Trojaner-Board
Seite 1 von 2 1 2
100 Beiträge dieses Themas auf einer Seite anzeigen

Trojaner-Board (https://www.trojaner-board.de/)
-   Log-Analyse und Auswertung (https://www.trojaner-board.de/log-analyse-auswertung/)
-   -   Windows 8: Entfernen von Safefinder, Snap.do, SideCubes und Co (https://www.trojaner-board.de/169767-windows-8-entfernen-safefinder-snap-do-sidecubes-co.html)

ravioli 15.08.2015 15:14
Windows 8: Entfernen von Safefinder, Snap.do, SideCubes und Co
 
Hallo!

Leider Gottes habe ich mir scheinbar einiges an Malware eingefangen, dass ich ohne Unterstüzung nicht loswerde ...

Ich habe Eure Anleitung gelesen, poste nun die Logs von FRST (GMER hat leider nicht funktioniert) und bin euch schon im vornherein dankbar für jede Hilfe!!

FRST.txt:
Code:
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:14-08-2015 01
durchgeführt von CM (Administrator) auf CHRISTIAN (15-08-2015 15:51:54)
Gestartet von C:\Users\CM\Desktop
Geladene Profile: CM (Verfügbare Profile: CM)
Platform: Windows 8.1 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(ABBYY) C:\Program Files (x86)\Common Files\ABBYY\FineReader\10.00\Licensing\CE\NetworkLicenseServer.exe
(Qualcomm Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Acer Cloud\CCDMonitorService.exe
() C:\Program Files\Controller\cohc.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\dsiwmis.exe
(Diskeeper Corporation) C:\Program Files\Diskeeper Corporation\ExpressCache\ExpressCache.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Instant Service\Sleep Memory Optimizer\FFSService.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
(McAfee, Inc.) C:\Program Files (x86)\McAfee\SiteAdvisor\mcsacore.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\systemcore\mfemms.exe
(McAfee, Inc.) C:\Windows\System32\mfevtps.exe
(McAfee, Inc.) C:\Windows\System32\mfevtps.exe
(NTI Corporation) C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\AMCore\mcshield.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\systemcore\mfefire.exe
(Dritek System INC.) C:\Windows\RfBtnSvc64.exe
(Atheros) C:\Program Files (x86)\Qualcomm Atheros\Ath_WlanAgent.exe
() C:\ProgramData\Zontone\Zontone.exe
(McAfee, Inc.) C:\Program Files\mcafee\msc\McAPExe.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\systemcore\mfefire.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMutilps32.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel Corporation) C:\Windows\System32\igfxTray.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LManager.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\Platform\McUICnt.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
() C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe
(NTI Corporation) C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.11.149\SSScheduler.exe
(Dolby Laboratories Inc.) C:\Dolby PCEE4\pcee4.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerTray.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerEvent.exe
(CyberLink) C:\Program Files (x86)\CyberLink\MediaEspresso\DeviceDetector\DeviceDetector.exe
(Qualcomm Atheros) C:\Program Files (x86)\Bluetooth Suite\BtTray.exe
(Atheros Communications) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
() C:\Program Files\Acer\Acer Instant Service\InstantUpdate\iuBrowserIEAgent.exe
() C:\Program Files\Acer\Acer Instant Service\InstantUpdate\iuEmailOutlookAgent.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Theft Shield\USecuAppClient.exe
() C:\Program Files\ReviverSoft\Driver Reviver\DriverReviver.exe
(Egis Technology Inc.) C:\Program Files\EgisTec IPS\PmmUpdate.exe
(Egis Technology Inc.) C:\Program Files\EgisTec IPS\EgisUpdate.exe


==================== Registry (Nicht auf der Ausnahmeliste) ===========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [2864528 2012-08-20] (ELAN Microelectronics Corp.)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12936848 2012-07-31] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1214608 2012-07-31] (Realtek Semiconductor)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
HKLM\...\Run: [HotKeysCmds] => C:\Windows\system32\hkcmd.exe
HKLM\...\Run: [Persistence] => C:\Windows\system32\igfxpers.exe
HKLM\...\Run: [BtPreLoad] => C:\Program Files (x86)\Bluetooth Suite\BtPreLoad.exe [64640 2012-08-10] ()
HKLM-x32\...\Run: [mcui_exe] => C:\Program Files\McAfee.com\Agent\mcagent.exe [641504 2015-07-21] (McAfee, Inc.)
HKLM-x32\...\Run: [Dolby Home Theater v4] => C:\Dolby PCEE4\pcee4.exe [508256 2012-04-23] (Dolby Laboratories Inc.)
HKLM-x32\...\Run: [LManager] => [X]
HKLM-x32\...\Run: [Bonus.SSR.FR10] => C:\Program Files (x86)\ABBYY FineReader 10\Bonus.ScreenshotReader.exe [941320 2009-12-20] (ABBYY.)
HKLM\...\Policies\Explorer: [NoFolderOptions] 0
HKLM\...\Policies\Explorer: [NoControlPanel] 0
HKU\S-1-5-21-2407381306-1223850301-1151369756-1001\...\Run: [Spotify Web Helper] => C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe [1193176 2012-10-18] ()
AppInit_DLLs: C:\ProgramData\Zontone\yjnsg3mq.dll => C:\ProgramData\Zontone\yjnsg3mq.dll [146944 2015-08-11] ()
AppInit_DLLs-x32: C:\ProgramData\Zontone\4spzqbdf.dll => C:\ProgramData\Zontone\4spzqbdf.dll [120320 2015-08-11] ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Acer Backup Manager Tray.lnk [2012-09-01]
ShortcutTarget: Acer Backup Manager Tray.lnk -> C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe (NTI Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk [2015-07-26]
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.11.149\SSScheduler.exe (McAfee, Inc.)

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt..)

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
HKU\S-1-5-21-2407381306-1223850301-1151369756-1001\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBUTwkzwGbNf1Lchis4Xjylf4aAb52mZkzohosIxYuqQ8rXqRc_Pqjp71f4SudyAmUg0UZKnOHAP7OowVFcOrbMDpEe8tuY_-dqmtGsmbh502bSqFLvmzQnrF9wclFp9pLD9myHYCY14Jnf-JB3yaANu6ZMENop9Y-HJd6t4g,,&q={searchTerms}
HKU\S-1-5-21-2407381306-1223850301-1151369756-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://%66%65%65%64.%73%6E%61%70%64%6F.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBUTwkzwGbNf1Lchis4Xjylf4aAb52mZkzohosIxYuqQ8rXqRc_Pqjp71f4SudyAmUg0UZKnOHAP7OowVFcOrbMDpESn-6ghCJn4sX6CTmIR1Cg47szre_SIYGidSpFtBohtEXgldALXo0inJYnQAwbvS3gb9dINtUPNlobOg,,
HKU\S-1-5-21-2407381306-1223850301-1151369756-1001\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBUTwkzwGbNf1Lchis4Xjylf4aAb52mZkzohosIxYuqQ8rXqRc_Pqjp71f4SudyAmUg0UZKnOHAP7OowVFcOrbMDpEe8tuY_-dqmtGsmbh502bSqFLvmzQnrF9wclFp9pLD9myHYCY14Jnf-JB3yaANu6ZMENop9Y-HJd6t4g,,&q={searchTerms}
HKU\S-1-5-21-2407381306-1223850301-1151369756-1001\Software\Microsoft\Internet Explorer\Main,SearchAssistant = hxxp://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBUTwkzwGbNf1Lchis4Xjylf4aAb52mZkzohosIxYuqQ8rXqRc_Pqjp71f4SudyAmUg0UZKnOHAP7OowVFcOrbMDpEe8tuY_-dqmtGsmbh502bSqFLvmzQnrF9wclFp9pLD9myHYCY14Jnf-JB3yaANu6ZMENop9Y-HJd6t4g,,&q={searchTerms}
SearchScopes: HKLM-x32 -> DefaultScope {ielnksrch} URL =
SearchScopes: HKLM-x32 -> ielnksrch URL = hxxp://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBUTwkzwGbNf1Lchis4Xjylf4aAb52mZkzohosIxYuqQ8rXqRc_Pqjp71f4SudyAmUg0UZKnOHAP7OowVFcOrbMDpEe8tuY_-dqmtGsmbh502bSqFLvmzQnrF9wclFp9pLD9myHYCY14Jnf-JB3yaANu6ZMENop9Y-HJd6t4g,,&q={searchTerms}
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-2407381306-1223850301-1151369756-1001 -> DefaultScope {ielnksrch} URL = hxxp://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBUTwkzwGbNf1Lchis4Xjylf4aAb52mZkzohosIxYuqQ8rXqRc_Pqjp71f4SudyAmUg0UZKnOHAP7OowVFcOrbMDpEe8tuY_-dqmtGsmbh502bSqFLvmzQnrF9wclFp9pLD9myHYCY14Jnf-JB3yaANu6ZMENop9Y-HJd6t4g,,&q={searchTerms}
SearchScopes: HKU\S-1-5-21-2407381306-1223850301-1151369756-1001 -> {ielnksrch} URL = hxxp://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBUTwkzwGbNf1Lchis4Xjylf4aAb52mZkzohosIxYuqQ8rXqRc_Pqjp71f4SudyAmUg0UZKnOHAP7OowVFcOrbMDpEe8tuY_-dqmtGsmbh502bSqFLvmzQnrF9wclFp9pLD9myHYCY14Jnf-JB3yaANu6ZMENop9Y-HJd6t4g,,&q={searchTerms}
BHO: CIESpeechBHO Class -> {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} -> C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll [2012-08-10] (Qualcomm Atheros Commnucations)
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll [2015-08-04] (McAfee, Inc.)
Handler-x32: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll [2015-08-04] (McAfee, Inc.)
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll [2015-08-04] (McAfee, Inc.)
Handler-x32: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll [2015-08-04] (McAfee, Inc.)
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\mcafee\msc\McSnIePl64.dll [2015-07-21] (McAfee, Inc.)
Filter-x32: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files (x86)\McAfee\msc\McSnIePl.dll [2015-07-21] (McAfee, Inc.)
Hosts: 0.0.0.1        mssplus.mcafee.com
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{B7849172-6A74-4C08-8B3E-2D246B3D9F41}: [DhcpNameServer] 192.168.178.1

FireFox:
========
FF ProfilePath: C:\Users\CM\AppData\Roaming\Mozilla\Firefox\Profiles\dl70p1bv.default
FF DefaultSearchEngine: findit
FF Homepage: web.de
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_18_0_0_232.dll [2015-08-13] ()
FF Plugin: @mcafee.com/MSC,version=10 -> c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL [2015-07-21] ()
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_232.dll [2015-08-13] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-06-06] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-06-06] (Intel Corporation)
FF Plugin-x32: @mcafee.com/MSC,version=10 -> c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL [2015-07-21] ()
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3508.0205 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2013-02-05] (Microsoft Corporation)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF SearchPlugin: C:\Users\CM\AppData\Roaming\Mozilla\Firefox\Profiles\dl70p1bv.default\searchplugins\findit.xml [2015-08-11]
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\findit.xml [2015-08-11]
FF Extension: McAfee WebAdvisor - C:\Users\CM\AppData\Roaming\Mozilla\Firefox\Profiles\dl70p1bv.default\Extensions\{4ED1F68A-5463-4931-9384-8FFF5ED91D92}.xpi [2015-07-31]
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK
FF Extension: McAfee Anti-Spam Thunderbird Extension - C:\Program Files\McAfee\MSK [2012-09-01]

Chrome:
=======
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx [2015-08-06]
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx [2015-08-06]

==================== Dienste (Nicht auf der Ausnahmeliste) ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 ABBYY.Licensing.FineReader.Corporate.10.0; C:\Program Files (x86)\Common Files\ABBYY\FineReader\10.00\Licensing\CE\NetworkLicenseServer.exe [814344 2009-12-19] (ABBYY)
R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [211584 2012-08-10] (Qualcomm Atheros Commnucations) [Datei ist nicht signiert]
S3 BthHFSrv; C:\Windows\System32\BthHFSrv.dll [324608 2014-11-21] (Microsoft Corporation)
R2 CCDMonitorService; C:\Program Files (x86)\Acer\Acer Cloud\CCDMonitorService.exe [2435728 2012-08-23] (Acer Incorporated)
R2 cohci1394; C:\Program Files\Controller\cohc.exe [376832 2015-07-27] () [Datei ist nicht signiert]
S3 DeviceFastLaneService; C:\Program Files\Acer\Acer Device Fast-lane\DeviceFastLaneSvc.exe [468624 2012-08-22] (Acer Incorporated)
R3 ePowerSvc; C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe [658576 2012-08-22] (Acer Incorporated)
R2 ExpressCache; C:\Program Files\Diskeeper Corporation\ExpressCache\ExpressCache.exe [79664 2012-03-30] (Diskeeper Corporation)
R2 FFSOpzSvc; C:\Program Files\Acer\Acer Instant Service\Sleep Memory Optimizer\FFSService.exe [161384 2012-03-12] (Acer Incorporated)
R2 HomeNetSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [368048 2015-07-21] (McAfee, Inc.)
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [319376 2014-10-01] (Intel Corporation)
S3 irstrtsv; C:\Windows\SysWOW64\irstrtsv.exe [193576 2012-07-20] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [166720 2012-06-25] (Intel Corporation)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2015-06-18] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1133880 2015-06-18] (Malwarebytes Corporation)
R2 McAfee SiteAdvisor Service; C:\Program Files (x86)\McAfee\SiteAdvisor\McSACore.exe [155368 2015-08-04] (McAfee, Inc.)
R2 McAPExe; C:\Program Files\McAfee\MSC\McAPExe.exe [782608 2015-07-21] (McAfee, Inc.)
S3 McAWFwk; C:\Program Files\mcafee\msc\McAWFwk.exe [332080 2012-01-26] (McAfee, Inc.)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.11.149\McCHSvc.exe [289256 2015-06-26] (McAfee, Inc.)
S4 mccspsvc; C:\Program Files\Common Files\McAfee\CSP\1.6.1008.0\McCSPServiceHost.exe [1694152 2015-07-23] (McAfee, Inc.)
R2 McMPFSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [368048 2015-07-21] (McAfee, Inc.)
R2 McNaiAnn; C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe [368048 2015-07-21] (McAfee, Inc.)
S3 McODS; C:\Program Files\mcafee\VirusScan\mcods.exe [639456 2015-07-17] (McAfee, Inc.)
S2 McOobeSv; C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe [200728 2012-05-11] (McAfee, Inc.)
R2 mcpltsvc; C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe [368048 2015-07-21] (McAfee, Inc.)
R2 McProxy; C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe [368048 2015-07-21] (McAfee, Inc.)
R3 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [232656 2015-06-29] (McAfee, Inc.)
R2 mfemms; C:\Program Files\Common Files\McAfee\SystemCore\\mfemms.exe [373704 2015-07-06] (McAfee, Inc.)
R2 mfevtp; C:\windows\system32\mfevtps.exe [254792 2015-06-29] (McAfee, Inc.)
R2 MSK80Service; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [368048 2015-07-21] (McAfee, Inc.)
R2 NTI IScheduleSvc; C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe [259136 2012-08-23] (NTI Corporation)
R2 RfButtonDriverService; C:\Windows\RfBtnSvc64.exe [93296 2012-10-18] (Dritek System INC.)
S3 USecuAppSvc; c:\Program Files\Acer\Acer Theft Shield\USecuAppSvc.exe [344720 2012-08-22] (Acer Incorporated)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366552 2015-07-07] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2015-07-07] (Microsoft Corporation)
R2 ZAtheros Wlan Agent; C:\Program Files (x86)\Qualcomm Atheros\Ath_WlanAgent.exe [81536 2012-08-01] (Atheros) [Datei ist nicht signiert]
S2 Got; C:\ProgramData\Got\Got [X]
R2 Zontone; C:\ProgramData\Zontone\Zontone [X]

