Successfully deleted: C:\Users\Marcel Ruckober\AppData\Local\{16C24F15-DB28-49DD-9015-78055FD6745C} (Empty Folder)
Successfully deleted: C:\Users\Marcel Ruckober\AppData\Local\{18407776-1487-45D6-85AF-F2DF8E8B89C9} (Empty Folder)
Successfully deleted: C:\Users\Marcel Ruckober\AppData\Local\{194FBB28-04A5-4B6F-BEE2-C205F697DB67} (Empty Folder)
Successfully deleted: C:\Users\Marcel Ruckober\AppData\Local\{197CE8D7-DDCE-418C-A54C-E1630C9BFC76} (Empty Folder)
Successfully deleted: C:\Users\Marcel Ruckober\AppData\Local\{1C129C2E-2174-4A89-B711-E66EC38C0A41} (Empty Folder)
Successfully deleted: C:\Users\Marcel Ruckober\AppData\Local\{1D6A5837-B72D-4AE8-A6DB-00846D45375E} (Empty Folder)
Successfully deleted: C:\Users\Marcel Ruckober\AppData\Local\{1E07F9FF-5373-4EC5-BF4D-625F80C04011} (Empty Folder)
Successfully deleted: C:\Users\Marcel Ruckober\AppData\Local\{1E3D9039-1108-4D5D-9947-EACE258C6891} (Empty Folder)
Successfully deleted: C:\Users\Marcel Ruckober\AppData\Local\{2331DD3F-5EC4-43AB-907B-8C7E5E208E61} (Empty Folder)
Successfully deleted: C:\Users\Marcel Ruckober\AppData\Local\{258F0C26-9FAD-4441-9A15-6C6D79FCB614} (Empty Folder)
Successfully deleted: C:\Users\Marcel Ruckober\AppData\Local\{25DD9270-5429-4572-85DD-610DE8C2439B} (Empty Folder)
Successfully deleted: C:\Users\Marcel Ruckober\AppData\Local\{2A1AC9DD-204C-4DB6-B465-92A7737ABF48} (Empty Folder)
Successfully deleted: C:\Users\Marcel Ruckober\AppData\Local\{2A1D7D13-FC73-4AD6-B9D3-BEB1589F8400} (Empty Folder)
Successfully deleted: C:\Users\Marcel Ruckober\AppData\Local\{2BE014B4-2D2B-48D7-8EC5-FD4A77800CE9} (Empty Folder)
Successfully deleted: C:\Users\Marcel Ruckober\AppData\Local\{2D881905-A242-419E-8492-46C7A6912797} (Empty Folder)
Successfully deleted: C:\Users\Marcel Ruckober\AppData\Local\{2D9D1166-A5CE-454E-8606-685F152755D0} (Empty Folder)
Successfully deleted: C:\Users\Marcel Ruckober\AppData\Local\{3033ADD3-8725-4655-BFFB-55CC3E2E265A} (Empty Folder)
Successfully deleted: C:\Users\Marcel Ruckober\AppData\Local\{30BD3B65-72AB-4731-84B4-35263E372B31} (Empty Folder)
Successfully deleted: C:\Users\Marcel Ruckober\AppData\Local\{33DC0EDF-DB84-4389-BF4E-D3ECFB5C270E} (Empty Folder)
Successfully deleted: C:\Users\Marcel Ruckober\AppData\Local\{345E52DE-B4D7-42E1-A60C-39A41B654959} (Empty Folder)
Successfully deleted: C:\Users\Marcel Ruckober\AppData\Local\{34932B46-1AE5-4960-B5AC-373214B6598B} (Empty Folder)
Successfully deleted: C:\Users\Marcel Ruckober\AppData\Local\{364C4BE1-D846-420D-8803-D3EE2B682A95} (Empty Folder)
Successfully deleted: C:\Users\Marcel Ruckober\AppData\Local\{37515C6E-E0E3-454E-977E-8CA0004619B4} (Empty Folder)
Successfully deleted: C:\Users\Marcel Ruckober\AppData\Local\{3849168B-EE1B-4631-AFF4-4F16630BEA5E} (Empty Folder)
Successfully deleted: C:\Users\Marcel Ruckober\AppData\Local\{3951A7D0-C2A1-42D6-A107-7FBBC90442A5} (Empty Folder)
Successfully deleted: C:\Users\Marcel Ruckober\AppData\Local\{3AB3DE38-BE8B-4246-8762-9070DBF806D3} (Empty Folder)
Successfully deleted: C:\Users\Marcel Ruckober\AppData\Local\{3D190814-F798-4A17-9C4B-3D2733AD0534} (Empty Folder)
Successfully deleted: C:\Users\Marcel Ruckober\AppData\Local\{3DC28784-6324-469B-9A7E-66C71331BB1A} (Empty Folder)
Successfully deleted: C:\Users\Marcel Ruckober\AppData\Local\{3E61CC7B-44DE-49A5-BC98-C420F1D04010} (Empty Folder)
Successfully deleted: C:\Users\Marcel Ruckober\AppData\Local\{3E69720E-FFB5-4FCA-957E-8E797B9D5F29} (Empty Folder)
Successfully deleted: C:\Users\Marcel Ruckober\AppData\Local\{3EA89455-03E3-426D-8614-A7BE18DCC4E5} (Empty Folder)
Successfully deleted: C:\Users\Marcel Ruckober\AppData\Local\{40C8DF0F-9F17-495D-9764-E393339264BD} (Empty Folder)
Successfully deleted: C:\Users\Marcel Ruckober\AppData\Local\{4238FADA-C6D0-4DD4-B165-FF8E33A88DCF} (Empty Folder)
Successfully deleted: C:\Users\Marcel Ruckober\AppData\Local\{424A40B9-A4F9-4A36-B40D-7788357E85AA} (Empty Folder)
Successfully deleted: C:\Users\Marcel Ruckober\AppData\Local\{42C77160-BE40-409A-8904-17F17992B850} (Empty Folder)
Successfully deleted: C:\Users\Marcel Ruckober\AppData\Local\{45F287BC-2B9D-4912-B759-C4A1AF4576E5} (Empty Folder)
Successfully deleted: C:\Users\Marcel Ruckober\AppData\Local\{46CEDFE2-6EF3-4760-968F-B5E7FCD1B507} (Empty Folder)
Successfully deleted: C:\Users\Marcel Ruckober\AppData\Local\{48036815-3353-46A5-8DB4-5BEE0A878A82} (Empty Folder)
Successfully deleted: C:\Users\Marcel Ruckober\AppData\Local\{49D1124F-0631-4A42-A871-11DE0AD8B203} (Empty Folder)
Successfully deleted: C:\Users\Marcel Ruckober\AppData\Local\{4B173DC0-B6D0-43D8-B78F-ADE95FB024E2} (Empty Folder)
Successfully deleted: C:\Users\Marcel Ruckober\AppData\Local\{4B768CC1-C6D0-4124-BF7A-248906F31E41} (Empty Folder)
Successfully deleted: C:\Users\Marcel Ruckober\AppData\Local\{4C263E24-919A-430E-A54C-CA10F9A0539A} (Empty Folder)
Successfully deleted: C:\Users\Marcel Ruckober\AppData\Local\{4DD659AC-DAB3-4B26-96F6-3192C8CC573A} (Empty Folder)
Successfully deleted: C:\Users\Marcel Ruckober\AppData\Local\{4E8CC45F-0009-4EBF-AFC0-5E8DB868EDC0} (Empty Folder)
Successfully deleted: C:\Users\Marcel Ruckober\AppData\Local\{4EFFF32F-BEA6-47CA-BFCF-88EE8DBC6DF2} (Empty Folder)
Successfully deleted: C:\Users\Marcel Ruckober\AppData\Local\{4F48AF8B-DC32-496F-A39F-644764199174} (Empty Folder)
Successfully deleted: C:\Users\Marcel Ruckober\AppData\Local\{5058481D-B1F1-457F-9A0B-2FB7298302C0} (Empty Folder)
Successfully deleted: C:\Users\Marcel Ruckober\AppData\Local\{50D2D39B-A03A-4BAC-BEEA-2B1658B33DD6} (Empty Folder)
Successfully deleted: C:\Users\Marcel Ruckober\AppData\Local\{51DE06B3-FF22-4C88-992F-54A837A9F7A0} (Empty Folder)
Successfully deleted: C:\Users\Marcel Ruckober\AppData\Local\{561CFBBF-0BD2-429F-A92F-A02DF245923B} (Empty Folder)
Successfully deleted: C:\Users\Marcel Ruckober\AppData\Local\{56E9D061-E751-4E16-B8B3-75CAEB103B4C} (Empty Folder)
Successfully deleted: C:\Users\Marcel Ruckober\AppData\Local\{586DE705-91C5-45C8-BB7D-509FB6D4370C} (Empty Folder)
Successfully deleted: C:\Users\Marcel Ruckober\AppData\Local\{58B47D75-C12F-4EC3-91B5-CF3A5D234E74} (Empty Folder)
Successfully deleted: C:\Users\Marcel Ruckober\AppData\Local\{5A4FF2E5-E404-4921-BDED-FB5DFD2A78BC} (Empty Folder)
Successfully deleted: C:\Users\Marcel Ruckober\AppData\Local\{5CDA50AA-4942-46AD-BF2A-DFEB8C83AA7F} (Empty Folder)
Successfully deleted: C:\Users\Marcel Ruckober\AppData\Local\{5D3EF3EB-8602-45EF-AA01-F1E65D392671} (Empty Folder)
Successfully deleted: C:\Users\Marcel Ruckober\AppData\Local\{5E1D80EC-6AD9-4507-8C8F-6BBE44FE9AE7} (Empty Folder)
Successfully deleted: C:\Users\Marcel Ruckober\AppData\Local\{5F22FF55-F0D6-4C87-B2CC-93F80254EE24} (Empty Folder)
Successfully deleted: C:\Users\Marcel Ruckober\AppData\Local\{5FB053AC-438A-4D16-8804-4887C19C8BDC} (Empty Folder)
Successfully deleted: C:\Users\Marcel Ruckober\AppData\Local\{5FC3D711-F444-41D1-900F-3D4B269F9855} (Empty Folder)
Successfully deleted: C:\Users\Marcel Ruckober\AppData\Local\{6484D94D-141B-43F9-AD6E-4CBFA54CCB3B} (Empty Folder)
Successfully deleted: C:\Users\Marcel Ruckober\AppData\Local\{68D5A931-6B4E-450F-9A8E-8DD199B83092} (Empty Folder)
Successfully deleted: C:\Users\Marcel Ruckober\AppData\Local\{6A4A98FE-939B-4BCF-A255-FEBBE848F608} (Empty Folder)
Successfully deleted: C:\Users\Marcel Ruckober\AppData\Local\{6AE56B68-3DB3-4191-9535-6A9B85F9F538} (Empty Folder)
Successfully deleted: C:\Users\Marcel Ruckober\AppData\Local\{6C90D456-8BED-4A5C-B70B-4EF80F54AC65} (Empty Folder)
Successfully deleted: C:\Users\Marcel Ruckober\AppData\Local\{7295042D-C245-4411-97C7-E4705EEBE466} (Empty Folder)
Successfully deleted: C:\Users\Marcel Ruckober\AppData\Local\{74020F01-104D-4E7D-B223-181EF6B62CA8} (Empty Folder)
Successfully deleted: C:\Users\Marcel Ruckober\AppData\Local\{77ABFA3A-FE35-474F-9068-4F31B0572CD6} (Empty Folder)
Successfully deleted: C:\Users\Marcel Ruckober\AppData\Local\{798043BD-3FC9-4879-9E66-4AD594C31A8D} (Empty Folder)
Successfully deleted: C:\Users\Marcel Ruckober\AppData\Local\{79AF6EA1-55F2-45C4-9220-AD9D022F7515} (Empty Folder)
Successfully deleted: C:\Users\Marcel Ruckober\AppData\Local\{7A2B1BF1-DE98-4883-BD9F-941E1ECD4BA4} (Empty Folder)
Successfully deleted: C:\Users\Marcel Ruckober\AppData\Local\{7C3127F8-2793-40EC-9349-7F75039C9994} (Empty Folder)
Successfully deleted: C:\Users\Marcel Ruckober\AppData\Local\{7C3C6599-A076-4E09-9848-A84804844374} (Empty Folder)
Successfully deleted: C:\Users\Marcel Ruckober\AppData\Local\{7DB36715-FA62-4663-8675-24239F68A762} (Empty Folder)
Successfully deleted: C:\Users\Marcel Ruckober\AppData\Local\{7E0F19C5-8443-4BC9-B5CB-A286A8C38047} (Empty Folder)
Successfully deleted: C:\Users\Marcel Ruckober\AppData\Local\{7EB4B69F-E85E-4597-BA63-43BF8938C61D} (Empty Folder)
Successfully deleted: C:\Users\Marcel Ruckober\AppData\Local\{7EC3F0FB-32FA-4BD6-9E7D-DBA00E43D680} (Empty Folder)
Successfully deleted: C:\Users\Marcel Ruckober\AppData\Local\{7FD13A8B-FF4D-4BFF-8FC7-2F4C9CF2000A} (Empty Folder)
Successfully deleted: C:\Users\Marcel Ruckober\AppData\Local\{80040728-3EA5-4514-9FFF-CEDC9BE43B90} (Empty Folder)
Successfully deleted: C:\Users\Marcel Ruckober\AppData\Local\{8132955C-98BD-4938-847C-AB1EFEF312EB} (Empty Folder)
Successfully deleted: C:\Users\Marcel Ruckober\AppData\Local\{82590376-1654-4871-9E51-83F0FAC3340E} (Empty Folder)
Successfully deleted: C:\Users\Marcel Ruckober\AppData\Local\{84E1D72E-91E7-4041-BC56-7AC0F0C23316} (Empty Folder)
Successfully deleted: C:\Users\Marcel Ruckober\AppData\Local\{866B0308-D492-4474-9DBC-3949D62F57AB} (Empty Folder)
Successfully deleted: C:\Users\Marcel Ruckober\AppData\Local\{86C4E383-4E1F-4359-BA3E-7EE5659DDEEB} (Empty Folder)
Successfully deleted: C:\Users\Marcel Ruckober\AppData\Local\{86E3E6EB-7D5E-4FA3-A573-2B350264D4F5} (Empty Folder)
Successfully deleted: C:\Users\Marcel Ruckober\AppData\Local\{876E729D-FF6B-4991-BC75-EE347973CB9E} (Empty Folder)
Successfully deleted: C:\Users\Marcel Ruckober\AppData\Local\{89701CCA-A54E-4823-9B18-BCF7930830E9} (Empty Folder)
Successfully deleted: C:\Users\Marcel Ruckober\AppData\Local\{8A972B15-ADC7-423B-9486-8C854D4131C8} (Empty Folder)
Successfully deleted: C:\Users\Marcel Ruckober\AppData\Local\{8C921B7A-74EE-447C-A009-8D50FFC4D4B7} (Empty Folder)
Successfully deleted: C:\Users\Marcel Ruckober\AppData\Local\{8E08159B-7C99-4B74-B289-3C5CA0EB2BB9} (Empty Folder)
Successfully deleted: C:\Users\Marcel Ruckober\AppData\Local\{8E5A7D7D-0337-4865-8C53-698123475ABF} (Empty Folder)
Successfully deleted: C:\Users\Marcel Ruckober\AppData\Local\{8EEAEC7A-8451-4CF8-935C-AE5F2A0489F7} (Empty Folder)
Successfully deleted: C:\Users\Marcel Ruckober\AppData\Local\{8F0D4461-5281-4289-A677-5B79D98EBE74} (Empty Folder)
Successfully deleted: C:\Users\Marcel Ruckober\AppData\Local\{916B9EB6-47D2-41F1-91C0-B579585D3E15} (Empty Folder)
Successfully deleted: C:\Users\Marcel Ruckober\AppData\Local\{93448D4D-C9AB-42F5-ABA8-253F25A2EFDB} (Empty Folder)
Successfully deleted: C:\Users\Marcel Ruckober\AppData\Local\{94439CD5-67A0-4A5F-B021-F1273ACB2746} (Empty Folder)
Successfully deleted: C:\Users\Marcel Ruckober\AppData\Local\{94E75E5B-7501-49AC-8253-5E3E6592E0DF} (Empty Folder)
Successfully deleted: C:\Users\Marcel Ruckober\AppData\Local\{95BA11FF-E8EB-4E96-B6BC-69A9A3CC7612} (Empty Folder)
Successfully deleted: C:\Users\Marcel Ruckober\AppData\Local\{95F23E61-2538-4830-946B-65B4EDADE5CC} (Empty Folder)
Successfully deleted: C:\Users\Marcel Ruckober\AppData\Local\{97F93502-13FB-4687-B42C-E2D2960D805A} (Empty Folder)
Successfully deleted: C:\Users\Marcel Ruckober\AppData\Local\{9964986A-2201-4834-89BA-853F3EA79FA4} (Empty Folder)
Successfully deleted: C:\Users\Marcel Ruckober\AppData\Local\{9A594BB3-5DCA-46FF-89A8-8239178C82A8} (Empty Folder)
Successfully deleted: C:\Users\Marcel Ruckober\AppData\Local\{9B8B997A-76EF-4829-BA01-38FD2034264D} (Empty Folder)
Successfully deleted: C:\Users\Marcel Ruckober\AppData\Local\{9D3BA113-4480-4E7A-B9A4-BECF3A6468D2} (Empty Folder)
Successfully deleted: C:\Users\Marcel Ruckober\AppData\Local\{9E2B18ED-A89E-4DCC-803D-25F82237F6CB} (Empty Folder)
Successfully deleted: C:\Users\Marcel Ruckober\AppData\Local\{9F12E3EB-2CBD-466D-B6C7-49AF6BDB7C4D} (Empty Folder)
Successfully deleted: C:\Users\Marcel Ruckober\AppData\Local\{A2F74C8B-9561-44DE-AABD-5AC3D9C0F830} (Empty Folder)
Successfully deleted: C:\Users\Marcel Ruckober\AppData\Local\{A3704F3B-CCD2-4FF9-88BA-82BC5D678F4D} (Empty Folder)
Successfully deleted: C:\Users\Marcel Ruckober\AppData\Local\{A72E9B2C-49F9-4DA4-AA40-92AD2F5ED80F} (Empty Folder)
Successfully deleted: C:\Users\Marcel Ruckober\AppData\Local\{A73BC732-FC15-480A-9D16-DB6FACF81D29} (Empty Folder)
Successfully deleted: C:\Users\Marcel Ruckober\AppData\Local\{A85085D6-AE61-445A-BEEF-048EB4B33103} (Empty Folder)
Successfully deleted: C:\Users\Marcel Ruckober\AppData\Local\{A88D6BB3-4CC8-4056-924F-46FA23B38EA8} (Empty Folder)
Successfully deleted: C:\Users\Marcel Ruckober\AppData\Local\{A8AE6C21-46F8-4C78-9BBB-ED32B54B713E} (Empty Folder)
Successfully deleted: C:\Users\Marcel Ruckober\AppData\Local\{A9355B7B-72CF-4311-8982-042BD48CF1A9} (Empty Folder)
Successfully deleted: C:\Users\Marcel Ruckober\AppData\Local\{A942891D-4465-4F3F-AF9F-63C78280EF1B} (Empty Folder)
Successfully deleted: C:\Users\Marcel Ruckober\AppData\Local\{ACCF747A-3B37-40B0-8C67-EBAA13E6EE05} (Empty Folder)
Successfully deleted: C:\Users\Marcel Ruckober\AppData\Local\{AE664672-06E8-442C-B196-42023AD84E5E} (Empty Folder)
Successfully deleted: C:\Users\Marcel Ruckober\AppData\Local\{AFF614EE-8B6A-4054-BF86-9CD069D1178A} (Empty Folder)
Successfully deleted: C:\Users\Marcel Ruckober\AppData\Local\{B00F0F51-3D15-4ACA-947D-1F41BF41E2D2} (Empty Folder)
Successfully deleted: C:\Users\Marcel Ruckober\AppData\Local\{B196299C-FB0E-4945-B403-E234CAC66260} (Empty Folder)
Successfully deleted: C:\Users\Marcel Ruckober\AppData\Local\{B1ECE71D-A685-49D8-86D4-37A616BC1A99} (Empty Folder)
Successfully deleted: C:\Users\Marcel Ruckober\AppData\Local\{B440CDDC-08B3-47D7-A289-D4173CAF752E} (Empty Folder)
Successfully deleted: C:\Users\Marcel Ruckober\AppData\Local\{B44FE7D5-D3F1-4B41-B85C-F2DDECAC22CF} (Empty Folder)
Successfully deleted: C:\Users\Marcel Ruckober\AppData\Local\{B4F62174-BA36-4CE2-A56C-D78709C1FC52} (Empty Folder)
Successfully deleted: C:\Users\Marcel Ruckober\AppData\Local\{B54E0DE5-2ABA-451A-8065-16F72E7D1EF3} (Empty Folder)
Successfully deleted: C:\Users\Marcel Ruckober\AppData\Local\{B584D3A2-2303-4D47-98CA-2219B079C1AF} (Empty Folder)
Successfully deleted: C:\Users\Marcel Ruckober\AppData\Local\{B6974D66-C909-4BBF-8658-6A7186A94E9F} (Empty Folder)
Successfully deleted: C:\Users\Marcel Ruckober\AppData\Local\{B9233133-A525-4E33-8A49-7E8DD938EF96} (Empty Folder)
Successfully deleted: C:\Users\Marcel Ruckober\AppData\Local\{BD1C4CC2-47A5-4059-9721-74BF139A9599} (Empty Folder)
Successfully deleted: C:\Users\Marcel Ruckober\AppData\Local\{BF07A1EC-DADE-41A1-8B6F-A65D62BCDD82} (Empty Folder)
Successfully deleted: C:\Users\Marcel Ruckober\AppData\Local\{BF52C38A-3455-4B0C-BF10-3A66427A1C37} (Empty Folder)
Successfully deleted: C:\Users\Marcel Ruckober\AppData\Local\{C2278A13-6726-48BC-B492-0287E800E93B} (Empty Folder)
Successfully deleted: C:\Users\Marcel Ruckober\AppData\Local\{C3CBC224-950F-45B2-BFF1-EAD4D751BBBE} (Empty Folder)
Successfully deleted: C:\Users\Marcel Ruckober\AppData\Local\{C41AF460-0160-4A9D-A8CD-95EA6E4B221D} (Empty Folder)
Successfully deleted: C:\Users\Marcel Ruckober\AppData\Local\{C4AD42CB-2846-4667-914C-E4151180B2E6} (Empty Folder)
Successfully deleted: C:\Users\Marcel Ruckober\AppData\Local\{C56F18E7-5251-4948-A686-E8D4478B9B7C} (Empty Folder)
Successfully deleted: C:\Users\Marcel Ruckober\AppData\Local\{C59FE1F3-3F69-4271-919D-EF912ED13CE2} (Empty Folder)
Successfully deleted: C:\Users\Marcel Ruckober\AppData\Local\{C5D3D101-1E65-4610-895C-F1342F24C4B9} (Empty Folder)
Successfully deleted: C:\Users\Marcel Ruckober\AppData\Local\{C68E8AF2-B0CC-431A-AFE0-2DFFA6690320} (Empty Folder)
Successfully deleted: C:\Users\Marcel Ruckober\AppData\Local\{C9F8DC23-73F1-4684-B35E-12BC4AF6B1E9} (Empty Folder)
Successfully deleted: C:\Users\Marcel Ruckober\AppData\Local\{CC667E5B-6CBA-4CF7-A390-EB5465CC33C9} (Empty Folder)
Successfully deleted: C:\Users\Marcel Ruckober\AppData\Local\{D03B451B-C4F5-4A35-AFF2-3C7999E2D6B8} (Empty Folder)
Successfully deleted: C:\Users\Marcel Ruckober\AppData\Local\{D35B97B7-F987-4C62-90B9-222D27A34241} (Empty Folder)
Successfully deleted: C:\Users\Marcel Ruckober\AppData\Local\{D3890028-3F0B-4FBA-AE15-61BBC9EE4C3E} (Empty Folder)
Successfully deleted: C:\Users\Marcel Ruckober\AppData\Local\{D4869C67-182C-4E82-9AD6-3B067C23E987} (Empty Folder)
Successfully deleted: C:\Users\Marcel Ruckober\AppData\Local\{D6027359-B03B-46F8-9378-849BE17AA743} (Empty Folder)
Successfully deleted: C:\Users\Marcel Ruckober\AppData\Local\{D8786EFA-158C-43A0-8FEB-D5FA56D2F572} (Empty Folder)
Successfully deleted: C:\Users\Marcel Ruckober\AppData\Local\{D9FE8BD4-BD65-41EA-A946-D24E0D069DF3} (Empty Folder)
Successfully deleted: C:\Users\Marcel Ruckober\AppData\Local\{DAA12826-2DC3-4EDF-8AE8-DB1A70579666} (Empty Folder)
Successfully deleted: C:\Users\Marcel Ruckober\AppData\Local\{DBF83799-5493-4457-AA2D-48C1798E2C4A} (Empty Folder)
Successfully deleted: C:\Users\Marcel Ruckober\AppData\Local\{DC30BAFC-110D-4DCB-826C-BB441E9E7C47} (Empty Folder)
Successfully deleted: C:\Users\Marcel Ruckober\AppData\Local\{DCD214EF-3D18-4E6E-AF40-02DEC33CE595} (Empty Folder)
Successfully deleted: C:\Users\Marcel Ruckober\AppData\Local\{DCFEAFA0-4490-40E6-A46B-AE4D74883430} (Empty Folder)
Successfully deleted: C:\Users\Marcel Ruckober\AppData\Local\{DD9A6392-08D1-4019-8E3C-FE98A974D51C} (Empty Folder)
Successfully deleted: C:\Users\Marcel Ruckober\AppData\Local\{E044B919-7908-477F-804E-96B9475551C8} (Empty Folder)
Successfully deleted: C:\Users\Marcel Ruckober\AppData\Local\{E151A3E5-23CE-4CFE-9DCE-3DB32CB030F7} (Empty Folder)
Successfully deleted: C:\Users\Marcel Ruckober\AppData\Local\{E1E5A8A2-C027-429E-8ADB-D7F6F8732E49} (Empty Folder)
Successfully deleted: C:\Users\Marcel Ruckober\AppData\Local\{E2116351-F061-4346-8ED1-BD68D114632E} (Empty Folder)
Successfully deleted: C:\Users\Marcel Ruckober\AppData\Local\{E2FB07F2-DBFC-46DA-AA79-1612E2259F94} (Empty Folder)
Successfully deleted: C:\Users\Marcel Ruckober\AppData\Local\{E41BA8C7-43AA-4D06-9CBB-39899824DEE5} (Empty Folder)
Successfully deleted: C:\Users\Marcel Ruckober\AppData\Local\{E447CD88-BEFC-4C3F-B2CC-DB4D35BCF724} (Empty Folder)
Successfully deleted: C:\Users\Marcel Ruckober\AppData\Local\{E5D5E47E-5806-482F-910F-D1C6B4A9D959} (Empty Folder)
Successfully deleted: C:\Users\Marcel Ruckober\AppData\Local\{E63B71F2-9C51-4395-9540-D82C3BE2BCDE} (Empty Folder)
Successfully deleted: C:\Users\Marcel Ruckober\AppData\Local\{E6A58CF1-60F7-4F6C-A2BF-35E50BD580A6} (Empty Folder)
Successfully deleted: C:\Users\Marcel Ruckober\AppData\Local\{E7E061FE-6BBF-406A-9FA3-C8C3298E02B6} (Empty Folder)
Successfully deleted: C:\Users\Marcel Ruckober\AppData\Local\{E935B78A-C84D-4A09-88EE-9B4DF35AB4DE} (Empty Folder)
Successfully deleted: C:\Users\Marcel Ruckober\AppData\Local\{E9CED149-47D2-4067-9584-44E34ED0D1C5} (Empty Folder)
Successfully deleted: C:\Users\Marcel Ruckober\AppData\Local\{EA6D4C86-B8AF-4F7A-9615-EE6510C73551} (Empty Folder)
Successfully deleted: C:\Users\Marcel Ruckober\AppData\Local\{EB7C8C29-59D7-4CB3-8768-6EF1EF3C693B} (Empty Folder)
Successfully deleted: C:\Users\Marcel Ruckober\AppData\Local\{EFE64B8B-6DE1-40B4-9DA5-96474E8A9726} (Empty Folder)
Successfully deleted: C:\Users\Marcel Ruckober\AppData\Local\{F1CEB8C0-7812-4929-8ACC-21710BE96779} (Empty Folder)
Successfully deleted: C:\Users\Marcel Ruckober\AppData\Local\{F1DFB2C6-891C-4351-BF79-D58D285A4E70} (Empty Folder)
Successfully deleted: C:\Users\Marcel Ruckober\AppData\Local\{F3071C3E-28DC-49C4-BA1B-214BAD20066D} (Empty Folder)
Successfully deleted: C:\Users\Marcel Ruckober\AppData\Local\{F40875EA-7F82-4A9F-B3E5-3DE047979925} (Empty Folder)
Successfully deleted: C:\Users\Marcel Ruckober\AppData\Local\{F4149DC3-DB90-4C06-B512-140F44D720BA} (Empty Folder)
Successfully deleted: C:\Users\Marcel Ruckober\AppData\Local\{F43D640B-EBF8-4573-9359-9A6F88FC0C52} (Empty Folder)
Successfully deleted: C:\Users\Marcel Ruckober\AppData\Local\{F5ABBB3A-6A3E-476E-BDDA-7D3ACB831D23} (Empty Folder)
Successfully deleted: C:\Users\Marcel Ruckober\AppData\Local\{F61DBECC-2182-4C58-8368-CBB24F0EB372} (Empty Folder)
Successfully deleted: C:\Users\Marcel Ruckober\AppData\Local\{F711F874-72A0-4BBF-A79A-11023230A652} (Empty Folder)
Successfully deleted: C:\Users\Marcel Ruckober\AppData\Local\{F74BB9EB-FD98-498A-812A-2DE647B7D76E} (Empty Folder)
Successfully deleted: C:\Users\Marcel Ruckober\AppData\Local\{F7A47FF9-F1FE-4223-ADC6-BF456D619392} (Empty Folder)
Successfully deleted: C:\Users\Marcel Ruckober\AppData\Local\{F7BF70BB-0C1C-4C58-9CA7-882961253EF4} (Empty Folder)
Successfully deleted: C:\Users\Marcel Ruckober\AppData\Local\{F8E431A0-4677-4F6F-B144-244FC3A60995} (Empty Folder)
Successfully deleted: C:\Users\Marcel Ruckober\AppData\Local\{F92E676D-A69A-45A7-BDAA-F3BABC035CCC} (Empty Folder)
Successfully deleted: C:\Users\Marcel Ruckober\AppData\Local\{FA08CD73-6B75-4A70-AA39-73681ED69509} (Empty Folder)
Successfully deleted: C:\Users\Marcel Ruckober\AppData\Local\{FB85698F-4184-4B06-869C-DD678603D1F7} (Empty Folder)
Successfully deleted: C:\Users\Marcel Ruckober\AppData\Local\{FBFE4B79-D102-4F0B-8C88-E1C8ED9770F1} (Empty Folder)
Successfully deleted: C:\Users\Marcel Ruckober\AppData\Local\{FC52BFA6-3BED-451A-9346-FC49B3D1FFB8} (Empty Folder)
Successfully deleted: C:\Users\Marcel Ruckober\AppData\Local\{FE95AB1D-FB0B-49BC-B87C-C753E5D60608} (Empty Folder)
Successfully deleted: C:\Users\Marcel Ruckober\AppData\Local\installer (Folder) 
Successfully deleted: C:\Users\Marcel Ruckober\Appdata\LocalLow\company (Folder) 
Successfully deleted: C:\WINDOWS\wininit.ini (File) 



Registry: 5 

Successfully deleted: HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0F4B8786-5502-4803-8EBC-F652A1153BB6} (Registry Key)
Successfully deleted: HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AB11977A-6008-410E-8560-9D4F9C082BB1} (Registry Key)
Successfully deleted: HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0F4B8786-5502-4803-8EBC-F652A1153BB6} (Registry Key)
Successfully deleted: HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AB11977A-6008-410E-8560-9D4F9C082BB1} (Registry Key)
Successfully deleted: HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Toolbar\\{4BAAC1B8-0800-42C9-8FA6-08B211F356B8} (Registry Value) 




~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 24.05.2016 at 21:39:26,21
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

FRST Additions Logfile:

Code:

ATTFilter

Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:24-05-2016 01
durchgeführt von Marcel Ruckober (2016-05-24 21:45:06)
Gestartet von C:\Users\Marcel Ruckober\Downloads
Windows 10 Home Version 1511 (X64) (2016-04-19 17:22:49)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-189922631-1767686969-1414721043-500 - Administrator - Disabled)
ASPNET (S-1-5-21-189922631-1767686969-1414721043-1006 - Limited - Enabled)
DefaultAccount (S-1-5-21-189922631-1767686969-1414721043-503 - Limited - Disabled)
Gast (S-1-5-21-189922631-1767686969-1414721043-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-189922631-1767686969-1414721043-1003 - Limited - Enabled)
Marcel Ruckober (S-1-5-21-189922631-1767686969-1414721043-1001 - Administrator - Enabled) => C:\Users\Marcel Ruckober

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Norton Security mit Backup (Disabled - Up to date) {53C7D717-52E2-B95E-FA61-6F32ECC805DB}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Norton Security mit Backup (Disabled - Up to date) {E8A636F3-74D8-B6D0-C0D1-5440974F4F66}
FW: Norton Security mit Backup (Disabled) {6BFC5632-188D-B806-D13E-C607121B42A0}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

„Windows Live Essentials“ (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
„Windows Live Mail“ (x32 Version: 15.4.3502.0922 - „Microsoft Corporation“) Hidden
„Windows Live Messenger“ (x32 Version: 15.4.3538.0513 - „Microsoft Corporation“) Hidden
„Windows Live“ fotogalerija (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
7-Zip 9.20 (HKLM-x32\...\7-Zip) (Version:  - )
ABBYY FineReader 6.0 Sprint (HKLM-x32\...\{ACF60000-22B9-4CE9-98D6-2CCF359BAC07}) (Version: 6.00.1784.41616 - ABBYY Software House)
Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 15.016.20041 - Adobe Systems Incorporated)
Adobe Flash Player 21 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 21.0.0.213 - Adobe Systems Incorporated)
ANNO 1602 (HKLM-x32\...\{84F7CAD9-2316-4701-B5CA-E90FD60029E9}) (Version:  - )
CyberLink Media Suite (HKLM-x32\...\InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}) (Version: 8.0.2227 - CyberLink Corp.)
CyberLink MediaShow (HKLM-x32\...\InstallShield_{80E158EA-7181-40FE-A701-301CE6BE64AB}) (Version: 5.0.1130a - CyberLink Corp.)
CyberLink Power2Go (HKLM-x32\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.1.4813b - CyberLink Corp.)
CyberLink PowerDirector (HKLM-x32\...\InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}) (Version: 8.0.4207 - CyberLink Corp.)
CyberLink PowerDVD 10 (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.5509.52 - CyberLink Corp.)
CyberLink PowerDVD 12 (HKLM-x32\...\InstallShield_{B46BEA36-0B71-4A4E-AE41-87241643FA0A}) (Version: 12.0.5522.55 - CyberLink Corp.)
CyberLink YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 3.1.4417 - CyberLink Corp.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Deadlight (HKLM-x32\...\Steam App 211400) (Version:  - )
Easy File Share (HKLM-x32\...\{12F81925-F3C1-40DB-91F7-777817974319}) (Version: 1.3.1 - Samsung Electronics CO., LTD.)
Easy Migration (HKLM-x32\...\{AD86049C-3D9C-43E1-BE73-643F57D83D50}) (Version: 1.0 - Samsung Electronics Co., Ltd.)
Easy Support Center (HKLM\...\{0738F5F1-8E70-49A6-8692-F5722E1E5A4D}) (Version: 1.2.32 - Samsung Electronics CO., LTD.)
E-POP (HKLM-x32\...\{F06DD8D9-9DC8-430C-835C-C9BF21E05CC1}) (Version: 1.0.1 - Samsung)
EPSON-Handbücher (HKLM-x32\...\{84CECC1B-21EF-41B1-9A91-3E724E5D99D3}) (Version: 1.50.0.0 - SEIKO EPSON CORPORATION)
FaxRedist (HKLM-x32\...\{2C8CC208-965C-48A1-90A8-DFB484358F1C}) (Version: 1.0.0 -  )
Fotogalerija Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Fresh Minder 2 (HKLM-x32\...\{8DBBABF7-15C7-4B1A-AE40-E95D3DB8EBCC}) (Version: 2.0.0 - Fresh Minder - Vertrieb)
Galeria de Fotografias do Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galería fotográfica de Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galeria fotografii usługi Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galerie de photos Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galerie foto Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Geheimakte 3 (HKLM-x32\...\{765BF404-2FEE-492B-9E7F-A55143796EF1}) (Version: 1.00 - Deep Silver)
GIMP 2.8.4 (HKLM\...\GIMP-2_is1) (Version: 2.8.4 - The GIMP Team)
Hauppauge WinTV 7 (HKLM-x32\...\Hauppauge WinTV 7) (Version: v7.0.29302 (CD 2.4d) - Hauppauge Computer Works)
HL-1110 series (HKLM-x32\...\{4F2442B7-A89E-42A4-8F0E-6937499855CA}) (Version: 1.0.0.0 - Brother Industries, Ltd.)
Intel Security True Key (HKLM\...\TrueKey) (Version: 4.1.137.1 - Intel Security)
Intel(R) Manageability Engine Firmware Recovery Agent (HKLM-x32\...\{A6C48A9F-694A-4234-B3AA-62590B668927}) (Version: 1.0.0.35342 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.0.2.1410 - Intel Corporation)
Intel(R) OpenCL CPU Runtime (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version:  - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.4242 - Intel Corporation)
Intel(R) PROSet/Wireless Software for Bluetooth(R) Technology (HKLM\...\{F0932859-AA60-459E-B843-0BDECA34E2C7}) (Version: 2.0.0.0086 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.0.0.1032 - Intel Corporation)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 1.0.1.209 - Intel Corporation)
Intel(R) WiDi (HKLM\...\{6097158B-0184-4140-BEC3-7885794D2571}) (Version: 3.5.40.0 - Intel Corporation)
Intel(R) Wireless Display (HKLM\...\{28EF7372-9087-4AC3-9B9F-D9751FCDF830}) (Version:  - )
Intel® PROSet/Wireless Software (HKLM-x32\...\{ae509f68-6982-4506-befc-f2218d72cd5e}) (Version: 15.8.0 - Intel Corporation)
Intel® Trusted Connect Service Client (HKLM\...\{09536BA1-E498-4CC3-B834-D884A67D7E34}) (Version: 1.23.605.1 - Intel Corporation)
Java 7 Update 65 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217017FF}) (Version: 7.0.650 - Oracle)
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Malwarebytes Anti-Exploit version 1.8.1.1196 (HKLM\...\Malwarebytes Anti-Exploit_is1) (Version: 1.8.1.1196 - Malwarebytes)
Malwarebytes Anti-Malware Version 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.11.309.1 - McAfee, Inc.)
Media Go (HKLM-x32\...\{520CD4F0-9DAC-4C5C-8CA1-D0210CFF6062}) (Version: 1.4.269 - Sony)
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft .NET Framework 1.1 (HKLM-x32\...\Microsoft .NET Framework 1.1  (1033)) (Version:  - )
Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Klick-und-Los 2010 (HKLM-x32\...\Office14.Click2Run) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Starter 2010 - Deutsch (HKLM-x32\...\{90140011-0066-0407-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.41212.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{402ED4A1-8F5B-387A-8688-997ABF58B8F2}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Mozilla Firefox 46.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 46.0.1 (x86 de)) (Version: 46.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 46.0.1.5966 - Mozilla)
Mozilla Thunderbird 24.6.0 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 24.6.0 (x86 de)) (Version: 24.6.0 - Mozilla)
Multimedia POP (HKLM-x32\...\{A86C7338-BE18-4770-AA25-138513D89B0D}) (Version: 1.1 - )
MyEpson Portal (HKLM-x32\...\MyEpson Portal) (Version:  - SEIKO EPSON Corporation)
MyEpson Portal (x32 Version: 1.1.1.0 - SEIKO EPSON CORPORATION) Hidden
Norton Online Backup (HKLM-x32\...\{40A66DF6-22D3-44B5-A7D3-83B118A2C0DC}) (Version: 2.1.17869 - Symantec Corporation)
Norton Security mit Backup (HKLM-x32\...\NSBU) (Version: 22.6.0.142 - Symantec Corporation)
NVIDIA Grafiktreiber 353.84 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 353.84 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation)
OpenOffice 4.1.0 (HKLM-x32\...\{E19483E2-6C18-494D-A307-D4498BCFD2C7}) (Version: 4.10.9764 - Apache Software Foundation)
PhoneCrypt Client Version PhoneCrypt  2.9.17.2128 (HKLM-x32\...\PhoneCrypt_is1) (Version: PhoneCrypt  2.9.17.2128 - SecurStar, Inc.)
PlayStation(R)Network Downloader (HKLM-x32\...\{B6659DD8-00A7-4A24-BBFB-C1F6982E5D66}) (Version: 2.02.00076 - Sony Computer Entertainment Inc.)
PlayStation(R)Store (HKLM-x32\...\{0E532C84-4275-41B3-9D81-D4A1A20D8EE7}) (Version: 3.1.8.07881 - Sony Computer Entertainment Inc.)
Poczta usługi Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Podstawowe programy Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Pošta Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Protect Disc License Helper 1.0.125 (IE) (HKU\S-1-5-21-189922631-1767686969-1414721043-1001\...\Protect Disc License Helper) (Version: 1.0.125 - Protect Disc)
Protect Disc License Helper 1.0.125 (IE) (HKU\S-1-5-21-189922631-1767686969-1414721043-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Protect Disc License Helper) (Version: 1.0.125 - Protect Disc)
ProtectDisc Driver, Version 11 (HKLM-x32\...\ProtectDisc Driver 11) (Version: 11.0.0.14 - ProtectDisc Software GmbH)
Raccolta foto di Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.1.505.2015 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7543 - Realtek Semiconductor Corp.)
S Agent (Version: 1.1.55 - Samsung Electronics Co., Ltd.) Hidden
Samsung AllShare (HKLM-x32\...\InstallShield_{DF47ACA3-7C78-4C08-8007-AC682563C9F1}) (Version: 2.1.0.12031_10 - Samsung Electronics Co., Ltd.)
Samsung AllShare (x32 Version: 2.1.0.12031_10 - Samsung Electronics Co., Ltd.) Hidden
Samsung AnyWeb Print (HKLM-x32\...\{318DBE01-1E6B-4243-84B0-210391FE789A}) (Version: 2.0.67.1 - Samsung Electronics Co., Ltd.)
Samsung Recovery Solution 5 (HKLM-x32\...\{145DE957-0679-4A2A-BB5C-1D3E9808FAB2}) (Version: 5.7.0.1 - Samsung Electronics CO., LTD.)
Samsung Settings (HKLM-x32\...\{3BB58176-B3A7-47FD-9F18-C3576431D193}) (Version: 2.2.0 - Samsung Electronics CO., LTD.)
Samsung Universal Print Driver (HKLM-x32\...\Samsung Universal Print Driver) (Version: 2.03.01.00:36 - Samsung Electronics Co., Ltd.)
Samsung Universal Scan Driver (HKLM-x32\...\Samsung Universal Scan Driver) (Version: 1.2.6.0 - Samsung Electronics Co., Ltd.)
Samsung Update (HKLM-x32\...\{0B601907-A730-40D3-9DFC-A8452D45491F}) (Version: 2.2.25 - Samsung Electronics Co., Ltd.)
Skype™ 7.0 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.0.102 - Skype Technologies S.A.)
Software Launcher (HKLM-x32\...\{B750B5C2-CC17-4967-905B-29F4EB986131}) (Version: 1.0.2 - Samsung)
Software Updater (HKLM-x32\...\{E1BAD1BA-C0E8-4018-9281-E7D2C6B07474}) (Version: 4.3.6 - SEIKO EPSON CORPORATION)
Sony PC Companion 2.10.115 (HKLM-x32\...\{F09EF8F2-0976-42C1-8D9D-8DF78337C6E3}) (Version: 2.10.115 - Sony)
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 15.3.40.0 - Synaptics Incorporated)
The Rockin' Dead (HKLM-x32\...\The Rockin' Dead) (Version:  - bitComposer Games GmbH)
TIPP10 Version 2.1.0 (HKLM-x32\...\TIPP10_is1) (Version:  - (c) 2006-2011, Tom Thielicke IT Solutions)
Ubisoft Game Launcher (HKLM-x32\...\{888F1505-C2B3-4FDE-835D-36353EBD4754}) (Version: 1.0.0.0 - UBISOFT)
User Guide (HKLM-x32\...\{BAE68339-B0F6-4D33-9554-5A3DB2DFF5DA}) (Version: 1.1 - )
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.2 - VideoLAN)
Windows Live 程式集 (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3538.0513 - Microsoft Corporation)
Windows-Treiberpaket - Samsung Electronics Co. Ltd. (RadioHIDMini) HIDClass  (08/23/2013 6.2.8400.4218) (HKLM\...\26BFE384C802803107F583AE1A739E4FEB56134B) (Version: 08/23/2013 6.2.8400.4218 - Samsung Electronics Co. Ltd.)
Xerox PhotoCafe (HKLM-x32\...\Xerox PhotoCafe) (Version: 1.0.0.6162 - Xerox)
Συλλογή φωτογραφιών του Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Основные компоненты Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Почта Windows Live (x32 Version: 15.4.3502.0922 - Корпорация Майкрософт) Hidden
Фотоальбом Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Фотогалерия на Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
גלריית התמונות של Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
بريد Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
معرض صور Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

CustomCLSID: HKU\S-1-5-21-189922631-1767686969-1414721043-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\Marcel Ruckober\AppData\Local\Microsoft\OneDrive\17.3.6386.0412\FileCoAuth.exe (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-189922631-1767686969-1414721043-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\WINDOWS\system32\igfxEM.exe (Intel Corporation)
CustomCLSID: HKU\S-1-5-21-189922631-1767686969-1414721043-1001_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\Marcel Ruckober\AppData\Local\Microsoft\OneDrive\17.3.6386.0412\FileCoAuth.exe (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-189922631-1767686969-1414721043-1001_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\WINDOWS\system32\igfxEM.exe (Intel Corporation)

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {05D93C23-0339-4783-BAC1-437D147AD3C9} - System32\Tasks\Microsoft\Windows\Media Center\StartRecording => C:\Windows\ehome\ehrec.exe
Task: {0AA7DD8D-C143-4EB2-A91D-B2CA92480A32} - System32\Tasks\Norton Security with Backup\Norton Error Processor => C:\Program Files (x86)\Norton Security with Backup\Engine\22.6.0.142\SymErr.exe [2016-02-10] (Symantec Corporation)
Task: {179ADBFC-E116-4C10-B76E-38BEF94C913C} - \PC Speed Maximizer Schedule -> Keine Datei <==== ACHTUNG
Task: {1A8BEC5A-ED2B-45F1-B109-41F3E9B8B826} - System32\Tasks\{105F6E78-7D1E-4F67-96E2-FDFAFC55ACD7} => C:\Windows\twain_32\escndv\escndv.exe
Task: {1AF8604F-C7FA-4FC1-8DBA-76423F7872F7} - System32\Tasks\EPSON XP-322 323 325 Series Update {C69226D6-BAF3-498A-A0CB-E4B5F2A5D953} => C:\windows\system32\spool\DRIVERS\x64\3\E_YTSNEE.EXE
Task: {1B911769-259D-4D0D-A77D-9E71AC42251D} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\Windows\ehome\ehPrivJob.exe
Task: {1DD3FFCF-7DDB-4542-B045-1B517DDF1C82} - System32\Tasks\advSRS5 => C:\Program Files (x86)\Samsung\Samsung Recovery Solution 5\WCScheduler.exe [2015-07-06] (SEC)
Task: {22F2EBEB-0A87-4A01-990C-BBAA81DE241B} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\Windows\ehome\ehPrivJob.exe
Task: {238B96E3-4B82-4B32-8443-9F95AD659799} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Keine Datei <==== ACHTUNG
Task: {246A5DC2-DECE-40E9-A5D5-2F5221A8BD74} - System32\Tasks\SettingsEventHandlerMonitor => C:\Program Files (x86)\Samsung\Settings\CmdServer\RSSettingEventHandler.exe [2015-06-24] (Samsung Electronics CO., LTD.)
Task: {2ACAD73D-22A1-4C63-A0A4-D2B2D4A4AC0A} - System32\Tasks\Xerox PhotoCafe Communicator => C:\ProgramData\Xerox PhotoCafe\MessageCheck.exe [2011-10-26] ()
Task: {332BC97F-CFD6-41F1-98C5-B3FC161912E3} - System32\Tasks\CreateChoiceProcessTask => C:\Windows\System32\browserchoice.exe
Task: {37092E36-A8AB-49BA-808A-A119F209868F} - System32\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe [2011-11-25] (Intel Corporation)
Task: {375230AC-2076-4485-A0D3-8265E0E33B9A} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime -> Keine Datei <==== ACHTUNG
Task: {4BC11492-1C6C-4FA9-A3EB-B577E5C7C803} - System32\Tasks\Calpukp => C:\PROGRA~1\Nulufomp\Foxsafz.bat <==== ACHTUNG
Task: {4D328541-C819-4278-BF50-8FFE5EF143C6} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\Windows\ehome\ehPrivJob.exe
Task: {4E9B123A-AD6B-4761-A560-6E321FFC6163} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-04-22] (Adobe Systems Incorporated)
Task: {53B1C0B2-F6AD-4100-BFC0-0F7ADCBD39ED} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\Windows\ehome\MCUpdate.exe
Task: {56CEDDC4-43F2-4D8E-863A-0F4D16E824F4} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {58770DF5-2FF1-4476-8386-001589974321} - System32\Tasks\PDVDServ12 Task => C:\Program Files (x86)\CyberLink\PowerDVD12\PDVD12Serv.exe [2015-07-27] (CyberLink Corp.)
Task: {5A6B9439-0178-4339-9EFE-0F7604DFADDA} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\Windows\ehome\ehPrivJob.exe
Task: {5CA1A10D-5CAB-4159-BD43-D8AE78CCF101} - System32\Tasks\LaunchSettings => C:\Program Files (x86)\Samsung\Settings\Settings.exe [2015-06-24] ()
Task: {6BD33652-27F8-4ABA-BFB7-961246B22B69} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {6C5C30A8-F7D0-468D-87AD-4FA8D92C5DD0} - System32\Tasks\EasySupportCenter => C:\Program Files\Samsung\Easy Support Center\SamoyedAgent.exe
Task: {6CE69357-A236-493C-B638-D3CFBF0B8DA2} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\Windows\ehome\ehPrivJob.exe
Task: {7058D631-AF91-46FD-8C52-58A3B3D18FFF} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\Windows\ehome\ehPrivJob.exe
Task: {7479C151-9FAD-4AC8-A651-06B0AC54DEC2} - System32\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe [2011-11-25] (Intel Corporation)
Task: {74FC3B4D-CB8C-40F5-9B3E-0B9AB859133A} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\Windows\ehome\ehrec.exe
Task: {75370740-1078-4EBE-B331-CCF4DF9D7744} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\Windows\ehome\mcupdate.exe
Task: {771DBA8B-7EAF-4893-A587-FAA049661BF9} - System32\Tasks\Norton Security with Backup\Norton Autofix => C:\Program Files (x86)\Norton Security with Backup\Engine\22.6.0.142\SymErr.exe [2016-02-10] (Symantec Corporation)
Task: {791CD5ED-B441-4817-992A-B72AA6E97D3A} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Keine Datei <==== ACHTUNG
Task: {7CA5E8FA-58C6-40EC-B4EA-2A427B23E279} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Keine Datei <==== ACHTUNG
Task: {7CBBCDDE-148D-45BC-B22B-0C66633ADC0A} - System32\Tasks\Ypufko => C:\PROGRA~1\Behqec\Digolorf.bat <==== ACHTUNG
Task: {8B8F036D-500F-44A6-8999-A38E6C570134} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime -> Keine Datei <==== ACHTUNG
Task: {90170080-4A42-4C38-89F3-3F4B3B8289EC} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Keine Datei <==== ACHTUNG
Task: {9A17F065-9771-4632-9EA3-D2E0D12B1821} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\Windows\ehome\ehPrivJob.exe
Task: {9C6CBEAD-8C12-4BC7-BA94-AC6F05170EF8} - System32\Tasks\{15088E54-DFAB-4EEB-B577-D1A91023FE95} => pcalua.exe -a C:\windows\system32\pcwrun.exe -c "C:\Program Files (x86)\Savvy TV\dvbttv.exe"
Task: {9F2B3EA1-41F3-49BA-B959-8F7356AE42DA} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Keine Datei <==== ACHTUNG
Task: {A175A859-CBFE-47FA-914D-7F3EA5E9EA34} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\Windows\ehome\ehPrivJob.exe
Task: {A37A37B2-BA2A-43C0-9225-C8855F17AA77} - System32\Tasks\Adobe Flash Player Updater => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-05-03] (Adobe Systems Incorporated)
Task: {A3ED3617-E2CD-44B4-BCF5-222E57F3C58C} - System32\Tasks\{61057125-BE50-4F81-8CFA-122F0CD8FAA2} => C:\Windows\twain_32\escndv\escndv.exe
Task: {A5B3B78B-6194-48E0-AFD5-B2BD4036B89B} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Keine Datei <==== ACHTUNG
Task: {B7EE7BC6-2052-4A85-805B-4C4B6B4E8A2E} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Keine Datei <==== ACHTUNG
Task: {B9372182-3368-4DEB-9588-3FF621BF9B64} - System32\Tasks\FastBrowsing2 => C:\Windows\Temp\FastBrowsing2.exe <==== ACHTUNG
Task: {B9BC9E63-94F9-43DC-B483-4FD7F489123D} - System32\Tasks\MirageAgent => C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe [2011-08-17] (CyberLink)
Task: {BC36E4D2-7394-4384-92A0-260FCD041EFA} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {BF4ED1B7-E8EA-42A7-A3AD-59F1B434659C} - System32\Tasks\SAgent => C:\Program Files\Samsung\S Agent\CommonAgent.exe [2015-12-09] (Samsung Electronics Co., Ltd.)
Task: {C8FC4AB1-1D14-42D8-88D6-24FC1DD1DD2E} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Keine Datei <==== ACHTUNG
Task: {CC0FF2A1-4767-45CA-8955-5568496031B9} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\Windows\ehome\ehPrivJob.exe
Task: {CC3D9102-7427-4590-9DB0-2110570B2C80} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\Windows\ehome\mcupdate.exe
Task: {CE3EEA6A-B631-4959-8390-4F83A2F76B6B} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Keine Datei <==== ACHTUNG
Task: {DAFA2957-F27A-4ABB-BFD6-D43A2AC09616} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {DBB7882B-DEF9-4853-BA27-BFBF2A20B483} - System32\Tasks\Norton WSC Integration => C:\Program Files (x86)\Norton Security with Backup\Engine\22.6.0.142\WSCStub.exe [2016-02-26] (Symantec Corporation)
Task: {E1AAF74D-9B9E-495A-80BC-EF889EDD94FF} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Keine Datei <==== ACHTUNG
Task: {E2933A1A-CC2E-471E-B56C-6D0F0667CF92} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2016-05-11] (Microsoft Corporation)
Task: {E9E275E1-0DC4-4E8D-8A3D-B6EDD2DA7EDD} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\Windows\ehome\mcupdate.exe
Task: {ED86F757-395A-4F01-A083-D290133347B0} - System32\Tasks\{CD8C37B6-1DA2-4A9A-B2FA-833C841F2606} => pcalua.exe -a D:\setup.exe -d D:\
Task: {EF7343DE-4375-49A3-8492-31255CA3BBF7} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\Windows\ehome\ehPrivJob.exe
Task: {F0D26271-0802-459B-99A3-B6C3F8655CAB} - System32\Tasks\{EC5838CF-3B72-4FCB-AEA3-73238E53A909} => pcalua.exe -a "C:\Users\Marcel Ruckober\Downloads\7kaa_full_2.13.0_setup.exe" -d "C:\Users\Marcel Ruckober\Downloads"
Task: {F1512E10-BDE2-4450-9B44-B8B205D60D4E} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\Windows\ehome\ehPrivJob.exe
Task: {F7447D3D-330C-4124-A8E5-E729317870FB} - System32\Tasks\Remediation\AntimalwareMigrationTask => C:\Program Files\Common Files\AV\Norton Security mit Backup\Upgrade.exe [2016-02-26] (Symantec Corporation)
Task: {F8058B55-1D4E-4FC3-A925-8766B87C0CEF} - System32\Tasks\Norton Security with Backup\Norton Error Analyzer => C:\Program Files (x86)\Norton Security with Backup\Engine\22.6.0.142\SymErr.exe [2016-02-10] (Symantec Corporation)
Task: {F8AB40FC-8C63-45C1-B7BA-BA60938A5202} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\Windows\ehome\ehPrivJob.exe
Task: {F9685B2C-DFF7-4B6F-8F93-7B15DF9422CE} - System32\Tasks\SettingsHibernateMonitor => C:\Program Files (x86)\Samsung\Settings\SettingsHibernateMonitor.exe [2015-06-24] (Samsung Electronics CO., LTD.)
Task: {FED68B58-2AC6-4594-B955-C4B87170DDB1} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\Windows\ehome\ehPrivJob.exe

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\EPSON XP-322 323 325 Series Update {C69226D6-BAF3-498A-A0CB-E4B5F2A5D953}.job => C:\windows\system32\spool\DRIVERS\x64\3\E_YTSNEE.EXE:/EXE:{C69226D6-BAF3-498A-A0CB-E4B5F2A5D953} /F:UpdateSYSTEMĊSearches for EPSON software updates, and notifies you when updates are available.If this task is disabled or stopped, your EPSON software will not be automatically kept up to date.Thi
Task: C:\WINDOWS\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon.job => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe
Task: C:\WINDOWS\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d.job => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe
Task: C:\WINDOWS\Tasks\Xerox PhotoCafe Communicator.job => C:\ProgramData\Xerox PhotoCafe\MessageCheck.exe

==================== Verknüpfungen =============================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2016-01-02 22:21 - 2006-11-13 05:40 - 00146432 _____ () C:\WINDOWS\system32\spool\PRTPROCS\x64\lxctdrpp.dll
2012-03-12 14:36 - 2012-02-08 04:03 - 00128280 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
2015-10-30 09:18 - 2015-10-30 09:18 - 00185856 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2016-04-19 22:01 - 2016-03-29 12:20 - 02656952 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2016-04-19 22:01 - 2016-03-29 12:20 - 02656952 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
2016-04-25 21:27 - 2016-04-25 21:27 - 00959176 _____ () C:\Users\Marcel Ruckober\AppData\Local\Microsoft\OneDrive\17.3.6386.0412\amd64\ClientTelemetry.dll
2016-04-19 20:48 - 2016-04-19 20:48 - 00144384 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeHost.exe
2016-04-19 19:38 - 2016-04-19 19:38 - 00093696 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\Windows.UI.Shell.SharedUtilities.dll
2016-05-11 18:06 - 2016-04-23 06:25 - 00472064 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll
2016-05-11 18:07 - 2016-04-23 06:02 - 07992832 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2016-05-11 18:06 - 2016-04-23 05:58 - 00591360 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2016-05-11 18:07 - 2016-04-23 05:58 - 02483200 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2016-05-11 18:07 - 2016-04-23 06:01 - 04089856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2016-05-16 14:34 - 2009-02-27 16:38 - 00139264 ____R () C:\Program Files (x86)\Brother\BrUtilities\BrLogAPI.dll
2012-03-12 14:36 - 2012-02-08 03:39 - 01198872 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll
2016-04-19 20:48 - 2016-04-19 20:48 - 00141312 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeBackgroundTasks.dll
2016-04-19 20:48 - 2016-04-19 20:48 - 22284800 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkyWrap.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)

AlternateDataStreams: C:\ProgramData\Temp:D1B5B4F1 [226]

==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)


==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)


==================== Hosts Inhalt: ===============================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2016-04-24 20:51 - 2016-04-24 20:51 - 00000054 ____N C:\WINDOWS\system32\Drivers\etc\hosts

127.0.0.1       localhost
::1             localhost

==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-189922631-1767686969-1414721043-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Marcel Ruckober\AppData\Roaming\Mozilla\Firefox\Desktop-Hintergrund.bmp
HKU\S-1-5-21-189922631-1767686969-1414721043-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Control Panel\Desktop\\Wallpaper -> C:\Users\Marcel Ruckober\AppData\Roaming\Mozilla\Firefox\Desktop-Hintergrund.bmp
DNS Servers: 192.168.2.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

MSCONFIG\Services: AdobeARMservice => 2
MSCONFIG\Services: AdobeFlashPlayerUpdateSvc => 3
MSCONFIG\Services: Apple Mobile Device => 2
MSCONFIG\Services: Bluetooth Device Monitor => 2
MSCONFIG\Services: Bluetooth Media Service => 3
MSCONFIG\Services: Bluetooth OBEX Service => 2
MSCONFIG\Services: Bonjour Service => 2
MSCONFIG\Services: CltMngSvc => 2
MSCONFIG\Services: GameConsoleService => 3
MSCONFIG\Services: globalUpdate => 2
MSCONFIG\Services: globalUpdatem => 3
MSCONFIG\Services: HauppaugeTVServer => 2
MSCONFIG\Services: lxct_device => 2
MSCONFIG\Services: McComponentHostService => 3
MSCONFIG\Services: MozillaMaintenance => 3
MSCONFIG\Services: RichVideo => 2
MSCONFIG\Services: Samsung UPD Service2 => 3
MSCONFIG\Services: SamsungAllShareV2.0 => 2
MSCONFIG\Services: SamsungDeviceConfigurationWinService => 2
MSCONFIG\Services: SimpleSlideShowServer => 3
MSCONFIG\Services: SkypeUpdate => 2
MSCONFIG\Services: Sony PC Companion => 3
MSCONFIG\Services: Steam Client Service => 3
MSCONFIG\Services: SWUpdateService => 2
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^AutoStart IR.lnk => C:\windows\pss\AutoStart IR.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^McAfee Security Scan Plus.lnk => C:\windows\pss\McAfee Security Scan Plus.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^WinTV Recording Status.lnk => C:\windows\pss\WinTV Recording Status.lnk.CommonStartup
MSCONFIG\startupfolder: C:^Users^Marcel Ruckober^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OpenOffice.org 3.4.1.lnk => C:\windows\pss\OpenOffice.org 3.4.1.lnk.Startup
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: AllShareAgent => C:\Program Files (x86)\Samsung\AllShare\AllShareAgent.exe
MSCONFIG\startupreg: APSDaemon => "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
MSCONFIG\startupreg: BTMTrayAgent => rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll",TrayApp
MSCONFIG\startupreg: iTunesHelper => "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: Quick Starter => C:\Program Files (x86)\Samsung\Quick Starter\Quick Starter.exe
MSCONFIG\startupreg: QuickTime Task => "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
MSCONFIG\startupreg: SynTPEnh => %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe
HKLM\...\StartupApproved\Run: => "LXCTCATS"
HKLM\...\StartupApproved\Run32: => "RemoteControl10"
HKLM\...\StartupApproved\Run32: => "Malwarebytes Anti-Exploit"
HKU\S-1-5-21-189922631-1767686969-1414721043-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-189922631-1767686969-1414721043-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\StartupApproved\Run: => "OneDrive"

==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [MSMQ-In-TCP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-Out-TCP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-In-UDP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-Out-UDP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [WCF-NetTcpActivator-In-TCP-64bit] => (Allow) LPort=808
FirewallRules: [{3E3A50BF-897D-4CE4-B222-D03CA3264CBF}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{97330C28-405B-48C9-8367-436FEBA20742}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{57FE0EDE-20DD-454B-82E7-26C04F296456}] => (Allow) C:\Program Files\NewExt\jsinjector.exe
FirewallRules: [{4087576E-F7B0-4664-8127-DE2504FE55B4}] => (Allow) C:\Program Files\NewExt\jsinjector.exe
FirewallRules: [{DA51BDD9-88D4-4E2E-B81F-06FAE507B55F}] => (Allow) C:\Program Files\NewExt\jsinjector.exe
FirewallRules: [{DC48FABE-D23E-4131-99DB-4EFFD8D0CC2D}] => (Allow) C:\Program Files\NewExt\jsinjector.exe
FirewallRules: [{C5F8BB96-472D-4711-AE54-562F94F6D735}] => (Allow) C:\Program Files\NewExt\jsinjector.exe
FirewallRules: [{85840B35-D713-4C67-9B0A-8BE1235F656F}] => (Allow) C:\Windows\System32\SUPDSvc2.exe
FirewallRules: [{501B1B43-15D2-4B66-8FA3-7B886F346591}] => (Allow) C:\Windows\System32\SUPDSvc2.exe
FirewallRules: [{7E6836E1-8989-4DE6-93FE-B8950B83D389}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{1BE9B972-DAE0-48CD-A9B6-9CEB98759624}] => (Allow) LPort=2869
FirewallRules: [{B13CA439-8EF8-4D53-8443-28A12EC11B63}] => (Allow) LPort=1900
FirewallRules: [{63A253C7-D068-4B36-B4A1-132D085EC016}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [{61D3400D-D686-436D-95EE-F9EA2FE47995}] => (Allow) C:\Program Files (x86)\Windows Live\Mesh\MOE.exe
FirewallRules: [{7EC42911-FCF2-471B-8D1F-310FE1787C83}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDirector\PDR8.EXE
FirewallRules: [{14F738A6-B1E8-4EDE-99D1-E6E307E7596F}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{42A4DFD3-28E6-42E4-9030-78E0B81FFAC8}] => (Allow) C:\Windows\SysWOW64\lxctcoms.exe
FirewallRules: [{69DE5FFB-5951-43F1-AD5A-40929E875FF0}] => (Allow) C:\Windows\SysWOW64\lxctcoms.exe
FirewallRules: [{A1C20B44-BE3D-4C37-88E9-BAFC9264F4FF}] => (Allow) C:\Windows\System32\lxctcoms.exe
FirewallRules: [{C624898D-329A-4ADD-8CA0-A8F51BF91684}] => (Allow) C:\Windows\System32\lxctcoms.exe
FirewallRules: [{C6AD9B4D-7A56-4550-95CD-62DF0D31D30E}] => (Allow) C:\Windows\System32\lxctcoms.exe
FirewallRules: [{965D4D8E-CD29-4E49-BA40-904DCA4D4172}] => (Allow) C:\Windows\System32\lxctcoms.exe
FirewallRules: [{F80A10D6-A08A-4C95-9307-EA1B3AE85D61}] => (Allow) C:\Program Files (x86)\Lexmark 5400 Series\lxctmon.exe
FirewallRules: [{C7112327-A3F9-49CF-8369-D624A8EF0597}] => (Allow) C:\Program Files (x86)\Lexmark 5400 Series\lxctmon.exe
FirewallRules: [{63238E8E-A296-4F27-9FE8-69BBBEE8B1FF}] => (Allow) C:\Program Files (x86)\Lexmark 5400 Series\LXCTaiox.exe
FirewallRules: [{DC587CA0-E0CD-4786-A1E5-407359D712D8}] => (Allow) C:\Program Files (x86)\Lexmark 5400 Series\LXCTaiox.exe
FirewallRules: [{6B7FFFD6-011D-4469-B960-2B4CB9C259A0}] => (Allow) C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\AllShareDMS.exe
FirewallRules: [{E56085E3-42DE-4801-8C12-15C5DA6BB7D6}] => (Allow) C:\Program Files (x86)\Samsung\AllShare\AllShare.exe
FirewallRules: [{0CACABAE-0E2A-4ABB-839A-CC393528692D}] => (Allow) C:\Program Files (x86)\Samsung\AllShare\AllShareAgent.exe
FirewallRules: [{758FCFBB-49B0-4F88-930F-99E4AF2DD0D0}] => (Allow) C:\Windows\System32\SUPDSvc2.exe
FirewallRules: [{5F65B320-0674-4307-AAC9-90D0FAEEF276}] => (Allow) C:\Windows\System32\SUPDSvc2.exe
FirewallRules: [{93869AE1-D806-4F22-B6AF-FEBECB1AE772}] => (Allow) C:\Program Files (x86)\Samsung\Samsung Universal Scan Driver\USDAgent.exe
FirewallRules: [{73B6EB83-4732-437D-BA8D-20713EA316EB}] => (Allow) C:\Program Files (x86)\Samsung\Samsung Universal Scan Driver\USDAgent.exe
FirewallRules: [{CC813E8F-A319-4848-978E-F7916B95BAF0}] => (Allow) C:\Program Files (x86)\Samsung\Samsung Universal Scan Driver\ICCUpdater.exe
FirewallRules: [{9FA39599-840B-4EB7-9ADF-CE3A2332911C}] => (Allow) C:\Program Files (x86)\Samsung\Samsung Universal Scan Driver\ICCUpdater.exe
FirewallRules: [{DC771AD2-E3C1-48CE-9CFC-F842AEFA4076}] => (Allow) C:\Program Files\Intel Corporation\Intel WiDi\WiDiApp.exe
FirewallRules: [{29A4C86B-1724-4811-9082-17A4B28D0F41}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{2A74722F-68D0-418B-BA19-434333F20A94}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{B0679410-AD00-40E4-BF35-3D53E8F29BCB}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Deadlight\Binaries\Win32\LOTDGame.exe
FirewallRules: [{DC992950-F370-4751-886E-84AFB918ECFA}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Deadlight\Binaries\Win32\LOTDGame.exe
FirewallRules: [{DF2ED592-D5E6-4572-B53C-D1BA958236E8}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{BE0F143C-238F-41B6-A8B7-B8435288A0F8}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{18D18801-574A-4FC0-9CCD-63D5A112C428}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\I am Alive\src\SYSTEM\IAmAlive_game.exe
FirewallRules: [{2AFBD8E6-E297-4038-A5F1-CB05C3612358}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\I am Alive\src\SYSTEM\IAmAlive_game.exe
FirewallRules: [{91FDAD9A-A75D-44D0-85A9-D2BAEC144E82}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{C03C5111-1FA5-4645-A919-4934EB3B4AB3}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{1C927BD8-7587-4000-8E20-8AE8CF02B59D}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{E27813A0-9078-4A01-86FA-6B005AE8F3F2}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{16D27818-428F-42DE-B9A0-988080C0E2B9}] => (Allow) C:\Program Files (x86)\WinTV\WinTV7\WinTV7.exe
FirewallRules: [{7D6CD9E6-E93D-42FB-8031-B003CDCB520F}] => (Allow) C:\Program Files (x86)\WinTV\WinTV7\WinTV7.exe
FirewallRules: [{E5C8E5E2-DDC2-4798-8836-3DB80FEF3BA2}] => (Allow) C:\Program Files (x86)\WinTV\WinTV7\WinTV7.exe
FirewallRules: [{9BC329C6-4A28-4674-BE6F-6931997A7722}] => (Allow) C:\Program Files (x86)\WinTV\WinTV7\WinTV7.exe
FirewallRules: [{58C24914-CB7C-458E-8FF3-01B3FC3FDCBA}] => (Allow) C:\Program Files (x86)\Samsung\Easy File Share\EasyFileShare.EXE
FirewallRules: [{F6CCB615-F57E-4F54-B6F7-3236C55CBCCB}] => (Allow) C:\Program Files (x86)\Samsung\Easy File Share\EasyFileShare.EXE
FirewallRules: [{FE4FE5EC-746D-4FD0-B24E-CD96A1B8B06B}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
FirewallRules: [{12396307-2D48-4F66-9E8C-A4402CA4451E}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe
FirewallRules: [{15E81DEF-D442-4615-B1AE-E43ED2348555}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe
FirewallRules: [{5FDA6A27-7D0E-4403-9332-D1F2B818B1DA}] => (Allow) C:\Program Files (x86)\Ubisoft\Related Designs\ANNO 2070\Anno5.exe
FirewallRules: [{C49CAF00-82FB-4CD3-AF32-BDBFF9BF0651}] => (Allow) C:\Program Files (x86)\Ubisoft\Related Designs\ANNO 2070\Anno5.exe
FirewallRules: [{A5E8616D-D25A-484D-ACB7-C9E0F496F74B}] => (Allow) C:\Program Files (x86)\Ubisoft\Related Designs\ANNO 2070\AutoPatcher.exe
FirewallRules: [{EE77C25E-21FC-49D2-9808-1B130E762572}] => (Allow) C:\Program Files (x86)\Ubisoft\Related Designs\ANNO 2070\AutoPatcher.exe
FirewallRules: [{A8E22F75-C7B9-47C2-8AF1-8E7E76DD2043}] => (Allow) C:\Program Files (x86)\Ubisoft\Related Designs\ANNO 2070\InitEngine.exe
FirewallRules: [{A18ACCE6-C138-4E26-8003-F6E2DF5DB393}] => (Allow) C:\Program Files (x86)\Ubisoft\Related Designs\ANNO 2070\InitEngine.exe
FirewallRules: [{FCF48798-622E-4644-8E1B-18B8D7A3C6B8}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD10\PowerDVD Cinema\PowerDVDCinema10.exe
FirewallRules: [{11D0B109-E345-46EB-BAB5-2DF6055F320A}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD10\PowerDVD10.EXE
FirewallRules: [{F526A782-56FA-4B57-B066-31C3D1AB0B64}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{49CF409B-37F1-43DE-AFBA-8E01987CB602}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{998951D6-4256-4C18-BB47-B07A86D170AF}] => (Allow) C:\Users\Marcel Ruckober\AppData\Local\Temp\EpInsNav\DL\3013\Network\EpsonNetSetup\EpsonNetSetup\Data\ENEasyApp.exe
FirewallRules: [{7FF46C24-5F41-4867-82E2-6052BAE21427}] => (Allow) C:\Users\Marcel Ruckober\AppData\Local\Temp\EpInsNav\DL\3013\Network\EpsonNetSetup\EpsonNetSetup\Data\ENEasyApp.exe
FirewallRules: [TCP Query User{8E44AB57-5099-4649-8A85-5C2041B07DED}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{2997AE29-FAA9-4922-8C1C-812AA5FB6009}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [{361CB675-1E63-4320-B2D4-B3C2C4596410}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\Movie\PowerDVD Cinema\PowerDVDCinema12.exe
FirewallRules: [{18233D0B-3398-4FAA-A121-ECFD3B899E5D}] => (Allow) C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe
FirewallRules: [{9239827F-49DD-4DB6-8B5D-CA3788BE61D1}] => (Allow) C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe

==================== Wiederherstellungspunkte =========================

05-05-2016 14:40:49 Installed Epson Printer Connection Checker
11-05-2016 18:15:01 Windows Update
11-05-2016 18:16:03 Windows Update
15-05-2016 10:24:18 Windows Update
16-05-2016 14:33:09 Installiert Brother Software Suite
24-05-2016 21:35:41 JRT Pre-Junkware Removal

==================== Fehlerhafte Geräte im Gerätemanager =============


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (05/24/2016 09:36:56 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".

Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft-Verbindungsschichterkennungsprotokoll.

System Error:
Zugriff verweigert
.

Error: (05/24/2016 09:25:26 PM) (Source: SideBySide) (EventID: 35) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Sony.Mrs,processorArchitecture="AMD64",type="win32",version="2.2.0.0"1". Fehler in Manifest- oder Richtliniendatei "Sony.Mrs,processorArchitecture="AMD64",type="win32",version="2.2.0.0"2" in Zeile  Sony.Mrs,processorArchitecture="AMD64",type="win32",version="2.2.0.0"3.
Die im Manifest gefundene Komponenten-ID stimmt nicht mit der ID der angeforderten Komponente überein.
Verweis: Sony.Mrs,processorArchitecture="AMD64",type="win32",version="2.2.0.0".
Definition: Sony.Mrs,processorArchitecture="x86",type="win32",version="2.2.0.0".
Verwenden Sie das Programm "sxstrace.exe" für eine detaillierte Diagnose.

Error: (05/23/2016 11:46:28 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: svchost.exe, Version: 10.0.10586.0, Zeitstempel: 0x5632d7ba
Name des fehlerhaften Moduls: ESENT.dll, Version: 10.0.10586.212, Zeitstempel: 0x56fa1686
Ausnahmecode: 0xc0000602
Fehleroffset: 0x000000000022885f
ID des fehlerhaften Prozesses: 0xd9c
Startzeit der fehlerhaften Anwendung: 0xsvchost.exe0
Pfad der fehlerhaften Anwendung: svchost.exe1
Pfad des fehlerhaften Moduls: svchost.exe2
Berichtskennung: svchost.exe3
Vollständiger Name des fehlerhaften Pakets: svchost.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: svchost.exe5

Error: (05/23/2016 11:46:27 PM) (Source: ESENT) (EventID: 908) (User: )
Description: svchost (3484) Der Prozess wird aufgrund eines nicht behebbaren Fehlers beendet: PV: 10.0.10586.0 SV: 10.0.10586.0 GLE: 0 ERR: -1603(fucb.cxx:359): dllentry.cxx(103) (ESENT[10.0.10586.0] RETAIL RTM MBCS)

Error: (05/23/2016 10:33:11 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: BITSC:\Windows\System32\bitsperf.dll8

Error: (05/22/2016 09:59:06 PM) (Source: Windows Backup) (EventID: 4103) (User: )
Description: Die Sicherung wurde aufgrund eines Fehlers beim Schreiben am Sicherungsort "E:\" nicht abgeschlossen. Fehler: Der Sicherungsort wurde nicht gefunden oder ist ungültig. Überprüfen Sie die Sicherungseinstellungen und den Sicherungsort. (0x81000006).

Error: (05/18/2016 09:16:51 PM) (Source: SideBySide) (EventID: 35) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Sony.Mrs,processorArchitecture="AMD64",type="win32",version="2.2.0.0"1". Fehler in Manifest- oder Richtliniendatei "Sony.Mrs,processorArchitecture="AMD64",type="win32",version="2.2.0.0"2" in Zeile  Sony.Mrs,processorArchitecture="AMD64",type="win32",version="2.2.0.0"3.
Die im Manifest gefundene Komponenten-ID stimmt nicht mit der ID der angeforderten Komponente überein.
Verweis: Sony.Mrs,processorArchitecture="AMD64",type="win32",version="2.2.0.0".
Definition: Sony.Mrs,processorArchitecture="x86",type="win32",version="2.2.0.0".
Verwenden Sie das Programm "sxstrace.exe" für eine detaillierte Diagnose.

Error: (05/16/2016 05:54:51 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: BITSC:\Windows\System32\bitsperf.dll8

Error: (05/16/2016 04:09:03 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: MarcelRuckober)
Description: Bei der Aktivierung der App „Microsoft.Windows.Photos_8wekyb3d8bbwe!App“ ist folgender Fehler aufgetreten: -2144927141. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.

Error: (05/16/2016 02:40:19 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: taskhostw.exe, Version: 10.0.10586.0, Zeitstempel: 0x5632d756
Name des fehlerhaften Moduls: ntdll.dll, Version: 10.0.10586.306, Zeitstempel: 0x571af2eb
Ausnahmecode: 0xc0000374
Fehleroffset: 0x00000000000ee6fc
ID des fehlerhaften Prozesses: 0x18c8
Startzeit der fehlerhaften Anwendung: 0xtaskhostw.exe0
Pfad der fehlerhaften Anwendung: taskhostw.exe1
Pfad des fehlerhaften Moduls: taskhostw.exe2
Berichtskennung: taskhostw.exe3
Vollständiger Name des fehlerhaften Pakets: taskhostw.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: taskhostw.exe5


Systemfehler:
=============
Error: (05/24/2016 09:38:20 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "NVIDIA Display Driver Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (05/23/2016 11:52:39 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst Audiosrv erreicht.

Error: (05/23/2016 11:52:09 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst Wcmsvc erreicht.

Error: (05/23/2016 11:51:50 PM) (Source: Service Control Manager) (EventID: 7032) (User: )
Description: Der Versuch des Dienststeuerungs-Managers, nach dem unerwarteten Beenden des Dienstes "Synchronisierungshost_48192" Korrekturmaßnahmen (Neustart des Diensts) durchzuführen, ist fehlgeschlagen. Fehler: 
%%1072

Error: (05/23/2016 11:51:40 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Synchronisierungshost_48192" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (05/23/2016 11:49:15 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Net.Msmq-Listeneradapter" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1053

Error: (05/23/2016 11:49:15 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst NetMsmqActivator erreicht.

Error: (05/23/2016 11:49:11 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Net.Pipe-Listeneradapter" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1053

Error: (05/23/2016 11:49:06 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst NetPipeActivator erreicht.

Error: (05/23/2016 11:48:57 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "MBAMService" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1053


CodeIntegrity:
===================================
  Date: 2016-05-16 14:17:47.958
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-05-16 11:38:54.814
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-05-13 17:29:59.238
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-05-12 18:36:44.881
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-04-26 21:23:42.932
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-04-24 17:48:40.687
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-04-23 22:30:40.726
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-04-23 21:36:38.710
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-04-19 19:22:22.192
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-04-19 19:19:27.918
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.


==================== Speicherinformationen =========================== 

Prozessor: Intel(R) Core(TM) i7-3610QM CPU @ 2.30GHz
Prozentuale Nutzung des RAM: 37%
Installierter physikalischer RAM: 8089.38 MB
Verfügbarer physikalischer RAM: 5073.25 MB
Summe virtueller Speicher: 16281.38 MB
Verfügbarer virtueller Speicher: 13395.79 MB

==================== Laufwerke ================================

Drive c: () (Fixed) (Total:905.99 GB) (Free:600.49 GB) NTFS

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 8D8AB3F7)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=906 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=450 MB) - (Type=27)
Partition 4: (Not Active) - (Size=25 GB) - (Type=27)

==================== Ende von Addition.txt ============================

--- --- ---

M-K-D-B · 24.05.2016, 20:58

Servus,

du hast mir die falsche Logdatei von MBAM gepostet.

Ich benötige die Logdatei des Suchlaufs, nicht die protection logs der Echtzeitüberwachung.

Lesestoff
MBAM-Funde posten: So gehts...
Manchmal ist es wichtig zu wissen, welche Schadprogramme im Vorfeld ohne Anweisung der Helfer schon gelöscht wurden.
Daher benötige ich den Inhalt der Logdatei, in welcher der Suchlauf protokolliert wurde.

Starte MBAM.
Klicke auf Verlauf.
Klicke auf Anwendungsprotokolle.
Klicke auf das letzte Scan-Protokoll mit Funden.
Klicke auf Export und dann auf "In Zwischenablage kopieren".
Poste den Inhalt in Code-Tags [CODE] [/CODE] durch Einfügen mit Strg+V als Antwort in Deinen Thread.

FRST Logs fehlen noch.

Ruggi · 24.05.2016, 21:05

Code:

ATTFilter

Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:24-05-2016 01
durchgeführt von Marcel Ruckober (Administrator) auf MARCELRUCKOBER (24-05-2016 21:44:21)
Gestartet von C:\Users\Marcel Ruckober\Downloads
Geladene Profile: Marcel Ruckober &  (Verfügbare Profile: Marcel Ruckober)
Platform: Windows 10 Home Version 1511 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Intel Corporation) C:\Windows\SysWOW64\IntelCpHeciSvc.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
() C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel(R) Corporation) C:\Program Files\Intel\BCA\pabeSvc64.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae-svc.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(Microsoft Corporation) C:\Windows\System32\mqsvc.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Security with Backup\Engine\22.6.0.142\nsbu.exe
(SEIKO EPSON CORPORATION) C:\Program Files (x86)\epson\MyEpson Portal\mepService.exe
(Samsung Electronics CO., LTD.) C:\Program Files (x86)\Samsung\Settings\CmdServer\SettingsLauncher.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Samsung Electronics Co., Ltd.) C:\ProgramData\SAMSUNG\SW Update Service\SWMAgent.exe
( ) C:\Windows\System32\lxctcoms.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae64.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\Browny02\BrYNSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Symantec Corporation) C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe
(McAfee, Inc.) C:\Program Files\TrueKey\McTkSchedulerService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Security with Backup\Engine\22.6.0.142\nsbu.exe
(Samsung Electronics CO., LTD.) C:\Program Files (x86)\Samsung\Settings\CmdServer\SettingsCmdServer.exe
() C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeHost.exe
(Malwarebytes) C:\Users\Marcel Ruckober\Desktop\ Malwarebytes Anti-Malware \mbamservice.exe
(Malwarebytes) C:\Users\Marcel Ruckober\Desktop\ Malwarebytes Anti-Malware \mbamscheduler.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
(Microsoft Corporation) C:\Windows\System32\browser_broker.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Adobe Systems Incorporated) C:\Windows\System32\Macromed\Flash\FlashUtil_ActiveX.exe
(Malwarebytes) C:\Users\Marcel Ruckober\Desktop\ Malwarebytes Anti-Malware \mbam.exe


==================== Registry (Nicht auf der Ausnahmeliste) ===========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2867984 2012-01-05] (Synaptics Incorporated)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [14040296 2015-08-29] (Realtek Semiconductor)
HKLM\...\Run: [LXCTCATS] => rundll32 C:\windows\system32\spool\DRIVERS\x64\3\LXCTtime.dll,RunDLLEntry
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [1795888 2015-08-08] (NVIDIA Corporation)
HKLM-x32\...\Run: [Norton Online Backup] => C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe [1155928 2010-06-01] (Symantec Corporation)
HKLM-x32\...\Run: [BDRegion] => C:\Program Files (x86)\Cyberlink\Shared files\brs.exe [179976 2013-09-25] (cyberlink)
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] => "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe"
HKLM-x32\...\Run: [CLMLServer] => C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe [103720 2009-11-02] (CyberLink)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [291608 2012-01-04] (Intel Corporation)
HKLM-x32\...\Run: [RemoteControl10] => C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [95192 2013-03-08] (CyberLink Corp.)
HKLM-x32\...\Run: [Malwarebytes Anti-Exploit] => C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae.exe [2623456 2016-04-15] (Malwarebytes Corporation)
HKLM-x32\...\Run: [BrStsMon00] => C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe [4509184 2012-12-27] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [BrStsInd00] => C:\Program Files (x86)\BrownyInd\Brother\BrIndicator.exe [1885184 2012-12-18] (Brother Industries, Ltd.)
HKU\S-1-5-21-189922631-1767686969-1414721043-1001\...\Run: [EPLTarget\P0000000000000000] => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YATINEE.EXE /EPT "EPLTarget\P0000000000000000" /M "XP-322 323 325 Series"
HKU\S-1-5-21-189922631-1767686969-1414721043-1001\...\RunOnce: [Uninstall C:\Users\Marcel Ruckober\AppData\Local\Microsoft\OneDrive\17.3.6302.0225_1\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Marcel Ruckober\AppData\Local\Microsoft\OneDrive\17.3.6302.0225_1\amd64"
HKU\S-1-5-21-189922631-1767686969-1414721043-1001\...\RunOnce: [Uninstall C:\Users\Marcel Ruckober\AppData\Local\Microsoft\OneDrive\17.3.6302.0225_1] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Marcel Ruckober\AppData\Local\Microsoft\OneDrive\17.3.6302.0225_1"
HKU\S-1-5-21-189922631-1767686969-1414721043-1001\...\Policies\Explorer: [NoInstrumentation] 1
HKU\S-1-5-21-189922631-1767686969-1414721043-1001\...\MountPoints2: {b4f73855-0cb8-11e6-9bd3-c485081220fe} - "E:\autorun.exe" 
HKU\S-1-5-21-189922631-1767686969-1414721043-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [EPLTarget\P0000000000000000] => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YATINEE.EXE /EPT "EPLTarget\P0000000000000000" /M "XP-322 323 325 Series"
HKU\S-1-5-21-189922631-1767686969-1414721043-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\RunOnce: [Uninstall C:\Users\Marcel Ruckober\AppData\Local\Microsoft\OneDrive\17.3.6302.0225_1\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Marcel Ruckober\AppData\Local\Microsoft\OneDrive\17.3.6302.0225_1\amd64"
HKU\S-1-5-21-189922631-1767686969-1414721043-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\RunOnce: [Uninstall C:\Users\Marcel Ruckober\AppData\Local\Microsoft\OneDrive\17.3.6302.0225_1] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Marcel Ruckober\AppData\Local\Microsoft\OneDrive\17.3.6302.0225_1"
HKU\S-1-5-21-189922631-1767686969-1414721043-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Policies\Explorer: [NoInstrumentation] 1
HKU\S-1-5-21-189922631-1767686969-1414721043-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {b4f73855-0cb8-11e6-9bd3-c485081220fe} - "E:\autorun.exe" 
AppInit_DLLs: C:\windows\system32\nvinitx.dll => C:\windows\system32\nvinitx.dll [177088 2015-08-08] (NVIDIA Corporation)
Lsa: [Notification Packages] scecli C:\Program Files\TrueKey\McAfeeTrueKeyPasswordFilter
ShellIconOverlayIdentifiers: [  OverlayExcluded] -> {4433A54A-1AC8-432F-90FC-85F045CF383C} => C:\Program Files (x86)\Norton Security with Backup\Engine64\22.6.0.142\buShell.dll [2016-02-18] (Symantec Corporation)
ShellIconOverlayIdentifiers: [  OverlayPending] -> {F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225} => C:\Program Files (x86)\Norton Security with Backup\Engine64\22.6.0.142\buShell.dll [2016-02-18] (Symantec Corporation)
ShellIconOverlayIdentifiers: [  OverlayProtected] -> {476D0EA3-80F9-48B5-B70B-05E677C9C148} => C:\Program Files (x86)\Norton Security with Backup\Engine64\22.6.0.142\buShell.dll [2016-02-18] (Symantec Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk [2016-05-23]
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.11.309\SSScheduler.exe (McAfee, Inc.)

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{80a7a8ad-2145-49ed-929e-e91085b5ea76}: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{a599e370-1cca-4d19-b1a7-ce727e2a7ad3}: [DhcpNameServer] 192.168.0.1 127.0.0.1
Tcpip\..\Interfaces\{b9356221-42ef-412f-a502-c80cd5f0472b}: [DhcpNameServer] 192.168.2.1

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.symantec.com/redirects/security_response/fix_homepage/index.jsp?lg=de&pid=NSBU&pvid=22.6.0.142
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=5.5&ar=msnhome
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=5.5&ar=msnhome
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.symantec.com/redirects/security_response/fix_homepage/index.jsp?lg=de&pid=NSBU&pvid=22.6.0.142
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-189922631-1767686969-1414721043-1001\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-189922631-1767686969-1414721043-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.symantec.com/redirects/security_response/fix_homepage/index.jsp?lg=de&pid=NSBU&pvid=22.6.0.142
HKU\S-1-5-21-189922631-1767686969-1414721043-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=5.5&ar=msnhome
HKU\S-1-5-21-189922631-1767686969-1414721043-1001\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-189922631-1767686969-1414721043-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-189922631-1767686969-1414721043-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.symantec.com/redirects/security_response/fix_homepage/index.jsp?lg=de&pid=NSBU&pvid=22.6.0.142
HKU\S-1-5-21-189922631-1767686969-1414721043-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=5.5&ar=msnhome
HKU\S-1-5-21-189922631-1767686969-1414721043-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
SearchScopes: HKLM -> DefaultScope Wert fehlt
SearchScopes: HKLM-x32 -> DefaultScope Wert fehlt
BHO: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton Security with Backup\Engine64\22.6.0.142\coIEPlg.dll [2016-02-21] (Symantec Corporation)
BHO: Behqec -> {AB11977A-6008-410E-8560-9D4F9C082BB1} -> C:\Program Files\Behqec\Oiloj64.dll => Keine Datei
BHO-x32: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton Security with Backup\Engine\22.6.0.142\coIEPlg.dll [2016-02-21] (Symantec Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2014-07-09] (Oracle Corporation)
BHO-x32: Samsung BHO Class -> {AA609D72-8482-4076-8991-8CDAE5B93BCB} -> C:\Program Files\Samsung AnyWeb Print\W2PBrowser.dll [2010-10-25] ()
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2014-07-09] (Oracle Corporation)
Toolbar: HKLM - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Security with Backup\Engine64\22.6.0.142\coIEPlg.dll [2016-02-21] (Symantec Corporation)
Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Security with Backup\Engine\22.6.0.142\coIEPlg.dll [2016-02-21] (Symantec Corporation)
Handler: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.dll Keine Datei
Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.dll Keine Datei
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Technologies)
Handler: wlmailhtml - {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files (x86)\Windows Live\Mail\mailcomm.dll Keine Datei
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll Keine Datei

FireFox:
========
FF ProfilePath: C:\Users\Marcel Ruckober\AppData\Roaming\Mozilla\Firefox\Profiles\1s42r4b0.default
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_21_0_0_213.dll [2016-05-03] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-12] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_21_0_0_213.dll [2016-05-03] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.59 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-01-06] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-01-06] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.65.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll [2014-07-09] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.65.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll [2014-07-09] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-12] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [Keine Datei]
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [Keine Datei]
FF Plugin-x32: @SonyCreativeSoftware.com/Media Go,version=1.0 -> C:\Program Files (x86)\Sony\Media Go\npmediago.dll [2010-01-20] (Sony Media Software and Services Inc)
FF Plugin-x32: @videolan.org/vlc,version=2.0.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-01-21] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.2 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-01-21] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.2 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-01-21] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-05-03] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-189922631-1767686969-1414721043-1001: @protectdisc.com/NPPDLicenseHelper -> C:\Users\Marcel Ruckober\AppData\Roaming\ProtectDisc\License Helper v2\NPPDLicenseHelper.dll [2009-06-25] ( )
FF Plugin HKU\S-1-5-21-189922631-1767686969-1414721043-1001: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll [2013-08-26] ()
FF Plugin HKU\S-1-5-21-189922631-1767686969-1414721043-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0: @protectdisc.com/NPPDLicenseHelper -> C:\Users\Marcel Ruckober\AppData\Roaming\ProtectDisc\License Helper v2\NPPDLicenseHelper.dll [2009-06-25] ( )
FF Plugin HKU\S-1-5-21-189922631-1767686969-1414721043-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll [2013-08-26] ()
FF HKLM\...\Firefox\Extensions: [{C1A2A613-35F1-4FCF-B27F-2840527B6556}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NSBU_22.1.0.9\coFFAddon
FF Extension: Norton Identity Safe - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NSBU_22.1.0.9\coFFAddon [2016-03-25]
FF HKLM-x32\...\Firefox\Extensions: [{C1A2A613-35F1-4FCF-B27F-2840527B6556}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NSBU_22.1.0.9\coFFAddon
FF HKU\S-1-5-21-189922631-1767686969-1414721043-1001\...\Firefox\Extensions: [cliqz@cliqz.com] - C:\Users\Marcel Ruckober\AppData\Roaming\Mozilla\Firefox\Profiles\1s42r4b0.default\extensions\cliqz@cliqz.com => nicht gefunden
FF HKU\S-1-5-21-189922631-1767686969-1414721043-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Firefox\Extensions: [cliqz@cliqz.com] - C:\Users\Marcel Ruckober\AppData\Roaming\Mozilla\Firefox\Profiles\1s42r4b0.default\extensions\cliqz@cliqz.com => nicht gefunden

Chrome: 
=======
CHR HKLM\...\Chrome\Extension: [cjabmdjcfcfdmffimndhafhblfmpjdpe] - C:\Program Files (x86)\Norton Security with Backup\Engine\22.6.0.142\Exts\Chrome.crx [2016-03-20]
CHR HKLM\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [cjabmdjcfcfdmffimndhafhblfmpjdpe] - C:\Program Files (x86)\Norton Security with Backup\Engine\22.6.0.142\Exts\Chrome.crx [2016-03-20]
CHR HKLM-x32\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - hxxps://clients2.google.com/service/update2/crx

==================== Dienste (Nicht auf der Ausnahmeliste) ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R3 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [282112 2012-10-26] (Brother Industries, Ltd.) [Datei ist nicht signiert]
S2 CLKMSVC10_38F51D56; C:\Program Files (x86)\CyberLink\PowerDVD10\NavFilter\kmsvc.exe [243464 2013-09-25] (CyberLink)
S2 CLKMSVC10_99E320F5; C:\Program Files (x86)\CyberLink\PowerDVD12\Common\NavFilter\kmsvc.exe [303544 2015-07-27] (CyberLink)
S4 HauppaugeTVServer; C:\Program Files (x86)\WinTV\TVServer\HauppaugeTVServer.exe [570368 2011-10-27] (Hauppauge Computer Works) [Datei ist nicht signiert]
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [328616 2016-01-03] (Intel Corporation)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [128280 2012-02-08] ()
R2 IntelBCAsvc; C:\Program Files\Intel\BCA\pabeSvc64.exe [3020440 2015-11-25] (Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [161560 2012-02-08] (Intel Corporation)
R2 lxct_device; C:\windows\system32\lxctcoms.exe [566192 2006-11-22] ( )
R2 MbaeSvc; C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae-svc.exe [742368 2016-04-15] (Malwarebytes Corporation)
R2 MBAMScheduler; C:\Users\Marcel Ruckober\Desktop\ Malwarebytes Anti-Malware \mbamscheduler.exe [1514464 2016-03-10] (Malwarebytes)
R2 MBAMService; C:\Users\Marcel Ruckober\Desktop\ Malwarebytes Anti-Malware \mbamservice.exe [1136608 2016-03-10] (Malwarebytes)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.11.309\McCHSvc.exe [293128 2016-03-11] (McAfee, Inc.)
R2 MyEpson Portal Service; C:\Program Files (x86)\EPSON\MyEpson Portal\mepService.exe [703984 2014-09-22] (SEIKO EPSON CORPORATION)
R2 NOBU; C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [2804568 2010-06-01] (Symantec Corporation)
R2 NSBU; C:\Program Files (x86)\Norton Security with Backup\Engine\22.6.0.142\NSBU.exe [289080 2016-02-26] (Symantec Corporation)
S4 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [244904 2009-11-30] () [Datei ist nicht signiert]
R2 Settings Launcher; C:\Program Files (x86)\Samsung\Settings\CmdServer\SettingsLauncher.exe [1594176 2015-06-24] (Samsung Electronics CO., LTD.)
S4 Sony PC Companion; C:\Program Files (x86)\Sony\Sony PC Companion\PCCService.exe [155320 2012-01-18] (Avanquest Software) [Datei ist nicht signiert]
R2 SWUpdateService; C:\ProgramData\Samsung\SW Update Service\SWMAgent.exe [3195576 2015-12-22] (Samsung Electronics Co., Ltd.)
S2 TrueKey; C:\Program Files\TrueKey\McAfee.TrueKey.Service.exe [878904 2016-05-16] (McAfee, Inc.)
R2 TrueKeyScheduler; C:\Program Files\TrueKey\McTkSchedulerService.exe [15736 2016-05-16] (McAfee, Inc.)
S3 TrueKeyServiceHelper; C:\Program Files\TrueKey\McAfee.TrueKey.ServiceHelper.exe [86864 2016-05-16] (McAfee, Inc.)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [364464 2015-10-30] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-10-30] (Microsoft Corporation)
S2 InstallerService; "C:\Program Files\TrueKey\Mcafee.TrueKey.InstallerService.exe" [X]

===================== Treiber (Nicht auf der Ausnahmeliste) ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [314016 2013-10-27] ()
R1 BHDrvx64; C:\Program Files (x86)\Norton Security with Backup\NortonData\22.1.0.9\Definitions\BASHDefs\20160521.001\BHDrvx64.sys [1832176 2016-05-13] (Symantec Corporation)
R1 ccSet_NSBU; C:\Windows\system32\drivers\NSBUx64\1606000.08E\ccSetx64.sys [173808 2015-07-11] (Symantec Corporation)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [497392 2016-05-04] (Symantec Corporation)
R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [156912 2016-05-04] (Symantec Corporation)
S3 EsgScanner; C:\Windows\System32\DRIVERS\EsgScanner.sys [22704 2016-04-30] ()
R1 ESProtectionDriver; C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae64.sys [66080 2016-04-15] ()
R1 IDSVia64; C:\Program Files (x86)\Norton Security with Backup\NortonData\22.1.0.9\Definitions\IPSDefs\20160523.001\IDSvia64.sys [876248 2016-05-13] (Symantec Corporation)
R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [43680 2013-10-27] ()
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [27008 2016-03-10] (Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [192216 2016-05-24] (Malwarebytes)
R3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [65408 2016-03-10] (Malwarebytes Corporation)
R3 NAVENG; C:\Program Files (x86)\Norton Security with Backup\NortonData\22.1.0.9\Definitions\VirusDefs\20160524.005\ENG64.SYS [138456 2016-05-17] (Symantec Corporation)
R3 NAVEX15; C:\Program Files (x86)\Norton Security with Backup\NortonData\22.1.0.9\Definitions\VirusDefs\20160524.005\EX64.SYS [2148056 2016-05-17] (Symantec Corporation)
R3 NETwNe64; C:\Windows\System32\drivers\NETwew01.sys [3343872 2015-10-30] (Intel Corporation)
R3 RadioHIDMini; C:\Windows\System32\drivers\RadioHIDMini.sys [32168 2015-07-16] (Windows (R) Win 7 DDK provider)
R3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [895256 2015-06-23] (Realtek                                            )
R2 SGDrv; C:\Windows\System32\drivers\SGdrv64.sys [7680 2011-04-11] (Phoenix Technologies Ltd.)
R1 SRTSP; C:\Windows\System32\Drivers\NSBUx64\1606000.08E\SRTSP64.SYS [928504 2016-02-24] (Symantec Corporation)
R1 SRTSPX; C:\Windows\system32\drivers\NSBUx64\1606000.08E\SRTSPX64.SYS [50936 2015-07-11] (Symantec Corporation)
R0 SymEFASI; C:\Windows\System32\drivers\NSBUx64\1606000.08E\SYMEFASI64.SYS [1621232 2016-02-24] (Symantec Corporation)
S0 SymELAM; C:\Windows\System32\drivers\NSBUx64\1606000.08E\SymELAM.sys [24192 2015-07-11] (Symantec Corporation)
R3 SymEvent; C:\windows\system32\Drivers\SYMEVENT64x86.SYS [111344 2015-07-26] (Symantec Corporation)
R1 SymIRON; C:\Windows\system32\drivers\NSBUx64\1606000.08E\Ironx64.SYS [295664 2016-02-24] (Symantec Corporation)
R1 SymNetS; C:\Windows\System32\Drivers\NSBUx64\1606000.08E\SYMNETS.SYS [577768 2016-02-24] (Symantec Corporation)
R3 usb3Hub; C:\Windows\System32\drivers\usb3Hub.sys [47072 2012-10-09] (Windows (R) Win 7 DDK provider)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44568 2015-10-30] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [293216 2015-10-30] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [118112 2015-10-30] (Microsoft Corporation)
R3 XHCIPort; C:\Windows\System32\drivers\XHCIPort.sys [188896 2012-10-09] (Windows (R) Win 7 DDK provider)
U3 idsvc; kein ImagePath