===================== Treiber (Nicht auf der Ausnahmeliste) ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [76952 2012-08-10] (Qualcomm Atheros)
R3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [226304 2014-11-21] (Microsoft Corporation)
R3 cfwids; C:\Windows\System32\drivers\cfwids.sys [77536 2015-07-02] (McAfee, Inc.)
S3 dot4; C:\Windows\system32\DRIVERS\Dot4.sys [151968 2012-10-19] (Windows (R) Win 7 DDK provider)
S3 Dot4Print; C:\Windows\System32\drivers\Dot4Prt.sys [21928 2015-03-23] (Windows (R) Win 7 DDK provider)
R1 excfs; C:\Windows\System32\DRIVERS\excfs.sys [23344 2012-03-30] (Diskeeper Corporation)
R0 excsd; C:\Windows\System32\DRIVERS\excsd.sys [95024 2012-03-30] (Diskeeper Corporation)
S3 HipShieldK; C:\Windows\System32\drivers\HipShieldK.sys [207208 2015-05-19] (McAfee, Inc.)
R3 irstrtdv; C:\Windows\System32\drivers\irstrtdv.sys [43800 2012-07-21] (Intel Corporation)
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25816 2015-06-18] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [113880 2015-08-15] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [64216 2015-06-18] (Malwarebytes Corporation)
R3 mfeaack; C:\Windows\System32\drivers\mfeaack.sys [412440 2015-07-02] (McAfee, Inc.)
R3 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [347800 2015-07-02] (McAfee, Inc.)
S0 mfeelamk; C:\Windows\System32\drivers\mfeelamk.sys [80920 2015-07-02] (McAfee, Inc.)
R3 mfefirek; C:\Windows\System32\drivers\mfefirek.sys [496888 2015-07-02] (McAfee, Inc.)
R0 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [875928 2015-07-02] (McAfee, Inc.)
R3 mfencbdc; C:\Windows\System32\DRIVERS\mfencbdc.sys [529080 2015-06-28] (McAfee, Inc.)
S3 mfencrk; C:\Windows\System32\DRIVERS\mfencrk.sys [109728 2015-06-28] (McAfee, Inc.)
R3 mfesapsn; C:\Program Files (x86)\McAfee\SiteAdvisor\x64\mfesapsn.sys [37960 2015-08-04] (McAfee, Inc.)
R0 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [344704 2015-07-02] (McAfee, Inc.)
R3 Ps2Kb2Hid; C:\Windows\System32\drivers\aPs2Kb2Hid.sys [26736 2012-10-18] (Dritek System Inc.)

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2015-08-15 15:51 - 2015-08-15 15:52 - 00022071 _____ C:\Users\CM\Desktop\FRST.txt
2015-08-15 15:46 - 2015-08-15 15:52 - 00000000 ____D C:\FRST
2015-08-15 15:44 - 2015-08-15 15:45 - 02173952 _____ (Farbar) C:\Users\CM\Desktop\FRST64.exe
2015-08-15 15:44 - 2015-08-15 15:44 - 00000466 _____ C:\Users\CM\Downloads\defogger_disable.log
2015-08-15 15:44 - 2015-08-15 15:44 - 00000000 _____ C:\Users\CM\defogger_reenable
2015-08-15 15:33 - 2015-08-15 15:33 - 00050477 _____ C:\Users\CM\Downloads\Defogger.exe
2015-08-14 10:53 - 2015-08-14 11:06 - 00000000 ____D C:\Users\CM\Documents\Bluetooth Folder
2015-08-14 06:54 - 2015-08-15 14:59 - 00000358 _____ C:\WINDOWS\Tasks\Start Driver Reviver for CHRISTIAN@CM(logon).job
2015-08-14 06:54 - 2015-08-14 10:51 - 00002626 _____ C:\WINDOWS\System32\Tasks\Start Driver Reviver for CHRISTIAN@CM(logon)
2015-08-14 06:54 - 2015-08-14 06:54 - 00001051 _____ C:\Users\Public\Desktop\Driver Reviver.lnk
2015-08-14 06:54 - 2015-08-14 06:54 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ReviverSoft
2015-08-14 06:53 - 2015-08-15 14:59 - 00002722 _____ C:\WINDOWS\System32\Tasks\Start Driver Reviver( SR ) for CHRISTIAN@CM
2015-08-14 06:53 - 2015-08-15 14:59 - 00000342 _____ C:\WINDOWS\Tasks\Start Driver Reviver( SR ) for CHRISTIAN@CM.job
2015-08-14 06:53 - 2015-08-14 06:53 - 04797752 _____ (ReviverSoft LLC) C:\Users\CM\Downloads\DriverReviverSetup_ppc.exe
2015-08-14 06:53 - 2015-08-14 06:53 - 00002610 _____ C:\WINDOWS\System32\Tasks\Start Driver Reviver( SR ) for CHRISTIAN@CM at logon
2015-08-14 06:53 - 2015-08-14 06:53 - 00000000 ____D C:\ProgramData\ReviverSoft
2015-08-14 06:53 - 2015-08-14 06:53 - 00000000 ____D C:\Program Files\ReviverSoft
2015-08-13 08:55 - 2015-08-13 08:55 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Security Scan Plus
2015-08-13 08:55 - 2015-08-13 08:55 - 00000000 ____D C:\Program Files\McAfee Security Scan
2015-08-12 11:27 - 2015-07-30 16:04 - 00124624 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2015-08-12 11:27 - 2015-07-30 15:48 - 00103120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2015-08-12 11:10 - 2015-08-12 11:10 - 00000000 ____D C:\WINDOWS\PCHEALTH
2015-08-11 23:03 - 2015-08-11 23:03 - 00003480 _____ C:\WINDOWS\System32\Tasks\snp
2015-08-11 23:03 - 2015-08-11 23:03 - 00003118 _____ C:\WINDOWS\System32\Tasks\snf
2015-08-11 23:02 - 2015-08-14 10:50 - 00000000 ____D C:\ProgramData\Zontone
2015-08-11 23:02 - 2015-08-11 23:02 - 03471189 _____ (Dongphase) C:\Program Files\Common Files\a2d0ljkm.exe
2015-08-11 23:02 - 2015-08-11 23:02 - 00000000 ____D C:\ProgramData\Zontones
2015-08-11 23:02 - 2015-07-19 03:58 - 00136904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2015-08-11 23:02 - 2015-07-18 20:51 - 03704320 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2015-08-11 23:02 - 2015-07-18 20:31 - 00140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuwebv.dll
2015-08-11 23:02 - 2015-07-18 20:31 - 00095744 _____ (Microsoft Corporation) C:\WINDOWS\system32\wudriver.dll
2015-08-11 23:02 - 2015-07-18 20:31 - 00035840 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapp.exe
2015-08-11 23:02 - 2015-07-18 20:29 - 00409088 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUSettingsProvider.dll
2015-08-11 23:02 - 2015-07-18 20:29 - 00124928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuwebv.dll
2015-08-11 23:02 - 2015-07-18 20:29 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapp.exe
2015-08-11 23:02 - 2015-07-18 20:28 - 00081920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wudriver.dll
2015-08-11 23:02 - 2015-07-18 20:12 - 02228736 _____ (Microsoft Corporation) C:\WINDOWS\system32\wucltux.dll
2015-08-11 23:02 - 2015-07-18 20:10 - 00891904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2015-08-11 23:02 - 2015-07-18 20:09 - 00721920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2015-08-11 23:01 - 2015-07-16 23:14 - 25192448 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2015-08-11 23:01 - 2015-07-16 22:36 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2015-08-11 23:01 - 2015-07-16 22:36 - 00417792 _____ (Microsoft Corporation) C:\WINDOWS\system32\html.iec
2015-08-11 23:01 - 2015-07-16 22:35 - 02885632 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2015-08-11 23:01 - 2015-07-16 22:26 - 05923328 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2015-08-11 23:01 - 2015-07-16 22:23 - 00615936 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieui.dll
2015-08-11 23:01 - 2015-07-16 22:21 - 00816640 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2015-08-11 23:01 - 2015-07-16 22:20 - 19870208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2015-08-11 23:01 - 2015-07-16 21:53 - 00145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll
2015-08-11 23:01 - 2015-07-16 21:51 - 00504320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2015-08-11 23:01 - 2015-07-16 21:50 - 00341504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\html.iec
2015-08-11 23:01 - 2015-07-16 21:45 - 02279424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2015-08-11 23:01 - 2015-07-16 21:45 - 01032704 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll
2015-08-11 23:01 - 2015-07-16 21:41 - 00479232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieui.dll
2015-08-11 23:01 - 2015-07-16 21:39 - 00664064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2015-08-11 23:01 - 2015-07-16 21:38 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll
2015-08-11 23:01 - 2015-07-16 21:36 - 00801280 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2015-08-11 23:01 - 2015-07-16 21:34 - 14451200 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2015-08-11 23:01 - 2015-07-16 21:32 - 02125824 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2015-08-11 23:01 - 2015-07-16 21:14 - 02880000 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2015-08-11 23:01 - 2015-07-16 21:13 - 00880128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll
2015-08-11 23:01 - 2015-07-16 21:12 - 04520448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2015-08-11 23:01 - 2015-07-16 21:12 - 02427904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2015-08-11 23:01 - 2015-07-16 21:10 - 12856832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2015-08-11 23:01 - 2015-07-16 21:06 - 00689152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2015-08-11 23:01 - 2015-07-16 21:01 - 01545728 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2015-08-11 23:01 - 2015-07-16 20:52 - 01048576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll
2015-08-11 23:01 - 2015-07-16 20:49 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2015-08-11 23:01 - 2015-07-16 20:42 - 01951232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2015-08-11 23:01 - 2015-07-16 20:38 - 01310720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2015-08-11 23:01 - 2015-07-16 20:37 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2015-08-11 23:01 - 2015-06-09 20:27 - 00411133 _____ C:\WINDOWS\system32\ApnDatabase.xml
2015-08-11 22:58 - 2015-07-29 01:24 - 00025776 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2015-08-11 22:58 - 2015-07-28 16:24 - 01148416 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2015-08-11 22:58 - 2015-07-28 16:24 - 01116160 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2015-08-11 22:58 - 2015-07-28 16:24 - 00774144 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2015-08-11 22:58 - 2015-07-28 16:24 - 00743424 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2015-08-11 22:58 - 2015-07-28 16:24 - 00437248 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2015-08-11 22:58 - 2015-07-28 16:24 - 00069120 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2015-08-11 22:58 - 2015-07-16 02:29 - 07458648 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2015-08-11 22:58 - 2015-07-16 02:29 - 01735000 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2015-08-11 22:58 - 2015-07-16 02:29 - 00101720 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mountmgr.sys
2015-08-11 22:58 - 2015-07-16 02:28 - 01499920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2015-08-11 22:58 - 2015-07-14 23:59 - 01113944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2015-08-11 22:58 - 2015-07-14 23:59 - 00487256 _____ (Microsoft Corporation) C:\WINDOWS\system32\netcfgx.dll
2015-08-11 22:58 - 2015-07-14 23:59 - 00393560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netcfgx.dll
2015-08-11 22:58 - 2015-07-14 05:22 - 02529880 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2015-08-11 22:58 - 2015-07-14 05:21 - 01901776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2015-08-11 22:58 - 2015-07-13 21:46 - 00059392 _____ (Microsoft Corporation) C:\WINDOWS\system32\csrsrv.dll
2015-08-11 22:58 - 2015-07-13 21:45 - 00059392 _____ (Microsoft Corporation) C:\WINDOWS\system32\basesrv.dll
2015-08-11 22:58 - 2015-07-10 20:19 - 01101824 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdvidcrl.dll
2015-08-11 22:58 - 2015-07-10 19:54 - 01217024 _____ (Microsoft Corporation) C:\WINDOWS\system32\sysmain.dll
2015-08-11 22:58 - 2015-07-10 19:42 - 02345472 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2015-08-11 22:58 - 2015-07-10 19:14 - 00856064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdvidcrl.dll
2015-08-11 22:58 - 2015-07-10 19:13 - 07032320 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2015-08-11 22:58 - 2015-07-10 18:47 - 01556992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll
2015-08-11 22:58 - 2015-07-10 18:31 - 06213120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2015-08-11 22:58 - 2015-07-09 19:13 - 00221184 _____ (Microsoft Corporation) C:\WINDOWS\system32\notepad.exe
2015-08-11 22:58 - 2015-07-09 19:13 - 00221184 _____ (Microsoft Corporation) C:\WINDOWS\notepad.exe
2015-08-11 22:58 - 2015-07-09 18:30 - 00212992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\notepad.exe
2015-08-11 22:58 - 2015-07-07 11:40 - 00270168 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdFilter.sys
2015-08-11 22:58 - 2015-07-07 11:40 - 00114520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdNisDrv.sys
2015-08-11 22:58 - 2015-07-07 11:40 - 00044560 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdBoot.sys
2015-08-11 22:58 - 2015-07-02 00:19 - 00228864 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebClnt.dll
2015-08-11 22:58 - 2015-07-02 00:16 - 00104448 _____ (Microsoft Corporation) C:\WINDOWS\system32\davclnt.dll
2015-08-11 22:58 - 2015-07-01 23:37 - 00198656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WebClnt.dll
2015-08-11 22:58 - 2015-07-01 23:35 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\davclnt.dll
2015-08-11 22:58 - 2015-06-12 19:03 - 18823680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2015-08-11 22:58 - 2015-06-12 18:36 - 15159296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2015-08-11 22:58 - 2015-06-11 22:12 - 02476376 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2015-08-11 22:58 - 2015-06-11 22:12 - 00428888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS
2015-08-11 22:58 - 2015-05-12 02:24 - 00536920 _____ (Microsoft Corporation) C:\WINDOWS\system32\mcupdate_GenuineIntel.dll
2015-08-11 22:57 - 2015-07-29 16:37 - 01994752 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll
2015-08-11 22:57 - 2015-07-29 16:30 - 01381888 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll
2015-08-11 22:57 - 2015-07-29 16:23 - 01559552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWrite.dll
2015-08-11 22:57 - 2015-07-24 20:57 - 04177408 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2015-08-11 22:57 - 2015-07-24 20:57 - 00358912 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2015-08-11 22:57 - 2015-07-24 20:52 - 00044032 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2015-08-11 22:57 - 2015-07-24 19:27 - 00301568 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll
2015-08-11 22:57 - 2015-07-24 19:23 - 00035840 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2015-08-11 22:47 - 2015-08-11 22:47 - 00003156 _____ C:\WINDOWS\System32\Tasks\uxdhnzsu
2015-08-11 22:47 - 2015-08-11 22:47 - 00000000 ____D C:\Program Files\Common Files\fheekncx
2015-08-11 09:42 - 2015-08-11 09:42 - 00000458 _____ C:\Users\CM\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\DVD-RW-Laufwerk (E) ABBYY FINEREADER.lnk
2015-08-11 09:32 - 2015-08-11 09:32 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ABBYY FineReader 10
2015-08-11 09:31 - 2015-08-11 09:40 - 00000000 ____D C:\Program Files (x86)\ABBYY FineReader 10
2015-08-10 21:24 - 2015-08-10 21:24 - 00000000 ____D C:\Users\CM\AppData\Local\GWX
2015-08-10 19:44 - 2015-08-15 14:58 - 00113880 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2015-08-10 19:44 - 2015-08-10 19:44 - 00001082 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2015-08-10 19:44 - 2015-08-10 19:44 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-08-10 19:44 - 2015-08-10 19:44 - 00000000 ____D C:\ProgramData\Malwarebytes
2015-08-10 19:44 - 2015-08-10 19:44 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-08-10 19:44 - 2015-06-18 08:42 - 00064216 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys
2015-08-10 19:44 - 2015-06-18 08:41 - 00109272 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2015-08-10 19:44 - 2015-06-18 08:41 - 00025816 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys
2015-08-10 19:32 - 2015-08-10 19:36 - 00000000 ____D C:\AdwCleaner
2015-08-10 19:31 - 2015-08-10 19:32 - 24345872 _____ (Malwarebytes Corporation ) C:\Users\CM\Downloads\mbam-setup-2.1.8.1057.exe
2015-08-10 19:28 - 2015-08-10 19:28 - 02248704 _____ C:\Users\CM\Downloads\adwcleaner_4.208.exe
2015-08-10 19:04 - 2015-08-12 11:10 - 00000000 ____D C:\WINDOWS\system32\appraiser
2015-08-10 18:51 - 2015-08-10 18:51 - 00003174 _____ C:\WINDOWS\System32\Tasks\{9E330F1F-59C2-4E91-BCB5-6CB5C80C79A1}
2015-08-10 14:06 - 2015-08-10 14:06 - 00064326 _____ C:\Users\CM\Downloads\Reiseplan_ELLEN_GRAEBENER_YKJ2IJ(1)
2015-08-10 14:04 - 2015-08-10 14:08 - 00064326 _____ C:\Users\CM\Downloads\Reiseplan_ELLEN_GRAEBENER_YKJ2IJ
2015-08-06 17:56 - 2015-08-06 17:56 - 00015973 _____ C:\WINDOWS\system32\ScanResults.xml
2015-08-06 17:50 - 2015-08-06 17:50 - 00000464 _____ C:\WINDOWS\system32\ScannerSettings
2015-08-05 20:21 - 2015-05-25 15:23 - 00036864 _____ (Microsoft Corporation) C:\WINDOWS\system32\UtcResources.dll
2015-08-05 20:21 - 2015-05-25 15:07 - 01430528 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2015-08-05 20:18 - 2014-06-10 00:13 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TsWpfWrp.exe
2015-08-05 20:18 - 2014-06-10 00:13 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe
2015-08-05 20:16 - 2014-07-24 05:20 - 00875688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcr120_clr0400.dll
2015-08-05 20:16 - 2014-07-24 05:20 - 00869544 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvcr120_clr0400.dll
2015-08-05 20:14 - 2015-06-27 01:21 - 00227328 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepdu.dll
2015-08-05 20:14 - 2015-05-21 15:08 - 00193536 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2015-08-05 20:14 - 2015-01-19 20:42 - 01487976 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2015-08-05 20:11 - 2015-05-12 15:19 - 00294912 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemEventsBrokerServer.dll
2015-08-05 14:13 - 2015-08-05 15:48 - 00000000 ____D C:\Users\CM\AppData\Roaming\Spotify
2015-08-05 14:13 - 2015-08-05 14:13 - 00000000 ____D C:\Users\CM\AppData\Local\Spotify
2015-08-05 05:30 - 2015-08-05 05:30 - 00000000 ____D C:\Users\CM\AppData\Local\BMExplorer
2015-08-05 05:28 - 2015-08-05 05:28 - 00000144 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2015-08-04 13:15 - 2015-08-14 11:19 - 00000000 ____D C:\Users\CM\AppData\Local\Deployment
2015-08-04 12:44 - 2015-08-15 15:31 - 00000000 __RDO C:\Users\CM\OneDrive (2)
2015-08-04 12:43 - 2015-08-04 12:43 - 00002259 _____ C:\WINDOWS\epplauncher.mif
2015-08-04 12:40 - 2015-08-04 12:41 - 14262464 _____ (Microsoft Corporation) C:\Users\CM\Downloads\mseinstall.exe
2015-08-04 12:40 - 2015-08-04 12:41 - 14262464 _____ (Microsoft Corporation) C:\Users\CM\Downloads\mseinstall(1).exe
2015-08-04 12:34 - 2015-08-04 12:34 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_LocationProvider_01_11_00.Wdf
2015-08-04 11:23 - 2015-08-04 11:23 - 00000451 _____ C:\WINDOWS\system32\{F33C3B9B-72AF-418A-B3FD-560646F7CDA2}.bat
2015-08-04 11:23 - 2015-08-04 11:23 - 00000020 ___SH C:\Users\CM\ntuser.ini
2015-08-04 01:11 - 2015-08-13 14:50 - 00000000 ___DC C:\WINDOWS\Panther
2015-08-04 01:10 - 2015-08-06 14:01 - 00000000 ____D C:\Windows.old
2015-08-04 01:07 - 2015-08-04 01:07 - 04837376 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncEngine.dll
2015-08-04 01:07 - 2015-08-04 01:07 - 02819584 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers.dll
2015-08-04 01:07 - 2015-08-04 01:07 - 01574400 _____ (Microsoft Corporation) C:\WINDOWS\system32\vssapi.dll
2015-08-04 01:07 - 2015-08-04 01:07 - 01454080 _____ (Microsoft Corporation) C:\WINDOWS\system32\VSSVC.exe
2015-08-04 01:07 - 2015-08-04 01:07 - 01154048 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDrive.exe
2015-08-04 01:07 - 2015-08-04 01:07 - 01142272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vssapi.dll
2015-08-04 01:07 - 2015-08-04 01:07 - 01084416 _____ (Microsoft Corporation) C:\WINDOWS\system32\IKEEXT.DLL
2015-08-04 01:07 - 2015-08-04 01:07 - 01027584 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2015-08-04 01:07 - 2015-08-04 01:07 - 00962216 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll
2015-08-04 01:07 - 2015-08-04 01:07 - 00952896 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2015-08-04 01:07 - 2015-08-04 01:07 - 00885760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2015-08-04 01:07 - 2015-08-04 01:07 - 00845312 _____ (Microsoft Corporation) C:\WINDOWS\system32\BFE.DLL
2015-08-04 01:07 - 2015-08-04 01:07 - 00827392 _____ (Microsoft Corporation) C:\WINDOWS\system32\spoolsv.exe
2015-08-04 01:07 - 2015-08-04 01:07 - 00801584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll
2015-08-04 01:07 - 2015-08-04 01:07 - 00786120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2015-08-04 01:07 - 2015-08-04 01:07 - 00733696 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDriveTelemetry.dll
2015-08-04 01:07 - 2015-08-04 01:07 - 00713216 _____ (Microsoft Corporation) C:\WINDOWS\system32\nshwfp.dll
2015-08-04 01:07 - 2015-08-04 01:07 - 00702464 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasapi32.dll
2015-08-04 01:07 - 2015-08-04 01:07 - 00658432 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSDApi.dll
2015-08-04 01:07 - 2015-08-04 01:07 - 00657920 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsapi.dll