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-05-24 21:43 - 2016-05-24 21:43 - 02382848 _____ (Farbar) C:\Users\Marcel Ruckober\Downloads\FRST64.exe
2016-05-24 21:43 - 2016-05-24 21:43 - 00000000 ____D C:\Users\Marcel Ruckober\Downloads\FRST-OlderVersion
2016-05-24 21:42 - 2016-05-24 21:44 - 00000000 ____D C:\FRST
2016-05-24 21:39 - 2016-05-24 21:39 - 00024653 _____ C:\Users\Marcel Ruckober\Desktop\JRT.txt
2016-05-24 21:33 - 2016-05-24 21:33 - 01610816 _____ (Malwarebytes) C:\Users\Marcel Ruckober\Downloads\JRT.exe
2016-05-23 23:48 - 2016-05-23 23:48 - 00190664 ____N (CyberLink Corp.) C:\WINDOWS\system32\Drivers\rikvm_99E320F5.sys
2016-05-23 23:48 - 2016-05-23 23:48 - 00147656 ____N (CyberLink Corp.) C:\WINDOWS\system32\Drivers\rikvm_38F51D56.sys
2016-05-23 23:26 - 2016-05-24 21:42 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2016-05-23 23:25 - 2016-05-23 23:45 - 00001290 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2016-05-23 23:25 - 2016-05-23 23:25 - 00000000 ____D C:\Users\Marcel Ruckober\Desktop\ Malwarebytes Anti-Malware 
2016-05-23 23:25 - 2016-05-23 23:25 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2016-05-23 23:25 - 2016-05-23 23:25 - 00000000 ____D C:\ProgramData\Malwarebytes
2016-05-23 23:25 - 2016-03-10 14:09 - 00065408 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys
2016-05-23 23:25 - 2016-03-10 14:08 - 00140672 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2016-05-23 23:25 - 2016-03-10 14:08 - 00027008 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2016-05-23 23:19 - 2016-05-23 23:21 - 22851472 _____ (Malwarebytes ) C:\Users\Marcel Ruckober\Downloads\mbam-setup-2.2.1.1043.exe
2016-05-23 23:06 - 2016-05-23 23:06 - 00000008 __RSH C:\ProgramData\ntuser.pol
2016-05-23 22:59 - 2016-05-23 23:04 - 00000000 ____D C:\AdwCleaner
2016-05-22 22:19 - 2016-05-23 23:45 - 00002487 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2016-05-18 20:31 - 2016-05-18 20:36 - 00098586 _____ C:\TDSSKiller.3.1.0.9_18.05.2016_20.31.24_log.txt
2016-05-18 20:31 - 2016-05-18 20:31 - 04727984 _____ (Kaspersky Lab ZAO) C:\Users\Marcel Ruckober\Downloads\tdsskiller.exe
2016-05-18 20:19 - 2016-05-18 20:20 - 00060856 _____ C:\Users\Marcel Ruckober\Downloads\Addition.txt
2016-05-18 20:17 - 2016-05-24 21:44 - 00026823 _____ C:\Users\Marcel Ruckober\Downloads\FRST.txt
2016-05-16 14:36 - 2016-05-23 23:45 - 00002126 _____ C:\Users\Public\Desktop\Brother Utilities.lnk
2016-05-16 14:36 - 2016-05-16 14:36 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Brother
2016-05-16 14:35 - 2016-05-16 14:35 - 00000000 ____D C:\Program Files (x86)\BrownyInd
2016-05-16 14:35 - 2016-05-16 14:35 - 00000000 ____D C:\Brother
2016-05-16 14:34 - 2016-05-16 14:35 - 00000000 ____D C:\Program Files (x86)\Brother
2016-05-16 14:34 - 2016-05-16 14:34 - 00000000 ____D C:\Program Files (x86)\Browny02
2016-05-16 14:34 - 2012-12-14 03:31 - 00180224 _____ (Brother Industries, Ltd.) C:\WINDOWS\SysWOW64\BROSNMP.DLL
2016-05-16 14:34 - 2012-12-14 03:31 - 00113744 _____ (Brother Industries Ltd) C:\WINDOWS\SysWOW64\BRRBTOOL.EXE
2016-05-16 14:34 - 2012-12-14 03:31 - 00077824 _____ (Brother Industries, Ltd.) C:\WINDOWS\SysWOW64\BRLMW03A.DLL
2016-05-16 14:34 - 2012-12-14 03:31 - 00045056 _____ C:\WINDOWS\SysWOW64\BRTCPCON.DLL
2016-05-16 14:34 - 2012-12-14 03:31 - 00025299 _____ (Brother Industries, Ltd) C:\WINDOWS\SysWOW64\BRLM03A.DLL
2016-05-16 14:34 - 2012-12-14 03:31 - 00000114 _____ C:\WINDOWS\SysWOW64\BRLMW03A.INI
2016-05-16 14:34 - 2012-12-14 03:29 - 00000050 _____ C:\WINDOWS\system32\BRADM12A.DAT
2016-05-16 14:34 - 2012-12-13 18:00 - 00226816 _____ (Brother Industries, Ltd.) C:\WINDOWS\system32\BRCOM12A.DLL
2016-05-16 14:32 - 2016-05-16 14:35 - 00000000 ____D C:\ProgramData\Brother
2016-05-15 10:25 - 2016-05-11 21:57 - 00829944 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2016-05-15 10:25 - 2016-05-11 21:57 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2016-05-14 11:36 - 2016-05-14 11:36 - 00003972 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task
2016-05-12 19:47 - 2016-05-12 19:47 - 00015703 _____ C:\WINDOWS\system32\OEMDefaultAssociations.xml
2016-05-11 18:07 - 2016-04-23 06:31 - 13018112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2016-05-11 18:07 - 2016-04-23 06:30 - 22379008 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2016-05-11 18:07 - 2016-04-23 06:28 - 16984576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2016-05-11 18:07 - 2016-04-23 06:26 - 00059904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MosStorage.dll
2016-05-11 18:07 - 2016-04-23 06:25 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapsBtSvc.dll
2016-05-11 18:07 - 2016-04-23 06:22 - 00460800 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapConfiguration.dll
2016-05-11 18:07 - 2016-04-23 06:20 - 19344384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2016-05-11 18:07 - 2016-04-23 06:19 - 07977472 _____ (Microsoft Corporation) C:\WINDOWS\system32\mos.dll
2016-05-11 18:07 - 2016-04-23 06:19 - 01056256 _____ (Microsoft Corporation) C:\WINDOWS\system32\JpMapControl.dll
2016-05-11 18:07 - 2016-04-23 06:19 - 00970752 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2016-05-11 18:07 - 2016-04-23 06:19 - 00853504 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsStore.dll
2016-05-11 18:07 - 2016-04-23 06:18 - 24604672 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2016-05-11 18:07 - 2016-04-23 06:18 - 00988160 _____ (Microsoft Corporation) C:\WINDOWS\system32\NMAA.dll
2016-05-11 18:07 - 2016-04-23 06:18 - 00939520 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapControlCore.dll
2016-05-11 18:07 - 2016-04-23 06:18 - 00349696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapConfiguration.dll
2016-05-11 18:07 - 2016-04-23 06:16 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\JpMapControl.dll
2016-05-11 18:07 - 2016-04-23 06:15 - 00792064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2016-05-11 18:07 - 2016-04-23 06:15 - 00784896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NMAA.dll
2016-05-11 18:07 - 2016-04-23 06:14 - 00711680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapControlCore.dll
2016-05-11 18:07 - 2016-04-23 06:13 - 07200256 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll
2016-05-11 18:07 - 2016-04-23 06:13 - 06295552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mos.dll
2016-05-11 18:07 - 2016-04-23 06:09 - 02582016 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2016-05-11 18:07 - 2016-04-23 06:08 - 02061824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2016-05-11 18:07 - 2016-04-23 06:07 - 05205504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingMaps.dll
2016-05-11 18:06 - 2016-05-06 06:53 - 00095072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdport.sys
2016-05-11 18:06 - 2016-05-06 06:05 - 00241664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cryptngc.dll
2016-05-11 18:06 - 2016-05-06 06:03 - 00649216 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngcsvc.dll
2016-05-11 18:06 - 2016-05-06 05:53 - 00351232 _____ (Microsoft Corporation) C:\WINDOWS\system32\NgcCtnr.dll
2016-05-11 18:06 - 2016-05-06 05:49 - 00289792 _____ (Microsoft Corporation) C:\WINDOWS\system32\NgcCtnrSvc.dll
2016-05-11 18:06 - 2016-05-06 05:44 - 00582656 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngccredprov.dll
2016-05-11 18:06 - 2016-05-06 05:43 - 00320000 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptngc.dll
2016-05-11 18:06 - 2016-05-06 05:23 - 00076288 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngcpopkeysrv.dll
2016-05-11 18:06 - 2016-04-30 08:42 - 01387520 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2016-05-11 18:06 - 2016-04-30 08:31 - 03591168 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2016-05-11 18:06 - 2016-04-23 08:12 - 01401024 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2016-05-11 18:06 - 2016-04-23 08:12 - 01184960 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2016-05-11 18:06 - 2016-04-23 08:12 - 00713920 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2016-05-11 18:06 - 2016-04-23 08:12 - 00514752 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2016-05-11 18:06 - 2016-04-23 08:12 - 00294592 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2016-05-11 18:06 - 2016-04-23 08:12 - 00190144 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCensus.exe
2016-05-11 18:06 - 2016-04-23 08:12 - 00092352 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2016-05-11 18:06 - 2016-04-23 08:12 - 00046784 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2016-05-11 18:06 - 2016-04-23 07:28 - 01557768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2016-05-11 18:06 - 2016-04-23 07:28 - 01542816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2016-05-11 18:06 - 2016-04-23 07:26 - 00707608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpcrt4.dll
2016-05-11 18:06 - 2016-04-23 07:24 - 07474528 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2016-05-11 18:06 - 2016-04-23 07:24 - 01997328 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2016-05-11 18:06 - 2016-04-23 07:24 - 01819208 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2016-05-11 18:06 - 2016-04-23 07:24 - 00754664 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
2016-05-11 18:06 - 2016-04-23 07:24 - 00638816 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fvevol.sys
2016-05-11 18:06 - 2016-04-23 07:24 - 00335712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fastfat.sys
2016-05-11 18:06 - 2016-04-23 07:24 - 00099680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pdc.sys
2016-05-11 18:06 - 2016-04-23 07:22 - 01161120 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcrt4.dll
2016-05-11 18:06 - 2016-04-23 07:18 - 00026408 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2016-05-11 18:06 - 2016-04-23 07:13 - 00502104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupEngine.dll
2016-05-11 18:06 - 2016-04-23 07:13 - 00306832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlanapi.dll
2016-05-11 18:06 - 2016-04-23 07:13 - 00084832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupApi.dll
2016-05-11 18:06 - 2016-04-23 07:12 - 00925064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll
2016-05-11 18:06 - 2016-04-23 07:12 - 00451928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFCaptureEngine.dll
2016-05-11 18:06 - 2016-04-23 07:12 - 00413536 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifitask.exe
2016-05-11 18:06 - 2016-04-23 07:11 - 01092464 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll
2016-05-11 18:06 - 2016-04-23 07:11 - 00696672 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupEngine.dll
2016-05-11 18:06 - 2016-04-23 07:11 - 00498960 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFCaptureEngine.dll
2016-05-11 18:06 - 2016-04-23 07:11 - 00390496 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanapi.dll
2016-05-11 18:06 - 2016-04-23 07:11 - 00131424 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ufxsynopsys.sys
2016-05-11 18:06 - 2016-04-23 07:11 - 00115040 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupApi.dll
2016-05-11 18:06 - 2016-04-23 07:10 - 03673424 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2016-05-11 18:06 - 2016-04-23 07:10 - 02919832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2016-05-11 18:06 - 2016-04-23 07:10 - 00330072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys
2016-05-11 18:06 - 2016-04-23 07:09 - 22561256 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2016-05-11 18:06 - 2016-04-23 07:09 - 21123320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2016-05-11 18:06 - 2016-04-23 07:09 - 05240960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2016-05-11 18:06 - 2016-04-23 07:09 - 04074160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2016-05-11 18:06 - 2016-04-23 07:09 - 00569744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SHCore.dll
2016-05-11 18:06 - 2016-04-23 07:09 - 00565600 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe
2016-05-11 18:06 - 2016-04-23 07:09 - 00465760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe
2016-05-11 18:06 - 2016-04-23 07:09 - 00303216 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppHost.exe
2016-05-11 18:06 - 2016-04-23 07:09 - 00255168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LockAppHost.exe
2016-05-11 18:06 - 2016-04-23 07:08 - 06605504 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2016-05-11 18:06 - 2016-04-23 07:08 - 04515256 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2016-05-11 18:06 - 2016-04-23 07:08 - 00725776 _____ (Microsoft Corporation) C:\WINDOWS\system32\SHCore.dll
2016-05-11 18:06 - 2016-04-23 07:07 - 01848072 _____ (Microsoft Corporation) C:\WINDOWS\system32\crypt32.dll
2016-05-11 18:06 - 2016-04-23 07:07 - 01536088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\crypt32.dll
2016-05-11 18:06 - 2016-04-23 07:07 - 00204048 _____ (Microsoft Corporation) C:\WINDOWS\system32\rsaenh.dll
2016-05-11 18:06 - 2016-04-23 07:07 - 00183904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rsaenh.dll
2016-05-11 18:06 - 2016-04-23 07:06 - 00291360 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininit.exe
2016-05-11 18:06 - 2016-04-23 07:02 - 00188256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxAllUserStore.dll
2016-05-11 18:06 - 2016-04-23 07:01 - 01996640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2016-05-11 18:06 - 2016-04-23 07:01 - 00650304 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll
2016-05-11 18:06 - 2016-04-23 07:01 - 00619296 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d10level9.dll
2016-05-11 18:06 - 2016-04-23 07:01 - 00577368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2016-05-11 18:06 - 2016-04-23 07:01 - 00522176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxgi.dll
2016-05-11 18:06 - 2016-04-23 07:01 - 00513368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d10level9.dll
2016-05-11 18:06 - 2016-04-23 07:01 - 00393568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2016-05-11 18:06 - 2016-04-23 07:01 - 00217440 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll
2016-05-11 18:06 - 2016-04-23 07:00 - 01776768 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll
2016-05-11 18:06 - 2016-04-23 07:00 - 01594920 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll
2016-05-11 18:06 - 2016-04-23 07:00 - 01522152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecs.dll
2016-05-11 18:06 - 2016-04-23 07:00 - 01399224 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2016-05-11 18:06 - 2016-04-23 07:00 - 01372304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32.dll
2016-05-11 18:06 - 2016-04-23 07:00 - 01337240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2016-05-11 18:06 - 2016-04-23 07:00 - 00550656 _____ (Microsoft Corporation) C:\WINDOWS\system32\directmanipulation.dll
2016-05-11 18:06 - 2016-04-23 07:00 - 00453472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\directmanipulation.dll
2016-05-11 18:06 - 2016-04-23 07:00 - 00058208 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwminit.dll
2016-05-11 18:06 - 2016-04-23 06:56 - 00534872 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS
2016-05-11 18:06 - 2016-04-23 06:39 - 00089088 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsCSP.dll
2016-05-11 18:06 - 2016-04-23 06:35 - 00066560 _____ (Microsoft Corporation) C:\WINDOWS\system32\MosHostClient.dll
2016-05-11 18:06 - 2016-04-23 06:34 - 00067072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbser.sys
2016-05-11 18:06 - 2016-04-23 06:34 - 00059392 _____ (Microsoft Corporation) C:\WINDOWS\system32\hmkd.dll
2016-05-11 18:06 - 2016-04-23 06:34 - 00048128 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups.dll
2016-05-11 18:06 - 2016-04-23 06:33 - 00089600 _____ (Microsoft Corporation) C:\WINDOWS\system32\NFCProvisioningPlugin.dll
2016-05-11 18:06 - 2016-04-23 06:33 - 00063488 _____ (Microsoft Corporation) C:\WINDOWS\system32\wshbth.dll
2016-05-11 18:06 - 2016-04-23 06:33 - 00063488 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\UcmCx.sys
2016-05-11 18:06 - 2016-04-23 06:33 - 00038400 _____ (Microsoft Corporation) C:\WINDOWS\system32\ByteCodeGenerator.exe
2016-05-11 18:06 - 2016-04-23 06:32 - 00134656 _____ (Microsoft Corporation) C:\WINDOWS\system32\wificonnapi.dll
2016-05-11 18:06 - 2016-04-23 06:32 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseDesktopAppMgmtCSP.dll
2016-05-11 18:06 - 2016-04-23 06:32 - 00028672 _____ (Microsoft Corporation) C:\WINDOWS\system32\mapsupdatetask.dll
2016-05-11 18:06 - 2016-04-23 06:31 - 00074752 _____ (Microsoft Corporation) C:\WINDOWS\system32\MosStorage.dll
2016-05-11 18:06 - 2016-04-23 06:30 - 00120320 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsBtSvc.dll
2016-05-11 18:06 - 2016-04-23 06:30 - 00112640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthenum.sys
2016-05-11 18:06 - 2016-04-23 06:30 - 00050176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MosHostClient.dll
2016-05-11 18:06 - 2016-04-23 06:29 - 00192000 _____ (Microsoft Corporation) C:\WINDOWS\system32\provisioningcsp.dll
2016-05-11 18:06 - 2016-04-23 06:29 - 00151040 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEStoreEventHandlers.dll
2016-05-11 18:06 - 2016-04-23 06:29 - 00087552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\filecrypt.sys
2016-05-11 18:06 - 2016-04-23 06:29 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAppInstaller.exe
2016-05-11 18:06 - 2016-04-23 06:29 - 00072704 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshost.dll
2016-05-11 18:06 - 2016-04-23 06:29 - 00047104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hmkd.dll
2016-05-11 18:06 - 2016-04-23 06:29 - 00031232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ByteCodeGenerator.exe
2016-05-11 18:06 - 2016-04-23 06:29 - 00023552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wups.dll
2016-05-11 18:06 - 2016-04-23 06:28 - 00130560 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudDomainJoinDataModelServer.dll
2016-05-11 18:06 - 2016-04-23 06:28 - 00127488 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEDataLayerHelpers.dll
2016-05-11 18:06 - 2016-04-23 06:28 - 00104448 _____ (Microsoft Corporation) C:\WINDOWS\system32\BluetoothApis.dll
2016-05-11 18:06 - 2016-04-23 06:28 - 00086528 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppCapture.dll
2016-05-11 18:06 - 2016-04-23 06:28 - 00051712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wshbth.dll
2016-05-11 18:06 - 2016-04-23 06:27 - 00155136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidclass.sys
2016-05-11 18:06 - 2016-04-23 06:27 - 00039424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wfdprov.dll
2016-05-11 18:06 - 2016-04-23 06:26 - 00269824 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshostcore.dll
2016-05-11 18:06 - 2016-04-23 06:26 - 00086528 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpdbusenum.dll
2016-05-11 18:06 - 2016-04-23 06:25 - 00630784 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneProviders.dll
2016-05-11 18:06 - 2016-04-23 06:25 - 00617984 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll
2016-05-11 18:06 - 2016-04-23 06:25 - 00210432 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmcsp.dll
2016-05-11 18:06 - 2016-04-23 06:25 - 00207360 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupSvc.dll
2016-05-11 18:06 - 2016-04-23 06:24 - 00764928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2016-05-11 18:06 - 2016-04-23 06:24 - 00689152 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
2016-05-11 18:06 - 2016-04-23 06:24 - 00292864 _____ (Microsoft Corporation) C:\WINDOWS\system32\provengine.dll
2016-05-11 18:06 - 2016-04-23 06:24 - 00287232 _____ (Microsoft Corporation) C:\WINDOWS\system32\provhandlers.dll
2016-05-11 18:06 - 2016-04-23 06:24 - 00181248 _____ (Microsoft Corporation) C:\WINDOWS\system32\shacct.dll
2016-05-11 18:06 - 2016-04-23 06:24 - 00166400 _____ (Microsoft Corporation) C:\WINDOWS\system32\SubscriptionMgr.dll
2016-05-11 18:06 - 2016-04-23 06:24 - 00084480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VEDataLayerHelpers.dll
2016-05-11 18:06 - 2016-04-23 06:23 - 11545088 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2016-05-11 18:06 - 2016-04-23 06:23 - 00414720 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvr.exe
2016-05-11 18:06 - 2016-04-23 06:23 - 00279040 _____ (Microsoft Corporation) C:\WINDOWS\system32\ListSvc.dll
2016-05-11 18:06 - 2016-04-23 06:23 - 00179712 _____ (Microsoft Corporation) C:\WINDOWS\system32\BrowserSettingSync.dll
2016-05-11 18:06 - 2016-04-23 06:23 - 00080896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BluetoothApis.dll
2016-05-11 18:06 - 2016-04-23 06:22 - 09918976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2016-05-11 18:06 - 2016-04-23 06:22 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEEventDispatcher.dll
2016-05-11 18:06 - 2016-04-23 06:21 - 00479232 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2016-05-11 18:06 - 2016-04-23 06:21 - 00314880 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXTaskFactory.dll
2016-05-11 18:06 - 2016-04-23 06:20 - 18676224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2016-05-11 18:06 - 2016-04-23 06:20 - 00606720 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmsvc.dll
2016-05-11 18:06 - 2016-04-23 06:20 - 00497152 _____ (Microsoft Corporation) C:\WINDOWS\system32\tileobjserver.dll
2016-05-11 18:06 - 2016-04-23 06:20 - 00484352 _____ (Microsoft Corporation) C:\WINDOWS\system32\DataSenseHandlers.dll
2016-05-11 18:06 - 2016-04-23 06:20 - 00356864 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActivationManager.dll
2016-05-11 18:06 - 2016-04-23 06:20 - 00307200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
2016-05-11 18:06 - 2016-04-23 06:20 - 00137728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shacct.dll
2016-05-11 18:06 - 2016-04-23 06:19 - 00440320 _____ (Microsoft Corporation) C:\WINDOWS\system32\CredProvDataModel.dll
2016-05-11 18:06 - 2016-04-23 06:19 - 00395264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlansec.dll
2016-05-11 18:06 - 2016-04-23 06:19 - 00140800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BrowserSettingSync.dll
2016-05-11 18:06 - 2016-04-23 06:18 - 00988672 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedStartModel.dll
2016-05-11 18:06 - 2016-04-23 06:18 - 00954368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys
2016-05-11 18:06 - 2016-04-23 06:18 - 00870400 _____ (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll
2016-05-11 18:06 - 2016-04-23 06:18 - 00804352 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2016-05-11 18:06 - 2016-04-23 06:18 - 00605184 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2016-05-11 18:06 - 2016-04-23 06:18 - 00585728 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2016-05-11 18:06 - 2016-04-23 06:18 - 00515072 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneDriveSettingSyncProvider.dll
2016-05-11 18:06 - 2016-04-23 06:18 - 00471552 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupShim.dll
2016-05-11 18:06 - 2016-04-23 06:18 - 00436736 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2016-05-11 18:06 - 2016-04-23 06:18 - 00219648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VEEventDispatcher.dll
2016-05-11 18:06 - 2016-04-23 06:18 - 00084992 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BTHUSB.SYS
2016-05-11 18:06 - 2016-04-23 06:17 - 01213440 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2016-05-11 18:06 - 2016-04-23 06:17 - 00529920 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
2016-05-11 18:06 - 2016-04-23 06:17 - 00388608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll
2016-05-11 18:06 - 2016-04-23 06:17 - 00337920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlanmsm.dll
2016-05-11 18:06 - 2016-04-23 06:16 - 01319424 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifinetworkmanager.dll
2016-05-11 18:06 - 2016-04-23 06:16 - 00848896 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2016-05-11 18:06 - 2016-04-23 06:15 - 01073152 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXService.dll
2016-05-11 18:06 - 2016-04-23 06:15 - 00865792 _____ (Microsoft Corporation) C:\WINDOWS\system32\AzureSettingSyncProvider.dll
2016-05-11 18:06 - 2016-04-23 06:15 - 00673280 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.dll
2016-05-11 18:06 - 2016-04-23 06:15 - 00400896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OneDriveSettingSyncProvider.dll
2016-05-11 18:06 - 2016-04-23 06:15 - 00348672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CredProvDataModel.dll
2016-05-11 18:06 - 2016-04-23 06:14 - 13383168 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2016-05-11 18:06 - 2016-04-23 06:14 - 00870912 _____ (Microsoft Corporation) C:\WINDOWS\system32\MPSSVC.dll
2016-05-11 18:06 - 2016-04-23 06:14 - 00821760 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
2016-05-11 18:06 - 2016-04-23 06:14 - 00647680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2016-05-11 18:06 - 2016-04-23 06:14 - 00503296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2016-05-11 18:06 - 2016-04-23 06:14 - 00354304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupShim.dll
2016-05-11 18:06 - 2016-04-23 06:14 - 00342528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2016-05-11 18:06 - 2016-04-23 06:13 - 00705536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2016-05-11 18:06 - 2016-04-23 06:13 - 00489984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.dll
2016-05-11 18:06 - 2016-04-23 06:13 - 00434688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LogonController.dll
2016-05-11 18:06 - 2016-04-23 06:12 - 00667648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AzureSettingSyncProvider.dll
2016-05-11 18:06 - 2016-04-23 06:10 - 12125696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2016-05-11 18:06 - 2016-04-23 06:10 - 00639488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll
2016-05-11 18:06 - 2016-04-23 06:09 - 03666432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2016-05-11 18:06 - 2016-04-23 06:08 - 05324288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2016-05-11 18:06 - 2016-04-23 06:07 - 02598912 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll
2016-05-11 18:06 - 2016-04-23 06:07 - 01500160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2016-05-11 18:06 - 2016-04-23 06:07 - 00848896 _____ (Microsoft Corporation) C:\WINDOWS\system32\samsrv.dll
2016-05-11 18:06 - 2016-04-23 06:06 - 06974464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2016-05-11 18:06 - 2016-04-23 06:05 - 05502976 _____ (Microsoft Corporation) C:\WINDOWS\system32\d2d1.dll
2016-05-11 18:06 - 2016-04-23 06:05 - 02166784 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2016-05-11 18:06 - 2016-04-23 06:05 - 02066432 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll
2016-05-11 18:06 - 2016-04-23 06:05 - 01946112 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2016-05-11 18:06 - 2016-04-23 06:05 - 01626624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2016-05-11 18:06 - 2016-04-23 06:05 - 00613376 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSync.dll
2016-05-11 18:06 - 2016-04-23 06:05 - 00111616 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatepolicy.dll
2016-05-11 18:06 - 2016-04-23 06:05 - 00103936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\updatepolicy.dll
2016-05-11 18:06 - 2016-04-23 06:04 - 04759040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll
2016-05-11 18:06 - 2016-04-23 06:04 - 01731072 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2016-05-11 18:06 - 2016-04-23 06:03 - 05660160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2016-05-11 18:06 - 2016-04-23 06:03 - 04894208 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2016-05-11 18:06 - 2016-04-23 06:03 - 02280960 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2016-05-11 18:06 - 2016-04-23 06:03 - 02193408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll
2016-05-11 18:06 - 2016-04-23 06:03 - 02000896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.appcore.dll
2016-05-11 18:06 - 2016-04-23 06:03 - 00754176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncCore.dll
2016-05-11 18:06 - 2016-04-23 06:03 - 00503296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSync.dll
2016-05-11 18:06 - 2016-04-23 06:02 - 07832576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2016-05-11 18:06 - 2016-04-23 06:02 - 02444288 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.appcore.dll
2016-05-11 18:06 - 2016-04-23 06:01 - 04775424 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2016-05-11 18:06 - 2016-04-23 06:00 - 01390080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Shell.dll
2016-05-11 18:06 - 2016-04-23 06:00 - 00984576 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll
2016-05-11 18:06 - 2016-04-23 05:45 - 00461824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll
2016-05-11 18:06 - 2016-04-23 04:10 - 00215040 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2016-05-11 18:06 - 2016-04-23 04:10 - 00002186 _____ C:\WINDOWS\system32\AppxProvisioning.xml
2016-05-11 18:06 - 2016-04-19 00:30 - 00002186 _____ C:\WINDOWS\SysWOW64\AppxProvisioning.xml
2016-05-07 10:04 - 2016-05-22 23:02 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-05-05 14:33 - 2016-05-05 14:33 - 00716703 _____ C:\Users\Marcel Ruckober\Downloads\Scan0002.pdf
2016-05-05 14:32 - 2016-05-05 14:32 - 01884864 _____ C:\Users\Marcel Ruckober\Downloads\Scan.pdf
2016-05-03 17:16 - 2016-05-03 17:16 - 00402750 _____ C:\Users\Marcel Ruckober\Downloads\RBRE_FAQ_2015-2016.pdf
2016-05-03 17:01 - 2016-05-03 17:01 - 00551497 _____ C:\Users\Marcel Ruckober\Downloads\Reise_Zahlungsbedingungen_2016.pdf
2016-05-03 16:59 - 2016-05-03 16:59 - 00202619 _____ C:\Users\Marcel Ruckober\Downloads\84085536-02.pdf
2016-04-30 18:13 - 2016-04-30 18:13 - 00000000 _____ C:\autoexec.bat
2016-04-30 18:12 - 2016-04-30 18:12 - 00022704 _____ C:\WINDOWS\system32\Drivers\EsgScanner.sys
2016-04-25 21:27 - 2016-05-23 23:44 - 00002457 _____ C:\Users\Marcel Ruckober\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2016-04-24 00:05 - 2016-04-24 00:05 - 00000000 ____D C:\WINDOWS\system32\SleepStudy

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-05-24 21:27 - 2015-10-30 09:24 - 00000000 ___HD C:\Program Files\WindowsApps
2016-05-24 21:27 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\AppReadiness
2016-05-24 21:09 - 2016-04-19 19:18 - 00000000 ____D C:\WINDOWS\System32\Tasks\Norton Security with Backup
2016-05-24 21:07 - 2016-01-02 22:28 - 00000000 __SHD C:\Users\Marcel Ruckober\IntelGraphicsProfiles
2016-05-24 21:07 - 2012-03-12 14:36 - 00000828 _____ C:\WINDOWS\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon.job
2016-05-23 23:47 - 2016-04-19 19:15 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-05-23 23:46 - 2015-10-30 08:28 - 00262144 ___SH C:\WINDOWS\system32\config\BBI
2016-05-23 23:45 - 2016-04-23 22:29 - 00002019 _____ C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk
2016-05-23 23:45 - 2016-04-23 22:08 - 00001243 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\True Key.lnk
2016-05-23 23:45 - 2016-04-19 19:07 - 00001495 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2016-05-23 23:45 - 2016-04-11 09:41 - 00001234 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2016-05-23 23:45 - 2016-04-11 09:41 - 00001216 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2016-05-23 23:45 - 2016-03-25 19:39 - 00002546 _____ C:\Users\Public\Desktop\Norton Security mit Backup.LNK
2016-05-23 23:45 - 2014-09-16 22:09 - 00002541 _____ C:\Users\Public\Desktop\Skype.lnk
2016-05-23 23:45 - 2014-05-01 23:59 - 00001110 _____ C:\Users\Public\Desktop\OpenOffice 4.1.0.lnk
2016-05-23 23:45 - 2014-05-01 22:14 - 00002110 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Thunderbird.lnk
2016-05-23 23:45 - 2014-05-01 22:14 - 00002092 _____ C:\Users\Public\Desktop\Mozilla Thunderbird.lnk
2016-05-23 23:45 - 2013-05-05 20:19 - 00000936 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GIMP 2.lnk
2016-05-23 23:45 - 2013-01-27 23:36 - 00001016 _____ C:\Users\Public\Desktop\Fresh Minder 2.lnk
2016-05-23 23:45 - 2012-03-12 15:18 - 00002435 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2010.lnk
2016-05-23 23:44 - 2016-04-18 22:14 - 00000000 ____D C:\ProgramData\Malwarebytes Anti-Exploit
2016-05-23 23:44 - 2016-01-02 22:38 - 00001047 _____ C:\Users\Marcel Ruckober\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Optionale Features.lnk
2016-05-23 23:44 - 2013-01-27 19:55 - 00000000 ____D C:\Users\Marcel Ruckober\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\The Rockin' Dead
2016-05-23 23:43 - 2016-04-10 21:27 - 00000000 ____D C:\Users\Marcel Ruckober\AppData\Roaming\Baellod
2016-05-23 23:43 - 2016-04-10 21:20 - 00000000 ____D C:\Users\Marcel Ruckober\AppData\Roaming\Osidf
2016-05-23 23:34 - 2012-03-12 14:58 - 00000328 _____ C:\WINDOWS\Tasks\Xerox PhotoCafe Communicator.job
2016-05-23 23:30 - 2015-02-28 17:30 - 00000911 _____ C:\WINDOWS\Tasks\EPSON XP-322 323 325 Series Update {C69226D6-BAF3-498A-A0CB-E4B5F2A5D953}.job
2016-05-23 23:16 - 2013-01-13 22:45 - 00000884 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2016-05-23 23:13 - 2015-10-30 08:28 - 00008192 ___SH C:\WINDOWS\system32\config\ELAM
2016-05-23 23:11 - 2016-04-23 22:08 - 00000000 ____D C:\Program Files (x86)\McAfee
2016-05-23 23:09 - 2016-04-23 21:57 - 00000000 ____D C:\Program Files\TrueKey
2016-05-23 23:03 - 2016-04-11 09:35 - 00004188 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{7173B62E-BFFB-4E84-BCDC-870F90852538}
2016-05-21 11:31 - 2013-04-02 21:52 - 00000000 ____D C:\Users\Marcel Ruckober\AppData\Roaming\vlc
2016-05-16 15:52 - 2015-10-30 09:21 - 00000000 ____D C:\WINDOWS\INF
2016-05-16 15:36 - 2013-01-27 23:51 - 00000000 ____D C:\Program Files (x86)\Steam
2016-05-16 15:28 - 2015-01-09 19:19 - 00000000 ____D C:\ProgramData\Epson
2016-05-16 15:15 - 2015-02-28 17:31 - 00000000 ____D C:\Program Files (x86)\EPSON Software
2016-05-16 15:15 - 2015-01-09 19:23 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EPSON Software
2016-05-16 15:14 - 2013-01-09 18:12 - 00000000 ____D C:\ProgramData\Sony Corporation
2016-05-16 15:14 - 2012-03-12 14:39 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2016-05-16 15:11 - 2015-01-09 19:23 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EPSON
2016-05-16 15:11 - 2015-01-09 19:22 - 00000000 ____D C:\Program Files (x86)\epson
2016-05-16 14:41 - 2016-04-10 22:57 - 00000000 ____D C:\Users\Marcel Ruckober\Documents\Briefvorlagen
2016-05-16 14:40 - 2013-01-09 23:26 - 00000000 ____D C:\Users\Marcel Ruckober\AppData\Local\CrashDumps
2016-05-16 14:29 - 2016-04-19 18:56 - 02114982 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-05-16 14:29 - 2015-10-30 20:35 - 00899798 _____ C:\WINDOWS\system32\perfh007.dat
2016-05-16 14:29 - 2015-10-30 20:35 - 00201990 _____ C:\WINDOWS\system32\perfc007.dat
2016-05-16 13:24 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\rescache
2016-05-15 10:25 - 2015-10-30 09:11 - 00000000 ____D C:\WINDOWS\CbsTemp
2016-05-15 10:16 - 2013-02-14 23:07 - 00000000 ____D C:\ProgramData\McAfee
2016-05-14 12:01 - 2016-04-19 18:59 - 00000000 ____D C:\Users\Marcel Ruckober
2016-05-13 18:38 - 2012-03-12 14:36 - 00000830 _____ C:\WINDOWS\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d.job
2016-05-13 18:23 - 2016-04-11 22:47 - 00000000 ____D C:\Users\Marcel Ruckober\AppData\Local\NPE
2016-05-13 17:55 - 2016-01-02 22:29 - 00000000 __RHD C:\Users\Public\AccountPictures
2016-05-13 17:27 - 2016-04-11 09:41 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-05-12 19:48 - 2015-10-30 20:44 - 00000000 ____D C:\Program Files\Windows Journal
2016-05-12 19:48 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\system32\oobe
2016-05-12 19:48 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\system32\appraiser
2016-05-12 19:48 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\Provisioning
2016-05-12 19:48 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\bcastdvr
2016-05-12 18:37 - 2013-07-25 20:31 - 00000000 ____D C:\WINDOWS\system32\MRT
2016-05-11 18:17 - 2013-01-21 21:20 - 139319312 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2016-05-06 21:06 - 2016-04-18 22:14 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Exploit
2016-05-06 21:06 - 2016-04-18 22:14 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Exploit
2016-05-03 12:10 - 2014-11-05 22:42 - 00000000 ____D C:\Users\Marcel Ruckober\AppData\Local\Packages
2016-04-30 17:54 - 2016-04-19 19:00 - 00000000 ____D C:\Users\Marcel Ruckober\unwesentlich
2016-04-25 21:27 - 2016-01-02 22:33 - 00000000 ___RD C:\Users\Marcel Ruckober\OneDrive
2016-04-24 22:09 - 2016-04-23 22:08 - 00000000 ____D C:\Program Files\Common Files\McAfee
2016-04-24 20:51 - 2016-04-11 22:51 - 00000083 _____ C:\WINDOWS\system32\Drivers\etc\hosts.bak
2016-04-24 19:10 - 2016-04-23 22:10 - 00000000 ____D C:\Users\Marcel Ruckober\AppData\Local\tkdata
2016-04-24 17:55 - 2013-01-18 21:10 - 00000000 ____D C:\Users\Marcel Ruckober\AppData\Local\Adobe
2016-04-24 17:46 - 2016-04-19 18:44 - 00232624 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2016-04-24 17:41 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2016-04-24 17:40 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\PolicyDefinitions

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2013-01-27 23:26 - 2013-01-27 23:26 - 0000103 _____ () C:\Users\Marcel Ruckober\AppData\Local\fusioncache.dat
2015-08-21 18:39 - 2015-08-21 18:39 - 0000862 _____ () C:\Users\Marcel Ruckober\AppData\Local\recently-used.xbel
2013-01-10 14:42 - 2013-01-10 14:44 - 0027606 _____ () C:\Users\Marcel Ruckober\AppData\Local\WiDiSetupLog.20130110.134251.txt
2016-04-19 18:52 - 2016-04-19 18:52 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2013-01-08 21:43 - 2013-01-08 21:43 - 0000056 ____H () C:\ProgramData\ezsidmv.dat
2012-03-12 15:50 - 2012-03-12 15:50 - 0000109 _____ () C:\ProgramData\{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}.log
2012-03-12 15:47 - 2012-03-12 15:48 - 0000105 _____ () C:\ProgramData\{40BF1E83-20EB-11D8-97C5-0009C5020658}.log
2012-03-12 15:46 - 2012-03-12 15:47 - 0000106 _____ () C:\ProgramData\{80E158EA-7181-40FE-A701-301CE6BE64AB}.log
2012-03-12 15:48 - 2012-03-12 15:49 - 0000110 _____ () C:\ProgramData\{CB099890-1D5F-11D5-9EA9-0050BAE317E1}.log
2012-03-12 15:49 - 2012-03-12 15:50 - 0000108 _____ () C:\ProgramData\{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}.log

Einige Dateien in TEMP:
====================
C:\Users\Marcel Ruckober\AppData\Local\Temp\libeay32.dll
C:\Users\Marcel Ruckober\AppData\Local\Temp\msvcr120.dll
C:\Users\Marcel Ruckober\AppData\Local\Temp\sqlite3.dll
C:\Users\Marcel Ruckober\AppData\Local\Temp\_is3DAE.exe


==================== Bamital & volsnap =================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert


LastRegBack: 2016-05-18 21:15

==================== Ende von FRST.txt ============================

mbam Teil 1:

Code:

ATTFilter

 Malwarebytes Anti-Malware 
www.malwarebytes.org

Suchlaufdatum: 23.05.2016
Suchlaufzeit: 23:26
Protokolldatei: mbam.txt
Administrator: Ja

Version: 2.2.1.1043
Malware-Datenbank: v2016.05.23.06
Rootkit-Datenbank: v2016.05.20.01
Lizenz: Testversion
Malware-Schutz: Aktiviert
Schutz vor bösartigen Websites: Aktiviert
Selbstschutz: Deaktiviert

Betriebssystem: Windows 10
CPU: x64
Dateisystem: NTFS
Benutzer: Marcel Ruckober

Suchlauftyp: Bedrohungssuchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 331048
Abgelaufene Zeit: 12 Min., 58 Sek.