2015-08-04 01:07 - 2015-08-04 01:07 - 00624640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasapi32.dll
2015-08-04 01:07 - 2015-08-04 01:07 - 00561664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\nshwfp.dll
2015-08-04 01:07 - 2015-08-04 01:07 - 00558080 _____ (Microsoft Corporation) C:\WINDOWS\system32\untfs.dll
2015-08-04 01:07 - 2015-08-04 01:07 - 00555520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSDApi.dll
2015-08-04 01:07 - 2015-08-04 01:07 - 00551232 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vhdmp.sys
2015-08-04 01:07 - 2015-08-04 01:07 - 00514048 _____ (Microsoft Corporation) C:\WINDOWS\system32\DevicePairing.dll
2015-08-04 01:07 - 2015-08-04 01:07 - 00507392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\untfs.dll
2015-08-04 01:07 - 2015-08-04 01:07 - 00498688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dnsapi.dll
2015-08-04 01:07 - 2015-08-04 01:07 - 00473408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netio.sys
2015-08-04 01:07 - 2015-08-04 01:07 - 00465408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DevicePairing.dll
2015-08-04 01:07 - 2015-08-04 01:07 - 00422400 _____ (Microsoft Corporation) C:\WINDOWS\system32\FWPUCLNT.DLL
2015-08-04 01:07 - 2015-08-04 01:07 - 00420864 _____ (Microsoft Corporation) C:\WINDOWS\system32\vpnike.dll
2015-08-04 01:07 - 2015-08-04 01:07 - 00332800 _____ (Microsoft Corporation) C:\WINDOWS\system32\fhcpl.dll
2015-08-04 01:07 - 2015-08-04 01:07 - 00309760 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSDMon.dll
2015-08-04 01:07 - 2015-08-04 01:07 - 00272384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FWPUCLNT.DLL
2015-08-04 01:07 - 2015-08-04 01:07 - 00252416 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsrslvr.dll
2015-08-04 01:07 - 2015-08-04 01:07 - 00242176 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinSCard.dll
2015-08-04 01:07 - 2015-08-04 01:07 - 00211968 _____ (Microsoft Corporation) C:\WINDOWS\system32\QSHVHOST.DLL
2015-08-04 01:07 - 2015-08-04 01:07 - 00182784 _____ (Microsoft Corporation) C:\WINDOWS\system32\rascfg.dll
2015-08-04 01:07 - 2015-08-04 01:07 - 00169984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinSCard.dll
2015-08-04 01:07 - 2015-08-04 01:07 - 00166912 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll
2015-08-04 01:07 - 2015-08-04 01:07 - 00162304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rascfg.dll
2015-08-04 01:07 - 2015-08-04 01:07 - 00155648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\QSHVHOST.DLL
2015-08-04 01:07 - 2015-08-04 01:07 - 00143360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxAllUserStore.dll
2015-08-04 01:07 - 2015-08-04 01:07 - 00136512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wfplwfs.sys
2015-08-04 01:07 - 2015-08-04 01:07 - 00128512 _____ (Microsoft Corporation) C:\WINDOWS\splwow64.exe
2015-08-04 01:07 - 2015-08-04 01:07 - 00128000 _____ (Microsoft Corporation) C:\WINDOWS\system32\QSVRMGMT.DLL
2015-08-04 01:07 - 2015-08-04 01:07 - 00112640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rasl2tp.sys
2015-08-04 01:07 - 2015-08-04 01:07 - 00096768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\agilevpn.sys
2015-08-04 01:07 - 2015-08-04 01:07 - 00094208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\QSVRMGMT.DLL
2015-08-04 01:07 - 2015-08-04 01:07 - 00086336 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pdc.sys
2015-08-04 01:07 - 2015-08-04 01:07 - 00080896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wanarp.sys
2015-08-04 01:07 - 2015-08-04 01:07 - 00077824 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasdiag.dll
2015-08-04 01:07 - 2015-08-04 01:07 - 00074752 _____ (Microsoft Corporation) C:\WINDOWS\system32\vsstrace.dll
2015-08-04 01:07 - 2015-08-04 01:07 - 00072192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndproxy.sys
2015-08-04 01:07 - 2015-08-04 01:07 - 00061440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasdiag.dll
2015-08-04 01:07 - 2015-08-04 01:07 - 00058176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dam.sys
2015-08-04 01:07 - 2015-08-04 01:07 - 00055296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vsstrace.dll
2015-08-04 01:07 - 2015-08-04 01:07 - 00048128 _____ (Microsoft Corporation) C:\WINDOWS\system32\kmddsp.tsp
2015-08-04 01:07 - 2015-08-04 01:07 - 00043008 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasmxs.dll
2015-08-04 01:07 - 2015-08-04 01:07 - 00039744 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\intelpep.sys
2015-08-04 01:07 - 2015-08-04 01:07 - 00039424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kmddsp.tsp
2015-08-04 01:07 - 2015-08-04 01:07 - 00033280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasmxs.dll
2015-08-04 01:07 - 2015-08-04 01:07 - 00030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasser.dll
2015-08-04 01:07 - 2015-08-04 01:07 - 00024576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndistapi.sys
2015-08-04 01:07 - 2015-08-04 01:07 - 00022528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasser.dll
2015-08-04 01:07 - 2015-08-04 01:07 - 00016896 _____ (Microsoft Corporation) C:\WINDOWS\system32\eventcls.dll
2015-08-04 01:07 - 2015-08-04 01:07 - 00015360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eventcls.dll
2015-08-04 01:05 - 2015-08-15 15:50 - 01100757 _____ C:\WINDOWS\WindowsUpdate.log
2015-08-04 01:05 - 2015-08-04 01:05 - 04417536 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbgeng.dll
2015-08-04 01:05 - 2015-08-04 01:05 - 02985984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbgeng.dll
2015-08-04 01:05 - 2015-08-04 01:05 - 01491456 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbghelp.dll
2015-08-04 01:05 - 2015-08-04 01:05 - 01207296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbghelp.dll
2015-08-04 01:05 - 2015-08-04 01:05 - 00000000 _SHDL C:\Users\Default\Vorlagen
2015-08-04 01:05 - 2015-08-04 01:05 - 00000000 _SHDL C:\Users\Default\Startmenü
2015-08-04 01:05 - 2015-08-04 01:05 - 00000000 _SHDL C:\Users\Default\Netzwerkumgebung
2015-08-04 01:05 - 2015-08-04 01:05 - 00000000 _SHDL C:\Users\Default\Lokale Einstellungen
2015-08-04 01:05 - 2015-08-04 01:05 - 00000000 _SHDL C:\Users\Default\Eigene Dateien
2015-08-04 01:05 - 2015-08-04 01:05 - 00000000 _SHDL C:\Users\Default\Druckumgebung
2015-08-04 01:05 - 2015-08-04 01:05 - 00000000 _SHDL C:\Users\Default\Documents\Eigene Musik
2015-08-04 01:05 - 2015-08-04 01:05 - 00000000 _SHDL C:\Users\Default\Documents\Eigene Bilder
2015-08-04 01:05 - 2015-08-04 01:05 - 00000000 _SHDL C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2015-08-04 01:05 - 2015-08-04 01:05 - 00000000 _SHDL C:\Users\Default\AppData\Local\Verlauf
2015-08-04 01:05 - 2015-08-04 01:05 - 00000000 _SHDL C:\Users\Default\AppData\Local\Anwendungsdaten
2015-08-04 01:05 - 2015-08-04 01:05 - 00000000 _SHDL C:\Users\Default\Anwendungsdaten
2015-08-04 01:05 - 2015-08-04 01:05 - 00000000 _SHDL C:\Users\Default User\Documents\Eigene Musik
2015-08-04 01:05 - 2015-08-04 01:05 - 00000000 _SHDL C:\Users\Default User\Documents\Eigene Bilder
2015-08-04 01:05 - 2015-08-04 01:05 - 00000000 _SHDL C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2015-08-04 01:05 - 2015-08-04 01:05 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Verlauf
2015-08-04 01:05 - 2015-08-04 01:05 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Anwendungsdaten
2015-08-04 01:04 - 2015-08-04 01:04 - 00445440 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhotoMetadataHandler.dll
2015-08-04 01:04 - 2015-08-04 01:04 - 00364544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PhotoMetadataHandler.dll
2015-08-04 01:04 - 2015-08-04 01:04 - 00316416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\udfs.sys
2015-08-04 01:04 - 2015-08-04 01:04 - 00275968 _____ (Microsoft Corporation) C:\WINDOWS\system32\authz.dll
2015-08-04 01:04 - 2015-08-04 01:04 - 00180224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authz.dll
2015-08-04 01:03 - 2015-08-04 01:03 - 01090048 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmCoreR.dll
2015-08-04 01:03 - 2015-08-04 01:03 - 00791040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MrmCoreR.dll
2015-08-04 01:02 - 2015-08-04 01:02 - 02052608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2015-08-04 01:02 - 2015-08-04 01:02 - 00327168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2015-08-04 01:02 - 2015-08-04 01:02 - 00316928 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2015-08-04 01:02 - 2015-08-04 01:02 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2015-08-04 01:02 - 2015-08-04 01:02 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webcheck.dll
2015-08-04 01:02 - 2015-08-04 01:02 - 00199680 _____ (Microsoft Corporation) C:\WINDOWS\system32\msrating.dll
2015-08-04 01:02 - 2015-08-04 01:02 - 00168960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrating.dll
2015-08-04 01:02 - 2015-08-04 01:02 - 00128000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iepeers.dll
2015-08-04 01:02 - 2015-08-04 01:02 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2015-08-04 01:02 - 2015-08-04 01:02 - 00088064 _____ (Microsoft Corporation) C:\WINDOWS\system32\MshtmlDac.dll
2015-08-04 01:02 - 2015-08-04 01:02 - 00087552 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdc.ocx
2015-08-04 01:02 - 2015-08-04 01:02 - 00076288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2015-08-04 01:02 - 2015-08-04 01:02 - 00073216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdc.ocx
2015-08-04 01:02 - 2015-08-04 01:02 - 00064000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MshtmlDac.dll
2015-08-04 01:02 - 2015-08-04 01:02 - 00022960 _____ C:\WINDOWS\system32\emptyregdb.dat
2015-08-04 01:01 - 2015-08-04 01:01 - 03607552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2015-08-04 01:01 - 2015-08-04 01:01 - 03320320 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2015-08-04 01:01 - 2015-08-04 01:01 - 02774528 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2015-08-04 01:01 - 2015-08-04 01:01 - 02460160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll
2015-08-04 01:01 - 2015-08-04 01:01 - 02171904 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlowUI.dll
2015-08-04 01:01 - 2015-08-04 01:01 - 00672984 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAgent.exe
2015-08-04 01:01 - 2015-08-04 01:01 - 00463872 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.Handlers.dll
2015-08-04 01:01 - 2015-08-04 01:01 - 00273240 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlows.exe
2015-08-04 01:01 - 2015-08-04 01:01 - 00116736 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsDatabase.dll
2015-08-04 01:01 - 2015-08-04 01:01 - 00065024 _____ (Microsoft Corporation) C:\WINDOWS\system32\msiexec.exe
2015-08-04 01:01 - 2015-08-04 01:01 - 00059904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msiexec.exe
2015-08-04 01:00 - 2015-08-04 01:00 - 00814080 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2015-08-04 01:00 - 2015-08-04 01:00 - 00620032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2015-08-04 01:00 - 2015-08-04 01:00 - 00374272 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2015-08-04 00:59 - 2015-08-04 00:59 - 01763352 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll
2015-08-04 00:59 - 2015-08-04 00:59 - 01488040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecs.dll
2015-08-04 00:59 - 2015-08-04 00:59 - 01249280 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAutomationCore.dll
2015-08-04 00:59 - 2015-08-04 00:59 - 01018880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIAutomationCore.dll
2015-08-04 00:59 - 2015-08-04 00:59 - 00788680 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2015-08-04 00:59 - 2015-08-04 00:59 - 00602776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll
2015-08-04 00:59 - 2015-08-04 00:59 - 00108544 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\i8042prt.sys
2015-08-04 00:59 - 2015-08-04 00:59 - 00059712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\kbdclass.sys
2015-08-04 00:59 - 2015-08-04 00:59 - 00051008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mouclass.sys
2015-08-04 00:59 - 2015-08-04 00:59 - 00032256 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\kbdhid.sys
2015-08-04 00:59 - 2015-08-04 00:59 - 00030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mouhid.sys
2015-08-04 00:59 - 2015-08-04 00:59 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sermouse.sys
2015-08-04 00:58 - 2015-08-04 00:58 - 00186368 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpapisrv.dll
2015-08-04 00:58 - 2015-08-04 00:58 - 00130048 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiFiDisplay.dll
2015-08-04 00:56 - 2015-08-04 00:56 - 00971776 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSShared.dll
2015-08-04 00:56 - 2015-08-04 00:56 - 00811008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSShared.dll
2015-08-04 00:56 - 2015-08-04 00:56 - 00513480 _____ C:\WINDOWS\SysWOW64\locale.nls
2015-08-04 00:56 - 2015-08-04 00:56 - 00513480 _____ C:\WINDOWS\system32\locale.nls
2015-08-04 00:56 - 2015-08-04 00:56 - 00429568 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2015-08-04 00:56 - 2015-08-04 00:56 - 00391680 _____ (Microsoft Corporation) C:\WINDOWS\system32\nlasvc.dll
2015-08-04 00:56 - 2015-08-04 00:56 - 00360448 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncsi.dll
2015-08-04 00:56 - 2015-08-04 00:56 - 00358912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll
2015-08-04 00:56 - 2015-08-04 00:56 - 00274944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2015-08-04 00:56 - 2015-08-04 00:56 - 00210944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2015-08-04 00:56 - 2015-08-04 00:56 - 00057856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthhfenum.sys
2015-08-04 00:56 - 2015-08-04 00:56 - 00046456 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockScreenContentServer.exe
2015-08-04 00:55 - 2015-08-04 00:55 - 03547648 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2015-08-04 00:55 - 2015-08-04 00:55 - 01970432 _____ (Microsoft Corporation) C:\WINDOWS\system32\crypt32.dll
2015-08-04 00:55 - 2015-08-04 00:55 - 01612992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\crypt32.dll
2015-08-04 00:55 - 2015-08-04 00:55 - 01091072 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2015-08-04 00:55 - 2015-08-04 00:55 - 00864256 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32spl.dll
2015-08-04 00:55 - 2015-08-04 00:55 - 00477184 _____ (Microsoft Corporation) C:\WINDOWS\system32\puiobj.dll
2015-08-04 00:55 - 2015-08-04 00:55 - 00367104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\puiobj.dll
2015-08-04 00:55 - 2015-08-04 00:55 - 00346112 _____ (Microsoft Corporation) C:\WINDOWS\system32\eappcfg.dll
2015-08-04 00:55 - 2015-08-04 00:55 - 00339456 _____ (Microsoft Corporation) C:\WINDOWS\system32\eapphost.dll
2015-08-04 00:55 - 2015-08-04 00:55 - 00331776 _____ (Microsoft Corporation) C:\WINDOWS\system32\eapp3hst.dll
2015-08-04 00:55 - 2015-08-04 00:55 - 00309760 _____ (Microsoft Corporation) C:\WINDOWS\system32\compstui.dll
2015-08-04 00:55 - 2015-08-04 00:55 - 00278016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eappcfg.dll
2015-08-04 00:55 - 2015-08-04 00:55 - 00266752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eapphost.dll
2015-08-04 00:55 - 2015-08-04 00:55 - 00250880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eapp3hst.dll
2015-08-04 00:55 - 2015-08-04 00:55 - 00131584 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2015-08-04 00:55 - 2015-08-04 00:55 - 00102912 _____ (Microsoft Corporation) C:\WINDOWS\system32\eappgnui.dll
2015-08-04 00:55 - 2015-08-04 00:55 - 00091648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eappgnui.dll
2015-08-04 00:55 - 2015-08-04 00:55 - 00014848 _____ (Microsoft Corporation) C:\WINDOWS\system32\winshfhc.dll
2015-08-04 00:55 - 2015-08-04 00:55 - 00012800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winshfhc.dll
2015-08-04 00:54 - 2015-08-10 19:09 - 00000000 ___SD C:\WINDOWS\system32\GWX
2015-08-04 00:54 - 2015-08-10 19:04 - 00000000 ___SD C:\WINDOWS\SysWOW64\GWX
2015-08-04 00:54 - 2015-08-04 00:54 - 01661576 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2015-08-04 00:54 - 2015-08-04 00:54 - 01212248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2015-08-04 00:54 - 2015-08-04 00:54 - 00950784 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdh.dll
2015-08-04 00:54 - 2015-08-04 00:54 - 00749568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdh.dll
2015-08-04 00:54 - 2015-08-04 00:54 - 00653824 _____ (Microsoft Corporation) C:\WINDOWS\system32\comctl32.dll
2015-08-04 00:54 - 2015-08-04 00:54 - 00549888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comctl32.dll
2015-08-04 00:54 - 2015-08-04 00:54 - 00411648 _____ (Microsoft Corporation) C:\WINDOWS\system32\tracerpt.exe
2015-08-04 00:54 - 2015-08-04 00:54 - 00402432 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMPhoto.dll
2015-08-04 00:54 - 2015-08-04 00:54 - 00377152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys
2015-08-04 00:54 - 2015-08-04 00:54 - 00369152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tracerpt.exe
2015-08-04 00:54 - 2015-08-04 00:54 - 00360480 _____ (Microsoft Corporation) C:\WINDOWS\system32\sechost.dll
2015-08-04 00:54 - 2015-08-04 00:54 - 00357376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMPhoto.dll
2015-08-04 00:54 - 2015-08-04 00:54 - 00285184 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64.dll
2015-08-04 00:54 - 2015-08-04 00:54 - 00257216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sechost.dll
2015-08-04 00:54 - 2015-08-04 00:54 - 00246272 _____ (Microsoft Corporation) C:\WINDOWS\system32\microsoft-windows-system-events.dll
2015-08-04 00:54 - 2015-08-04 00:54 - 00075264 _____ (Microsoft Corporation) C:\WINDOWS\system32\clfsw32.dll
2015-08-04 00:54 - 2015-08-04 00:54 - 00058880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\clfsw32.dll
2015-08-04 00:54 - 2015-08-04 00:54 - 00020992 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usb8023.sys
2015-08-04 00:54 - 2015-08-04 00:54 - 00013312 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64cpu.dll
2015-08-04 00:53 - 2015-08-04 00:53 - 01385256 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2015-08-04 00:53 - 2015-08-04 00:53 - 01124352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2015-08-04 00:53 - 2015-08-04 00:53 - 00239424 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys
2015-08-04 00:53 - 2015-08-04 00:53 - 00154432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsd.sys
2015-08-04 00:53 - 2015-08-04 00:53 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSWbPrxy.exe
2015-08-04 00:53 - 2015-08-04 00:53 - 00080384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ahcache.sys
2015-08-04 00:52 - 2015-08-04 00:52 - 04298240 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_47.dll
2015-08-04 00:52 - 2015-08-04 00:52 - 03551744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_47.dll
2015-08-04 00:52 - 2015-08-04 00:52 - 02067968 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpdshext.dll
2015-08-04 00:52 - 2015-08-04 00:52 - 01969664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wpdshext.dll
2015-08-04 00:52 - 2015-08-04 00:52 - 01488896 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfc42u.dll
2015-08-04 00:52 - 2015-08-04 00:52 - 01464832 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfc42.dll
2015-08-04 00:52 - 2015-08-04 00:52 - 01380600 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll
2015-08-04 00:52 - 2015-08-04 00:52 - 01230336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfc42u.dll
2015-08-04 00:52 - 2015-08-04 00:52 - 01204224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfc42.dll
2015-08-04 00:52 - 2015-08-04 00:52 - 01201664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys
2015-08-04 00:52 - 2015-08-04 00:52 - 01097216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32.dll
2015-08-04 00:52 - 2015-08-04 00:52 - 00167424 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rfcomm.sys
2015-08-04 00:52 - 2015-08-04 00:52 - 00097792 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidbth.sys
2015-08-04 00:51 - 2015-08-04 00:51 - 01696256 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtsvc.dll
2015-08-04 00:51 - 2015-08-04 00:51 - 00780800 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsm.dll
2015-08-04 00:51 - 2015-08-04 00:51 - 00564224 _____ (Microsoft Corporation) C:\WINDOWS\system32\apphelp.dll
2015-08-04 00:51 - 2015-08-04 00:51 - 00325464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBXHCI.SYS
2015-08-04 00:51 - 2015-08-04 00:51 - 00227328 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvc.dll
2015-08-04 00:51 - 2015-08-04 00:51 - 00203264 _____ (Microsoft Corporation) C:\WINDOWS\system32\ubpm.dll
2015-08-04 00:51 - 2015-08-04 00:51 - 00158720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rgb9rast.dll
2015-08-04 00:50 - 2015-08-04 00:50 - 01441792 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2015-08-04 00:50 - 2015-08-04 00:50 - 01311960 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcrt4.dll
2015-08-04 00:50 - 2015-08-04 00:50 - 00989184 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2015-08-04 00:50 - 2015-08-04 00:50 - 00802816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2015-08-04 00:50 - 2015-08-04 00:50 - 00747520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpcrt4.dll
2015-08-04 00:50 - 2015-08-04 00:50 - 00561928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2015-08-04 00:50 - 2015-08-04 00:50 - 00445440 _____ (Microsoft Corporation) C:\WINDOWS\system32\certcli.dll
2015-08-04 00:50 - 2015-08-04 00:50 - 00442712 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2015-08-04 00:50 - 2015-08-04 00:50 - 00401408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
2015-08-04 00:50 - 2015-08-04 00:50 - 00359936 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinSetupUI.dll
2015-08-04 00:50 - 2015-08-04 00:50 - 00332120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2015-08-04 00:50 - 2015-08-04 00:50 - 00324096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certcli.dll
2015-08-04 00:50 - 2015-08-04 00:50 - 00284672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb10.sys
2015-08-04 00:50 - 2015-08-04 00:50 - 00202240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys
2015-08-04 00:50 - 2015-08-04 00:50 - 00178008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2015-08-04 00:50 - 2015-08-04 00:50 - 00075264 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorageContextHandler.dll
2015-08-04 00:50 - 2015-08-04 00:50 - 00066048 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups.dll
2015-08-04 00:50 - 2015-08-04 00:50 - 00060928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StorageContextHandler.dll
2015-08-04 00:50 - 2015-08-04 00:50 - 00052224 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups2.dll
2015-08-04 00:50 - 2015-08-04 00:50 - 00034304 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceSetupStatusProvider.dll
2015-08-04 00:50 - 2015-08-04 00:50 - 00028672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DeviceSetupStatusProvider.dll
2015-08-04 00:50 - 2015-08-04 00:50 - 00027136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wups.dll
2015-08-04 00:49 - 2015-08-04 00:49 - 22292672 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2015-08-04 00:49 - 2015-08-04 00:49 - 19734960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2015-08-04 00:49 - 2015-08-04 00:49 - 07784448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2015-08-04 00:49 - 2015-08-04 00:49 - 05264384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2015-08-04 00:49 - 2015-08-04 00:49 - 03109376 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExplorerFrame.dll
2015-08-04 00:49 - 2015-08-04 00:49 - 02706432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExplorerFrame.dll
2015-08-04 00:49 - 2015-08-04 00:49 - 02162176 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRH.dll
2015-08-04 00:49 - 2015-08-04 00:49 - 01812992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRH.dll
2015-08-04 00:49 - 2015-08-04 00:49 - 00933888 _____ (Microsoft Corporation) C:\WINDOWS\system32\calc.exe
2015-08-04 00:49 - 2015-08-04 00:49 - 00816128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\calc.exe
2015-08-04 00:49 - 2015-08-04 00:49 - 00410128 _____ (Microsoft Corporation) C:\WINDOWS\system32\services.exe
2015-08-04 00:49 - 2015-08-04 00:49 - 00172544 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Input.Inking.dll
2015-08-04 00:49 - 2015-08-04 00:49 - 00141824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Input.Inking.dll
2015-08-04 00:48 - 2015-08-04 00:48 - 00723072 _____ (Microsoft Corporation) C:\WINDOWS\system32\SHCore.dll
2015-08-04 00:48 - 2015-08-04 00:48 - 00560392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SHCore.dll
2015-08-04 00:48 - 2015-08-04 00:48 - 00259072 _____ (Microsoft Corporation) C:\WINDOWS\system32\pku2u.dll
2015-08-04 00:48 - 2015-08-04 00:48 - 00208896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\pku2u.dll
2015-08-04 00:48 - 2015-08-04 00:48 - 00200192 _____ (Microsoft Corporation) C:\WINDOWS\system32\storewuauth.dll
2015-08-04 00:48 - 2015-08-04 00:48 - 00140800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxdav.sys
2015-08-04 00:48 - 2015-08-04 00:48 - 00017408 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaext.dll
2015-08-04 00:48 - 2015-08-04 00:48 - 00015360 _____ (Microsoft Corporation) C:\WINDOWS\system32\wu.upgrade.ps.dll
2015-08-04 00:46 - 2015-08-04 00:46 - 03633664 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
2015-08-04 00:46 - 2015-08-04 00:46 - 02749952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll
2015-08-04 00:46 - 2015-08-04 00:46 - 02551808 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll
2015-08-04 00:46 - 2015-08-04 00:46 - 02256896 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2015-08-04 00:46 - 2015-08-04 00:46 - 01943040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2015-08-04 00:46 - 2015-08-04 00:46 - 01920000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssrch.dll
2015-08-04 00:46 - 2015-08-04 00:46 - 00903168 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchIndexer.exe
2015-08-04 00:46 - 2015-08-04 00:46 - 00774144 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssvp.dll
2015-08-04 00:46 - 2015-08-04 00:46 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchIndexer.exe
2015-08-04 00:46 - 2015-08-04 00:46 - 00699392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssvp.dll
2015-08-04 00:46 - 2015-08-04 00:46 - 00538624 _____ (Microsoft Corporation) C:\WINDOWS\system32\scesrv.dll
2015-08-04 00:46 - 2015-08-04 00:46 - 00468480 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssph.dll
2015-08-04 00:46 - 2015-08-04 00:46 - 00467776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS
2015-08-04 00:46 - 2015-08-04 00:46 - 00393728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\scesrv.dll
2015-08-04 00:46 - 2015-08-04 00:46 - 00391680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssph.dll
2015-08-04 00:46 - 2015-08-04 00:46 - 00337408 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchProtocolHost.exe
2015-08-04 00:46 - 2015-08-04 00:46 - 00272896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchProtocolHost.exe
2015-08-04 00:46 - 2015-08-04 00:46 - 00248832 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssphtb.dll
2015-08-04 00:46 - 2015-08-04 00:46 - 00035840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\atlthunk.dll
2015-08-04 00:44 - 2015-08-04 00:44 - 02501368 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2015-08-04 00:44 - 2015-08-04 00:44 - 02207488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2015-08-04 00:44 - 2015-08-04 00:44 - 00991552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\http.sys
2015-08-04 00:44 - 2015-08-04 00:44 - 00522240 _____ (Microsoft Corporation) C:\WINDOWS\system32\GeofenceMonitorService.dll
2015-08-04 00:44 - 2015-08-04 00:44 - 00367104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GeofenceMonitorService.dll
2015-08-04 00:44 - 2015-08-04 00:44 - 00222208 _____ (Microsoft Corporation) C:\WINDOWS\system32\rastapi.dll
2015-08-04 00:44 - 2015-08-04 00:44 - 00207872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rastapi.dll
2015-08-04 00:44 - 2015-08-04 00:44 - 00146432 _____ (Microsoft Corporation) C:\WINDOWS\system32\poqexec.exe
2015-08-04 00:44 - 2015-08-04 00:44 - 00129536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\poqexec.exe
2015-08-04 00:43 - 2015-08-04 00:43 - 00720384 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2015-08-04 00:43 - 2015-08-04 00:43 - 00490496 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtmsft.dll
2015-08-04 00:43 - 2015-08-04 00:43 - 00418304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtmsft.dll
2015-08-04 00:43 - 2015-08-04 00:43 - 00107520 _____ (Microsoft Corporation) C:\WINDOWS\system32\inseng.dll
2015-08-04 00:42 - 2015-08-04 00:42 - 03084288 _____ (Microsoft Corporation) C:\WINDOWS\system32\msftedit.dll
2015-08-04 00:42 - 2015-08-04 00:42 - 02471424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msftedit.dll
2015-08-04 00:42 - 2015-08-04 00:42 - 00347136 _____ (Microsoft Corporation) C:\WINDOWS\system32\photowiz.dll
2015-08-04 00:42 - 2015-08-04 00:42 - 00290816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\photowiz.dll
2015-08-04 00:41 - 2015-08-04 00:41 - 00911360 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2015-08-04 00:41 - 2015-08-04 00:41 - 00535640 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2015-08-04 00:41 - 2015-08-04 00:41 - 00531616 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2015-08-04 00:41 - 2015-08-04 00:41 - 00448792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll
2015-08-04 00:41 - 2015-08-04 00:41 - 00413248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Faultrep.dll
2015-08-04 00:41 - 2015-08-04 00:41 - 00372408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Faultrep.dll
2015-08-04 00:41 - 2015-08-04 00:41 - 00262144 _____ C:\WINDOWS\system32\config\userdiff
2015-08-04 00:41 - 2015-08-04 00:41 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2015-08-04 00:41 - 2015-08-04 00:41 - 00108944 _____ (Microsoft Corporation) C:\WINDOWS\system32\EncDump.dll
2015-08-04 00:41 - 2015-08-04 00:41 - 00038264 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFaultSecure.exe
2015-08-04 00:41 - 2015-08-04 00:41 - 00037888 _____ (Microsoft Corporation) C:\WINDOWS\system32\werdiagcontroller.dll
2015-08-04 00:41 - 2015-08-04 00:41 - 00033584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFaultSecure.exe
2015-08-04 00:41 - 2015-08-04 00:41 - 00025600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\setup16.exe
2015-08-04 00:41 - 2015-08-04 00:41 - 00016896 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntvdm64.dll
2015-08-04 00:41 - 2015-08-04 00:41 - 00014336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntvdm64.dll
2015-08-04 00:41 - 2015-08-04 00:41 - 00008704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\instnm.exe
2015-08-04 00:41 - 2015-08-04 00:41 - 00005632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wow32.dll
2015-08-04 00:41 - 2015-08-04 00:41 - 00004096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user.exe
2015-08-04 00:35 - 2015-08-04 00:35 - 00000000 ____D C:\Users\Default\AppData\Local\Microsoft Help
2015-08-04 00:35 - 2015-08-04 00:35 - 00000000 ____D C:\Users\Default User\AppData\Local\Microsoft Help
2015-08-04 00:34 - 2015-08-04 00:34 - 00001547 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2015-08-04 00:34 - 2015-08-04 00:34 - 00000000 ____D C:\WINDOWS\SysWOW64\XPSViewer
2015-08-04 00:34 - 2015-08-04 00:34 - 00000000 ____D C:\Program Files\Reference Assemblies
2015-08-04 00:34 - 2015-08-04 00:34 - 00000000 ____D C:\Program Files\MSBuild
2015-08-04 00:34 - 2015-08-04 00:34 - 00000000 ____D C:\Program Files (x86)\Reference Assemblies
2015-08-04 00:34 - 2015-08-04 00:34 - 00000000 ____D C:\Program Files (x86)\MSBuild
2015-08-04 00:34 - 2013-08-03 06:48 - 01166520 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationNative_v0300.dll
2015-08-04 00:34 - 2013-08-03 06:41 - 00778936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationNative_v0300.dll
2015-08-04 00:33 - 2015-08-04 00:33 - 00024576 _____ (Microsoft Corporation) C:\WINDOWS\system32\sdbinst.exe
2015-08-04 00:33 - 2015-08-04 00:33 - 00021504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sdbinst.exe
2015-08-04 00:30 - 2015-08-04 00:30 - 00000000 ____D C:\WINDOWS\system32\config\bbimigrate
2015-08-04 00:28 - 2015-08-15 15:44 - 00000000 ____D C:\Users\CM
2015-08-04 00:28 - 2015-08-04 00:30 - 00000000 ___RD C:\Users\CM\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-08-04 00:28 - 2015-08-04 00:28 - 00000000 _SHDL C:\Users\CM\Vorlagen
2015-08-04 00:28 - 2015-08-04 00:28 - 00000000 _SHDL C:\Users\CM\Startmenü
2015-08-04 00:28 - 2015-08-04 00:28 - 00000000 _SHDL C:\Users\CM\Netzwerkumgebung
2015-08-04 00:28 - 2015-08-04 00:28 - 00000000 _SHDL C:\Users\CM\Lokale Einstellungen
2015-08-04 00:28 - 2015-08-04 00:28 - 00000000 _SHDL C:\Users\CM\Eigene Dateien
2015-08-04 00:28 - 2015-08-04 00:28 - 00000000 _SHDL C:\Users\CM\Druckumgebung
2015-08-04 00:28 - 2015-08-04 00:28 - 00000000 _SHDL C:\Users\CM\Documents\Eigene Musik
2015-08-04 00:28 - 2015-08-04 00:28 - 00000000 _SHDL C:\Users\CM\Documents\Eigene Bilder
2015-08-04 00:28 - 2015-08-04 00:28 - 00000000 _SHDL C:\Users\CM\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2015-08-04 00:28 - 2015-08-04 00:28 - 00000000 _SHDL C:\Users\CM\AppData\Local\Verlauf
2015-08-04 00:28 - 2015-08-04 00:28 - 00000000 _SHDL C:\Users\CM\AppData\Local\Anwendungsdaten
2015-08-04 00:28 - 2015-08-04 00:28 - 00000000 _SHDL C:\Users\CM\Anwendungsdaten
2015-08-04 00:28 - 2014-11-21 12:52 - 00000000 ___RD C:\Users\CM\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-08-04 00:28 - 2014-11-21 12:52 - 00000000 ___RD C:\Users\CM\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2015-08-04 00:28 - 2014-11-21 05:42 - 00000369 _____ C:\Users\CM\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pictures.lnk
2015-08-04 00:28 - 2014-11-21 05:42 - 00000369 _____ C:\Users\CM\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Documents.lnk
2015-08-04 00:28 - 2013-08-22 17:36 - 00000000 ____D C:\Users\CM\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2015-08-04 00:26 - 2015-08-04 01:02 - 00028578 _____ C:\WINDOWS\diagwrn.xml
2015-08-04 00:26 - 2015-08-04 01:02 - 00028578 _____ C:\WINDOWS\diagerr.xml
2015-08-04 00:17 - 2015-08-04 00:33 - 00000000 ____D C:\Program Files (x86)\Intel
2015-08-04 00:17 - 2015-08-04 00:17 - 00000000 ____D C:\WINDOWS\SysWOW64\RTCOM
2015-08-04 00:17 - 2015-08-04 00:17 - 00000000 ____D C:\Program Files\Realtek
2015-08-04 00:16 - 2014-10-01 19:54 - 00064000 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.DLL
2015-08-04 00:16 - 2014-10-01 19:54 - 00060416 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.DLL
2015-08-04 00:15 - 2015-08-04 00:15 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_WpdFs_01_11_00.Wdf
2015-08-04 00:15 - 2015-08-04 00:15 - 00000000 ____D C:\Program Files\Elantech
2015-08-03 22:17 - 2015-08-03 22:17 - 00004608 _____ C:\Users\CM\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-08-02 19:33 - 2015-08-02 19:33 - 00000000 ___HD C:\ProgramData\CanonIJScan
2015-08-02 19:33 - 2015-08-02 19:33 - 00000000 ____D C:\Users\CM\AppData\Roaming\Canon
2015-08-02 19:33 - 2015-08-02 19:33 - 00000000 _____ C:\Users\CM\Sti_Trace.log
2015-08-02 19:31 - 2015-08-02 19:31 - 00000000 ____D C:\Users\CM\AppData\Roaming\ABBYY
2015-08-02 19:09 - 2015-08-11 09:31 - 00000000 ____D C:\Users\CM\AppData\Local\ABBYY
2015-08-02 18:06 - 2015-08-02 19:19 - 00000000 ____D C:\ProgramData\ABBYY
2015-07-31 19:22 - 2015-08-04 01:02 - 00008044 _____ C:\WINDOWS\comsetup.log
2015-07-29 23:06 - 2015-07-29 23:06 - 00000000 ____D C:\Users\CM\AppData\Local\ClearfiPhoto
2015-07-29 22:16 - 2015-07-29 22:16 - 00497213 _____ C:\Users\CM\Downloads\Microsoft Privacy Statement.htm
2015-07-29 22:16 - 2015-07-29 22:16 - 00000000 ____D C:\Users\CM\Downloads\Microsoft Privacy Statement-Dateien
2015-07-29 15:50 - 2015-07-30 09:39 - 00000000 ____D C:\Users\Administrator
2015-07-29 15:28 - 2015-08-14 11:16 - 00000000 ____D C:\Users\CM\AppData\Roaming\vlc
2015-07-29 15:27 - 2015-08-04 00:39 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2015-07-29 15:27 - 2015-07-29 15:27 - 00001074 _____ C:\Users\Public\Desktop\VLC media player.lnk
2015-07-29 15:27 - 2015-07-29 15:27 - 00000000 ____D C:\Program Files (x86)\VideoLAN
2015-07-29 15:25 - 2015-07-29 15:25 - 28849904 _____ C:\Users\CM\Downloads\vlc-2.2.1-win32(1).exe
2015-07-29 15:08 - 2015-07-29 15:09 - 00517392 _____ ( ) C:\Users\CM\Downloads\VLC-Media-Player_092.exe
2015-07-29 14:17 - 2015-07-29 14:17 - 00000000 ____D C:\Users\CM\Documents\Hanlet 2 x 5 Min
2015-07-29 13:41 - 2015-07-29 13:41 - 00517920 _____ ( ) C:\Users\CM\Downloads\Windows-Movie-Maker-DL-Manager(2).exe
2015-07-29 13:36 - 2015-07-29 13:37 - 00772016 _____ (Reimage®) C:\Users\CM\Downloads\ReimageRepair(11).exe
2015-07-29 13:25 - 2015-08-04 00:39 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live
2015-07-29 13:25 - 2015-08-04 00:39 - 00000000 ____D C:\WINDOWS\de
2015-07-29 13:25 - 2015-07-29 13:25 - 00001462 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Mail.lnk
2015-07-29 13:25 - 2015-07-29 13:25 - 00001378 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Photo Gallery.lnk