Speicher: Aktiviert
Start: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristik: Aktiviert
PUP: Aktiviert
PUM: Aktiviert

Prozesse: 0
(keine bösartigen Elemente erkannt)

Module: 0
(keine bösartigen Elemente erkannt)

Registrierungsschlüssel: 16
PUP.Optional.VBates.Gen, HKLM\SOFTWARE\BEHQEC, In Quarantäne, [e46eeaefa0f9b383ffdd07d3f50ea957], 
PUP.Optional.CrossRider, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{6B987F6E-6FD6-46EB-865D-6CD8112F327F}, In Quarantäne, [5ef468716e2b191daa3b4c33b152d32d], 
PUP.Optional.CrossRider, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{E3ACD76D-0B3D-4FB7-9FA7-8B6D0917A34A}, In Quarantäne, [b0a26574940586b09f447b04689b31cf], 
PUP.Optional.SearchProtect.Gen, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{072AA169-5ACD-42C7-A791-DFC6B1AF4371}, Löschen bei Neustart, [ff538752d6c3053159a8e0fbe71c56aa], 
PUP.Optional.SearchProtect.Gen, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\bvyvave, Löschen bei Neustart, [4012ebeef1a87cbaa85abf1c2dd6f30d], 
PUP.Optional.HohoSearch, HKLM\SOFTWARE\MOZILLA\FIREFOX\{EB52F1AB-3C2B-424F-9794-833C687025CF}, In Quarantäne, [a9a992477524c96d1dc6dcd059a9926e], 
PUP.Optional.Tuto4PC, HKLM\SOFTWARE\WOW6432NODE\SUNNYDAYAPPS, In Quarantäne, [2b27ca0fe1b844f24b99c0ec50b2ec14], 
PUP.Optional.VBates.Gen, HKLM\SOFTWARE\WOW6432NODE\BEHQEC, In Quarantäne, [480ab623adecf64076664b8fd42fea16], 
PUP.Optional.CrossRider, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{6B987F6E-6FD6-46EB-865D-6CD8112F327F}, In Quarantäne, [94be8950f9a059dd82639ce332d19769], 
PUP.Optional.CrossRider, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{E3ACD76D-0B3D-4FB7-9FA7-8B6D0917A34A}, In Quarantäne, [aba71ebb811869cd449fe19eb053fe02], 
PUP.Optional.BrowserAir, HKU\S-1-5-21-189922631-1767686969-1414721043-1001\SOFTWARE\CLIENTS\STARTMENUINTERNET\BrowserAir.WJTQ6AQNMVP4AAN7PAN4JJXY4Q, In Quarantäne, [fa5819c096039e9843323d67a36043bd], 
PUP.Optional.Komodia, HKU\S-1-5-21-189922631-1767686969-1414721043-1001\SOFTWARE\INSTALLPATH\STATUS, In Quarantäne, [183a8554d3c687af20a1b80de51e30d0], 
PUP.Optional.CrossRider, HKU\S-1-5-21-189922631-1767686969-1414721043-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{6B987F6E-6FD6-46EB-865D-6CD8112F327F}, In Quarantäne, [3e14cf0ac1d88ea80cc30d728d7613ed], 
PUP.Optional.CrossRider, HKU\S-1-5-21-189922631-1767686969-1414721043-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{E3ACD76D-0B3D-4FB7-9FA7-8B6D0917A34A}, In Quarantäne, [3d1537a2c5d43afc13ba552ab44f0ff1], 
PUP.Optional.BrowserAir, HKU\S-1-5-21-189922631-1767686969-1414721043-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\APP PATHS\BrowserAir.exe, In Quarantäne, [520036a3d5c483b35611c0f4f112827e], 
PUP.Optional.BrowserAir, HKU\S-1-5-21-189922631-1767686969-1414721043-1001_Classes\BrowserAir.WJTQ6AQNMVP4AAN7PAN4JJXY4Q, In Quarantäne, [91c1be1b6336a88e7a0fb70359aa58a8], 

Registrierungswerte: 18
PUP.Optional.VBates.Gen, HKLM\SOFTWARE\Behqec|installer_name, vbates_csmddeex-00-Bitshakers_.exe, In Quarantäne, [e46eeaefa0f9b383ffdd07d3f50ea957]
PUP.Optional.CrossRider, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{6b987f6e-6fd6-46eb-865d-6cd8112f327f}|AppName, Rewin_Cinematic 1.1-codedownloader.exe, In Quarantäne, [5ef468716e2b191daa3b4c33b152d32d]
PUP.Optional.CrossRider, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{e3acd76d-0b3d-4fb7-9fa7-8b6d0917a34a}|AppName, Rewin_Cinematic 1.1-bg.exe, In Quarantäne, [b0a26574940586b09f447b04689b31cf]
PUP.Optional.SearchProtect.Gen, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{072AA169-5ACD-42C7-A791-DFC6B1AF4371}|Path, \bvyvave, Löschen bei Neustart, [ff538752d6c3053159a8e0fbe71c56aa]
PUP.Optional.HohoSearch, HKLM\SOFTWARE\MOZILLA\FIREFOX\{EB52F1AB-3C2B-424F-9794-833C687025CF}|hp, hxxp://www.hohosearch.com/?ts=AHEqA3AlBHYpBE..&v=20160409&uid=AF5E59F6B7D7814EB89B40513F247712&ptid=epf1&mode=ffsengext, In Quarantäne, [a9a992477524c96d1dc6dcd059a9926e]
PUP.Optional.HohoSearch, HKLM\SOFTWARE\MOZILLA\FIREFOX\{EB52F1AB-3C2B-424F-9794-833C687025CF}|tab, hxxp://www.hohosearch.com/?ts=AHEqA3AlBHYpBE..&v=20160409&uid=AF5E59F6B7D7814EB89B40513F247712&ptid=epf1&mode=ffsengext, In Quarantäne, [381a9b3e3e5b9d99db08decef60ca060]
PUP.Optional.HohoSearch, HKLM\SOFTWARE\MOZILLA\FIREFOX\{EB52F1AB-3C2B-424F-9794-833C687025CF}|sp, hxxp://www.hohosearch.com/chrome.php?uid=AF5E59F6B7D7814EB89B40513F247712&ptid=epf1&q={searchTerms}&ts=AHEqA3AlBHYpBE..&v=20160409&mode=ffsengext, In Quarantäne, [5ff35b7e3267c67002e1b9f3a260e719]
PUP.Optional.HohoSearch, HKLM\SOFTWARE\MOZILLA\FIREFOX\{EB52F1AB-3C2B-424F-9794-833C687025CF}|surl, hxxp://www.hohosearch.com/chrome.php?uid=AF5E59F6B7D7814EB89B40513F247712&ptid=epf1&ts=AHEqA3AlBHYpBE..&v=20160409&mode=ffexttoolbar&q=, In Quarantäne, [9fb3b029d7c2ea4c41a23a72d72b629e]
PUP.Optional.VBates.Gen, HKLM\SOFTWARE\WOW6432NODE\Behqec|installer_name, vbates_csmddeex-00-Bitshakers_.exe, In Quarantäne, [480ab623adecf64076664b8fd42fea16]
PUP.Optional.CrossRider, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{6b987f6e-6fd6-46eb-865d-6cd8112f327f}|AppName, Rewin_Cinematic 1.1-codedownloader.exe, In Quarantäne, [94be8950f9a059dd82639ce332d19769]
PUP.Optional.CrossRider, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{e3acd76d-0b3d-4fb7-9fa7-8b6d0917a34a}|AppName, Rewin_Cinematic 1.1-bg.exe, In Quarantäne, [aba71ebb811869cd449fe19eb053fe02]
PUP.Optional.CrossRider.Generic, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\MAIN\FEATURECONTROL\FEATURE_BROWSER_EMULATION|Rewin_Cinematic 1.1-bg.exe, 8000, In Quarantäne, [0d450ccdbfdad46295c2d800679c0bf5]
PUP.Optional.DeskTopPlay, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|dply_en_015020294, In Quarantäne, [56fc5c7d4455ce68a90c38661ee56997], 
PUP.Optional.MBot, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|mbot_en_037050293, In Quarantäne, [183af0e90693152189a61d6def140cf4], 
PUP.Optional.Komodia, HKU\S-1-5-21-189922631-1767686969-1414721043-1001\SOFTWARE\INSTALLPATH\STATUS|FlowsurfCB, I, In Quarantäne, [183a8554d3c687af20a1b80de51e30d0]
PUP.Optional.CrossRider, HKU\S-1-5-21-189922631-1767686969-1414721043-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{6b987f6e-6fd6-46eb-865d-6cd8112f327f}|AppName, Rewin_Cinematic 1.1-codedownloader.exe, In Quarantäne, [3e14cf0ac1d88ea80cc30d728d7613ed]
PUP.Optional.CrossRider, HKU\S-1-5-21-189922631-1767686969-1414721043-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{e3acd76d-0b3d-4fb7-9fa7-8b6d0917a34a}|AppName, Rewin_Cinematic 1.1-bg.exe, In Quarantäne, [3d1537a2c5d43afc13ba552ab44f0ff1]
PUP.Optional.BrowserAir, HKU\S-1-5-21-189922631-1767686969-1414721043-1001\SOFTWARE\REGISTEREDAPPLICATIONS|BrowserAir.WJTQ6AQNMVP4AAN7PAN4JJXY4Q, Software\Clients\StartMenuInternet\BrowserAir.WJTQ6AQNMVP4AAN7PAN4JJXY4Q\Capabilities, In Quarantäne, [153d69706d2cc175dde54190de25b749]

Registrierungsdaten: 0
(keine bösartigen Elemente erkannt)

Ordner: 54
PUP.Optional.VBates, C:\Users\Marcel Ruckober\AppData\LocalLow\Company\Product\1.0, In Quarantäne, [b39f7960eeab52e45fd8485d50b3fb05], 
PUP.Optional.VBates, C:\Users\Marcel Ruckober\AppData\LocalLow\Company\Product, In Quarantäne, [b39f7960eeab52e45fd8485d50b3fb05], 
PUP.Optional.SearchProtect, C:\Users\Marcel Ruckober\AppData\Local\bvyvave, In Quarantäne, [2a28a2370a8f90a663cfb7bc2cd8649c], 
PUP.Optional.FakeFFProfile, C:\Users\Marcel Ruckober\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F, In Quarantäne, [fb57994081180d29858cc6ad7e86718f], 
PUP.Optional.FakeFFProfile, C:\Users\Marcel Ruckober\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\features, In Quarantäne, [fb57994081180d29858cc6ad7e86718f], 
PUP.Optional.FakeFFProfile, C:\Users\Marcel Ruckober\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\features\{f1f1aaae-db87-40a0-a468-3f73165f5831}, In Quarantäne, [fb57994081180d29858cc6ad7e86718f], 
PUP.Optional.FakeFFProfile, C:\Users\Marcel Ruckober\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\minidumps, In Quarantäne, [fb57994081180d29858cc6ad7e86718f], 
PUP.Optional.FakeFFProfile, C:\Users\Marcel Ruckober\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\bookmarkbackups, In Quarantäne, [fb57994081180d29858cc6ad7e86718f], 
PUP.Optional.FakeFFProfile, C:\Users\Marcel Ruckober\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\crashes, In Quarantäne, [fb57994081180d29858cc6ad7e86718f], 
PUP.Optional.FakeFFProfile, C:\Users\Marcel Ruckober\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\crashes\events, In Quarantäne, [fb57994081180d29858cc6ad7e86718f], 
PUP.Optional.FakeFFProfile, C:\Users\Marcel Ruckober\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\datareporting, In Quarantäne, [fb57994081180d29858cc6ad7e86718f], 
PUP.Optional.FakeFFProfile, C:\Users\Marcel Ruckober\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\datareporting\archived, In Quarantäne, [fb57994081180d29858cc6ad7e86718f], 
PUP.Optional.FakeFFProfile, C:\Users\Marcel Ruckober\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\datareporting\archived\2015-11, In Quarantäne, [fb57994081180d29858cc6ad7e86718f], 
PUP.Optional.FakeFFProfile, C:\Users\Marcel Ruckober\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\datareporting\archived\2015-12, In Quarantäne, [fb57994081180d29858cc6ad7e86718f], 
PUP.Optional.FakeFFProfile, C:\Users\Marcel Ruckober\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\datareporting\archived\2016-01, In Quarantäne, [fb57994081180d29858cc6ad7e86718f], 
PUP.Optional.FakeFFProfile, C:\Users\Marcel Ruckober\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\datareporting\archived\2016-02, In Quarantäne, [fb57994081180d29858cc6ad7e86718f], 
PUP.Optional.FakeFFProfile, C:\Users\Marcel Ruckober\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\datareporting\archived\2016-03, In Quarantäne, [fb57994081180d29858cc6ad7e86718f], 
PUP.Optional.FakeFFProfile, C:\Users\Marcel Ruckober\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\datareporting\archived\2016-04, In Quarantäne, [fb57994081180d29858cc6ad7e86718f], 
PUP.Optional.FakeFFProfile, C:\Users\Marcel Ruckober\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\extensions, In Quarantäne, [fb57994081180d29858cc6ad7e86718f], 
PUP.Optional.FakeFFProfile, C:\Users\Marcel Ruckober\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\gmp, In Quarantäne, [fb57994081180d29858cc6ad7e86718f], 
PUP.Optional.FakeFFProfile, C:\Users\Marcel Ruckober\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\gmp\WINNT_x86-msvc, In Quarantäne, [fb57994081180d29858cc6ad7e86718f], 
PUP.Optional.FakeFFProfile, C:\Users\Marcel Ruckober\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\gmp-eme-adobe, In Quarantäne, [fb57994081180d29858cc6ad7e86718f], 
PUP.Optional.FakeFFProfile, C:\Users\Marcel Ruckober\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\gmp-eme-adobe\15, In Quarantäne, [fb57994081180d29858cc6ad7e86718f], 
PUP.Optional.FakeFFProfile, C:\Users\Marcel Ruckober\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\gmp-gmpopenh264, In Quarantäne, [fb57994081180d29858cc6ad7e86718f], 
PUP.Optional.FakeFFProfile, C:\Users\Marcel Ruckober\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\gmp-gmpopenh264\1.1, In Quarantäne, [fb57994081180d29858cc6ad7e86718f], 
PUP.Optional.FakeFFProfile, C:\Users\Marcel Ruckober\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\gmp-gmpopenh264\1.5.3, In Quarantäne, [fb57994081180d29858cc6ad7e86718f], 
PUP.Optional.FakeFFProfile, C:\Users\Marcel Ruckober\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\healthreport, In Quarantäne, [fb57994081180d29858cc6ad7e86718f], 
PUP.Optional.FakeFFProfile, C:\Users\Marcel Ruckober\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\saved-telemetry-pings, In Quarantäne, [fb57994081180d29858cc6ad7e86718f], 
PUP.Optional.FakeFFProfile, C:\Users\Marcel Ruckober\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\searchplugins, In Quarantäne, [fb57994081180d29858cc6ad7e86718f], 
PUP.Optional.FakeFFProfile, C:\Users\Marcel Ruckober\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\storage, In Quarantäne, [fb57994081180d29858cc6ad7e86718f], 
PUP.Optional.FakeFFProfile, C:\Users\Marcel Ruckober\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\storage\default, In Quarantäne, [fb57994081180d29858cc6ad7e86718f], 
PUP.Optional.FakeFFProfile, C:\Users\Marcel Ruckober\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\storage\permanent, In Quarantäne, [fb57994081180d29858cc6ad7e86718f], 
PUP.Optional.FakeFFProfile, C:\Users\Marcel Ruckober\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\storage\permanent\chrome, In Quarantäne, [fb57994081180d29858cc6ad7e86718f], 
PUP.Optional.FakeFFProfile, C:\Users\Marcel Ruckober\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\storage\permanent\chrome\idb, In Quarantäne, [fb57994081180d29858cc6ad7e86718f], 
PUP.Optional.FakeFFProfile, C:\Users\Marcel Ruckober\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\storage\permanent\chrome\idb\18928831881bcdal4a2neraedt-nai3.files, In Quarantäne, [fb57994081180d29858cc6ad7e86718f], 
PUP.Optional.FakeFFProfile, C:\Users\Marcel Ruckober\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\storage\permanent\chrome\idb\2588645841ssegtnti.files, In Quarantäne, [fb57994081180d29858cc6ad7e86718f], 
PUP.Optional.FakeFFProfile, C:\Users\Marcel Ruckober\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\storage\permanent\chrome\idb\2918063365piupsah.files, In Quarantäne, [fb57994081180d29858cc6ad7e86718f], 
PUP.Optional.FakeFFProfile, C:\Users\Marcel Ruckober\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\storage\permanent\chrome\idb\30590497931bcdac4n2yesaadm-oac3.files, In Quarantäne, [fb57994081180d29858cc6ad7e86718f], 
PUP.Optional.FakeFFProfile, C:\Users\Marcel Ruckober\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\storage\permanent\chrome\idb\313973188616c7a94126emaodc-lai3.files, In Quarantäne, [fb57994081180d29858cc6ad7e86718f], 
PUP.Optional.FakeFFProfile, C:\Users\Marcel Ruckober\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\storage\permanent\chrome\idb\846562544phus.files, In Quarantäne, [fb57994081180d29858cc6ad7e86718f], 
PUP.Optional.FakeFFProfile, C:\Users\Marcel Ruckober\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\storage\permanent\indexeddb+++fx-devtools, In Quarantäne, [fb57994081180d29858cc6ad7e86718f], 
PUP.Optional.FakeFFProfile, C:\Users\Marcel Ruckober\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\storage\permanent\indexeddb+++fx-devtools\idb, In Quarantäne, [fb57994081180d29858cc6ad7e86718f], 
PUP.Optional.FakeFFProfile, C:\Users\Marcel Ruckober\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\storage\permanent\indexeddb+++fx-devtools\idb\4268914080AsptpcPerjo.files, In Quarantäne, [fb57994081180d29858cc6ad7e86718f], 
PUP.Optional.FakeFFProfile, C:\Users\Marcel Ruckober\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\storage\permanent\indexeddb+++fx-devtools\idb\478967115deegvatroootlss--cans.files, In Quarantäne, [fb57994081180d29858cc6ad7e86718f], 
PUP.Optional.FakeFFProfile, C:\Users\Marcel Ruckober\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\storage\temporary, In Quarantäne, [fb57994081180d29858cc6ad7e86718f], 
PUP.Optional.FakeFFProfile, C:\Users\Marcel Ruckober\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\storage\temporary\https+++mega.co.nz, In Quarantäne, [fb57994081180d29858cc6ad7e86718f], 
PUP.Optional.FakeFFProfile, C:\Users\Marcel Ruckober\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\storage\temporary\https+++mega.co.nz\asmjs, In Quarantäne, [fb57994081180d29858cc6ad7e86718f], 
PUP.Optional.FakeFFProfile, C:\Users\Marcel Ruckober\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\storage\temporary\https+++www.facebook.com, In Quarantäne, [fb57994081180d29858cc6ad7e86718f], 
PUP.Optional.FakeFFProfile, C:\Users\Marcel Ruckober\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\storage\temporary\https+++www.facebook.com\asmjs, In Quarantäne, [fb57994081180d29858cc6ad7e86718f], 
PUP.Optional.FakeFFProfile, C:\Users\Marcel Ruckober\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\weave, In Quarantäne, [fb57994081180d29858cc6ad7e86718f], 
PUP.Optional.FakeFFProfile, C:\Users\Marcel Ruckober\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\weave\changes, In Quarantäne, [fb57994081180d29858cc6ad7e86718f], 
PUP.Optional.FakeFFProfile, C:\Users\Marcel Ruckober\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\weave\failed, In Quarantäne, [fb57994081180d29858cc6ad7e86718f], 
PUP.Optional.FakeFFProfile, C:\Users\Marcel Ruckober\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\weave\toFetch, In Quarantäne, [fb57994081180d29858cc6ad7e86718f], 
PUP.Optional.FakeFFProfile, C:\Users\Marcel Ruckober\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\webapps, In Quarantäne, [fb57994081180d29858cc6ad7e86718f],

Ruggi · 24.05.2016, 21:07

mbam Teil 2:

Code:

ATTFilter

Dateien: 467
Adware.PennyBee.WnskRST, C:\Users\Marcel Ruckober\AppData\Roaming\Baellod\Mukcip.dll, In Quarantäne, [331f00d92c6dfe386419b6f518e9b848], 
Adware.PennyBee.WnskRST, C:\Users\Marcel Ruckober\AppData\Roaming\Osidf\Nihgafrafn.dll, In Quarantäne, [de744e8b5b3e73c3d6a70d9e31d0956b], 
PUP.Optional.CrossAd.Gen, C:\Users\Marcel Ruckober\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\extensions\@E9438230-A7DF-4D1F-8F2D-CA1D0F0F7924.XPI, In Quarantäne, [2f2315c4f1a8ef47f6c44768cb37d828], 
PUP.Optional.VBates, C:\Users\Marcel Ruckober\AppData\LocalLow\Company\Product\1.0\LOCALSTORAGEIE.TXT, In Quarantäne, [b39f7960eeab52e45fd8485d50b3fb05], 
PUP.Optional.VBates, C:\Users\Marcel Ruckober\AppData\LocalLow\Company\Product\1.0\localStorageIE_backup.txt, In Quarantäne, [b39f7960eeab52e45fd8485d50b3fb05], 
PUP.Optional.SearchProtect.Gen, C:\Windows\System32\Tasks\bvyvave, In Quarantäne, [084af9e09801f244ec13d00a847fa55b], 
PUP.Optional.SearchProtect, C:\Users\Marcel Ruckober\AppData\Local\bvyvave\bahvxfk, In Quarantäne, [2a28a2370a8f90a663cfb7bc2cd8649c], 
PUP.Optional.SearchProtect, C:\Users\Marcel Ruckober\AppData\Local\bvyvave\mkfvxfk, In Quarantäne, [2a28a2370a8f90a663cfb7bc2cd8649c], 
PUP.Optional.SearchProtect, C:\Users\Marcel Ruckober\AppData\Local\bvyvave\pvpqbjobmlpfqlovvawq, In Quarantäne, [2a28a2370a8f90a663cfb7bc2cd8649c], 
PUP.Optional.SearchProtect, C:\Users\Marcel Ruckober\AppData\Local\bvyvave\qokvxfk, In Quarantäne, [2a28a2370a8f90a663cfb7bc2cd8649c], 
PUP.Optional.SearchProtect, C:\Users\Marcel Ruckober\AppData\Local\bvyvave\rfobmlpfqlovvawq, In Quarantäne, [2a28a2370a8f90a663cfb7bc2cd8649c], 
PUP.Optional.SearchProtect, C:\Users\Marcel Ruckober\AppData\Local\bvyvave\rpboobmlpfqlovvawq, In Quarantäne, [2a28a2370a8f90a663cfb7bc2cd8649c], 
PUP.Optional.SearchProtect, C:\Users\Marcel Ruckober\AppData\Local\bvyvave\ycfvxfk, In Quarantäne, [2a28a2370a8f90a663cfb7bc2cd8649c], 
PUP.Optional.HohoSearch, C:\Users\Marcel Ruckober\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\searchplugins\DD1B66D4.xml, In Quarantäne, [d67c9a3f3861290d22e93142ff05e51b], 
PUP.Optional.FakeFFProfile, C:\Users\Marcel Ruckober\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\prefs.js, In Quarantäne, [fb57994081180d29858cc6ad7e86718f], 
PUP.Optional.FakeFFProfile, C:\Users\Marcel Ruckober\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\sessionstore.bak-20140923175406, In Quarantäne, [fb57994081180d29858cc6ad7e86718f], 
PUP.Optional.FakeFFProfile, C:\Users\Marcel Ruckober\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\addons.json, In Quarantäne, [fb57994081180d29858cc6ad7e86718f], 
PUP.Optional.FakeFFProfile, C:\Users\Marcel Ruckober\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\addons.sqlite, In Quarantäne, [fb57994081180d29858cc6ad7e86718f], 
PUP.Optional.FakeFFProfile, C:\Users\Marcel Ruckober\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\blocklist.xml, In Quarantäne, [fb57994081180d29858cc6ad7e86718f], 
PUP.Optional.FakeFFProfile, C:\Users\Marcel Ruckober\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\cert8.db, In Quarantäne, [fb57994081180d29858cc6ad7e86718f], 
PUP.Optional.FakeFFProfile, C:\Users\Marcel Ruckober\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\cert_override.txt, In Quarantäne, [fb57994081180d29858cc6ad7e86718f], 
PUP.Optional.FakeFFProfile, C:\Users\Marcel Ruckober\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\compatibility.ini, In Quarantäne, [fb57994081180d29858cc6ad7e86718f], 
PUP.Optional.FakeFFProfile, C:\Users\Marcel Ruckober\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\content-prefs.sqlite, In Quarantäne, [fb57994081180d29858cc6ad7e86718f], 
PUP.Optional.FakeFFProfile, C:\Users\Marcel Ruckober\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\cookies.sqlite, In Quarantäne, [fb57994081180d29858cc6ad7e86718f], 
PUP.Optional.FakeFFProfile, C:\Users\Marcel Ruckober\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\extensions.ini, In Quarantäne, [fb57994081180d29858cc6ad7e86718f], 
PUP.Optional.FakeFFProfile, C:\Users\Marcel Ruckober\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\extensions.json, In Quarantäne, [fb57994081180d29858cc6ad7e86718f], 
PUP.Optional.FakeFFProfile, C:\Users\Marcel Ruckober\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\extensions.sqlite, In Quarantäne, [fb57994081180d29858cc6ad7e86718f], 
PUP.Optional.FakeFFProfile, C:\Users\Marcel Ruckober\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\formhistory.sqlite, In Quarantäne, [fb57994081180d29858cc6ad7e86718f], 
PUP.Optional.FakeFFProfile, C:\Users\Marcel Ruckober\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\healthreport.sqlite, In Quarantäne, [fb57994081180d29858cc6ad7e86718f], 
PUP.Optional.FakeFFProfile, C:\Users\Marcel Ruckober\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\healthreport.sqlite-shm, In Quarantäne, [fb57994081180d29858cc6ad7e86718f], 
PUP.Optional.FakeFFProfile, C:\Users\Marcel Ruckober\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\healthreport.sqlite-wal, In Quarantäne, [fb57994081180d29858cc6ad7e86718f], 
PUP.Optional.FakeFFProfile, C:\Users\Marcel Ruckober\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\hotfix.v20140527.01.json, In Quarantäne, [fb57994081180d29858cc6ad7e86718f], 
PUP.Optional.FakeFFProfile, C:\Users\Marcel Ruckober\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\jigsaw.db, In Quarantäne, [fb57994081180d29858cc6ad7e86718f], 
PUP.Optional.FakeFFProfile, C:\Users\Marcel Ruckober\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\key3.db, In Quarantäne, [fb57994081180d29858cc6ad7e86718f], 
PUP.Optional.FakeFFProfile, C:\Users\Marcel Ruckober\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\lightning.sqlite, In Quarantäne, [fb57994081180d29858cc6ad7e86718f], 
PUP.Optional.FakeFFProfile, C:\Users\Marcel Ruckober\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\lightnings.sqlite, In Quarantäne, [fb57994081180d29858cc6ad7e86718f], 
PUP.Optional.FakeFFProfile, C:\Users\Marcel Ruckober\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\localstore.rdf, In Quarantäne, [fb57994081180d29858cc6ad7e86718f], 
PUP.Optional.FakeFFProfile, C:\Users\Marcel Ruckober\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\logins.json, In Quarantäne, [fb57994081180d29858cc6ad7e86718f], 
PUP.Optional.FakeFFProfile, C:\Users\Marcel Ruckober\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\marionette.log, In Quarantäne, [fb57994081180d29858cc6ad7e86718f], 
PUP.Optional.FakeFFProfile, C:\Users\Marcel Ruckober\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\mimeTypes.rdf, In Quarantäne, [fb57994081180d29858cc6ad7e86718f], 
PUP.Optional.FakeFFProfile, C:\Users\Marcel Ruckober\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\none, In Quarantäne, [fb57994081180d29858cc6ad7e86718f], 
PUP.Optional.FakeFFProfile, C:\Users\Marcel Ruckober\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\parent.lock, In Quarantäne, [fb57994081180d29858cc6ad7e86718f], 
PUP.Optional.FakeFFProfile, C:\Users\Marcel Ruckober\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\permissions.sqlite, In Quarantäne, [fb57994081180d29858cc6ad7e86718f], 
PUP.Optional.FakeFFProfile, C:\Users\Marcel Ruckober\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\pid.txt, In Quarantäne, [fb57994081180d29858cc6ad7e86718f], 
PUP.Optional.FakeFFProfile, C:\Users\Marcel Ruckober\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\places.sqlite, In Quarantäne, [fb57994081180d29858cc6ad7e86718f], 
PUP.Optional.FakeFFProfile, C:\Users\Marcel Ruckober\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\places.sqlite-shm, In Quarantäne, [fb57994081180d29858cc6ad7e86718f], 
PUP.Optional.FakeFFProfile, C:\Users\Marcel Ruckober\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\places.sqlite-wal, In Quarantäne, [fb57994081180d29858cc6ad7e86718f], 
PUP.Optional.FakeFFProfile, C:\Users\Marcel Ruckober\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\pluginreg.dat, In Quarantäne, [fb57994081180d29858cc6ad7e86718f], 
PUP.Optional.FakeFFProfile, C:\Users\Marcel Ruckober\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\revocations.txt, In Quarantäne, [fb57994081180d29858cc6ad7e86718f], 
PUP.Optional.FakeFFProfile, C:\Users\Marcel Ruckober\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\search-metadata.json, In Quarantäne, [fb57994081180d29858cc6ad7e86718f], 
PUP.Optional.FakeFFProfile, C:\Users\Marcel Ruckober\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\secmod.db, In Quarantäne, [fb57994081180d29858cc6ad7e86718f], 
PUP.Optional.FakeFFProfile, C:\Users\Marcel Ruckober\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\securityProtection.sqlite, In Quarantäne, [fb57994081180d29858cc6ad7e86718f], 
PUP.Optional.FakeFFProfile, C:\Users\Marcel Ruckober\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\sessionCheckpoints.json, In Quarantäne, [fb57994081180d29858cc6ad7e86718f], 
PUP.Optional.FakeFFProfile, C:\Users\Marcel Ruckober\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\sessionstore.bak, In Quarantäne, [fb57994081180d29858cc6ad7e86718f], 
PUP.Optional.FakeFFProfile, C:\Users\Marcel Ruckober\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\sessionstore.js, In Quarantäne, [fb57994081180d29858cc6ad7e86718f], 
PUP.Optional.FakeFFProfile, C:\Users\Marcel Ruckober\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\signons.sqlite, In Quarantäne, [fb57994081180d29858cc6ad7e86718f], 
PUP.Optional.FakeFFProfile, C:\Users\Marcel Ruckober\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\SiteSecurityServiceState.txt, In Quarantäne, [fb57994081180d29858cc6ad7e86718f], 
PUP.Optional.FakeFFProfile, C:\Users\Marcel Ruckober\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\subid.txt, In Quarantäne, [fb57994081180d29858cc6ad7e86718f], 
PUP.Optional.FakeFFProfile, C:\Users\Marcel Ruckober\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\Telemetry.FailedProfileLocks.txt, In Quarantäne, [fb57994081180d29858cc6ad7e86718f], 
PUP.Optional.FakeFFProfile, C:\Users\Marcel Ruckober\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\times.json, In Quarantäne, [fb57994081180d29858cc6ad7e86718f], 
PUP.Optional.FakeFFProfile, C:\Users\Marcel Ruckober\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\ucd.txt, In Quarantäne, [fb57994081180d29858cc6ad7e86718f], 
PUP.Optional.FakeFFProfile, C:\Users\Marcel Ruckober\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\uid.txt, In Quarantäne, [fb57994081180d29858cc6ad7e86718f], 
PUP.Optional.FakeFFProfile, C:\Users\Marcel Ruckober\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\urlclassifierkey3.txt, In Quarantäne, [fb57994081180d29858cc6ad7e86718f], 
PUP.Optional.FakeFFProfile, C:\Users\Marcel Ruckober\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\user.js, In Quarantäne, [fb57994081180d29858cc6ad7e86718f], 
PUP.Optional.FakeFFProfile, C:\Users\Marcel Ruckober\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\webappsstore.sqlite, In Quarantäne, [fb57994081180d29858cc6ad7e86718f], 
PUP.Optional.FakeFFProfile, C:\Users\Marcel Ruckober\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\webappsstore.sqlite-shm, In Quarantäne, [fb57994081180d29858cc6ad7e86718f], 
PUP.Optional.FakeFFProfile, C:\Users\Marcel Ruckober\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\webappsstore.sqlite-wal, In Quarantäne, [fb57994081180d29858cc6ad7e86718f], 
PUP.Optional.FakeFFProfile, C:\Users\Marcel Ruckober\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\websearches.sqlite, In Quarantäne, [fb57994081180d29858cc6ad7e86718f], 
PUP.Optional.FakeFFProfile, C:\Users\Marcel Ruckober\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\xulstore.json, In Quarantäne, [fb57994081180d29858cc6ad7e86718f], 
PUP.Optional.FakeFFProfile, C:\Users\Marcel Ruckober\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\features\{f1f1aaae-db87-40a0-a468-3f73165f5831}\loop@mozilla.org.xpi, In Quarantäne, [fb57994081180d29858cc6ad7e86718f], 
PUP.Optional.FakeFFProfile, C:\Users\Marcel Ruckober\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\minidumps\040107b3-a44a-4d9e-8c00-3829139f0740.dmp, In Quarantäne, [fb57994081180d29858cc6ad7e86718f], 
PUP.Optional.FakeFFProfile, C:\Users\Marcel Ruckober\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\minidumps\05d55e57-0cd9-4724-8d24-09122ffa4c4a.dmp, In Quarantäne, [fb57994081180d29858cc6ad7e86718f], 
PUP.Optional.FakeFFProfile, C:\Users\Marcel Ruckober\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\minidumps\0874c004-2689-4abb-8b03-637aa521614f.dmp, In Quarantäne, [fb57994081180d29858cc6ad7e86718f], 
PUP.Optional.FakeFFProfile, C:\Users\Marcel Ruckober\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\minidumps\0a58c52b-0e76-4d73-8ee3-cb5c78dd90de.dmp, In Quarantäne, [fb57994081180d29858cc6ad7e86718f], 
PUP.Optional.FakeFFProfile, C:\Users\Marcel Ruckober\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\minidumps\0bca8644-37ff-4e19-a4c8-bf041057201c.dmp, In Quarantäne, [fb57994081180d29858cc6ad7e86718f], 
PUP.Optional.FakeFFProfile, C:\Users\Marcel Ruckober\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\minidumps\0bf66636-600c-4098-b7fd-5e23769d2541.dmp, In Quarantäne, [fb57994081180d29858cc6ad7e86718f], 
PUP.Optional.FakeFFProfile, C:\Users\Marcel Ruckober\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\minidumps\0d1155fa-a99f-4467-b34b-4966fd26e5ea.dmp, In Quarantäne, [fb57994081180d29858cc6ad7e86718f], 
PUP.Optional.FakeFFProfile, C:\Users\Marcel Ruckober\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\minidumps\0d1155fa-a99f-4467-b34b-4966fd26e5ea.extra, In Quarantäne, [fb57994081180d29858cc6ad7e86718f], 
PUP.Optional.FakeFFProfile, C:\Users\Marcel Ruckober\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\minidumps\0eb8a9ae-e543-435f-9957-c05963955694.dmp, In Quarantäne, [fb57994081180d29858cc6ad7e86718f], 
PUP.Optional.FakeFFProfile, C:\Users\Marcel Ruckober\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\minidumps\0f09582c-8f31-4765-b963-4801564cb8ff.dmp, In Quarantäne, [fb57994081180d29858cc6ad7e86718f], 
PUP.Optional.FakeFFProfile, C:\Users\Marcel Ruckober\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\minidumps\12480d29-cc8e-40e8-b4b7-0b734c862e35.dmp, In Quarantäne, [fb57994081180d29858cc6ad7e86718f], 
PUP.Optional.FakeFFProfile, C:\Users\Marcel Ruckober\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\minidumps\194ca430-782d-4b54-b1b8-11ff0417a39d.dmp, In Quarantäne, [fb57994081180d29858cc6ad7e86718f], 
PUP.Optional.FakeFFProfile, C:\Users\Marcel Ruckober\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\minidumps\1ca57c6a-dbf8-4dbf-b478-36eae33c5b58.dmp, In Quarantäne, [fb57994081180d29858cc6ad7e86718f], 
PUP.Optional.FakeFFProfile, C:\Users\Marcel Ruckober\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\minidumps\1d27f519-efad-4682-bfed-529c40ed9ca5.dmp, In Quarantäne, [fb57994081180d29858cc6ad7e86718f], 
PUP.Optional.FakeFFProfile, C:\Users\Marcel Ruckober\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\minidumps\1d33eca3-61d7-4c44-8b97-638ace360839.dmp, In Quarantäne, [fb57994081180d29858cc6ad7e86718f], 
PUP.Optional.FakeFFProfile, C:\Users\Marcel Ruckober\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\minidumps\2038ab93-cc4f-48d2-a43d-ad08181187e3.dmp, In Quarantäne, [fb57994081180d29858cc6ad7e86718f], 
PUP.Optional.FakeFFProfile, C:\Users\Marcel Ruckober\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\minidumps\21d7b693-8b10-4471-919c-cf391f439eaa.dmp, In Quarantäne, [fb57994081180d29858cc6ad7e86718f], 
PUP.Optional.FakeFFProfile, C:\Users\Marcel Ruckober\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\minidumps\240a7361-08b8-4f6f-a2da-0c306b584bd2.dmp, In Quarantäne, [fb57994081180d29858cc6ad7e86718f], 
PUP.Optional.FakeFFProfile, C:\Users\Marcel Ruckober\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\minidumps\250f44b5-7886-404e-8d4f-335348355f8b.dmp, In Quarantäne, [fb57994081180d29858cc6ad7e86718f], 
PUP.Optional.FakeFFProfile, C:\Users\Marcel Ruckober\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\minidumps\250f44b5-7886-404e-8d4f-335348355f8b.extra, In Quarantäne, [fb57994081180d29858cc6ad7e86718f], 
PUP.Optional.FakeFFProfile, C:\Users\Marcel Ruckober\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\minidumps\266a863b-c540-4774-aa8a-ef410289a391.dmp, In Quarantäne, [fb57994081180d29858cc6ad7e86718f], 
PUP.Optional.FakeFFProfile, C:\Users\Marcel Ruckober\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\minidumps\27ece9eb-9572-431c-8695-4152643dbc15.dmp, In Quarantäne, [fb57994081180d29858cc6ad7e86718f], 
PUP.Optional.FakeFFProfile, C:\Users\Marcel Ruckober\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\minidumps\2dafa64a-5199-42fb-b85b-26f582110659.dmp, In Quarantäne, [fb57994081180d29858cc6ad7e86718f], 
PUP.Optional.FakeFFProfile, C:\Users\Marcel Ruckober\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\minidumps\32909fdc-4ce2-4f3b-937d-27c9e97d1ab9.dmp, In Quarantäne, [fb57994081180d29858cc6ad7e86718f], 
PUP.Optional.FakeFFProfile, C:\Users\Marcel Ruckober\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\minidumps\36828516-5fe7-4c14-9eb3-124c727b8f0e.dmp, In Quarantäne, [fb57994081180d29858cc6ad7e86718f], 
PUP.Optional.FakeFFProfile, C:\Users\Marcel Ruckober\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\minidumps\38d9c682-5803-449e-9f5e-f39bd1e58b39.dmp, In Quarantäne, [fb57994081180d29858cc6ad7e86718f], 
PUP.Optional.FakeFFProfile, C:\Users\Marcel Ruckober\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\minidumps\39c6096b-bfa0-4113-b0b0-86facebf87cc.dmp, In Quarantäne, [fb57994081180d29858cc6ad7e86718f], 
PUP.Optional.FakeFFProfile, C:\Users\Marcel Ruckober\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\minidumps\3b5cb1bb-a253-4b57-9122-31dcd9a12fab.dmp, In Quarantäne, [fb57994081180d29858cc6ad7e86718f], 
PUP.Optional.FakeFFProfile, C:\Users\Marcel Ruckober\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\minidumps\3be89742-cf1f-43ed-aac8-70b796e74338.dmp, In Quarantäne, [fb57994081180d29858cc6ad7e86718f], 
PUP.Optional.FakeFFProfile, C:\Users\Marcel Ruckober\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\minidumps\4191e5b9-b8dd-4765-9c39-ae26d13c78fe.dmp, In Quarantäne, [fb57994081180d29858cc6ad7e86718f], 
PUP.Optional.FakeFFProfile, C:\Users\Marcel Ruckober\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\minidumps\4191e5b9-b8dd-4765-9c39-ae26d13c78fe.extra, In Quarantäne, [fb57994081180d29858cc6ad7e86718f], 
PUP.Optional.FakeFFProfile, C:\Users\Marcel Ruckober\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\minidumps\43413f65-00d9-4027-8abc-2d653f4645be.dmp, In Quarantäne, [fb57994081180d29858cc6ad7e86718f], 
PUP.Optional.FakeFFProfile, C:\Users\Marcel Ruckober\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\minidumps\434cdbd1-1f38-4657-b342-a47ead1c2de4.dmp, In Quarantäne, [fb57994081180d29858cc6ad7e86718f], 
PUP.Optional.FakeFFProfile, C:\Users\Marcel Ruckober\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\minidumps\4aa0147a-d2cc-4974-95b9-89390d7f2b44.dmp, In Quarantäne, [fb57994081180d29858cc6ad7e86718f], 
PUP.Optional.FakeFFProfile, C:\Users\Marcel Ruckober\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\minidumps\4aa0147a-d2cc-4974-95b9-89390d7f2b44.extra, In Quarantäne, [fb57994081180d29858cc6ad7e86718f], 
PUP.Optional.FakeFFProfile, C:\Users\Marcel Ruckober\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\minidumps\4b106c77-9468-4428-bd09-8817e9e0ab47.dmp, In Quarantäne, [fb57994081180d29858cc6ad7e86718f], 
PUP.Optional.FakeFFProfile, C:\Users\Marcel Ruckober\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\minidumps\4e844ea6-4f92-492c-b14c-145f55464a62.dmp, In Quarantäne, [fb57994081180d29858cc6ad7e86718f], 
PUP.Optional.FakeFFProfile, C:\Users\Marcel Ruckober\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\minidumps\50024170-2268-4601-b92b-35a51d5d44c5.dmp, In Quarantäne, [fb57994081180d29858cc6ad7e86718f], 
PUP.Optional.FakeFFProfile, C:\Users\Marcel Ruckober\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\minidumps\50024170-2268-4601-b92b-35a51d5d44c5.extra, In Quarantäne, [fb57994081180d29858cc6ad7e86718f], 
PUP.Optional.FakeFFProfile, C:\Users\Marcel Ruckober\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\minidumps\5712baae-a764-4fab-aa25-062f6012422d.dmp, In Quarantäne, [fb57994081180d29858cc6ad7e86718f], 
PUP.Optional.FakeFFProfile, C:\Users\Marcel Ruckober\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\minidumps\57e3b9e8-e7f5-4d3a-973f-b2de83c2fb2e.dmp, In Quarantäne, [fb57994081180d29858cc6ad7e86718f], 
PUP.Optional.FakeFFProfile, C:\Users\Marcel Ruckober\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\minidumps\58c0c63a-57c6-42ab-8d6b-dfc7c110e137.dmp, In Quarantäne, [fb57994081180d29858cc6ad7e86718f], 
PUP.Optional.FakeFFProfile, C:\Users\Marcel Ruckober\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\minidumps\592e9fda-f2bc-40eb-9ac8-8c1040118493.dmp, In Quarantäne, [fb57994081180d29858cc6ad7e86718f], 
PUP.Optional.FakeFFProfile, C:\Users\Marcel Ruckober\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\minidumps\59d433c7-c58b-4446-b64d-bc999f5204ad.dmp, In Quarantäne, [fb57994081180d29858cc6ad7e86718f], 
PUP.Optional.FakeFFProfile, C:\Users\Marcel Ruckober\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\minidumps\5a862a1d-30b4-4987-bcbd-47cf457d416e.dmp, In Quarantäne, [fb57994081180d29858cc6ad7e86718f], 
PUP.Optional.FakeFFProfile, C:\Users\Marcel Ruckober\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\minidumps\5a862a1d-30b4-4987-bcbd-47cf457d416e.extra, In Quarantäne, [fb57994081180d29858cc6ad7e86718f], 
PUP.Optional.FakeFFProfile, C:\Users\Marcel Ruckober\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\minidumps\5da1fec0-fa50-441a-a729-4d71f965d7bf.dmp, In Quarantäne, [fb57994081180d29858cc6ad7e86718f], 
PUP.Optional.FakeFFProfile, C:\Users\Marcel Ruckober\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\minidumps\622ab327-96ca-43b3-bf55-95038240d724.dmp, In Quarantäne, [fb57994081180d29858cc6ad7e86718f], 
PUP.Optional.FakeFFProfile, C:\Users\Marcel Ruckober\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\minidumps\646383c8-6dae-4e28-9438-50bc71fbca8f.dmp, In Quarantäne, [fb57994081180d29858cc6ad7e86718f], 
PUP.Optional.FakeFFProfile, C:\Users\Marcel Ruckober\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\minidumps\65c9e5fe-afe0-4e46-b987-5baa59d7ef4a.dmp, In Quarantäne, [fb57994081180d29858cc6ad7e86718f], 
PUP.Optional.FakeFFProfile, C:\Users\Marcel Ruckober\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\minidumps\65e7f49b-83e5-4d75-b7d4-faa30bcca7e2.dmp, In Quarantäne, [fb57994081180d29858cc6ad7e86718f], 
PUP.Optional.FakeFFProfile, C:\Users\Marcel Ruckober\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\minidumps\693c2a0c-75aa-44a7-b102-0ecabecc5dd4.dmp, In Quarantäne, [fb57994081180d29858cc6ad7e86718f], 
PUP.Optional.FakeFFProfile, C:\Users\Marcel Ruckober\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\minidumps\6c5748bc-cf19-4e94-8d8f-909ed6cbefb5.dmp, In Quarantäne, [fb57994081180d29858cc6ad7e86718f], 
PUP.Optional.FakeFFProfile, C:\Users\Marcel Ruckober\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\minidumps\6d96a56d-b70f-4fe7-8195-3f7b7ff1fed1.dmp, In Quarantäne, [fb57994081180d29858cc6ad7e86718f], 
PUP.Optional.FakeFFProfile, C:\Users\Marcel Ruckober\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\minidumps\6e2659a3-a60f-4770-a192-4f4ca9da94ce.dmp, In Quarantäne, [fb57994081180d29858cc6ad7e86718f], 
PUP.Optional.FakeFFProfile, C:\Users\Marcel Ruckober\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\minidumps\163c4990-c0dc-46db-9e64-4f8a8ddaedd1.dmp, In Quarantäne, [fb57994081180d29858cc6ad7e86718f], 
PUP.Optional.FakeFFProfile, C:\Users\Marcel Ruckober\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\minidumps\2d8f8243-67ad-404f-b5ae-e5894025a615.dmp, In Quarantäne, [fb57994081180d29858cc6ad7e86718f], 
PUP.Optional.FakeFFProfile, C:\Users\Marcel Ruckober\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\minidumps\497dc994-4e8f-472e-84eb-67bdd94f1be1.dmp, In Quarantäne, [fb57994081180d29858cc6ad7e86718f], 
PUP.Optional.FakeFFProfile, C:\Users\Marcel Ruckober\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\minidumps\5a736138-a319-420a-ac12-c1b12f1cde45.dmp, In Quarantäne, [fb57994081180d29858cc6ad7e86718f], 
PUP.Optional.FakeFFProfile, C:\Users\Marcel Ruckober\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\minidumps\6e2659a3-a60f-4770-a192-4f4ca9da94ce.extra, In Quarantäne, [fb57994081180d29858cc6ad7e86718f], 
PUP.Optional.FakeFFProfile, C:\Users\Marcel Ruckober\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\minidumps\7aed9b8f-7543-43a6-8f3a-7a6aba42815a.dmp, In Quarantäne, [fb57994081180d29858cc6ad7e86718f], 
PUP.Optional.FakeFFProfile, C:\Users\Marcel Ruckober\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\minidumps\93982800-9e73-4366-bf44-73012f12ef55.dmp, In Quarantäne, [fb57994081180d29858cc6ad7e86718f], 
PUP.Optional.FakeFFProfile, C:\Users\Marcel Ruckober\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\minidumps\ad4a86d7-c47d-4cc7-b9d2-05ff549e0382.dmp, In Quarantäne, [fb57994081180d29858cc6ad7e86718f], 
PUP.Optional.FakeFFProfile, C:\Users\Marcel Ruckober\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\minidumps\c5ff1734-40fa-402f-b20d-8ff9c43c5382.dmp, In Quarantäne, [fb57994081180d29858cc6ad7e86718f], 
PUP.Optional.FakeFFProfile, C:\Users\Marcel Ruckober\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\minidumps\6f53fea2-0c2b-4f83-983e-c593f9769207.dmp, In Quarantäne, [fb57994081180d29858cc6ad7e86718f], 
PUP.Optional.FakeFFProfile, C:\Users\Marcel Ruckober\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\minidumps\707b9ad5-9bbd-4260-9df1-6495799acf0d.dmp, In Quarantäne, [fb57994081180d29858cc6ad7e86718f], 
PUP.Optional.FakeFFProfile, C:\Users\Marcel Ruckober\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\minidumps\71d2d22f-fc86-4197-97b8-a372f88e8908.dmp, In Quarantäne, [fb57994081180d29858cc6ad7e86718f], 
PUP.Optional.FakeFFProfile, C:\Users\Marcel Ruckober\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\minidumps\71d2d22f-fc86-4197-97b8-a372f88e8908.extra, In Quarantäne, [fb57994081180d29858cc6ad7e86718f], 
PUP.Optional.FakeFFProfile, C:\Users\Marcel Ruckober\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\minidumps\7298636b-dbb1-45a8-9d3d-d51994de0168.dmp, In Quarantäne, [fb57994081180d29858cc6ad7e86718f], 
PUP.Optional.FakeFFProfile, C:\Users\Marcel Ruckober\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\minidumps\72ebfd79-7db2-428d-b1b1-d5051e223fca.dmp, In Quarantäne, [fb57994081180d29858cc6ad7e86718f], 
PUP.Optional.FakeFFProfile, C:\Users\Marcel Ruckober\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\minidumps\73153e43-e613-4635-a962-12d2278ebb16.dmp, In Quarantäne, [fb57994081180d29858cc6ad7e86718f], 
PUP.Optional.FakeFFProfile, C:\Users\Marcel Ruckober\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\minidumps\737b555e-e471-44d7-a3d9-2828f1c974c2.dmp, In Quarantäne, [fb57994081180d29858cc6ad7e86718f], 
PUP.Optional.FakeFFProfile, C:\Users\Marcel Ruckober\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\minidumps\77f7bcea-daed-4088-ba94-74c47e12eaf1.dmp, In Quarantäne, [fb57994081180d29858cc6ad7e86718f], 
PUP.Optional.FakeFFProfile, C:\Users\Marcel Ruckober\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\minidumps\79409eff-149e-4878-ab94-f6d2e32b1a1d.dmp, In Quarantäne, [fb57994081180d29858cc6ad7e86718f], 
PUP.Optional.FakeFFProfile, C:\Users\Marcel Ruckober\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\minidumps\7ae8af51-54a5-48f7-9d49-a794f9e8e7e4.dmp, In Quarantäne, [fb57994081180d29858cc6ad7e86718f], 
PUP.Optional.FakeFFProfile, C:\Users\Marcel Ruckober\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\minidumps\7d0ddd7b-c8f1-4026-8994-f31bb4d4f699.dmp, In Quarantäne, [fb57994081180d29858cc6ad7e86718f], 
PUP.Optional.FakeFFProfile, C:\Users\Marcel Ruckober\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\minidumps\7ee7377d-f44d-4d65-bbf7-ced88f0fdc63.dmp, In Quarantäne, [fb57994081180d29858cc6ad7e86718f], 
PUP.Optional.FakeFFProfile, C:\Users\Marcel Ruckober\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\minidumps\808b8fea-19b7-4c6d-8bd8-6fb050a484e6.dmp, In Quarantäne, [fb57994081180d29858cc6ad7e86718f], 
PUP.Optional.FakeFFProfile, C:\Users\Marcel Ruckober\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\minidumps\82540797-a38d-4b67-a15b-3533eaf8d9ed.dmp, In Quarantäne, [fb57994081180d29858cc6ad7e86718f], 
PUP.Optional.FakeFFProfile, C:\Users\Marcel Ruckober\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\minidumps\880cbe91-cba2-4306-9e45-a67ca41c1b34.dmp, In Quarantäne, [fb57994081180d29858cc6ad7e86718f], 
PUP.Optional.FakeFFProfile, C:\Users\Marcel Ruckober\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\minidumps\88b852b9-5832-4125-8dab-b76e9b5b6c3e.dmp, In Quarantäne, [fb57994081180d29858cc6ad7e86718f], 
PUP.Optional.FakeFFProfile, C:\Users\Marcel Ruckober\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\minidumps\88c53c6b-dfc4-440f-8071-4c91d956076d.dmp, In Quarantäne, [fb57994081180d29858cc6ad7e86718f], 
PUP.Optional.FakeFFProfile, C:\Users\Marcel Ruckober\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\minidumps\8989be23-9f6a-4a66-a676-445c14690777.dmp, In Quarantäne, [fb57994081180d29858cc6ad7e86718f], 
PUP.Optional.FakeFFProfile, C:\Users\Marcel Ruckober\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\minidumps\8fe62877-d910-4e45-8c67-256132aeccf2.dmp, In Quarantäne, [fb57994081180d29858cc6ad7e86718f], 
PUP.Optional.FakeFFProfile, C:\Users\Marcel Ruckober\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\minidumps\92e592d2-6492-46cd-bb41-8cbef73f9aa1.dmp, In Quarantäne, [fb57994081180d29858cc6ad7e86718f], 
PUP.Optional.FakeFFProfile, C:\Users\Marcel Ruckober\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\minidumps\932d3bb3-ef0e-415b-91b7-a4f5e67e2869.dmp, In Quarantäne, [fb57994081180d29858cc6ad7e86718f], 
PUP.Optional.FakeFFProfile, C:\Users\Marcel Ruckober\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\minidumps\95f7b2b1-efb5-4fb0-81bd-bca525c78627.dmp, In Quarantäne, [fb57994081180d29858cc6ad7e86718f], 
PUP.Optional.FakeFFProfile, C:\Users\Marcel Ruckober\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\minidumps\985fcc41-f6cb-47e6-b416-98798c1c5958.dmp, In Quarantäne, [fb57994081180d29858cc6ad7e86718f], 
PUP.Optional.FakeFFProfile, C:\Users\Marcel Ruckober\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\minidumps\9a81fd9d-df7a-4de5-b548-b0a5b95f33a6.dmp, In Quarantäne, [fb57994081180d29858cc6ad7e86718f], 
PUP.Optional.FakeFFProfile, C:\Users\Marcel Ruckober\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\minidumps\9fe29324-0c85-46c6-8bcf-8b34fc1ebaf3.dmp, In Quarantäne, [fb57994081180d29858cc6ad7e86718f], 
PUP.Optional.FakeFFProfile, C:\Users\Marcel Ruckober\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\minidumps\a074a7a7-6098-477a-99bb-f3c1c6006b5a.dmp, In Quarantäne, [fb57994081180d29858cc6ad7e86718f], 
PUP.Optional.FakeFFProfile, C:\Users\Marcel Ruckober\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\minidumps\a60788d4-46ec-49ef-b27f-ed489e6a08ef.dmp, In Quarantäne, [fb57994081180d29858cc6ad7e86718f], 
PUP.Optional.FakeFFProfile, C:\Users\Marcel Ruckober\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\minidumps\a6564b78-1657-41d3-a853-32b9e4f39af6.dmp, In Quarantäne, [fb57994081180d29858cc6ad7e86718f], 
PUP.Optional.FakeFFProfile, C:\Users\Marcel Ruckober\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\minidumps\a6c113a9-8a9f-4066-9d68-7c2c35cb2dc7.dmp, In Quarantäne, [fb57994081180d29858cc6ad7e86718f], 
PUP.Optional.FakeFFProfile, C:\Users\Marcel Ruckober\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\minidumps\a73c1b19-a609-4f8a-add5-9f9e53afb4a5.dmp, In Quarantäne, [fb57994081180d29858cc6ad7e86718f], 
PUP.Optional.FakeFFProfile, C:\Users\Marcel Ruckober\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\minidumps\a8d0d587-da92-48ea-9141-5520b81a5051.dmp, In Quarantäne, [fb57994081180d29858cc6ad7e86718f], 
PUP.Optional.FakeFFProfile, C:\Users\Marcel Ruckober\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\minidumps\a987e10d-c46d-46d0-bb50-3444ce119947.dmp, In Quarantäne, [fb57994081180d29858cc6ad7e86718f], 
PUP.Optional.FakeFFProfile, C:\Users\Marcel Ruckober\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\minidumps\add6d980-01ad-4eb5-a4fe-7be00df94aea.dmp, In Quarantäne, [fb57994081180d29858cc6ad7e86718f], 
PUP.Optional.FakeFFProfile, C:\Users\Marcel Ruckober\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\minidumps\b3fbca4d-d333-44a8-81a7-2bd88b14a335.dmp, In Quarantäne, [fb57994081180d29858cc6ad7e86718f], 
PUP.Optional.FakeFFProfile, C:\Users\Marcel Ruckober\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\minidumps\b4cef02e-ebf4-4d46-b060-f08c8dad3d2b.dmp, In Quarantäne, [fb57994081180d29858cc6ad7e86718f], 
PUP.Optional.FakeFFProfile, C:\Users\Marcel Ruckober\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\minidumps\b8639371-f272-4e24-81c9-0032b26c21f2.dmp, In Quarantäne, [fb57994081180d29858cc6ad7e86718f], 
PUP.Optional.FakeFFProfile, C:\Users\Marcel Ruckober\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\minidumps\b8a5dc8f-0aa4-4635-bcb2-a7c75e3564e6.dmp, In Quarantäne, [fb57994081180d29858cc6ad7e86718f], 
PUP.Optional.FakeFFProfile, C:\Users\Marcel Ruckober\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\minidumps\bd15ce9c-dd53-479d-9f31-f0b90a01adc3.dmp, In Quarantäne, [fb57994081180d29858cc6ad7e86718f], 
PUP.Optional.FakeFFProfile, C:\Users\Marcel Ruckober\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\minidumps\bd15ce9c-dd53-479d-9f31-f0b90a01adc3.extra, In Quarantäne, [fb57994081180d29858cc6ad7e86718f], 
PUP.Optional.FakeFFProfile, C:\Users\Marcel Ruckober\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\minidumps\c34213a6-fa2d-47c6-8fc1-09d1c6914db1.dmp, In Quarantäne, [fb57994081180d29858cc6ad7e86718f], 
PUP.Optional.FakeFFProfile, C:\Users\Marcel Ruckober\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\minidumps\c3864d77-563f-4381-90e2-68510a56cef0.dmp, In Quarantäne, [fb57994081180d29858cc6ad7e86718f], 
PUP.Optional.FakeFFProfile, C:\Users\Marcel Ruckober\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\minidumps\c3864d77-563f-4381-90e2-68510a56cef0.extra, In Quarantäne, [fb57994081180d29858cc6ad7e86718f], 
PUP.Optional.FakeFFProfile, C:\Users\Marcel Ruckober\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\minidumps\c56ef43f-9509-443a-a213-f4a910de99db.dmp, In Quarantäne, [fb57994081180d29858cc6ad7e86718f], 
PUP.Optional.FakeFFProfile, C:\Users\Marcel Ruckober\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\minidumps\c76c2958-a393-4de0-ba05-ee880dbad3a5.dmp, In Quarantäne, [fb57994081180d29858cc6ad7e86718f], 
PUP.Optional.FakeFFProfile, C:\Users\Marcel Ruckober\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\minidumps\cba728f1-2d00-439e-bc83-34a5ae8f540f.dmp, In Quarantäne, [fb57994081180d29858cc6ad7e86718f], 
PUP.Optional.FakeFFProfile, C:\Users\Marcel Ruckober\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\minidumps\cc836689-e64f-4667-a281-c6d512349b94.dmp, In Quarantäne, [fb57994081180d29858cc6ad7e86718f], 
PUP.Optional.FakeFFProfile, C:\Users\Marcel Ruckober\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\minidumps\cd86418e-bc4e-4532-a4b5-9ad12b1e1310.dmp, In Quarantäne, [fb57994081180d29858cc6ad7e86718f], 
PUP.Optional.FakeFFProfile, C:\Users\Marcel Ruckober\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\minidumps\d36ec1d1-9cc5-4737-a915-14ab64a95066.dmp, In Quarantäne, [fb57994081180d29858cc6ad7e86718f], 
PUP.Optional.FakeFFProfile, C:\Users\Marcel Ruckober\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\minidumps\d66f802f-d0ff-49f0-84d4-76a4fa4cf57c.dmp, In Quarantäne, [fb57994081180d29858cc6ad7e86718f], 
PUP.Optional.FakeFFProfile, C:\Users\Marcel Ruckober\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\minidumps\db19f981-b225-41ec-a753-1f1a7f4dcad4.dmp, In Quarantäne, [fb57994081180d29858cc6ad7e86718f], 
PUP.Optional.FakeFFProfile, C:\Users\Marcel Ruckober\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\minidumps\de40ce93-9ace-49b4-a293-91893f0e4872.dmp, In Quarantäne, [fb57994081180d29858cc6ad7e86718f], 
PUP.Optional.FakeFFProfile, C:\Users\Marcel Ruckober\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\minidumps\dea04b95-5f9f-4823-958e-fc278dfb7e98.dmp, In Quarantäne, [fb57994081180d29858cc6ad7e86718f], 
PUP.Optional.FakeFFProfile, C:\Users\Marcel Ruckober\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\minidumps\e3d31935-8005-4038-aa58-4cae96cb5eda.dmp, In Quarantäne, [fb57994081180d29858cc6ad7e86718f], 
PUP.Optional.FakeFFProfile, C:\Users\Marcel Ruckober\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\minidumps\e4a3973d-9acd-4976-803d-4ad1813572a8.dmp, In Quarantäne, [fb57994081180d29858cc6ad7e86718f], 
PUP.Optional.FakeFFProfile, C:\Users\Marcel Ruckober\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\minidumps\e4dbc92b-8485-4e06-8f6b-04956f6955b2.dmp, In Quarantäne, [fb57994081180d29858cc6ad7e86718f], 
PUP.Optional.FakeFFProfile, C:\Users\Marcel Ruckober\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\minidumps\e576eac3-5541-4eda-9602-5d38165ceaa3.dmp, In Quarantäne, [fb57994081180d29858cc6ad7e86718f], 
PUP.Optional.FakeFFProfile, C:\Users\Marcel Ruckober\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\minidumps\e6a15e30-bbed-49b5-bdaa-f0ebea6931ca.dmp, In Quarantäne, [fb57994081180d29858cc6ad7e86718f], 
PUP.Optional.FakeFFProfile, C:\Users\Marcel Ruckober\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\minidumps\eb25ee9f-1a08-4513-9d1b-ab7d114637b2.dmp, In Quarantäne, [fb57994081180d29858cc6ad7e86718f], 
PUP.Optional.FakeFFProfile, C:\Users\Marcel Ruckober\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\minidumps\f0440a14-7cd8-485d-8781-78024edcbccc.dmp, In Quarantäne, [fb57994081180d29858cc6ad7e86718f], 
PUP.Optional.FakeFFProfile, C:\Users\Marcel Ruckober\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\minidumps\f0dd9052-1c54-45c6-a315-eb1ef4b4fecf.dmp, In Quarantäne, [fb57994081180d29858cc6ad7e86718f], 
PUP.Optional.FakeFFProfile, C:\Users\Marcel Ruckober\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\minidumps\f8e1d5ef-4701-4cf0-af76-7a0b58369509.dmp, In Quarantäne, [fb57994081180d29858cc6ad7e86718f], 
PUP.Optional.FakeFFProfile, C:\Users\Marcel Ruckober\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\minidumps\f952faab-17b5-4505-a11e-c82096dfa1d8.dmp, In Quarantäne, [fb57994081180d29858cc6ad7e86718f], 
PUP.Optional.FakeFFProfile, C:\Users\Marcel Ruckober\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\minidumps\fb5dcefe-c7f0-4c1a-b229-6de5c5beb0bd.dmp, In Quarantäne, [fb57994081180d29858cc6ad7e86718f], 
PUP.Optional.FakeFFProfile, C:\Users\Marcel Ruckober\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\minidumps\fb880942-9b8d-4875-ad22-ad14937d8eae.dmp, In Quarantäne, [fb57994081180d29858cc6ad7e86718f], 
PUP.Optional.FakeFFProfile, C:\Users\Marcel Ruckober\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\bookmarkbackups\bookmarks-2014-11-11_15_AHcDVqTjrqcTvNtK8sqUnA==.jsonlz4, In Quarantäne, [fb57994081180d29858cc6ad7e86718f], 
PUP.Optional.FakeFFProfile, C:\Users\Marcel Ruckober\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\bookmarkbackups\bookmarks-2014-12-25_12_ypzE-pRI7Y50grsmnPRv0g==.jsonlz4, In Quarantäne, [fb57994081180d29858cc6ad7e86718f], 
PUP.Optional.FakeFFProfile, C:\Users\Marcel Ruckober\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\bookmarkbackups\bookmarks-2015-01-05_13_UX1bbSfiQ982Becpsw51UA==.jsonlz4, In Quarantäne, [fb57994081180d29858cc6ad7e86718f], 
PUP.Optional.FakeFFProfile, C:\Users\Marcel Ruckober\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\bookmarkbackups\bookmarks-2015-01-07_14_Oxe352y4KI77Q-xlaJmxkQ==.jsonlz4, In Quarantäne, [fb57994081180d29858cc6ad7e86718f], 
PUP.Optional.FakeFFProfile, C:\Users\Marcel Ruckober\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\bookmarkbackups\bookmarks-2015-01-14_14_fIzEzCNV5vDNlVvYCZ+8JQ==.jsonlz4, In Quarantäne, [fb57994081180d29858cc6ad7e86718f], 
PUP.Optional.FakeFFProfile, C:\Users\Marcel Ruckober\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\bookmarkbackups\bookmarks-2015-02-11_14_xRdUZIDZfshX2rcZGWV1Tw==.jsonlz4, In Quarantäne, [fb57994081180d29858cc6ad7e86718f], 
PUP.Optional.FakeFFProfile, C:\Users\Marcel Ruckober\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\bookmarkbackups\bookmarks-2015-02-14_15_+U4z2sD+3a+Vs9KaZhP2OQ==.jsonlz4, In Quarantäne, [fb57994081180d29858cc6ad7e86718f], 
PUP.Optional.FakeFFProfile, C:\Users\Marcel Ruckober\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\bookmarkbackups\bookmarks-2015-03-05_16_QrL4c8zFz12vnIdtRjTqTA==.jsonlz4, In Quarantäne, [fb57994081180d29858cc6ad7e86718f], 
PUP.Optional.FakeFFProfile, C:\Users\Marcel Ruckober\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\bookmarkbackups\bookmarks-2015-04-10_16_9IN-lwg-KbWrktKzmdFODA==.jsonlz4, In Quarantäne, [fb57994081180d29858cc6ad7e86718f], 
PUP.Optional.FakeFFProfile, C:\Users\Marcel Ruckober\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\bookmarkbackups\bookmarks-2015-08-07_17_sgba3wPaa7TiI1Tyt6miqg==.jsonlz4, In Quarantäne, [fb57994081180d29858cc6ad7e86718f], 
PUP.Optional.FakeFFProfile, C:\Users\Marcel Ruckober\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\bookmarkbackups\bookmarks-2015-08-19_18_p4kssUrIf5wQwj5SoWQCtA==.jsonlz4, In Quarantäne, [fb57994081180d29858cc6ad7e86718f], 
PUP.Optional.FakeFFProfile, C:\Users\Marcel Ruckober\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\bookmarkbackups\bookmarks-2015-09-03_19_sFU+9HkuNzBzHo2-lBBBHA==.jsonlz4, In Quarantäne, [fb57994081180d29858cc6ad7e86718f], 
PUP.Optional.FakeFFProfile, C:\Users\Marcel Ruckober\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\bookmarkbackups\bookmarks-2015-09-25_19_6GPcIDJTXw3GIyuEeBiGRQ==.jsonlz4, In Quarantäne, [fb57994081180d29858cc6ad7e86718f], 
PUP.Optional.FakeFFProfile, C:\Users\Marcel Ruckober\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\bookmarkbackups\bookmarks-2016-02-23_20_aKk8+eTpVEdBcsCvNZAs1w==.jsonlz4, In Quarantäne, [fb57994081180d29858cc6ad7e86718f], 
PUP.Optional.FakeFFProfile, C:\Users\Marcel Ruckober\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\bookmarkbackups\bookmarks-2016-04-08_21_0heBy8f8ECTcWQBJlHGGmw==.jsonlz4, In Quarantäne, [fb57994081180d29858cc6ad7e86718f], 
PUP.Optional.FakeFFProfile, C:\Users\Marcel Ruckober\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\crashes\store.json.mozlz4, In Quarantäne, [fb57994081180d29858cc6ad7e86718f], 
PUP.Optional.FakeFFProfile, C:\Users\Marcel Ruckober\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\datareporting\aborted-session-ping, In Quarantäne, [fb57994081180d29858cc6ad7e86718f], 
PUP.Optional.FakeFFProfile, C:\Users\Marcel Ruckober\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\datareporting\session-state.json, In Quarantäne, [fb57994081180d29858cc6ad7e86718f], 
PUP.Optional.FakeFFProfile, C:\Users\Marcel Ruckober\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\datareporting\state.json, In Quarantäne, [fb57994081180d29858cc6ad7e86718f], 
PUP.Optional.FakeFFProfile, C:\Users\Marcel Ruckober\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\datareporting\archived\2015-11\1447619284478.b902dd52-d1c9-4ed9-a994-27179e2bc89a.main.jsonlz4, In Quarantäne, [fb57994081180d29858cc6ad7e86718f], 
PUP.Optional.FakeFFProfile, C:\Users\Marcel Ruckober\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\datareporting\archived\2015-11\1447169761284.e8e06402-e2d9-4976-8bf4-739121733e30.main.jsonlz4, In Quarantäne, [fb57994081180d29858cc6ad7e86718f], 
PUP.Optional.FakeFFProfile, C:\Users\Marcel Ruckober\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\datareporting\archived\2015-11\1447170866895.0eeadc30-bda3-40ac-b0fb-6c734ffc1fb2.main.jsonlz4, In Quarantäne, [fb57994081180d29858cc6ad7e86718f], 
PUP.Optional.FakeFFProfile, C:\Users\Marcel Ruckober\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\datareporting\archived\2015-11\1447177367895.dbf7e9a3-8a1d-4ab2-af9a-6e4e57de4b44.main.jsonlz4, In Quarantäne, [fb57994081180d29858cc6ad7e86718f], 
PUP.Optional.FakeFFProfile, C:\Users\Marcel Ruckober\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\datareporting\archived\2015-11\1447267973209.14b33372-3149-4e0b-8f25-8addc62bfc87.main.jsonlz4, In Quarantäne, [fb57994081180d29858cc6ad7e86718f], 
PUP.Optional.FakeFFProfile, C:\Users\Marcel Ruckober\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\datareporting\archived\2015-11\1447276998195.1cdba4c8-7e81-46a9-a24a-2e12bfca467e.main.jsonlz4, In Quarantäne, [fb57994081180d29858cc6ad7e86718f], 
PUP.Optional.FakeFFProfile, C:\Users\Marcel Ruckober\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\datareporting\archived\2015-11\1447345801826.eac541e6-dd18-48d3-b47b-c2aba4b44a8f.main.jsonlz4, In Quarantäne, [fb57994081180d29858cc6ad7e86718f], 
PUP.Optional.FakeFFProfile, C:\Users\Marcel Ruckober\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\datareporting\archived\2015-11\1447348947965.8a63f67c-ccbe-4a30-9d81-97a9462a93c7.main.jsonlz4, In Quarantäne, [fb57994081180d29858cc6ad7e86718f], 
PUP.Optional.FakeFFProfile, C:\Users\Marcel Ruckober\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\datareporting\archived\2015-11\1447455693976.b6bc5308-5193-41a9-b93d-34b3b24d8606.main.jsonlz4, In Quarantäne, [fb57994081180d29858cc6ad7e86718f], 
PUP.Optional.FakeFFProfile, C:\Users\Marcel Ruckober\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\datareporting\archived\2015-11\1447457210363.8d88ff8b-5f9d-47b8-a74e-07b2a3c3bd8b.main.jsonlz4, In Quarantäne, [fb57994081180d29858cc6ad7e86718f], 
PUP.Optional.FakeFFProfile, C:\Users\Marcel Ruckober\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\datareporting\archived\2015-11\1447875113110.487d3522-8acb-4b81-a000-69ef35cf1909.main.jsonlz4, In Quarantäne, [fb57994081180d29858cc6ad7e86718f], 
PUP.Optional.FakeFFProfile, C:\Users\Marcel Ruckober\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\datareporting\archived\2015-11\1447882312535.3c6ad54f-df23-49ba-b44a-f5c42645e0e3.main.jsonlz4, In Quarantäne, [fb57994081180d29858cc6ad7e86718f], 
PUP.Optional.FakeFFProfile, C:\Users\Marcel Ruckober\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\datareporting\archived\2015-11\1447961867124.645a540b-94ea-4688-9355-d30180c18645.main.jsonlz4, In Quarantäne, [fb57994081180d29858cc6ad7e86718f], 
PUP.Optional.FakeFFProfile, C:\Users\Marcel Ruckober\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\datareporting\archived\2015-11\1447967060301.75c38125-6b1e-483a-881d-df9c6ac7548a.main.jsonlz4, In Quarantäne, [fb57994081180d29858cc6ad7e86718f], 
PUP.Optional.FakeFFProfile, C:\Users\Marcel Ruckober\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\datareporting\archived\2015-11\1448313863707.53fa3779-5805-44c0-b3ef-44fa7be1bb5b.main.jsonlz4, In Quarantäne, [fb57994081180d29858cc6ad7e86718f], 
PUP.Optional.FakeFFProfile, C:\Users\Marcel Ruckober\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\datareporting\archived\2015-11\1448316404344.9b6bffb8-cbf2-449b-81e2-710d0611bc09.main.jsonlz4, In Quarantäne, [fb57994081180d29858cc6ad7e86718f], 
PUP.Optional.FakeFFProfile, C:\Users\Marcel Ruckober\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\datareporting\archived\2015-11\1448479589884.7fd81342-2917-4a35-ae4d-a686edbb4065.main.jsonlz4, In Quarantäne, [fb57994081180d29858cc6ad7e86718f], 
PUP.Optional.FakeFFProfile, C:\Users\Marcel Ruckober\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\datareporting\archived\2015-11\1448665035025.d8da9565-aa51-4f87-a178-994596045ab5.main.jsonlz4, In Quarantäne, [fb57994081180d29858cc6ad7e86718f], 
PUP.Optional.FakeFFProfile, C:\Users\Marcel Ruckober\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\datareporting\archived\2015-11\1448818083767.e64fc300-b39f-4fbf-b9d7-44a64033d228.main.jsonlz4, In Quarantäne, [fb57994081180d29858cc6ad7e86718f], 
PUP.Optional.FakeFFProfile, C:\Users\Marcel Ruckober\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\datareporting\archived\2015-11\1448918267951.ed592b94-c8f5-43ac-a999-2ed364a20e6b.main.jsonlz4, In Quarantäne, [fb57994081180d29858cc6ad7e86718f], 
PUP.Optional.FakeFFProfile, C:\Users\Marcel Ruckober\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\datareporting\archived\2015-12\1448993765286.49159c5e-aab1-42ef-9c03-d9d65b527987.main.jsonlz4, In Quarantäne, [fb57994081180d29858cc6ad7e86718f], 
PUP.Optional.FakeFFProfile, C:\Users\Marcel Ruckober\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\datareporting\archived\2015-12\1449000168628.53b03ef1-fdcc-47b5-8ae8-b020bf95f41e.main.jsonlz4, In Quarantäne, [fb57994081180d29858cc6ad7e86718f], 
PUP.Optional.FakeFFProfile, C:\Users\Marcel Ruckober\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\datareporting\archived\2015-12\1449074922044.4f99b6fd-015e-49e9-9949-9f2f0ef183e8.main.jsonlz4, In Quarantäne, [fb57994081180d29858cc6ad7e86718f], 
PUP.Optional.FakeFFProfile, C:\Users\Marcel Ruckober\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\datareporting\archived\2015-12\1449082418966.3c089b6a-b887-4f4e-a778-a95000e66a62.main.jsonlz4, In Quarantäne, [fb57994081180d29858cc6ad7e86718f], 
PUP.Optional.FakeFFProfile, C:\Users\Marcel Ruckober\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\datareporting\archived\2015-12\1449143661035.ecab3eef-467e-4a8c-a0e5-fce94d12a273.main.jsonlz4, In Quarantäne, [fb57994081180d29858cc6ad7e86718f], 
PUP.Optional.FakeFFProfile, C:\Users\Marcel Ruckober\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\datareporting\archived\2015-12\1449164671270.ff22fd66-9bba-4375-acb8-5101b39314b2.main.jsonlz4, In Quarantäne, [fb57994081180d29858cc6ad7e86718f], 
PUP.Optional.FakeFFProfile, C:\Users\Marcel Ruckober\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\datareporting\archived\2015-12\1449200484639.5f594804-cf80-414a-abed-378ffb886d0e.main.jsonlz4, In Quarantäne, [fb57994081180d29858cc6ad7e86718f], 
PUP.Optional.FakeFFProfile, C:\Users\Marcel Ruckober\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\datareporting\archived\2015-12\1449230012741.3cdc9493-8319-4430-b21b-7cd038aff3ee.main.jsonlz4, In Quarantäne, [fb57994081180d29858cc6ad7e86718f], 
PUP.Optional.FakeFFProfile, C:\Users\Marcel Ruckober\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\datareporting\archived\2015-12\1449231493420.96277c51-3d94-4bf9-9fb1-830220f4a538.main.jsonlz4, In Quarantäne, [fb57994081180d29858cc6ad7e86718f], 
PUP.Optional.FakeFFProfile, C:\Users\Marcel Ruckober\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\datareporting\archived\2015-12\1449356581008.74dff823-cbbe-4eda-904f-3f2f1478c624.main.jsonlz4, In Quarantäne, [fb57994081180d29858cc6ad7e86718f], 
PUP.Optional.FakeFFProfile, C:\Users\Marcel Ruckober\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\datareporting\archived\2015-12\1449361063952.32af6259-51a4-4c8d-b83f-ffec91cda87a.main.jsonlz4, In Quarantäne, [fb57994081180d29858cc6ad7e86718f], 
PUP.Optional.FakeFFProfile, C:\Users\Marcel Ruckober\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\datareporting\archived\2015-12\1449613622597.d238414a-b8bd-409a-9419-cfccb00ecb74.main.jsonlz4, In Quarantäne, [fb57994081180d29858cc6ad7e86718f], 
PUP.Optional.FakeFFProfile, C:\Users\Marcel Ruckober\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\datareporting\archived\2015-12\1449696542939.2392f405-503c-4878-a901-6a2780ec456d.main.jsonlz4, In Quarantäne, [fb57994081180d29858cc6ad7e86718f], 