2015-07-29 13:25 - 2015-07-29 13:25 - 00001309 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Movie Maker.lnk
2015-07-29 13:25 - 2015-07-29 13:25 - 00000000 ____D C:\Program Files (x86)\Microsoft SQL Server Compact Edition
2015-07-29 13:24 - 2015-07-29 13:25 - 00000000 ____D C:\Program Files (x86)\Windows Live
2015-07-29 13:24 - 2015-07-29 13:24 - 00002490 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Messenger.lnk
2015-07-29 13:24 - 2015-07-29 13:24 - 00000000 ____D C:\Program Files\Windows Live
2015-07-29 13:23 - 2015-07-29 13:23 - 00000193 _____ C:\WINDOWS\DirectX.log
2015-07-29 13:23 - 2010-06-02 04:55 - 00527192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_7.dll
2015-07-29 13:23 - 2010-06-02 04:55 - 00518488 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_7.dll
2015-07-29 13:23 - 2010-06-02 04:55 - 00077656 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAPOFX1_5.dll
2015-07-29 13:23 - 2010-06-02 04:55 - 00074072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAPOFX1_5.dll
2015-07-29 13:23 - 2010-05-26 11:41 - 02526056 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_43.dll
2015-07-29 13:23 - 2010-05-26 11:41 - 02106216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_43.dll
2015-07-29 13:23 - 2010-05-26 11:41 - 00276832 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx11_43.dll
2015-07-29 13:23 - 2010-05-26 11:41 - 00248672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx11_43.dll
2015-07-29 13:23 - 2009-09-04 17:29 - 00523088 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_42.dll
2015-07-29 13:23 - 2009-09-04 17:29 - 00453456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_42.dll
2015-07-29 13:23 - 2006-11-29 13:06 - 04398360 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_32.dll
2015-07-29 13:23 - 2006-11-29 13:06 - 03426072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_32.dll
2015-07-29 13:22 - 2015-07-29 13:22 - 00000000 ___RD C:\Users\CM\SkyDrive
2015-07-29 13:22 - 2015-07-29 13:22 - 00000000 ____D C:\Program Files (x86)\Microsoft SkyDrive
2015-07-29 13:21 - 2015-07-29 13:21 - 00000000 ____D C:\ProgramData\Microsoft SkyDrive
2015-07-29 13:19 - 2015-08-10 14:08 - 00000000 ____D C:\Users\CM\AppData\Local\Windows Live
2015-07-29 13:13 - 2015-07-29 13:13 - 00517920 _____ ( ) C:\Users\CM\Downloads\Windows-Movie-Maker-DL-Manager.exe
2015-07-29 13:13 - 2015-07-29 13:13 - 00517920 _____ ( ) C:\Users\CM\Downloads\Windows-Movie-Maker-DL-Manager(1).exe
2015-07-29 12:51 - 2015-07-29 15:50 - 00000000 ____D C:\Users\CM\AppData\Roaming\dlg
2015-07-29 12:47 - 2015-08-07 20:02 - 00000000 ____D C:\ProgramData\AVG
2015-07-29 12:47 - 2015-07-29 12:47 - 00000000 ____D C:\Users\CM\AppData\Roaming\AVG
2015-07-29 12:47 - 2015-07-29 12:47 - 00000000 ____D C:\Users\CM\AppData\Local\Avg
2015-07-29 12:47 - 2015-07-29 12:47 - 00000000 ____D C:\Program Files (x86)\AVG
2015-07-29 12:41 - 2015-07-29 12:41 - 00772016 _____ (Reimage®) C:\Users\CM\Downloads\ReimageRepair(10).exe
2015-07-29 12:35 - 2015-08-15 14:58 - 00000380 _____ C:\WINDOWS\Tasks\VNFZWYG1.job
2015-07-29 12:35 - 2015-07-29 12:35 - 00002894 _____ C:\WINDOWS\System32\Tasks\VNFZWYG1
2015-07-29 12:35 - 2015-07-29 12:35 - 00000000 ____D C:\ProgramData\7b24ec7cc000461ebe26d116b88142c8
2015-07-29 12:33 - 2015-07-29 12:33 - 00517416 _____ ( ) C:\Users\CM\Downloads\install-windows-movie-maker.exe
2015-07-29 12:18 - 2015-07-29 12:18 - 00001017 _____ C:\Users\CM\AppData\Bilder - Verknüpfung.lnk
2015-07-29 12:18 - 2015-07-29 12:18 - 00000625 _____ C:\Users\CM\AppData\Roaming\Bibliotheken - Verknüpfung.lnk
2015-07-29 12:00 - 2015-07-24 12:06 - 00002687 _____ C:\Users\CM\Downloads\Hamlet 5 min.  Demo wlmp (1).wlmp
2015-07-29 11:55 - 2015-07-20 15:23 - 00012288 ___SH C:\Users\CM\Desktop\Thumbs - Kopie.db
2015-07-29 10:12 - 2015-07-29 13:12 - 00000000 ____D C:\Program Files\Controller
2015-07-29 10:12 - 2015-07-29 10:12 - 00003200 _____ C:\WINDOWS\System32\Tasks\Windows-Agent für die Installation 1.0.29
2015-07-29 10:12 - 2015-07-29 10:12 - 00000000 ____D C:\Users\CM\AppData\Local\WindowsAgentfr
2015-07-29 10:12 - 2015-07-29 10:12 - 00000000 ____D C:\Users\CM\AppData\Local\McAfeeActivation
2015-07-29 10:11 - 2015-08-02 19:10 - 00000000 ____D C:\Users\CM\AppData\Local\CrashDumps
2015-07-28 16:31 - 2015-08-05 05:27 - 00000000 ____D C:\WINDOWS\system32\AutoUpdateLicense
2015-07-28 16:17 - 2015-05-19 13:59 - 00207208 _____ (McAfee, Inc.) C:\WINDOWS\system32\Drivers\HipShieldK.sys
2015-07-28 16:14 - 2015-08-13 09:00 - 00000000 ____D C:\WINDOWS\System32\Tasks\McAfee
2015-07-27 16:15 - 2015-08-03 22:18 - 00000000 ____D C:\Users\CM\AppData\Local\clear.fi
2015-07-27 16:00 - 2012-07-04 11:55 - 01354240 _____ (CANON INC.) C:\WINDOWS\system32\CNQ2414C.dll
2015-07-27 16:00 - 2012-07-04 11:55 - 00112128 _____ (CANON INC.) C:\WINDOWS\system32\CNQ2414I.dll
2015-07-27 16:00 - 2012-07-04 11:29 - 00106496 _____ (CANON INC.) C:\WINDOWS\SysWOW64\CNQ2414U.dll
2015-07-27 16:00 - 2010-12-17 14:49 - 00515072 _____ (CANON INC.) C:\WINDOWS\system32\CNQ2414L.dll
2015-07-27 16:00 - 2010-12-17 14:49 - 00438272 _____ (CANON INC.) C:\WINDOWS\SysWOW64\CNQ2414L.dll
2015-07-27 16:00 - 2010-03-19 10:04 - 00393256 _____ C:\WINDOWS\SysWOW64\CNQ2414N.DAT
2015-07-27 16:00 - 2010-03-19 10:04 - 00393256 _____ C:\WINDOWS\system32\CNQ2414N.DAT
2015-07-27 16:00 - 2008-08-25 18:02 - 00017920 _____ (CANON INC.) C:\WINDOWS\system32\CNHMCA6.dll
2015-07-27 16:00 - 2008-08-25 18:02 - 00015872 _____ (CANON INC.) C:\WINDOWS\SysWOW64\CNHMCA.dll
2015-07-27 15:18 - 2015-07-27 15:18 - 00000000 ____D C:\Users\CM\AppData\Local\Apps\2.0
2015-07-27 15:16 - 2015-08-04 00:39 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
2015-07-27 15:15 - 2015-07-28 16:00 - 00000000 ____D C:\Program Files (x86)\Microsoft Works
2015-07-27 15:12 - 2015-07-27 15:12 - 00000000 ____D C:\Program Files\Microsoft Office
2015-07-27 15:11 - 2015-08-12 11:29 - 00000000 ____D C:\ProgramData\Microsoft Help
2015-07-27 15:11 - 2015-08-04 15:54 - 00000000 ____D C:\Users\CM\AppData\Local\Microsoft Help
2015-07-27 14:20 - 2015-07-27 14:41 - 340508784 _____ (Microsoft Corporation) C:\Users\CM\Downloads\MicrosoftInstaller.exe
2015-07-27 11:38 - 2015-03-04 09:26 - 00011105 _____ C:\WINDOWS\system32\AutoconfigV2.cab
2015-07-27 10:30 - 2015-08-04 00:33 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee
2015-07-26 23:20 - 2015-07-26 23:20 - 00000117 _____ C:\WINDOWS\system32\netcfg-195645406.txt
2015-07-26 22:58 - 2015-07-26 22:58 - 00000117 _____ C:\WINDOWS\system32\netcfg-194312734.txt
2015-07-26 22:58 - 2015-07-26 22:58 - 00000117 _____ C:\WINDOWS\system32\netcfg-194309687.txt
2015-07-26 22:57 - 2015-07-26 22:57 - 00000117 _____ C:\WINDOWS\system32\netcfg-194304062.txt
2015-07-26 22:57 - 2015-07-26 22:57 - 00000117 _____ C:\WINDOWS\system32\netcfg-194303656.txt
2015-07-26 14:33 - 2015-08-12 11:25 - 00000000 ____D C:\WINDOWS\system32\MRT
2015-07-26 14:33 - 2015-08-12 11:18 - 132483416 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2015-07-26 14:18 - 2013-05-04 06:51 - 00014848 _____ (Microsoft) C:\WINDOWS\system32\rars.rs
2015-07-26 14:18 - 2013-05-04 06:10 - 00014848 _____ (Microsoft) C:\WINDOWS\SysWOW64\rars.rs
2015-07-26 11:54 - 2015-07-26 11:54 - 00003114 _____ C:\WINDOWS\System32\Tasks\{26E9F40E-B5F3-4D4A-931D-6E738019A6DF}
2015-07-26 11:53 - 2015-07-26 11:53 - 02256152 _____ (Microsoft Corporation) C:\Users\CM\Downloads\WcPlugin(2).exe
2015-07-26 11:52 - 2015-07-26 11:52 - 00000000 ____D C:\Users\CM\AppData\Local\Macromedia
2015-07-26 11:47 - 2015-08-15 15:43 - 00000884 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2015-07-26 11:47 - 2015-08-13 09:44 - 00003772 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2015-07-26 11:47 - 2015-08-13 08:55 - 00001954 _____ C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk
2015-07-26 11:47 - 2015-07-26 11:47 - 00000000 ____D C:\ProgramData\McAfee Security Scan
2015-07-26 11:44 - 2015-08-02 19:32 - 00000000 ____D C:\Users\CM\AppData\Local\Adobe
2015-07-26 11:40 - 2015-07-26 11:40 - 00000117 _____ C:\WINDOWS\system32\netcfg-153679546.txt
2015-07-26 11:40 - 2015-07-26 11:40 - 00000117 _____ C:\WINDOWS\system32\netcfg-153676531.txt
2015-07-26 11:40 - 2015-07-26 11:40 - 00000117 _____ C:\WINDOWS\system32\netcfg-153656750.txt
2015-07-26 11:40 - 2015-07-26 11:40 - 00000117 _____ C:\WINDOWS\system32\netcfg-153656578.txt
2015-07-25 14:21 - 2015-07-25 14:21 - 00000117 _____ C:\WINDOWS\system32\netcfg-76930812.txt
2015-07-25 14:21 - 2015-07-25 14:21 - 00000117 _____ C:\WINDOWS\system32\netcfg-76930734.txt
2015-07-25 14:21 - 2015-07-25 14:21 - 00000117 _____ C:\WINDOWS\system32\netcfg-76926796.txt
2015-07-25 14:21 - 2015-07-25 14:21 - 00000117 _____ C:\WINDOWS\system32\netcfg-76926578.txt
2015-07-25 07:22 - 2015-07-25 07:22 - 00000000 ___RD C:\Users\CM\Box Sync
2015-07-25 07:05 - 2015-07-25 07:05 - 00002687 _____ C:\Users\CM\Downloads\Hamlet 5 min.  Demo wlmp.wlmp
2015-07-25 07:03 - 2015-07-25 07:04 - 27015280 _____ (Box Inc.) C:\Users\CM\Downloads\BoxSyncSetup(1).exe
2015-07-25 07:00 - 2015-07-25 07:02 - 00000000 ____D C:\ProgramData\Package Cache
2015-07-25 06:59 - 2015-07-25 06:59 - 27015280 _____ (Box Inc.) C:\Users\CM\Downloads\BoxSyncSetup.exe
2015-07-25 06:39 - 2015-08-11 23:03 - 00001173 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2015-07-25 06:39 - 2015-08-11 23:03 - 00001167 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2015-07-25 06:39 - 2015-08-10 19:16 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2015-07-25 06:39 - 2015-07-25 06:45 - 00000000 ____D C:\Users\CM\AppData\Local\Mozilla
2015-07-25 06:39 - 2015-07-25 06:39 - 00000000 ____D C:\Users\CM\AppData\Roaming\Mozilla
2015-07-25 06:39 - 2015-07-25 06:39 - 00000000 ____D C:\ProgramData\Mozilla
2015-07-25 06:39 - 2015-07-25 06:39 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2015-07-25 06:18 - 2015-07-25 06:18 - 00000000 ____D C:\Program Files\Common Files\AV
2015-07-25 06:13 - 2015-07-25 06:13 - 00000117 _____ C:\WINDOWS\system32\netcfg-47620843.txt
2015-07-25 06:13 - 2015-07-25 06:13 - 00000117 _____ C:\WINDOWS\system32\netcfg-47617828.txt
2015-07-25 06:12 - 2015-07-25 06:12 - 00000117 _____ C:\WINDOWS\system32\netcfg-47613656.txt
2015-07-25 06:12 - 2015-07-25 06:12 - 00000117 _____ C:\WINDOWS\system32\netcfg-47612562.txt
2015-07-24 17:15 - 2015-08-15 15:06 - 00003600 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2407381306-1223850301-1151369756-1001
2015-07-24 17:12 - 2015-07-24 17:12 - 00000000 ____D C:\Users\CM\AppData\Local\EgisTec IPS
2015-07-24 17:11 - 2015-07-24 17:11 - 00000000 ____D C:\Users\CM\AppData\Roaming\Atheros
2015-07-24 17:10 - 2015-07-24 17:10 - 00019212 _____ C:\Users\CM\Desktop\Entfernte Anwendungen.html
2015-07-24 17:10 - 2015-07-24 17:10 - 00000000 ____D C:\WINDOWS\System32\Tasks\WPD
2015-07-24 17:09 - 2015-08-11 23:03 - 00001458 _____ C:\Users\CM\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2015-07-24 17:08 - 2015-07-24 17:08 - 00002156 _____ C:\Users\CM\Desktop\McAfee Anti-Theft.lnk
2015-07-24 17:08 - 2015-07-24 17:08 - 00002027 _____ C:\Users\Public\Desktop\LOVEFiLM.lnk
2015-07-24 17:08 - 2015-07-24 17:08 - 00001736 _____ C:\Users\Public\Desktop\Online kaufen.lnk
2015-07-24 17:08 - 2015-07-24 17:08 - 00000000 ____D C:\Program Files\Preload
2015-07-24 17:08 - 2015-07-24 17:08 - 00000000 ____D C:\Program Files\Accessory Store
2015-07-24 17:07 - 2015-07-24 17:07 - 00000093 _____ C:\WINDOWS\WLangUpt.log
2015-07-24 17:07 - 2015-07-24 17:07 - 00000000 ____D C:\Users\CM\AppData\Roaming\lm
2015-07-24 17:04 - 2015-07-24 17:04 - 00000000 ____D C:\Users\CM\AppData\Roaming\Macromedia
2015-07-24 17:04 - 2015-07-24 17:04 - 00000000 ____D C:\Users\CM\AppData\Roaming\Adobe
2015-07-24 17:03 - 2015-07-29 16:50 - 00000000 ____D C:\Users\CM\AppData\Local\VirtualStore
2015-07-24 17:02 - 2015-08-03 23:22 - 01178932 _____ C:\WINDOWS\WindowsUpdate (1).log
2015-07-24 17:01 - 2015-07-24 17:01 - 00000117 _____ C:\WINDOWS\system32\netcfg-144968.txt
2015-07-24 17:01 - 2015-07-24 17:01 - 00000117 _____ C:\WINDOWS\system32\netcfg-144906.txt
2015-07-24 17:01 - 2015-07-24 17:01 - 00000117 _____ C:\WINDOWS\system32\netcfg-142812.txt
2015-07-24 17:00 - 2015-07-24 17:00 - 00000117 _____ C:\WINDOWS\system32\netcfg-98968.txt
2015-07-24 17:00 - 2015-07-24 17:00 - 00000000 _SHDL C:\Users\Public\Documents\Eigene Musik
2015-07-24 17:00 - 2015-07-24 17:00 - 00000000 _SHDL C:\Users\Public\Documents\Eigene Bilder
2015-07-24 17:00 - 2015-07-24 17:00 - 00000000 _SHDL C:\Users\Default.migrated\Vorlagen
2015-07-24 17:00 - 2015-07-24 17:00 - 00000000 _SHDL C:\Users\Default.migrated\Startmenü
2015-07-24 17:00 - 2015-07-24 17:00 - 00000000 _SHDL C:\Users\Default.migrated\Netzwerkumgebung
2015-07-24 17:00 - 2015-07-24 17:00 - 00000000 _SHDL C:\Users\Default.migrated\Lokale Einstellungen
2015-07-24 17:00 - 2015-07-24 17:00 - 00000000 _SHDL C:\Users\Default.migrated\Eigene Dateien
2015-07-24 17:00 - 2015-07-24 17:00 - 00000000 _SHDL C:\Users\Default.migrated\Druckumgebung
2015-07-24 17:00 - 2015-07-24 17:00 - 00000000 _SHDL C:\Users\Default.migrated\Documents\Eigene Musik
2015-07-24 17:00 - 2015-07-24 17:00 - 00000000 _SHDL C:\Users\Default.migrated\Documents\Eigene Bilder
2015-07-24 17:00 - 2015-07-24 17:00 - 00000000 _SHDL C:\Users\Default.migrated\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2015-07-24 17:00 - 2015-07-24 17:00 - 00000000 _SHDL C:\Users\Default.migrated\AppData\Local\Verlauf
2015-07-24 17:00 - 2015-07-24 17:00 - 00000000 _SHDL C:\Users\Default.migrated\AppData\Local\Anwendungsdaten
2015-07-24 17:00 - 2015-07-24 17:00 - 00000000 _SHDL C:\Users\Default.migrated\Anwendungsdaten
2015-07-24 17:00 - 2015-07-24 17:00 - 00000000 _SHDL C:\ProgramData\Vorlagen
2015-07-24 17:00 - 2015-07-24 17:00 - 00000000 _SHDL C:\ProgramData\Startmenü
2015-07-24 17:00 - 2015-07-24 17:00 - 00000000 _SHDL C:\ProgramData\Microsoft\Windows\Start Menu\Programme
2015-07-24 17:00 - 2015-07-24 17:00 - 00000000 _SHDL C:\ProgramData\Dokumente
2015-07-24 17:00 - 2015-07-24 17:00 - 00000000 _SHDL C:\ProgramData\Anwendungsdaten
2015-07-24 17:00 - 2015-07-24 17:00 - 00000000 _SHDL C:\Program Files\Gemeinsame Dateien
2015-07-24 16:28 - 2015-07-24 17:47 - 00000000 ___HD C:\$SysReset
2015-07-24 14:11 - 2015-07-24 14:11 - 00871739 _____ C:\Users\CM\Downloads\Setup (3).jse
2015-07-24 14:10 - 2015-07-24 14:11 - 00871750 _____ C:\Users\CM\Downloads\Setup (1).jse
2015-07-24 14:10 - 2015-07-24 14:10 - 00871750 _____ C:\Users\CM\Downloads\Setup (2).jse
2015-07-24 13:39 - 2015-07-24 13:39 - 00772016 _____ (Reimage®) C:\Users\CM\Downloads\ReimageRepair (12).exe
2015-07-24 13:39 - 2015-07-24 13:39 - 00772016 _____ (Reimage®) C:\Users\CM\Downloads\ReimageRepair (11).exe
2015-07-24 13:38 - 2015-07-24 13:38 - 00772016 _____ (Reimage®) C:\Users\CM\Downloads\ReimageRepair (10).exe
2015-07-24 13:18 - 2015-07-24 13:18 - 00772016 _____ (Reimage®) C:\Users\CM\Downloads\ReimageRepair (9).exe
2015-07-24 13:18 - 2015-07-24 13:18 - 00772016 _____ (Reimage®) C:\Users\CM\Downloads\ReimageRepair (8).exe
2015-07-24 13:17 - 2015-07-24 13:17 - 00772016 _____ (Reimage®) C:\Users\CM\Downloads\ReimageRepair (7).exe
2015-07-24 13:13 - 2015-07-24 13:13 - 00772016 _____ (Reimage®) C:\Users\CM\Downloads\ReimageRepair (6).exe
2015-07-24 13:00 - 2015-07-24 13:00 - 00772016 _____ (Reimage®) C:\Users\CM\Downloads\ReimageRepair (5).exe
2015-07-24 12:57 - 2015-07-24 12:59 - 01112883 _____ C:\Users\CM\Downloads\FirefoxSetup.jse
2015-07-24 12:19 - 2015-07-24 12:19 - 01319011 _____ C:\Users\CM\Downloads\Firefox_38.0.1_einrichten (1).jse
2015-07-24 12:18 - 2015-07-24 12:18 - 01319011 _____ C:\Users\CM\Downloads\Nicht bestätigt 407671.crdownload
2015-07-24 11:00 - 2015-07-24 11:00 - 00772016 _____ (Reimage®) C:\Users\CM\Downloads\ReimageRepair (4).exe
2015-07-24 11:00 - 2015-07-24 11:00 - 00772016 _____ (Reimage®) C:\Users\CM\Downloads\ReimageRepair (3).exe
2015-07-24 10:56 - 2015-07-24 10:56 - 00772016 _____ (Reimage®) C:\Users\CM\Downloads\ReimageRepair (2).exe
2015-07-24 10:55 - 2015-07-24 10:55 - 00772016 _____ (Reimage®) C:\Users\CM\Downloads\ReimageRepair (1).exe
2015-07-23 18:01 - 2015-07-23 18:01 - 00772016 _____ (Reimage®) C:\Users\CM\Downloads\ReimageRepair(9).exe
2015-07-23 17:56 - 2015-07-23 17:57 - 00242928 _____ C:\Users\CM\Downloads\Firefox Setup Stub 39.0 (1).exe
2015-07-23 14:23 - 2015-07-23 14:23 - 00772016 _____ (Reimage®) C:\Users\CM\Downloads\ReimageRepair(8).exe
2015-07-23 09:42 - 2015-07-23 09:42 - 01245384 _____ (Microsoft Corporation) C:\Users\CM\Downloads\wlsetup-web(1).exe
2015-07-23 09:19 - 2015-08-04 11:43 - 00000000 ____D C:\Users\CM\AppData\Local\Packages
2015-07-23 07:05 - 2015-07-23 07:05 - 00242912 _____ C:\Users\CM\Downloads\Firefox Setup Stub 39.0.exe
2015-07-22 19:41 - 2015-07-22 19:41 - 00772016 _____ (Reimage®) C:\Users\CM\Downloads\ReimageRepair(7).exe
2015-07-22 12:54 - 2015-07-22 12:54 - 00772016 _____ (Reimage®) C:\Users\CM\Downloads\ReimageRepair(6).exe
2015-07-22 12:52 - 2015-07-22 12:52 - 00772016 _____ (Reimage®) C:\Users\CM\Downloads\ReimageRepair(5).exe
2015-07-22 12:51 - 2015-07-22 12:52 - 00772016 _____ (Reimage®) C:\Users\CM\Downloads\ReimageRepair(4).exe
2015-07-22 11:26 - 2015-07-22 11:26 - 00772016 _____ (Reimage®) C:\Users\CM\Downloads\ReimageRepair(3).exe
2015-07-22 11:10 - 2015-07-22 11:10 - 00772016 _____ (Reimage®) C:\Users\CM\Downloads\ReimageRepair(2).exe
2015-07-22 07:35 - 2015-07-22 07:36 - 01090263 _____ C:\Users\CM\Downloads\setup.jse
2015-07-22 07:33 - 2015-07-22 07:36 - 01245384 _____ (Microsoft Corporation) C:\Users\CM\Downloads\wlsetup-web (2).exe
2015-07-22 07:04 - 2015-07-22 07:05 - 01245384 _____ (Microsoft Corporation) C:\Users\CM\Downloads\wlsetup-web.exe
2015-07-21 19:16 - 2015-07-29 14:54 - 07357440 _____ C:\Users\CM\Downloads\WindowsMovieMakerSetup.exe
2015-07-21 18:33 - 2015-07-23 11:15 - 00000000 _____ C:\dummy.htm
2015-07-21 18:01 - 2015-07-21 18:01 - 00000000 _____ C:\LILF48E.tmp
2015-07-21 18:01 - 2015-07-21 18:01 - 00000000 _____ C:\LILF48D.tmp
2015-07-21 18:00 - 2015-07-21 18:02 - 00000000 ____D C:\c9eab403-51a3-4e95-81f7-b6263ea83a2d
2015-07-21 17:57 - 2015-07-21 18:02 - 128227047 _____ C:\Users\CM\Downloads\wlsetup-all.exe.part
2015-07-20 15:23 - 2015-08-14 06:42 - 00012288 ___SH C:\Users\CM\Desktop\Thumbs.db
2015-07-20 15:22 - 2015-07-20 14:36 - 507502069 _____ C:\Users\CM\Desktop\Projekt.m4v
2015-07-19 19:21 - 2015-07-19 19:21 - 00517344 _____ ( ) C:\Users\CM\Downloads\install-quicktime.exe
2015-07-18 06:09 - 2015-07-18 06:09 - 00000076 _____ C:\Users\CM\Downloads\IndexerVolumeGuid
2015-07-17 23:34 - 2015-07-17 23:34 - 00000000 ____D C:\Users\CM\Downloads\PC Drivers HeadQuarters
2015-07-17 23:32 - 2015-07-17 23:32 - 00334448 _____ (PC Drivers HeadQuarters LP) C:\Users\CM\Downloads\DriverDetective(1).exe
2015-07-17 23:31 - 2015-07-17 23:31 - 00334448 _____ (PC Drivers HeadQuarters LP) C:\Users\CM\Downloads\DriverDetective.exe

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2015-08-15 15:02 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\system32\sru
2015-08-14 13:46 - 2014-11-21 05:35 - 01776918 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2015-08-14 13:46 - 2014-11-21 04:45 - 00765582 _____ C:\WINDOWS\system32\perfh007.dat
2015-08-14 13:46 - 2014-11-21 04:45 - 00159366 _____ C:\WINDOWS\system32\perfc007.dat
2015-08-14 13:45 - 2013-08-22 16:46 - 00295877 _____ C:\WINDOWS\setupact.log
2015-08-14 10:50 - 2013-08-22 16:45 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2015-08-14 08:30 - 2013-08-22 15:25 - 00262144 ___SH C:\WINDOWS\system32\config\BBI
2015-08-14 06:52 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\AppReadiness
2015-08-13 14:25 - 2015-07-10 19:28 - 00000000 ___HD C:\$Windows.~BT
2015-08-13 13:30 - 2012-09-01 22:32 - 00000000 ____D C:\Program Files (x86)\McAfee
2015-08-13 09:06 - 2012-09-01 22:32 - 00000000 ____D C:\ProgramData\McAfee
2015-08-13 09:03 - 2012-09-01 22:32 - 00000000 ____D C:\Program Files\Common Files\mcafee
2015-08-13 08:51 - 2013-08-22 16:44 - 00377856 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2015-08-13 08:50 - 2014-11-20 20:24 - 00037414 _____ C:\WINDOWS\PFRO.log
2015-08-12 11:38 - 2013-08-22 17:36 - 00000000 ___RD C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-08-12 11:38 - 2013-08-22 17:36 - 00000000 ___RD C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-08-12 11:38 - 2013-08-22 17:36 - 00000000 ____D C:\Program Files\Windows Defender
2015-08-12 11:38 - 2013-08-22 17:36 - 00000000 ____D C:\Program Files (x86)\Windows Defender
2015-08-12 11:29 - 2012-07-26 09:59 - 00000000 ____D C:\WINDOWS\CbsTemp
2015-08-12 11:10 - 2014-11-21 12:51 - 00000000 ___SD C:\WINDOWS\system32\CompatTel
2015-08-12 11:08 - 2013-08-22 17:36 - 00000000 ___RD C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-08-12 11:08 - 2013-08-22 17:36 - 00000000 ___RD C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-08-11 09:01 - 2013-08-22 15:25 - 00262144 ___SH C:\WINDOWS\system32\config\ELAM
2015-08-11 08:44 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\AppCompat
2015-08-10 19:05 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\system32\sr-Latn-RS
2015-08-10 19:05 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\system32\sr-Latn-CS
2015-08-10 18:47 - 2012-09-01 22:36 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2015-08-10 18:47 - 2012-09-01 22:36 - 00000000 ____D C:\ProgramData\WildTangent
2015-08-10 18:35 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\system32\restore
2015-08-08 15:55 - 2014-11-21 13:01 - 00794088 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2015-08-08 15:55 - 2014-11-21 13:01 - 00179688 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2015-08-05 16:04 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\system32\NDF
2015-08-05 05:30 - 2012-10-18 03:30 - 00000000 ____D C:\ProgramData\Atheros
2015-08-04 12:44 - 2015-03-23 16:29 - 00000000 __RDO C:\Users\CM\OneDrive
2015-08-04 01:11 - 2015-02-10 03:35 - 00000000 __SHD C:\Recovery
2015-08-04 01:10 - 2013-08-22 17:36 - 00262144 _____ C:\WINDOWS\system32\config\BCD-Template
2015-08-04 01:08 - 2013-08-22 17:36 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2015-08-04 01:07 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\SysWOW64\setup
2015-08-04 01:07 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\system32\setup
2015-08-04 01:07 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\rescache
2015-08-04 01:05 - 2013-08-22 17:36 - 00000000 ____D C:\Program Files\Windows NT
2015-08-04 01:05 - 2013-08-22 15:36 - 00000000 __RHD C:\Users\Default
2015-08-04 01:02 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\Registration
2015-08-04 01:01 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\PolicyDefinitions
2015-08-04 00:56 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\WinStore
2015-08-04 00:55 - 2014-11-21 05:27 - 02473472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2015-08-04 00:55 - 2013-08-22 17:36 - 00000000 ___RD C:\WINDOWS\ToastData
2015-08-04 00:54 - 2013-08-22 17:36 - 00000000 __RSD C:\WINDOWS\Media
2015-08-04 00:53 - 2013-08-22 17:36 - 00000000 __RHD C:\Users\Public\Libraries
2015-08-04 00:49 - 2013-08-22 17:36 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
2015-08-04 00:44 - 2014-11-21 05:13 - 00000000 ____D C:\Program Files\Windows Journal
2015-08-04 00:41 - 2013-08-22 15:36 - 00000000 ____D C:\WINDOWS\system32\AdvancedInstallers
2015-08-04 00:39 - 2014-11-21 05:13 - 00000000 ____D C:\WINDOWS\ShellNew
2015-08-04 00:39 - 2013-08-22 15:36 - 00000000 ____D C:\WINDOWS\system32\Sysprep
2015-08-04 00:39 - 2012-10-18 03:46 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EgisTec
2015-08-04 00:39 - 2012-10-18 03:45 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink MediaEspresso 6.5
2015-08-04 00:39 - 2012-10-18 03:11 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dolby
2015-08-04 00:39 - 2012-09-01 23:08 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acer
2015-08-04 00:35 - 2013-08-22 17:37 - 00005217 _____ C:\WINDOWS\DtcInstall.log
2015-08-04 00:35 - 2012-07-26 07:37 - 00000000 ____D C:\Users\Default.migrated
2015-08-04 00:34 - 2014-11-21 04:45 - 00000000 ____D C:\WINDOWS\SysWOW64\WCN
2015-08-04 00:34 - 2014-11-21 04:45 - 00000000 ____D C:\WINDOWS\SysWOW64\sysprep
2015-08-04 00:34 - 2014-11-21 04:45 - 00000000 ____D C:\WINDOWS\system32\WCN
2015-08-04 00:34 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\SysWOW64\MUI
2015-08-04 00:34 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\SysWOW64\migwiz
2015-08-04 00:34 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\SysWOW64\IME
2015-08-04 00:34 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2015-08-04 00:34 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\system32\spool
2015-08-04 00:34 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\system32\MUI
2015-08-04 00:34 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\system32\IME
2015-08-04 00:34 - 2013-08-22 15:36 - 00000000 ____D C:\WINDOWS\SysWOW64\SMI
2015-08-04 00:34 - 2013-08-22 15:36 - 00000000 ____D C:\WINDOWS\system32\oobe
2015-08-04 00:34 - 2012-09-01 22:33 - 00000000 ____D C:\WINDOWS\SysWOW64\sda
2015-08-04 00:33 - 2013-08-22 17:43 - 00000000 ____D C:\WINDOWS\DigitalLocker
2015-08-04 00:33 - 2013-08-22 17:36 - 00000000 __SHD C:\Program Files\Windows Sidebar
2015-08-04 00:33 - 2013-08-22 17:36 - 00000000 __SHD C:\Program Files (x86)\Windows Sidebar
2015-08-04 00:33 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\IME
2015-08-04 00:33 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\Help
2015-08-04 00:33 - 2012-08-03 19:17 - 00000000 ____D C:\ProgramData\PRICache
2015-08-04 00:32 - 2013-08-22 17:36 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2015-08-04 00:30 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\system32\Recovery
2015-08-04 00:17 - 2013-08-22 16:46 - 00000084 _____ C:\WINDOWS\setuperr.log
2015-08-03 22:04 - 2012-07-26 10:12 - 00000000 ____D C:\WINDOWS\AUInstallAgent
2015-07-28 16:16 - 2012-07-26 10:12 - 00000000 ___HD C:\WINDOWS\ELAMBKUP
2015-07-27 15:35 - 2015-06-12 12:23 - 00000000 ____D C:\288a4c48-26e1-4814-8d65-7bb6d264b397
2015-07-27 15:15 - 2012-10-18 03:53 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
2015-07-27 10:30 - 2012-09-01 22:33 - 00001862 _____ C:\Users\Public\Desktop\McAfee Internet Security Suite.lnk
2015-07-24 17:12 - 2012-10-18 03:45 - 00000000 ____D C:\ProgramData\EgisTec IPS
2015-07-24 17:08 - 2012-10-18 03:30 - 00000000 ____D C:\ProgramData\OEM
2015-07-24 17:08 - 2012-09-01 23:27 - 00000225 _____ C:\WINDOWS\User.xml
2015-07-24 17:08 - 2012-09-01 22:28 - 01677814 _____ C:\WINDOWS\launApp.log
2015-07-24 17:08 - 2012-08-03 20:05 - 00000000 ___HD C:\Elements
2015-07-24 17:07 - 2012-10-18 12:31 - 00000225 _____ C:\WINDOWS\WisLangCode.ini
2015-07-24 17:07 - 2012-09-01 23:17 - 00391316 _____ C:\WINDOWS\PLaunch.log
2015-07-24 17:07 - 2012-09-01 22:29 - 00000159 __RSH C:\WINDOWS\Preload.rev
2015-07-24 17:07 - 2012-09-01 22:28 - 00005410 _____ C:\WINDOWS\PatchFul.log