PUP.Optional.FakeFFProfile, C:\Users\Marcel Ruckober\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\datareporting\archived\2015-12\1449697445914.aa65781a-282a-4d5e-9b06-59f8a4f7dc00.main.jsonlz4, In Quarantäne, [fb57994081180d29858cc6ad7e86718f], 
PUP.Optional.FakeFFProfile, C:\Users\Marcel Ruckober\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\datareporting\archived\2015-12\1449782687184.3dc8d7d1-8141-46fd-9c95-dc84996eb993.main.jsonlz4, In Quarantäne, [fb57994081180d29858cc6ad7e86718f], 
PUP.Optional.FakeFFProfile, C:\Users\Marcel Ruckober\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\datareporting\archived\2015-12\1449859295529.05bd718a-7946-4451-ab66-a8cdd759ae1b.main.jsonlz4, In Quarantäne, [fb57994081180d29858cc6ad7e86718f], 
PUP.Optional.FakeFFProfile, C:\Users\Marcel Ruckober\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\datareporting\archived\2015-12\1449917466972.577a46ab-8ee4-4450-80bf-9e5026e68a11.main.jsonlz4, In Quarantäne, [fb57994081180d29858cc6ad7e86718f], 
PUP.Optional.FakeFFProfile, C:\Users\Marcel Ruckober\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\datareporting\archived\2015-12\1449939902296.7d278989-f0e4-4991-bba2-eb9be96bac26.crash.jsonlz4, In Quarantäne, [fb57994081180d29858cc6ad7e86718f], 
PUP.Optional.FakeFFProfile, C:\Users\Marcel Ruckober\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\datareporting\archived\2015-12\1449951276206.b55a93a6-e602-4983-8f95-3a91ba509011.main.jsonlz4, In Quarantäne, [fb57994081180d29858cc6ad7e86718f], 
PUP.Optional.FakeFFProfile, C:\Users\Marcel Ruckober\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\datareporting\archived\2015-12\1450040185499.986d85de-977d-415c-8e56-4e76e97e4427.main.jsonlz4, In Quarantäne, [fb57994081180d29858cc6ad7e86718f], 
PUP.Optional.FakeFFProfile, C:\Users\Marcel Ruckober\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\datareporting\archived\2015-12\1450298259673.ce3444ec-2b4f-45c8-b9ac-0b2237c354a5.main.jsonlz4, In Quarantäne, [fb57994081180d29858cc6ad7e86718f], 
PUP.Optional.FakeFFProfile, C:\Users\Marcel Ruckober\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\datareporting\archived\2015-12\1450449995805.fa477347-d25c-4964-b6cb-97d0c8dc5d1e.main.jsonlz4, In Quarantäne, [fb57994081180d29858cc6ad7e86718f], 
PUP.Optional.FakeFFProfile, C:\Users\Marcel Ruckober\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\datareporting\archived\2015-12\1450450015690.98794322-73a4-4f1c-8838-18eaba2bbfb9.main.jsonlz4, In Quarantäne, [fb57994081180d29858cc6ad7e86718f], 
PUP.Optional.FakeFFProfile, C:\Users\Marcel Ruckober\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\datareporting\archived\2015-12\1450450053458.2b039ffa-1cff-4d4d-8515-b3cd679ed015.main.jsonlz4, In Quarantäne, [fb57994081180d29858cc6ad7e86718f], 
PUP.Optional.FakeFFProfile, C:\Users\Marcel Ruckober\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\datareporting\archived\2015-12\1450450186331.44e0e6f4-b243-4fc8-a1df-dc5380d6de5f.main.jsonlz4, In Quarantäne, [fb57994081180d29858cc6ad7e86718f], 
PUP.Optional.FakeFFProfile, C:\Users\Marcel Ruckober\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\datareporting\archived\2015-12\1450452729517.642ae970-345c-4342-b3ed-108f44c52618.main.jsonlz4, In Quarantäne, [fb57994081180d29858cc6ad7e86718f], 
PUP.Optional.FakeFFProfile, C:\Users\Marcel Ruckober\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\datareporting\archived\2015-12\1450459545696.c5e16b4b-b2d6-4100-b5b6-24aa11d902d1.main.jsonlz4, In Quarantäne, [fb57994081180d29858cc6ad7e86718f], 
PUP.Optional.FakeFFProfile, C:\Users\Marcel Ruckober\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\datareporting\archived\2015-12\1450568758756.898170a9-c84c-475d-b6db-ae1aaac0c1ac.main.jsonlz4, In Quarantäne, [fb57994081180d29858cc6ad7e86718f], 
PUP.Optional.FakeFFProfile, C:\Users\Marcel Ruckober\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\datareporting\archived\2015-12\1450569942057.a00595c4-49ed-4e6d-95a0-636f890122a4.main.jsonlz4, In Quarantäne, [fb57994081180d29858cc6ad7e86718f], 
PUP.Optional.FakeFFProfile, C:\Users\Marcel Ruckober\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\datareporting\archived\2015-12\1450603654572.8926c3cb-13cd-4b53-93c1-1ff651b48283.main.jsonlz4, In Quarantäne, [fb57994081180d29858cc6ad7e86718f], 
PUP.Optional.FakeFFProfile, C:\Users\Marcel Ruckober\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\datareporting\archived\2015-12\1450609980442.7a029d82-b473-4f42-ad67-ac4d387aaadc.main.jsonlz4, In Quarantäne, [fb57994081180d29858cc6ad7e86718f], 
PUP.Optional.FakeFFProfile, C:\Users\Marcel Ruckober\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\datareporting\archived\2015-12\1450641278843.e7edda48-21a7-4acd-84cd-093d3d73920c.main.jsonlz4, In Quarantäne, [fb57994081180d29858cc6ad7e86718f], 
PUP.Optional.FakeFFProfile, C:\Users\Marcel Ruckober\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\datareporting\archived\2015-12\1450641809251.2f37f5ab-0f31-463d-8e12-1824be383ee5.main.jsonlz4, In Quarantäne, [fb57994081180d29858cc6ad7e86718f], 
PUP.Optional.FakeFFProfile, C:\Users\Marcel Ruckober\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\datareporting\archived\2015-12\1450641999912.6fc6825b-997e-4e2b-925d-733ea9c1bdd6.main.jsonlz4, In Quarantäne, [fb57994081180d29858cc6ad7e86718f], 
PUP.Optional.FakeFFProfile, C:\Users\Marcel Ruckober\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\datareporting\archived\2015-12\1450645535848.74305670-a8a4-4d8d-bdd5-a9c11741e19c.main.jsonlz4, In Quarantäne, [fb57994081180d29858cc6ad7e86718f], 
PUP.Optional.FakeFFProfile, C:\Users\Marcel Ruckober\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\datareporting\archived\2015-12\1450646734053.2987896a-5eb5-4143-aba2-5277b3819457.main.jsonlz4, In Quarantäne, [fb57994081180d29858cc6ad7e86718f], 
PUP.Optional.FakeFFProfile, C:\Users\Marcel Ruckober\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\datareporting\archived\2015-12\1449272760924.e0ce0f44-9fc7-4ade-ab06-2e3883a36409.main.jsonlz4, In Quarantäne, [fb57994081180d29858cc6ad7e86718f], 
PUP.Optional.FakeFFProfile, C:\Users\Marcel Ruckober\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\datareporting\archived\2015-12\1449944863757.2469d8ee-3ca9-4513-a77e-e2dd1211dea9.main.jsonlz4, In Quarantäne, [fb57994081180d29858cc6ad7e86718f], 
PUP.Optional.FakeFFProfile, C:\Users\Marcel Ruckober\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\datareporting\archived\2015-12\1450566174380.d44b311c-cf20-48f4-8bc2-774c6f568bc8.main.jsonlz4, In Quarantäne, [fb57994081180d29858cc6ad7e86718f], 
PUP.Optional.FakeFFProfile, C:\Users\Marcel Ruckober\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\datareporting\archived\2015-12\1450728399694.70a9520d-7bfe-4e5e-9532-ae955dda0808.main.jsonlz4, In Quarantäne, [fb57994081180d29858cc6ad7e86718f], 
PUP.Optional.FakeFFProfile, C:\Users\Marcel Ruckober\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\datareporting\archived\2015-12\1450813752004.da062bcf-05e2-49f3-a24d-bfa80ce31a70.main.jsonlz4, In Quarantäne, [fb57994081180d29858cc6ad7e86718f], 
PUP.Optional.FakeFFProfile, C:\Users\Marcel Ruckober\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\datareporting\archived\2015-12\1450818463699.d61a16d3-1469-4cae-92c9-2c54312a4937.main.jsonlz4, In Quarantäne, [fb57994081180d29858cc6ad7e86718f], 
PUP.Optional.FakeFFProfile, C:\Users\Marcel Ruckober\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\datareporting\archived\2015-12\1450825051433.8e5c12fb-d643-418f-b945-24d4c3430125.main.jsonlz4, In Quarantäne, [fb57994081180d29858cc6ad7e86718f], 
PUP.Optional.FakeFFProfile, C:\Users\Marcel Ruckober\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\datareporting\archived\2015-12\1450977137729.5ed338d8-7050-4148-841e-77a8fbcf4d75.main.jsonlz4, In Quarantäne, [fb57994081180d29858cc6ad7e86718f], 
PUP.Optional.FakeFFProfile, C:\Users\Marcel Ruckober\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\datareporting\archived\2015-12\1450978182599.8c426998-075f-476f-8468-d8f88892faba.main.jsonlz4, In Quarantäne, [fb57994081180d29858cc6ad7e86718f], 
PUP.Optional.FakeFFProfile, C:\Users\Marcel Ruckober\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\datareporting\archived\2015-12\1451125210459.bd41ac5d-5ddb-4aed-9dd3-4e243d00e18a.main.jsonlz4, In Quarantäne, [fb57994081180d29858cc6ad7e86718f], 
PUP.Optional.FakeFFProfile, C:\Users\Marcel Ruckober\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\datareporting\archived\2015-12\1451221318114.4025fa5f-3390-4add-9cb5-f984a5281659.main.jsonlz4, In Quarantäne, [fb57994081180d29858cc6ad7e86718f], 
PUP.Optional.FakeFFProfile, C:\Users\Marcel Ruckober\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\datareporting\archived\2015-12\1451302856808.bf40933d-65ed-445d-a7af-78a209e1a47a.main.jsonlz4, In Quarantäne, [fb57994081180d29858cc6ad7e86718f], 
PUP.Optional.FakeFFProfile, C:\Users\Marcel Ruckober\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\datareporting\archived\2015-12\1451325542485.697a2a42-c90a-4b43-88d5-9ff515d87a48.main.jsonlz4, In Quarantäne, [fb57994081180d29858cc6ad7e86718f], 
PUP.Optional.FakeFFProfile, C:\Users\Marcel Ruckober\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\datareporting\archived\2015-12\1451330579019.3c000846-6ad4-4608-876c-f3665e755b74.main.jsonlz4, In Quarantäne, [fb57994081180d29858cc6ad7e86718f], 
PUP.Optional.FakeFFProfile, C:\Users\Marcel Ruckober\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\datareporting\archived\2015-12\1451430064450.815016d6-dcc5-4d04-b3d0-a3c517a8f263.main.jsonlz4, In Quarantäne, [fb57994081180d29858cc6ad7e86718f], 
PUP.Optional.FakeFFProfile, C:\Users\Marcel Ruckober\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\datareporting\archived\2015-12\1451432399348.55fb6999-02b5-4593-b305-b9a26116e37c.main.jsonlz4, In Quarantäne, [fb57994081180d29858cc6ad7e86718f], 
PUP.Optional.FakeFFProfile, C:\Users\Marcel Ruckober\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\datareporting\archived\2015-12\1451530317911.80cfe631-effd-4322-9551-c9e10219395d.main.jsonlz4, In Quarantäne, [fb57994081180d29858cc6ad7e86718f], 
PUP.Optional.FakeFFProfile, C:\Users\Marcel Ruckober\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\datareporting\archived\2015-12\1451568470195.b343bb26-c8eb-421b-858f-bcd8fd6e8a56.main.jsonlz4, In Quarantäne, [fb57994081180d29858cc6ad7e86718f], 
PUP.Optional.FakeFFProfile, C:\Users\Marcel Ruckober\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\datareporting\archived\2015-12\1451573319510.a8256365-f9e7-4a28-84a6-55c3d0e779fe.main.jsonlz4, In Quarantäne, [fb57994081180d29858cc6ad7e86718f], 
PUP.Optional.FakeFFProfile, C:\Users\Marcel Ruckober\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\datareporting\archived\2015-12\1451584287849.3c4daeb3-2b60-4063-83e6-0bfe6d1f4270.main.jsonlz4, In Quarantäne, [fb57994081180d29858cc6ad7e86718f], 
PUP.Optional.FakeFFProfile, C:\Users\Marcel Ruckober\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\datareporting\archived\2016-01\1451645378262.b8c4c184-4ec8-44ca-a337-3ceebbb74709.main.jsonlz4, In Quarantäne, [fb57994081180d29858cc6ad7e86718f], 
PUP.Optional.FakeFFProfile, C:\Users\Marcel Ruckober\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\datareporting\archived\2016-01\1451672846024.21cce349-1d67-4f54-b618-3699d9a18f7d.main.jsonlz4, In Quarantäne, [fb57994081180d29858cc6ad7e86718f], 
PUP.Optional.FakeFFProfile, C:\Users\Marcel Ruckober\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\datareporting\archived\2016-01\1451734144913.e747ac50-1db4-4772-8c0c-6a710143444f.main.jsonlz4, In Quarantäne, [fb57994081180d29858cc6ad7e86718f], 
PUP.Optional.FakeFFProfile, C:\Users\Marcel Ruckober\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\datareporting\archived\2016-01\1451734732290.11487a7c-0688-4cc3-ab7c-c749553cf97b.main.jsonlz4, In Quarantäne, [fb57994081180d29858cc6ad7e86718f], 
PUP.Optional.FakeFFProfile, C:\Users\Marcel Ruckober\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\datareporting\archived\2016-01\1451736150710.9f981687-4f13-4f2f-b706-e671ef4db583.main.jsonlz4, In Quarantäne, [fb57994081180d29858cc6ad7e86718f], 
PUP.Optional.FakeFFProfile, C:\Users\Marcel Ruckober\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\datareporting\archived\2016-01\1451736270458.235f06e0-8fca-423f-92fc-04184f1651d3.main.jsonlz4, In Quarantäne, [fb57994081180d29858cc6ad7e86718f], 
PUP.Optional.FakeFFProfile, C:\Users\Marcel Ruckober\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\datareporting\archived\2016-01\1451742032786.d9a4c50d-5641-4e62-a534-0d723734c0d4.main.jsonlz4, In Quarantäne, [fb57994081180d29858cc6ad7e86718f], 
PUP.Optional.FakeFFProfile, C:\Users\Marcel Ruckober\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\datareporting\archived\2016-01\1451743094135.099c3d27-7a46-4771-aa77-9b60c4ab521c.main.jsonlz4, In Quarantäne, [fb57994081180d29858cc6ad7e86718f], 
PUP.Optional.FakeFFProfile, C:\Users\Marcel Ruckober\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\datareporting\archived\2016-01\1451747998715.70891188-8ed9-420a-9d73-83c009de032b.main.jsonlz4, In Quarantäne, [fb57994081180d29858cc6ad7e86718f], 
PUP.Optional.FakeFFProfile, C:\Users\Marcel Ruckober\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\datareporting\archived\2016-01\1451758564279.fa46f6dc-332d-4afb-adc9-83a1828ba3ed.main.jsonlz4, In Quarantäne, [fb57994081180d29858cc6ad7e86718f], 
PUP.Optional.FakeFFProfile, C:\Users\Marcel Ruckober\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\datareporting\archived\2016-01\1451761612713.114534eb-f540-4228-b5bf-c32e43369442.main.jsonlz4, In Quarantäne, [fb57994081180d29858cc6ad7e86718f], 
PUP.Optional.FakeFFProfile, C:\Users\Marcel Ruckober\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\datareporting\archived\2016-01\1451762153662.0921a39f-fc30-4714-a2d0-4eacd39c0a47.main.jsonlz4, In Quarantäne, [fb57994081180d29858cc6ad7e86718f], 
PUP.Optional.FakeFFProfile, C:\Users\Marcel Ruckober\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\datareporting\archived\2016-01\1451773886181.c6cb625a-3866-4a10-a372-51c28dbbf39e.main.jsonlz4, In Quarantäne, [fb57994081180d29858cc6ad7e86718f], 
PUP.Optional.FakeFFProfile, C:\Users\Marcel Ruckober\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\datareporting\archived\2016-01\1451775602144.039626f1-cf5e-40d4-95cd-dced2bd535be.main.jsonlz4, In Quarantäne, [fb57994081180d29858cc6ad7e86718f], 
PUP.Optional.FakeFFProfile, C:\Users\Marcel Ruckober\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\datareporting\archived\2016-01\1451777281065.eb4c6a43-6678-4732-9dac-1565a5c222be.main.jsonlz4, In Quarantäne, [fb57994081180d29858cc6ad7e86718f], 
PUP.Optional.FakeFFProfile, C:\Users\Marcel Ruckober\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\datareporting\archived\2016-01\1451911492391.2e30bd82-7039-4227-896e-bc10fbd9261a.main.jsonlz4, In Quarantäne, [fb57994081180d29858cc6ad7e86718f], 
PUP.Optional.FakeFFProfile, C:\Users\Marcel Ruckober\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\datareporting\archived\2016-01\1451915007934.379de376-1367-4568-bc3d-c8ace1302954.main.jsonlz4, In Quarantäne, [fb57994081180d29858cc6ad7e86718f], 
PUP.Optional.FakeFFProfile, C:\Users\Marcel Ruckober\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\datareporting\archived\2016-01\1451992861470.909b9a19-5249-42c9-87d6-13caae305002.main.jsonlz4, In Quarantäne, [fb57994081180d29858cc6ad7e86718f], 
PUP.Optional.FakeFFProfile, C:\Users\Marcel Ruckober\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\datareporting\archived\2016-01\1451998884591.cbbe8f5b-d2ca-4c0d-a42b-729c75b9781c.main.jsonlz4, In Quarantäne, [fb57994081180d29858cc6ad7e86718f], 
PUP.Optional.FakeFFProfile, C:\Users\Marcel Ruckober\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\datareporting\archived\2016-01\1452173284452.cf50882d-cd72-4945-8855-c535414f81a6.main.jsonlz4, In Quarantäne, [fb57994081180d29858cc6ad7e86718f], 
PUP.Optional.FakeFFProfile, C:\Users\Marcel Ruckober\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\datareporting\archived\2016-01\1452174724457.d7a71a58-e0b6-4ff4-8425-f3e2fcd349ac.main.jsonlz4, In Quarantäne, [fb57994081180d29858cc6ad7e86718f], 
PUP.Optional.FakeFFProfile, C:\Users\Marcel Ruckober\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\datareporting\archived\2016-01\1452207605456.4deb1b71-1cf3-4f6e-ae11-a8186dbae4eb.main.jsonlz4, In Quarantäne, [fb57994081180d29858cc6ad7e86718f], 
PUP.Optional.FakeFFProfile, C:\Users\Marcel Ruckober\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\datareporting\archived\2016-01\1452213536265.e2535930-0cc5-47a1-b752-de3483843d75.main.jsonlz4, In Quarantäne, [fb57994081180d29858cc6ad7e86718f], 
PUP.Optional.FakeFFProfile, C:\Users\Marcel Ruckober\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\datareporting\archived\2016-01\1452258631900.1e7785ad-e257-4838-bb14-50afe738c01c.main.jsonlz4, In Quarantäne, [fb57994081180d29858cc6ad7e86718f], 
PUP.Optional.FakeFFProfile, C:\Users\Marcel Ruckober\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\datareporting\archived\2016-01\1452274162540.564828e9-19fc-4833-9ce1-7547d65bab18.main.jsonlz4, In Quarantäne, [fb57994081180d29858cc6ad7e86718f], 
PUP.Optional.FakeFFProfile, C:\Users\Marcel Ruckober\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\datareporting\archived\2016-01\1452280269180.1454d440-5a13-41dc-8094-7f428fca8f22.main.jsonlz4, In Quarantäne, [fb57994081180d29858cc6ad7e86718f], 
PUP.Optional.FakeFFProfile, C:\Users\Marcel Ruckober\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\datareporting\archived\2016-01\1452345525056.b4d0dc49-9fa9-4c9d-a2ae-bc7b0e13c6e9.main.jsonlz4, In Quarantäne, [fb57994081180d29858cc6ad7e86718f], 
PUP.Optional.FakeFFProfile, C:\Users\Marcel Ruckober\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\datareporting\archived\2016-01\1452361809803.76f8adce-f061-46b5-b997-f45e1c200ec0.main.jsonlz4, In Quarantäne, [fb57994081180d29858cc6ad7e86718f], 
PUP.Optional.FakeFFProfile, C:\Users\Marcel Ruckober\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\datareporting\archived\2016-01\1452380656038.69f19cee-45f8-4d17-b054-350692cced94.main.jsonlz4, In Quarantäne, [fb57994081180d29858cc6ad7e86718f], 
PUP.Optional.FakeFFProfile, C:\Users\Marcel Ruckober\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\datareporting\archived\2016-01\1452380858274.703abcfc-b591-4d8c-a273-9d2112f8f971.main.jsonlz4, In Quarantäne, [fb57994081180d29858cc6ad7e86718f], 
PUP.Optional.FakeFFProfile, C:\Users\Marcel Ruckober\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\datareporting\archived\2016-01\1452431540407.951b15c7-322e-4af1-ad83-faafdcdad508.main.jsonlz4, In Quarantäne, [fb57994081180d29858cc6ad7e86718f], 
PUP.Optional.FakeFFProfile, C:\Users\Marcel Ruckober\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\datareporting\archived\2016-01\1452442644328.146b9d85-09df-4475-a30d-181dfd384814.main.jsonlz4, In Quarantäne, [fb57994081180d29858cc6ad7e86718f], 
PUP.Optional.FakeFFProfile, C:\Users\Marcel Ruckober\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\datareporting\archived\2016-01\1452450296267.32fe5819-f7b2-4192-adb3-44de37e30bc9.main.jsonlz4, In Quarantäne, [fb57994081180d29858cc6ad7e86718f], 
PUP.Optional.FakeFFProfile, C:\Users\Marcel Ruckober\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\datareporting\archived\2016-01\1452453791848.b7708d53-a7d4-4902-81ba-c6e5f8cc4ffb.main.jsonlz4, In Quarantäne, [fb57994081180d29858cc6ad7e86718f], 
PUP.Optional.FakeFFProfile, C:\Users\Marcel Ruckober\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\datareporting\archived\2016-01\1452455360596.3d4173c9-6d07-4a68-80f6-9cc4c6400d21.main.jsonlz4, In Quarantäne, [fb57994081180d29858cc6ad7e86718f], 
PUP.Optional.FakeFFProfile, C:\Users\Marcel Ruckober\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\datareporting\archived\2016-01\1452466112531.2552e303-5f8d-40a7-b8cb-424ddfa264f5.main.jsonlz4, In Quarantäne, [fb57994081180d29858cc6ad7e86718f], 
PUP.Optional.FakeFFProfile, C:\Users\Marcel Ruckober\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\datareporting\archived\2016-01\1451756767581.214cc265-9dcc-4bfa-8f2c-be8836e1a807.main.jsonlz4, In Quarantäne, [fb57994081180d29858cc6ad7e86718f], 
PUP.Optional.FakeFFProfile, C:\Users\Marcel Ruckober\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\datareporting\archived\2016-01\1451996858179.0fbc3e91-ad29-482d-8a1a-ebb5afe203c3.main.jsonlz4, In Quarantäne, [fb57994081180d29858cc6ad7e86718f], 
PUP.Optional.FakeFFProfile, C:\Users\Marcel Ruckober\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\datareporting\archived\2016-01\1452356777224.824ce6f1-b796-4cd8-b796-aead3c2d7973.main.jsonlz4, In Quarantäne, [fb57994081180d29858cc6ad7e86718f], 
PUP.Optional.FakeFFProfile, C:\Users\Marcel Ruckober\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\datareporting\archived\2016-01\1452546978088.4dd9558d-1925-41b9-bf5c-d8a60039b2f0.main.jsonlz4, In Quarantäne, [fb57994081180d29858cc6ad7e86718f], 
PUP.Optional.FakeFFProfile, C:\Users\Marcel Ruckober\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\datareporting\archived\2016-01\1452631395282.cbc1fcdf-c2b9-4614-9057-f0fbb3e075b4.main.jsonlz4, In Quarantäne, [fb57994081180d29858cc6ad7e86718f], 
PUP.Optional.FakeFFProfile, C:\Users\Marcel Ruckober\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\datareporting\archived\2016-01\1452799861140.64ba5cbb-b7f9-4f7c-b3c6-21b389ceab04.main.jsonlz4, In Quarantäne, [fb57994081180d29858cc6ad7e86718f], 
PUP.Optional.FakeFFProfile, C:\Users\Marcel Ruckober\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\datareporting\archived\2016-01\1452806774369.e1511fcf-61f8-4058-921e-a9b948c19d8a.main.jsonlz4, In Quarantäne, [fb57994081180d29858cc6ad7e86718f], 
PUP.Optional.FakeFFProfile, C:\Users\Marcel Ruckober\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\datareporting\archived\2016-01\1452887223107.91557f6f-a604-471c-9a39-73bb74c8fcb9.main.jsonlz4, In Quarantäne, [fb57994081180d29858cc6ad7e86718f], 
PUP.Optional.FakeFFProfile, C:\Users\Marcel Ruckober\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\datareporting\archived\2016-01\1452899049248.94ff8b75-17ca-4818-a91b-7f1bc6f901af.main.jsonlz4, In Quarantäne, [fb57994081180d29858cc6ad7e86718f], 
PUP.Optional.FakeFFProfile, C:\Users\Marcel Ruckober\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\datareporting\archived\2016-01\1452904409083.70b63119-6737-424a-9cfb-345d9c4060a9.main.jsonlz4, In Quarantäne, [fb57994081180d29858cc6ad7e86718f], 
PUP.Optional.FakeFFProfile, C:\Users\Marcel Ruckober\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\datareporting\archived\2016-01\1452948733002.9872b21e-fbbc-49f2-8799-aa5bd0ff8967.main.jsonlz4, In Quarantäne, [fb57994081180d29858cc6ad7e86718f], 
PUP.Optional.FakeFFProfile, C:\Users\Marcel Ruckober\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\datareporting\archived\2016-01\1452967794359.3520264c-af62-46b1-9a3d-5bde9aacf729.main.jsonlz4, In Quarantäne, [fb57994081180d29858cc6ad7e86718f], 
PUP.Optional.FakeFFProfile, C:\Users\Marcel Ruckober\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\datareporting\archived\2016-01\1453026848227.9e39801e-72fc-486a-8cf1-4fdea4eb5861.main.jsonlz4, In Quarantäne, [fb57994081180d29858cc6ad7e86718f], 
PUP.Optional.FakeFFProfile, C:\Users\Marcel Ruckober\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\datareporting\archived\2016-01\1453028904373.71f30108-dfcc-4dbb-a944-ee9017628384.main.jsonlz4, In Quarantäne, [fb57994081180d29858cc6ad7e86718f], 
PUP.Optional.FakeFFProfile, C:\Users\Marcel Ruckober\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\datareporting\archived\2016-01\1453068564280.52141dca-5628-4877-b921-fc26df75b4e4.main.jsonlz4, In Quarantäne, [fb57994081180d29858cc6ad7e86718f], 
PUP.Optional.FakeFFProfile, C:\Users\Marcel Ruckober\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\datareporting\archived\2016-01\1453152093262.0e4d673a-f803-4d8e-bb91-33ffb95f9afc.main.jsonlz4, In Quarantäne, [fb57994081180d29858cc6ad7e86718f], 
PUP.Optional.FakeFFProfile, C:\Users\Marcel Ruckober\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\datareporting\archived\2016-01\1453499687734.abe5c598-b56e-4f52-8790-45cb5bcfc245.main.jsonlz4, In Quarantäne, [fb57994081180d29858cc6ad7e86718f], 
PUP.Optional.FakeFFProfile, C:\Users\Marcel Ruckober\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\datareporting\archived\2016-01\1453549566546.d20ae543-9f9b-489e-b784-8495f5bb860d.main.jsonlz4, In Quarantäne, [fb57994081180d29858cc6ad7e86718f], 
PUP.Optional.FakeFFProfile, C:\Users\Marcel Ruckober\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\datareporting\archived\2016-01\1453556901824.11976567-504b-4d80-b84c-f1c57f87f81b.main.jsonlz4, In Quarantäne, [fb57994081180d29858cc6ad7e86718f], 
PUP.Optional.FakeFFProfile, C:\Users\Marcel Ruckober\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\datareporting\archived\2016-01\1453564351686.59f52a04-3ea0-4f5b-bfce-d4468736bdba.main.jsonlz4, In Quarantäne, [fb57994081180d29858cc6ad7e86718f], 
PUP.Optional.FakeFFProfile, C:\Users\Marcel Ruckober\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\datareporting\archived\2016-02\1454690032029.345561d3-cbb3-4e41-8672-14b8c34d89aa.main.jsonlz4, In Quarantäne, [fb57994081180d29858cc6ad7e86718f], 
PUP.Optional.FakeFFProfile, C:\Users\Marcel Ruckober\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\datareporting\archived\2016-02\1454693475558.b147fe2c-1739-461f-a921-f8e0d72fe47d.main.jsonlz4, In Quarantäne, [fb57994081180d29858cc6ad7e86718f], 
PUP.Optional.FakeFFProfile, C:\Users\Marcel Ruckober\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\datareporting\archived\2016-02\1454769763377.e7caa9bf-4cf7-4eea-a762-4e6d1743a80b.main.jsonlz4, In Quarantäne, [fb57994081180d29858cc6ad7e86718f], 
PUP.Optional.FakeFFProfile, C:\Users\Marcel Ruckober\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\datareporting\archived\2016-02\1454806716702.e71cc5ed-cc14-410b-ada9-8f8c03b91814.main.jsonlz4, In Quarantäne, [fb57994081180d29858cc6ad7e86718f], 
PUP.Optional.FakeFFProfile, C:\Users\Marcel Ruckober\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\datareporting\archived\2016-02\1454856491902.6f32d548-bf10-4f87-91ee-56db6254b8ca.main.jsonlz4, In Quarantäne, [fb57994081180d29858cc6ad7e86718f], 
PUP.Optional.FakeFFProfile, C:\Users\Marcel Ruckober\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\datareporting\archived\2016-02\1454886000007.245bb1a3-fa0a-41f0-80b6-b4ff7f769e79.main.jsonlz4, In Quarantäne, [fb57994081180d29858cc6ad7e86718f], 
PUP.Optional.FakeFFProfile, C:\Users\Marcel Ruckober\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\datareporting\archived\2016-02\1454888539667.f30e64b8-429e-45af-ac56-d9791283ea0e.main.jsonlz4, In Quarantäne, [fb57994081180d29858cc6ad7e86718f], 
PUP.Optional.FakeFFProfile, C:\Users\Marcel Ruckober\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\datareporting\archived\2016-02\1454966813281.0217e031-7d8c-4d95-bcb4-e69bc5c1d0fc.main.jsonlz4, In Quarantäne, [fb57994081180d29858cc6ad7e86718f], 
PUP.Optional.FakeFFProfile, C:\Users\Marcel Ruckober\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\datareporting\archived\2016-02\1455046990685.ae409ffc-fad8-42b5-9b84-b72249183c48.main.jsonlz4, In Quarantäne, [fb57994081180d29858cc6ad7e86718f], 
PUP.Optional.FakeFFProfile, C:\Users\Marcel Ruckober\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\datareporting\archived\2016-02\1455142544317.1defe7d4-bfbb-47f6-924b-6655df7c484a.main.jsonlz4, In Quarantäne, [fb57994081180d29858cc6ad7e86718f], 
PUP.Optional.FakeFFProfile, C:\Users\Marcel Ruckober\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\datareporting\archived\2016-02\1455330570043.c9604a8b-85bb-4924-bcb3-ff6a27d7407e.main.jsonlz4, In Quarantäne, [fb57994081180d29858cc6ad7e86718f], 
PUP.Optional.FakeFFProfile, C:\Users\Marcel Ruckober\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\datareporting\archived\2016-02\1455364946085.facd3602-22b4-4566-9481-b3ce6072d8d4.main.jsonlz4, In Quarantäne, [fb57994081180d29858cc6ad7e86718f], 
PUP.Optional.FakeFFProfile, C:\Users\Marcel Ruckober\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\datareporting\archived\2016-02\1455448946250.cb669681-44ba-4eaf-93b9-7239a2513bda.main.jsonlz4, In Quarantäne, [fb57994081180d29858cc6ad7e86718f], 
PUP.Optional.FakeFFProfile, C:\Users\Marcel Ruckober\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\datareporting\archived\2016-02\1455451537520.b305e7ae-ef80-47fb-9cfb-e4711f1e4f90.main.jsonlz4, In Quarantäne, [fb57994081180d29858cc6ad7e86718f], 
PUP.Optional.FakeFFProfile, C:\Users\Marcel Ruckober\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\datareporting\archived\2016-02\1455472144210.210e7ea6-d9bd-4d9c-ae2d-fd971d487afe.main.jsonlz4, In Quarantäne, [fb57994081180d29858cc6ad7e86718f], 
PUP.Optional.FakeFFProfile, C:\Users\Marcel Ruckober\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\datareporting\archived\2016-02\1455472233225.c45dce43-c9f9-47ef-ba56-ae827956fb09.main.jsonlz4, In Quarantäne, [fb57994081180d29858cc6ad7e86718f], 
PUP.Optional.FakeFFProfile, C:\Users\Marcel Ruckober\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\datareporting\archived\2016-02\1455479904004.2179bbe7-3be0-4c99-89e9-262dcd97aae7.main.jsonlz4, In Quarantäne, [fb57994081180d29858cc6ad7e86718f], 
PUP.Optional.FakeFFProfile, C:\Users\Marcel Ruckober\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\datareporting\archived\2016-02\1455573523599.4aa49ac4-1f4d-48b6-aabc-89fc396420d6.main.jsonlz4, In Quarantäne, [fb57994081180d29858cc6ad7e86718f], 
PUP.Optional.FakeFFProfile, C:\Users\Marcel Ruckober\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\datareporting\archived\2016-02\1455812902343.3a3ef5ef-c176-4821-a254-fc3880fbb952.main.jsonlz4, In Quarantäne, [fb57994081180d29858cc6ad7e86718f], 
PUP.Optional.FakeFFProfile, C:\Users\Marcel Ruckober\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\datareporting\archived\2016-02\1455814454505.ef01ec1b-34b9-4442-bdcc-dc51aaeb157e.main.jsonlz4, In Quarantäne, [fb57994081180d29858cc6ad7e86718f], 
PUP.Optional.FakeFFProfile, C:\Users\Marcel Ruckober\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\datareporting\archived\2016-02\1455827233238.a7e336f8-fc2a-413c-9c5f-73b35d625c04.main.jsonlz4, In Quarantäne, [fb57994081180d29858cc6ad7e86718f], 
PUP.Optional.FakeFFProfile, C:\Users\Marcel Ruckober\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\datareporting\archived\2016-02\1455915755007.5e3cb0a6-0788-40fd-a27d-93b449201e35.main.jsonlz4, In Quarantäne, [fb57994081180d29858cc6ad7e86718f], 
PUP.Optional.FakeFFProfile, C:\Users\Marcel Ruckober\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\datareporting\archived\2016-02\1455982394686.3123d637-46fd-4863-bf72-aef53a2696d7.main.jsonlz4, In Quarantäne, [fb57994081180d29858cc6ad7e86718f], 
PUP.Optional.FakeFFProfile, C:\Users\Marcel Ruckober\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\datareporting\archived\2016-02\1455989008878.04c74cd7-bb58-4c43-8b3a-71adb37b2fa3.main.jsonlz4, In Quarantäne, [fb57994081180d29858cc6ad7e86718f], 
PUP.Optional.FakeFFProfile, C:\Users\Marcel Ruckober\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\datareporting\archived\2016-02\1455990227919.67d61e0e-8600-45b9-8900-252816f12d5e.main.jsonlz4, In Quarantäne, [fb57994081180d29858cc6ad7e86718f], 
PUP.Optional.FakeFFProfile, C:\Users\Marcel Ruckober\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\datareporting\archived\2016-02\1456015694251.b5ef35b0-e0ec-4633-9c0b-12c5d91552ba.main.jsonlz4, In Quarantäne, [fb57994081180d29858cc6ad7e86718f], 
PUP.Optional.FakeFFProfile, C:\Users\Marcel Ruckober\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\datareporting\archived\2016-02\1456060522008.767caf5d-27eb-4c22-ade6-a7cc7c20f2c2.main.jsonlz4, In Quarantäne, [fb57994081180d29858cc6ad7e86718f], 
PUP.Optional.FakeFFProfile, C:\Users\Marcel Ruckober\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\datareporting\archived\2016-02\1456071823266.dfb27893-6714-41a4-b3cd-148c859fcd45.main.jsonlz4, In Quarantäne, [fb57994081180d29858cc6ad7e86718f], 
PUP.Optional.FakeFFProfile, C:\Users\Marcel Ruckober\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\datareporting\archived\2016-02\1456074438935.cf038127-28cd-4f45-a13c-dc3c1df2ee86.main.jsonlz4, In Quarantäne, [fb57994081180d29858cc6ad7e86718f], 
PUP.Optional.FakeFFProfile, C:\Users\Marcel Ruckober\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\datareporting\archived\2016-02\1456095825613.b366f508-249e-42f6-bfed-e18e2d232623.main.jsonlz4, In Quarantäne, [fb57994081180d29858cc6ad7e86718f], 
PUP.Optional.FakeFFProfile, C:\Users\Marcel Ruckober\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\datareporting\archived\2016-02\1456096854835.06ef57e8-c35a-4151-8bce-100cb76b542c.main.jsonlz4, In Quarantäne, [fb57994081180d29858cc6ad7e86718f], 
PUP.Optional.FakeFFProfile, C:\Users\Marcel Ruckober\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\datareporting\archived\2016-02\1456177717094.8a65adc9-d733-486f-b4d6-9f74b387db30.main.jsonlz4, In Quarantäne, [fb57994081180d29858cc6ad7e86718f], 
PUP.Optional.FakeFFProfile, C:\Users\Marcel Ruckober\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\datareporting\archived\2016-02\1456263194047.2070f2d2-a6be-464f-bae7-c488546e0bcd.main.jsonlz4, In Quarantäne, [fb57994081180d29858cc6ad7e86718f], 
PUP.Optional.FakeFFProfile, C:\Users\Marcel Ruckober\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\datareporting\archived\2016-02\1456425526417.c0b52c41-7048-4009-ab9b-7202fc669e78.main.jsonlz4, In Quarantäne, [fb57994081180d29858cc6ad7e86718f], 
PUP.Optional.FakeFFProfile, C:\Users\Marcel Ruckober\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\datareporting\archived\2016-02\1456527857299.d74b0b5d-e994-4471-b9ce-3fd83b42aee5.main.jsonlz4, In Quarantäne, [fb57994081180d29858cc6ad7e86718f], 
PUP.Optional.FakeFFProfile, C:\Users\Marcel Ruckober\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\datareporting\archived\2016-02\1456529920924.4c252e9b-ac7e-46f5-ae90-864e112342a6.main.jsonlz4, In Quarantäne, [fb57994081180d29858cc6ad7e86718f], 
PUP.Optional.FakeFFProfile, C:\Users\Marcel Ruckober\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\datareporting\archived\2016-02\1456571396313.e704a52a-e599-4f4c-b1d4-a2b4fd0dc7aa.main.jsonlz4, In Quarantäne, [fb57994081180d29858cc6ad7e86718f], 
PUP.Optional.FakeFFProfile, C:\Users\Marcel Ruckober\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\datareporting\archived\2016-02\1456594812240.9ae5f9a5-2f7a-4357-b99b-f6abce74ecc8.main.jsonlz4, In Quarantäne, [fb57994081180d29858cc6ad7e86718f], 
PUP.Optional.FakeFFProfile, C:\Users\Marcel Ruckober\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\datareporting\archived\2016-02\1456631069296.303b001f-9a94-4a75-99d6-50d703f78410.main.jsonlz4, In Quarantäne, [fb57994081180d29858cc6ad7e86718f], 
PUP.Optional.FakeFFProfile, C:\Users\Marcel Ruckober\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\datareporting\archived\2016-02\1455055808428.4c3149bc-d341-4e04-b078-9b3eb82babdb.main.jsonlz4, In Quarantäne, [fb57994081180d29858cc6ad7e86718f], 
PUP.Optional.FakeFFProfile, C:\Users\Marcel Ruckober\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\datareporting\archived\2016-02\1455657328159.150642bf-d53e-43a4-973b-864aee98d327.main.jsonlz4, In Quarantäne, [fb57994081180d29858cc6ad7e86718f], 
PUP.Optional.FakeFFProfile, C:\Users\Marcel Ruckober\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\datareporting\archived\2016-02\1456060817122.e9cdb96f-3503-4b72-8627-65f16f52d506.main.jsonlz4, In Quarantäne, [fb57994081180d29858cc6ad7e86718f], 
PUP.Optional.FakeFFProfile, C:\Users\Marcel Ruckober\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\datareporting\archived\2016-03\1458418372889.b8ed2c80-6df5-45a0-9c42-8e62e85b791c.main.jsonlz4, In Quarantäne, [fb57994081180d29858cc6ad7e86718f], 
PUP.Optional.FakeFFProfile, C:\Users\Marcel Ruckober\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\datareporting\archived\2016-03\1458427336654.8c989cc3-83d9-43cc-846e-352dae79f11a.main.jsonlz4, In Quarantäne, [fb57994081180d29858cc6ad7e86718f], 
PUP.Optional.FakeFFProfile, C:\Users\Marcel Ruckober\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\datareporting\archived\2016-03\1458472325004.3633ec02-6b41-4fa9-941c-5b9c22c0b194.main.jsonlz4, In Quarantäne, [fb57994081180d29858cc6ad7e86718f], 
PUP.Optional.FakeFFProfile, C:\Users\Marcel Ruckober\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\datareporting\archived\2016-03\1458493039770.5873838e-185a-48cb-9bf1-8ae40105e204.main.jsonlz4, In Quarantäne, [fb57994081180d29858cc6ad7e86718f], 
PUP.Optional.FakeFFProfile, C:\Users\Marcel Ruckober\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\datareporting\archived\2016-03\1458515096897.d15d019d-907b-406b-bba3-6f1289a545e8.main.jsonlz4, In Quarantäne, [fb57994081180d29858cc6ad7e86718f], 
PUP.Optional.FakeFFProfile, C:\Users\Marcel Ruckober\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\datareporting\archived\2016-03\1458517263516.7588e68e-2b56-4f35-a7e3-a765024e6fca.main.jsonlz4, In Quarantäne, [fb57994081180d29858cc6ad7e86718f], 
PUP.Optional.FakeFFProfile, C:\Users\Marcel Ruckober\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\datareporting\archived\2016-03\1458766951070.0f7f430c-ab49-4f08-86e7-3e2a6cd5cb0d.main.jsonlz4, In Quarantäne, [fb57994081180d29858cc6ad7e86718f], 
PUP.Optional.FakeFFProfile, C:\Users\Marcel Ruckober\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\datareporting\archived\2016-03\1458926646786.66669aca-ede5-4c0a-a449-6927c5c886ee.main.jsonlz4, In Quarantäne, [fb57994081180d29858cc6ad7e86718f], 
PUP.Optional.FakeFFProfile, C:\Users\Marcel Ruckober\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\datareporting\archived\2016-03\1458932385879.0f038d30-3e6d-43c5-9470-16db72a47c4a.main.jsonlz4, In Quarantäne, [fb57994081180d29858cc6ad7e86718f], 
PUP.Optional.FakeFFProfile, C:\Users\Marcel Ruckober\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\datareporting\archived\2016-03\1458940323075.c752b193-e29c-4cb0-9e79-a9d27503e6ef.main.jsonlz4, In Quarantäne, [fb57994081180d29858cc6ad7e86718f], 
PUP.Optional.FakeFFProfile, C:\Users\Marcel Ruckober\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\datareporting\archived\2016-03\1459162411356.ee851682-a414-4c33-894a-75ec2deb2b79.main.jsonlz4, In Quarantäne, [fb57994081180d29858cc6ad7e86718f], 
PUP.Optional.FakeFFProfile, C:\Users\Marcel Ruckober\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\datareporting\archived\2016-03\1459169612970.a6b001be-45b3-4642-b2ec-53536d710df1.main.jsonlz4, In Quarantäne, [fb57994081180d29858cc6ad7e86718f], 
PUP.Optional.FakeFFProfile, C:\Users\Marcel Ruckober\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\datareporting\archived\2016-03\1459181227291.b3da2666-41a4-4b53-a012-e3c4c0815875.main.jsonlz4, In Quarantäne, [fb57994081180d29858cc6ad7e86718f], 
PUP.Optional.FakeFFProfile, C:\Users\Marcel Ruckober\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\datareporting\archived\2016-03\1459195410404.39b5c5ed-d51e-4925-8109-348832ee711d.main.jsonlz4, In Quarantäne, [fb57994081180d29858cc6ad7e86718f], 
PUP.Optional.FakeFFProfile, C:\Users\Marcel Ruckober\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\datareporting\archived\2016-03\1459459110249.bdb48656-9a77-4352-835f-572253684f73.main.jsonlz4, In Quarantäne, [fb57994081180d29858cc6ad7e86718f], 
PUP.Optional.FakeFFProfile, C:\Users\Marcel Ruckober\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\datareporting\archived\2016-04\1459529782235.629b7c0b-b1e9-4bb5-92ec-fda5fd852c11.main.jsonlz4, In Quarantäne, [fb57994081180d29858cc6ad7e86718f], 
PUP.Optional.FakeFFProfile, C:\Users\Marcel Ruckober\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\datareporting\archived\2016-04\1459546679643.f1b26b7d-3977-4eea-b604-53189b7d940b.main.jsonlz4, In Quarantäne, [fb57994081180d29858cc6ad7e86718f], 
PUP.Optional.FakeFFProfile, C:\Users\Marcel Ruckober\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\datareporting\archived\2016-04\1459586442862.9554c028-6172-486e-991e-9e32c695e18a.main.jsonlz4, In Quarantäne, [fb57994081180d29858cc6ad7e86718f], 
PUP.Optional.FakeFFProfile, C:\Users\Marcel Ruckober\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\datareporting\archived\2016-04\1459588624077.ed1b64db-3072-4c60-bcca-1323aea440eb.main.jsonlz4, In Quarantäne, [fb57994081180d29858cc6ad7e86718f], 
PUP.Optional.FakeFFProfile, C:\Users\Marcel Ruckober\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\datareporting\archived\2016-04\1459595730719.29a5760f-dc59-4c3e-bc40-86339f80aaef.main.jsonlz4, In Quarantäne, [fb57994081180d29858cc6ad7e86718f], 
PUP.Optional.FakeFFProfile, C:\Users\Marcel Ruckober\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\datareporting\archived\2016-04\1459704242292.d098a554-a2f4-43b9-b019-a85ce1416107.main.jsonlz4, In Quarantäne, [fb57994081180d29858cc6ad7e86718f], 
PUP.Optional.FakeFFProfile, C:\Users\Marcel Ruckober\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\datareporting\archived\2016-04\1459713908898.77baa624-83ca-47df-b6c6-3734cd60fe46.main.jsonlz4, In Quarantäne, [fb57994081180d29858cc6ad7e86718f], 
PUP.Optional.FakeFFProfile, C:\Users\Marcel Ruckober\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\datareporting\archived\2016-04\1459720595845.19c712f2-48c5-49c9-97f4-fae5643d02d4.main.jsonlz4, In Quarantäne, [fb57994081180d29858cc6ad7e86718f], 
PUP.Optional.FakeFFProfile, C:\Users\Marcel Ruckober\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\datareporting\archived\2016-04\1459807200008.6db41f5e-43a4-49c6-877a-29c593c8f19c.main.jsonlz4, In Quarantäne, [fb57994081180d29858cc6ad7e86718f], 
PUP.Optional.FakeFFProfile, C:\Users\Marcel Ruckober\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\datareporting\archived\2016-04\1459809382213.ed4a7540-a5ca-4706-b21d-ba058fb2d5ee.main.jsonlz4, In Quarantäne, [fb57994081180d29858cc6ad7e86718f], 
PUP.Optional.FakeFFProfile, C:\Users\Marcel Ruckober\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\datareporting\archived\2016-04\1460066012506.126a5c56-7d84-4d55-a011-b31f1ac9aee4.main.jsonlz4, In Quarantäne, [fb57994081180d29858cc6ad7e86718f], 
PUP.Optional.FakeFFProfile, C:\Users\Marcel Ruckober\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\datareporting\archived\2016-04\1460113517207.4c69fe46-fa37-43e6-b5e0-ede5719f70b1.main.jsonlz4, In Quarantäne, [fb57994081180d29858cc6ad7e86718f], 
PUP.Optional.FakeFFProfile, C:\Users\Marcel Ruckober\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\datareporting\archived\2016-04\1460116518337.79e0f11a-8288-41b8-8e78-21172ba77304.main.jsonlz4, In Quarantäne, [fb57994081180d29858cc6ad7e86718f], 
PUP.Optional.FakeFFProfile, C:\Users\Marcel Ruckober\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\datareporting\archived\2016-04\1460123662871.5c7ee863-f1a3-4da5-9a07-653e4ff1bba1.main.jsonlz4, In Quarantäne, [fb57994081180d29858cc6ad7e86718f], 
PUP.Optional.FakeFFProfile, C:\Users\Marcel Ruckober\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\datareporting\archived\2016-04\1460139255962.c49ab058-da4c-41a5-a102-90731968b155.main.jsonlz4, In Quarantäne, [fb57994081180d29858cc6ad7e86718f], 
PUP.Optional.FakeFFProfile, C:\Users\Marcel Ruckober\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\datareporting\archived\2016-04\1460149789339.08025fd0-0c5b-4333-88d4-a82ce425f6d3.main.jsonlz4, In Quarantäne, [fb57994081180d29858cc6ad7e86718f], 
PUP.Optional.FakeFFProfile, C:\Users\Marcel Ruckober\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\datareporting\archived\2016-04\1460151937173.fce9ad6f-6e0b-48b3-89d3-d596a570c079.main.jsonlz4, In Quarantäne, [fb57994081180d29858cc6ad7e86718f], 
PUP.Optional.FakeFFProfile, C:\Users\Marcel Ruckober\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\gmp-eme-adobe\15\eme-adobe.dll, In Quarantäne, [fb57994081180d29858cc6ad7e86718f], 
PUP.Optional.FakeFFProfile, C:\Users\Marcel Ruckober\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\gmp-eme-adobe\15\eme-adobe.info, In Quarantäne, [fb57994081180d29858cc6ad7e86718f], 
PUP.Optional.FakeFFProfile, C:\Users\Marcel Ruckober\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\gmp-eme-adobe\15\eme-adobe.voucher, In Quarantäne, [fb57994081180d29858cc6ad7e86718f], 
PUP.Optional.FakeFFProfile, C:\Users\Marcel Ruckober\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\gmp-gmpopenh264\1.1\gmpopenh264.dll, In Quarantäne, [fb57994081180d29858cc6ad7e86718f], 
PUP.Optional.FakeFFProfile, C:\Users\Marcel Ruckober\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\gmp-gmpopenh264\1.1\gmpopenh264.info, In Quarantäne, [fb57994081180d29858cc6ad7e86718f], 
PUP.Optional.FakeFFProfile, C:\Users\Marcel Ruckober\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\gmp-gmpopenh264\1.5.3\gmpopenh264.dll, In Quarantäne, [fb57994081180d29858cc6ad7e86718f], 
PUP.Optional.FakeFFProfile, C:\Users\Marcel Ruckober\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\gmp-gmpopenh264\1.5.3\gmpopenh264.info, In Quarantäne, [fb57994081180d29858cc6ad7e86718f], 
PUP.Optional.FakeFFProfile, C:\Users\Marcel Ruckober\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\healthreport\state.json, In Quarantäne, [fb57994081180d29858cc6ad7e86718f], 
PUP.Optional.FakeFFProfile, C:\Users\Marcel Ruckober\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\searchplugins\duckduckgo.xml, In Quarantäne, [fb57994081180d29858cc6ad7e86718f], 
PUP.Optional.FakeFFProfile, C:\Users\Marcel Ruckober\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\storage\permanent\chrome\.metadata, In Quarantäne, [fb57994081180d29858cc6ad7e86718f], 
PUP.Optional.FakeFFProfile, C:\Users\Marcel Ruckober\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\storage\permanent\chrome\idb\18928831881bcdal4a2neraedt-nai3.sqlite, In Quarantäne, [fb57994081180d29858cc6ad7e86718f], 
PUP.Optional.FakeFFProfile, C:\Users\Marcel Ruckober\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\storage\permanent\chrome\idb\2588645841ssegtnti.sqlite, In Quarantäne, [fb57994081180d29858cc6ad7e86718f], 
PUP.Optional.FakeFFProfile, C:\Users\Marcel Ruckober\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\storage\permanent\chrome\idb\2918063365piupsah.sqlite, In Quarantäne, [fb57994081180d29858cc6ad7e86718f], 
PUP.Optional.FakeFFProfile, C:\Users\Marcel Ruckober\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\storage\permanent\chrome\idb\30590497931bcdac4n2yesaadm-oac3.sqlite, In Quarantäne, [fb57994081180d29858cc6ad7e86718f], 
PUP.Optional.FakeFFProfile, C:\Users\Marcel Ruckober\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\storage\permanent\chrome\idb\313973188616c7a94126emaodc-lai3.sqlite, In Quarantäne, [fb57994081180d29858cc6ad7e86718f], 
PUP.Optional.FakeFFProfile, C:\Users\Marcel Ruckober\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\storage\permanent\chrome\idb\846562544phus.sqlite, In Quarantäne, [fb57994081180d29858cc6ad7e86718f], 
PUP.Optional.FakeFFProfile, C:\Users\Marcel Ruckober\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\storage\permanent\indexeddb+++fx-devtools\.metadata, In Quarantäne, [fb57994081180d29858cc6ad7e86718f], 
PUP.Optional.FakeFFProfile, C:\Users\Marcel Ruckober\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\storage\permanent\indexeddb+++fx-devtools\idb\4268914080AsptpcPerjo.sqlite, In Quarantäne, [fb57994081180d29858cc6ad7e86718f], 
PUP.Optional.FakeFFProfile, C:\Users\Marcel Ruckober\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\storage\permanent\indexeddb+++fx-devtools\idb\478967115deegvatroootlss--cans.sqlite, In Quarantäne, [fb57994081180d29858cc6ad7e86718f], 
PUP.Optional.FakeFFProfile, C:\Users\Marcel Ruckober\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\storage\temporary\https+++mega.co.nz\.metadata, In Quarantäne, [fb57994081180d29858cc6ad7e86718f], 
PUP.Optional.FakeFFProfile, C:\Users\Marcel Ruckober\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\storage\temporary\https+++mega.co.nz\asmjs\metadata, In Quarantäne, [fb57994081180d29858cc6ad7e86718f], 
PUP.Optional.FakeFFProfile, C:\Users\Marcel Ruckober\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\storage\temporary\https+++mega.co.nz\asmjs\module10, In Quarantäne, [fb57994081180d29858cc6ad7e86718f], 
PUP.Optional.FakeFFProfile, C:\Users\Marcel Ruckober\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\storage\temporary\https+++mega.co.nz\asmjs\module11, In Quarantäne, [fb57994081180d29858cc6ad7e86718f], 
PUP.Optional.FakeFFProfile, C:\Users\Marcel Ruckober\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\storage\temporary\https+++mega.co.nz\asmjs\module12, In Quarantäne, [fb57994081180d29858cc6ad7e86718f], 
PUP.Optional.FakeFFProfile, C:\Users\Marcel Ruckober\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\storage\temporary\https+++mega.co.nz\asmjs\module13, In Quarantäne, [fb57994081180d29858cc6ad7e86718f], 
PUP.Optional.FakeFFProfile, C:\Users\Marcel Ruckober\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\storage\temporary\https+++mega.co.nz\asmjs\module14, In Quarantäne, [fb57994081180d29858cc6ad7e86718f], 
PUP.Optional.FakeFFProfile, C:\Users\Marcel Ruckober\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\storage\temporary\https+++mega.co.nz\asmjs\module15, In Quarantäne, [fb57994081180d29858cc6ad7e86718f], 
PUP.Optional.FakeFFProfile, C:\Users\Marcel Ruckober\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\storage\temporary\https+++www.facebook.com\.metadata, In Quarantäne, [fb57994081180d29858cc6ad7e86718f], 
PUP.Optional.FakeFFProfile, C:\Users\Marcel Ruckober\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\storage\temporary\https+++www.facebook.com\asmjs\metadata, In Quarantäne, [fb57994081180d29858cc6ad7e86718f], 
PUP.Optional.FakeFFProfile, C:\Users\Marcel Ruckober\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\storage\temporary\https+++www.facebook.com\asmjs\module13, In Quarantäne, [fb57994081180d29858cc6ad7e86718f], 
PUP.Optional.FakeFFProfile, C:\Users\Marcel Ruckober\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\storage\temporary\https+++www.facebook.com\asmjs\module14, In Quarantäne, [fb57994081180d29858cc6ad7e86718f], 
PUP.Optional.FakeFFProfile, C:\Users\Marcel Ruckober\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\storage\temporary\https+++www.facebook.com\asmjs\module15, In Quarantäne, [fb57994081180d29858cc6ad7e86718f], 
PUP.Optional.FakeFFProfile, C:\Users\Marcel Ruckober\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\webapps\webapps.json, In Quarantäne, [fb57994081180d29858cc6ad7e86718f], 
PUP.Optional.HohoSearch, C:\Users\Marcel Ruckober\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\prefs.js, Gut: (), Schlecht: (user_pref("browser.newtab.url", "hxxp://www.hohosearch.com/?ts=AHEqA3AlBHYpBE..&v=20160409&uid=AF5E59F6B7D7814EB89B40513F247712&ptid=epf1&mode=ffseng");), Ersetzt,[3d1518c1d8c13303e1e842315fa556aa]
PUP.Optional.HohoSearch, C:\Users\Marcel Ruckober\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\prefs.js, Gut: (), Schlecht: ("browser.download.panel.shown", true);
user_pref("browser.download.save_converter_index", 0);
user_pref("browser.feeds.showFirstRunUI", false);
user_pref("browser.f), Ersetzt,[64ee61787a1fe551e6e3512222e28e72]
PUP.Optional.HohoSearch, C:\Users\Marcel Ruckober\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\prefs.js, Gut: (), Schlecht: (ange to preferences, you can visit the URL about:config
 */

user_pref("accessibility.typeaheadfind", true);
user_pref("accessibility.typeaheadfind.flashBar", 0);
user_pref("app.update.aut), Ersetzt,[1d3533a68f0a92a49e2b42312dd7e020]
PUP.Optional.HohoSearch, C:\Users\Marcel Ruckober\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\prefs.js, Gut: (), Schlecht: (manual change to preferences, you can visit the URL about:config
 */

user_pref("accessibility.typeaheadfind", true);
user_pref("accessibility.typeaheadfind.flashBar", 0);
user_pref("app.up), Ersetzt,[d0821ebbcbce8babeddc3b3810f46b95]
PUP.Optional.HohoSearch, C:\Users\Marcel Ruckober\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\prefs.js, Gut: (), Schlecht: (138878);
user_pref("app.update.lastUpdateTime.search-engine-update-timer", 1460138638);
user_pref("app.update.lastUpdateTime.xpi-signature-verification", 14), Ersetzt,[73dfc7126435fe385178ff742ada46ba]
PUP.Optional.FastStart, C:\Users\Marcel Ruckober\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\prefs.js, Gut: (), Schlecht: (faststartff@gmail.com), Ersetzt,[75dd10c97029191d4295aec7ae56ec14]
PUM.Optional.FireFoxSearchOverride, C:\Users\Marcel Ruckober\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\user.js, In Quarantäne, [86cc28b16a2f75c1c4565f13fa0a51af], 
PUP.Optional.HijackHosts.Gen, C:\Windows\System32\fibh\bidr\ati.dat, In Quarantäne, [2131ce0bbadff3431bc9c5aae91b9769], 
PUP.Optional.HijackHosts.Gen, C:\Windows\System32\puol\inyi\aiq.dat, In Quarantäne, [1b378a4f0099181e5292f57a798b53ad], 
PUP.Optional.HijackHosts.Gen, C:\Windows\System32\abu\xal\gagdi.dat, In Quarantäne, [a2b0e4f55a3f0234c81f80ef43c1eb15], 

Physische Sektoren: 0
(keine bösartigen Elemente erkannt)


(end)

M-K-D-B · 25.05.2016, 11:17

Servus,

Schritt 1
Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument

Code:

ATTFilter

CloseProcesses:
BHO: Behqec -> {AB11977A-6008-410E-8560-9D4F9C082BB1} -> C:\Program Files\Behqec\Oiloj64.dll => Keine Datei
C:\Program Files\Behqec
C:\Users\Marcel Ruckober\AppData\Roaming\Baellod
C:\Users\Marcel Ruckober\AppData\Roaming\Osidf
FF HKU\S-1-5-21-189922631-1767686969-1414721043-1001\...\Firefox\Extensions: [cliqz@cliqz.com] - C:\Users\Marcel Ruckober\AppData\Roaming\Mozilla\Firefox\Profiles\1s42r4b0.default\extensions\cliqz@cliqz.com => nicht gefunden
FF HKU\S-1-5-21-189922631-1767686969-1414721043-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Firefox\Extensions: [cliqz@cliqz.com] - C:\Users\Marcel Ruckober\AppData\Roaming\Mozilla\Firefox\Profiles\1s42r4b0.default\extensions\cliqz@cliqz.com => nicht gefunden
Task: {179ADBFC-E116-4C10-B76E-38BEF94C913C} - \PC Speed Maximizer Schedule -> Keine Datei <==== ACHTUNG
Task: {238B96E3-4B82-4B32-8443-9F95AD659799} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Keine Datei <==== ACHTUNG
Task: {375230AC-2076-4485-A0D3-8265E0E33B9A} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime -> Keine Datei <==== ACHTUNG
Task: {4BC11492-1C6C-4FA9-A3EB-B577E5C7C803} - System32\Tasks\Calpukp => C:\PROGRA~1\Nulufomp\Foxsafz.bat <==== ACHTUNG
C:\Program Files\Nulufomp
Task: {1A8BEC5A-ED2B-45F1-B109-41F3E9B8B826} - System32\Tasks\{105F6E78-7D1E-4F67-96E2-FDFAFC55ACD7} => C:\Windows\twain_32\escndv\escndv.exe
Task: {791CD5ED-B441-4817-992A-B72AA6E97D3A} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Keine Datei <==== ACHTUNG
Task: {7CA5E8FA-58C6-40EC-B4EA-2A427B23E279} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Keine Datei <==== ACHTUNG
Task: {7CBBCDDE-148D-45BC-B22B-0C66633ADC0A} - System32\Tasks\Ypufko => C:\PROGRA~1\Behqec\Digolorf.bat <==== ACHTUNG
Task: {8B8F036D-500F-44A6-8999-A38E6C570134} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime -> Keine Datei <==== ACHTUNG
Task: {90170080-4A42-4C38-89F3-3F4B3B8289EC} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Keine Datei <==== ACHTUNG
Task: {9C6CBEAD-8C12-4BC7-BA94-AC6F05170EF8} - System32\Tasks\{15088E54-DFAB-4EEB-B577-D1A91023FE95} => pcalua.exe -a C:\windows\system32\pcwrun.exe -c "C:\Program Files (x86)\Savvy TV\dvbttv.exe"
Task: {9F2B3EA1-41F3-49BA-B959-8F7356AE42DA} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Keine Datei <==== ACHTUNG
Task: {A3ED3617-E2CD-44B4-BCF5-222E57F3C58C} - System32\Tasks\{61057125-BE50-4F81-8CFA-122F0CD8FAA2} => C:\Windows\twain_32\escndv\escndv.exe
Task: {A5B3B78B-6194-48E0-AFD5-B2BD4036B89B} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Keine Datei <==== ACHTUNG
Task: {B7EE7BC6-2052-4A85-805B-4C4B6B4E8A2E} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Keine Datei <==== ACHTUNG
Task: {B9372182-3368-4DEB-9588-3FF621BF9B64} - System32\Tasks\FastBrowsing2 => C:\Windows\Temp\FastBrowsing2.exe <==== ACHTUNG
Task: {C8FC4AB1-1D14-42D8-88D6-24FC1DD1DD2E} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Keine Datei <==== ACHTUNG
Task: {CE3EEA6A-B631-4959-8390-4F83A2F76B6B} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Keine Datei <==== ACHTUNG
Task: {E1AAF74D-9B9E-495A-80BC-EF889EDD94FF} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Keine Datei <==== ACHTUNG
Task: {ED86F757-395A-4F01-A083-D290133347B0} - System32\Tasks\{CD8C37B6-1DA2-4A9A-B2FA-833C841F2606} => pcalua.exe -a D:\setup.exe -d D:\
Task: {F0D26271-0802-459B-99A3-B6C3F8655CAB} - System32\Tasks\{EC5838CF-3B72-4FCB-AEA3-73238E53A909} => pcalua.exe -a "C:\Users\Marcel Ruckober\Downloads\7kaa_full_2.13.0_setup.exe" -d "C:\Users\Marcel Ruckober\Downloads"
AlternateDataStreams: C:\ProgramData\Temp:D1B5B4F1 [226]
DeleteKey: HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\services\globalUpdate
DeleteKey: HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\services\globalUpdatem 
RemoveProxy:
CMD: ipconfig /flushdns
CMD: netsh winsock reset
EmptyTemp:
end

Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).

Starte nun FRST erneut und klicke den Entfernen Button.
Das Tool erstellt eine Fixlog.txt.
Poste mir deren Inhalt.

Schritt 2
Lade dir die passende Version von SystemLook vom folgenden Spiegel herunter und speichere das Tool auf dem Desktop:
SystemLook (32 bit) | SystemLook (64 bit)

Doppelklicke auf die SystemLook.exe, um das Tool zu starten.
Kopiere den Inhalt der folgenden Codebox in das Textfeld des Tools:
Code:
ATTFilter
```
:regfind
SearchModule
BrowserAir
csdi_monetize
Soobzo
bvyvave
dply_en
         
```
Klicke nun auf den Button Look, um den Scan zu starten.
Der Suchlauf kann einige Zeit dauern.
Wenn der Suchlauf beendet ist, wird sich dein Editor mit den Ergebnissen öffnen, poste diese in deinen Thread.
Die Ergebnisse werden auch auf dem Desktop als SystemLook.txt gespeichert.

Schritt 3
Deaktiviere bitte dein Antivirenprogramm, da es die Entfernung von SpyHunter blockieren kann.
Bitte downloade SpyHunterCleaner und speichere die Datei auf dem Desktop. (Bebilderte Anleitung)

Speichere alle Arbeiten und schließe alle noch offenen Programme und Browser.
Starte die SpyHunterCleaner.exe.
Drücke eine beliebige Taste, um den Entfernungsprozess zu starten. Dieser dauert in der Regel nur kurz.
Wenn das Tool fertig ist, wird es automatisch einen Neustart durchführen.

Schritt 4

Starte die FRST.exe erneut. Setze einen Haken vor Addition.txt und drücke auf Scan.
FRST erstellt wieder zwei Logdateien (FRST.txt und Addition.txt).
Poste mir beide Logdateien mit deiner nächsten Antwort.

Bitte poste mit deiner nächsten Antwort

die Logdatei des FRST-Fix,
die Logdatei von SystemLook,
die beiden neuen Logdateien von FRST.

M-K-D-B · 28.05.2016, 20:14

Fehlende Rückmeldung
Dieses Thema wurde aus den Abos gelöscht. Somit bekomme ich keine Benachrichtigung über neue Antworten.
PM an mich falls Du denoch weiter machen willst.

Hinweis: Das Verschwinden der Symptome bedeutet nicht, dass Dein Rechner schon sauber ist.

Jeder andere bitte hier klicken und einen eigenen Thread erstellen!

M-K-D-B · 30.05.2016, 06:03

Servus,

bei dir befindet sich FRST im downloadordner:
Gestartet von C:\Users\Marcel Ruckober\Downloads

Wenn du dorthin die fixlist.txt packst, dann funktioniert das mit dem Entfernen auch...

30.05.2016, 06:03	#15
M-K-D-B /// TB-Ausbilder	Pop-up-Virus Firefox -> unerwünschte Werbung! Servus, bei dir befindet sich FRST im downloadordner: Gestartet von C:\Users\Marcel Ruckober\Downloads Wenn du dorthin die fixlist.txt packst, dann funktioniert das mit dem Entfernen auch...

Pop-up-Virus Firefox -> unerwünschte Werbung!

Plagegeister aller Art und deren Bekämpfung: Pop-up-Virus Firefox -> unerwünschte Werbung!