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2015-08-11 23:02 - 2015-08-11 23:02 - 3471189 _____ (Dongphase) C:\Program Files\Common Files\a2d0ljkm.exe
2015-07-29 12:18 - 2015-07-29 12:18 - 0000625 _____ () C:\Users\CM\AppData\Roaming\Bibliotheken - Verknüpfung.lnk
2015-08-03 22:17 - 2015-08-03 22:17 - 0004608 _____ () C:\Users\CM\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2012-10-18 03:11 - 2012-10-18 03:11 - 0000000 ____H () C:\ProgramData\DP45977C.lfl

Einige Dateien in TEMP:
====================
C:\Users\CM\AppData\Local\Temp\DseShExt-x64.dll
C:\Users\CM\AppData\Local\Temp\DseShExt-x86.dll
C:\Users\CM\AppData\Local\Temp\Quarantine.exe
C:\Users\CM\AppData\Local\Temp\SDShelEx-win32.dll
C:\Users\CM\AppData\Local\Temp\SDShelEx-x64.dll
C:\Users\CM\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap =================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert


LastRegBack: 2015-08-04 00:13

==================== Ende von Ergebnis ============================

DANKE DANKE DANKE!!!

Wirklich toll, was ihr hier leistet.

deeprybka 15.08.2015 15:55
:hallo:

Mein Name ist Jürgen und ich werde Dir bei Deinem Problem behilflich sein. Zusammen schaffen wir das...:abklatsch:
  • Bitte arbeite alle Schritte der Reihe nach ab.
  • Lies die Anleitungen sorgfältig durch bevor Du beginnst. Wenn es Probleme gibt oder Du etwas nicht verstehst, dann stoppe mit Deiner Ausführung und beschreibe mir das Problem.
  • Führe bitte nur Scans durch, zu denen Du von mir aufgefordert wurdest.
  • Bitte kein Crossposting (posten in mehreren Foren).
  • Installiere oder deinstalliere während der Bereinigung keine Software, außer Du wurdest dazu aufgefordert.
  • Speichere alle unsere Tools auf dem Desktop ab. Link: So ladet Ihr unsere Tools richtig
  • Poste die Logfiles direkt in Deinen Thread in Code-Tags.
  • Bedenke, dass wir hier alle während unserer Freizeit tätig sind, wenn du innerhalb von 24 Stunden nichts von mir liest, dann schreibe mir bitte eine PM.

Hinweis:
Ich kann Dir niemals eine Garantie geben, dass wir alle schädlichen Dateien finden werden.
Eine Formatierung ist meist der schnellere und immer der sicherste Weg, aber auch nur bei wirklicher Malware empfehlenswert.
Adware & Co. können wir sehr gut entfernen.
Solltest Du Dich für eine Bereinigung entscheiden, arbeite solange mit, bis Du mein clean :daumenhoc bekommst.


Los geht's:

Die Addition.txt fehlt:


Schritt 1

http://filepony.de/icon/frst.pnghttp://deeprybka.trojaner-board.de/b...e/frst/sn1.PNG

Bitte starte FRST erneut, markiere auch die checkbox http://deeprybka.trojaner-board.de/b...t/addition.pngund drücke auf Untersuchen.
Bitte poste mir den Inhalt der beiden Logs die erstellt werden.

ravioli 15.08.2015 16:28
Hey Jürgen,

die Addition.txt habe ich vergessen!

Hier kommt sie:

Code:
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:14-08-2015 01
durchgeführt von CM (2015-08-15 15:54:03)
Gestartet von C:\Users\CM\Desktop
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-2407381306-1223850301-1151369756-500 - Administrator - Disabled)
CM (S-1-5-21-2407381306-1223850301-1151369756-1001 - Administrator - Enabled) => C:\Users\CM
Gast (S-1-5-21-2407381306-1223850301-1151369756-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2407381306-1223850301-1151369756-1007 - Limited - Enabled)

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: McAfee Anti-Virus und Anti-Spyware (Enabled - Up to date) {DA9F8ED0-D0DE-39CC-F55A-51AB4CC1B556}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: McAfee Anti-Virus und Anti-Spyware (Enabled - Up to date) {61FE6F34-F6E4-3642-CFEA-6AD93746FFEB}
FW: McAfee Firewall (Enabled) {E2A40FF5-9AB1-3894-DE05-F89EB212F22D}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

ABBYY FineReader 10 Corporate Edition (HKLM-x32\...\{F1000000-0001-0000-0000-074957833700}) (Version: 10.501.154.7211 - ABBYY)
Acer Backup Manager (HKLM-x32\...\InstallShield_{9DDDF20E-9FD1-4434-A43E-E7889DBC9420}) (Version: 4.0.0.0059 - NTI Corporation)
Acer Device Fast-lane (HKLM\...\{3F62D2FD-13C1-49A2-8B5D-47623D9460D7}) (Version: 1.00.3007 - Acer Incorporated)
Acer Instant Update Service (HKLM\...\{F6100F13-F183-47A2-94A8-9AAC4976E228}) (Version: 1.00.3013 - Acer Incorporated)
Acer Power Management (HKLM\...\{91F52DE4-B789-42B0-9311-A349F10E5479}) (Version: 7.00.3006 - Acer Incorporated)
Acer Recovery Management (HKLM\...\{07F2005A-8CAC-4A4B-83A2-DA98A722CA61}) (Version: 6.00.3011 - Acer Incorporated)
Acer Theft Shield (HKLM\...\{8ADB0CD2-4E5A-452F-BB3B-3A2984CAC749}) (Version: 1.01.3001 - Acer Incorporated)
AcerCloud (HKLM-x32\...\{A5AD0B17-F34D-49BE-A157-C8B3D52ACD13}) (Version: 2.01.3115 - Acer Incorporated)
AcerCloud Docs (HKLM-x32\...\{CA4FE8B0-298C-4E5D-A486-F33B126D6A0A}) (Version: 1.00.3201 - Acer Incorporated)
Adobe Flash Player 18 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 18.0.0.232 - Adobe Systems Incorporated)
Backup Manager v4 (x32 Version: 4.0.0.0059 - NTI Corporation) Hidden
Box Sync (x32 Version: 4.0.6447.0 - Box Inc.) Hidden
clear.fi Media (HKLM-x32\...\{E9AF1707-3F3A-49E2-8345-4F2D629D0876}) (Version: 2.01.3108 - Acer Incorporated)
clear.fi Photo (HKLM-x32\...\{B5AD89F2-03D3-4206-8487-018298007DD0}) (Version: 2.01.3108 - Acer Incorporated)
clear.fi SDK - Video 2 (x32 Version: 2.1.1925 - CyberLink Corp.) Hidden
clear.fi SDK- Movie 2 (x32 Version: 2.1.2008 - CyberLink Corp.) Hidden
CyberLink MediaEspresso 6.5 (HKLM-x32\...\InstallShield_{E3739848-5329-48E3-8D28-5BBD6E8BE384}) (Version: 6.5.3103_44819 - CyberLink Corp.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Dolby Home Theater v4 (HKLM-x32\...\{B26438B4-BF51-49C3-9567-7F14A5E40CB9}) (Version: 7.2.8000.13 - Dolby Laboratories Inc)
Driver Reviver (HKLM\...\Driver Reviver) (Version: 5.2.0.22 - ReviverSoft LLC)
ETDWare PS/2-X64 11.6.6.002_WHQL (HKLM\...\Elantech) (Version: 11.6.6.002 - ELAN Microelectronic Corp.)
ExpressCache (HKLM\...\{2EBEFDA8-F905-4C39-AC1C-D5ABE7B3E0AE}) (Version: 1.0.86 - Diskeeper Corporation)
Fotogalerie (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Identity Card (HKLM-x32\...\{3D9CB654-99AD-4301-89C6-0D12A790767C}) (Version: 2.00.3004 - Acer Incorporated)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1252 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3958 - Intel Corporation)
Intel(R) Rapid Start Technology (HKLM-x32\...\3D073343-CEEB-4ce7-85AC-A69A7631B5D6) (Version: 2.1.0.1002 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.5.0.1207 - Intel Corporation)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation)
Junk Mail filter update (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Launch Manager (HKLM-x32\...\LManager) (Version: 7.0.4 - Acer Inc.)
Live Updater (HKLM-x32\...\{EE26E302-876A-48D9-9058-3129E5B99999}) (Version: 2.00.3004 - Acer Incorporated)
Malwarebytes Anti-Malware Version 2.1.8.1057 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.8.1057 - Malwarebytes Corporation)
McAfee Internet Security Suite (HKLM-x32\...\MSC) (Version: 14.0.4113 - McAfee, Inc.)
McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.11.149.2 - McAfee, Inc.)
McAfee WebAdvisor (HKLM-x32\...\{35ED3F83-4BDC-4c44-8EC6-6A8301C7413A}) (Version: 4.0.124 - McAfee, Inc.)
Microsoft Office (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.6120.5004 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
Microsoft Office Home and Student 2007 (HKLM-x32\...\HOMESTUDENTR) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Movie Maker (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Mozilla Firefox 39.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 39.0 (x86 de)) (Version: 39.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 39.0 - Mozilla)
MyWinLocker (Version: 4.0.14.35 - Egis Technology Inc.) Hidden
MyWinLocker 4 (x32 Version: 4.0.14.35 - Egis Technology Inc.) Hidden
MyWinLocker Suite (HKLM-x32\...\InstallShield_{17DF9714-60C9-43C9-A9C2-32BCAED44CBE}) (Version: 4.0.14.24 - Egis Technology Inc.)
MyWinLocker Suite (x32 Version: 4.0.14.24 - Egis Technology Inc.) Hidden
Office Addin (HKLM-x32\...\{6D2BBE1D-E600-4695-BA37-0B0E605542CC}) (Version: 2.01.3200 - Acer)
Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.0.206 - Ihr Firmenname)
Qualcomm Atheros WiFi Driver Installation (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 11.05 - Qualcomm Atheros)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6690 - Realtek Semiconductor Corp.)
Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.8400.39030 - Realtek Semiconductor Corp.)
Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee)
Shredder (Version: 2.0.8.9 - Egis Technology Inc.) Hidden
Shredder (x32 Version: 2.0.8.9 - Egis Technology Inc.) Hidden
Sleep Memory Optimizer (HKLM\...\{A10FCEC8-5523-4C2D-8B42-091B48EDEB55}) (Version: 1.01.3000 - Acer Incorporated)
Smart Timer (HKLM-x32\...\{89DB52FC-EA72-468F-A0C7-150AF8B7AB74}) (Version: 1.00.3007 - Acer Incorporated)
Spotify (HKLM-x32\...\Spotify) (Version: 0.8.4.99.ga249b5f1 - Spotify AB)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
Update für Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0407-0000-0000000FF1CE}_HOMESTUDENTR_{BEC163EC-7A83-48A1-BFB6-3BF47CC2F8CF}) (Version:  - Microsoft)
Update für Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0407-0000-0000000FF1CE}_HOMESTUDENTR_{EA160DA3-E9B5-4D03-A518-21D306665B96}) (Version:  - Microsoft)
Update für Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0407-0000-0000000FF1CE}_HOMESTUDENTR_{38472199-D7B6-4833-A949-10E4EE6365A1}) (Version:  - Microsoft)
Visual Studio 2005 Tools for Office Second Edition Runtime (HKLM-x32\...\Microsoft Visual Studio 2005 Tools for Office Runtime) (Version:  - Microsoft Corporation)
Visual Studio Tools for the Office system 3.0 Runtime (HKLM-x32\...\Visual Studio Tools for the Office system 3.0 Runtime) (Version:  - Microsoft Corporation)
Visual Studio Tools for the Office system 3.0 Runtime Service Pack 1 (KB949258) (HKLM-x32\...\{8FB53850-246A-3507-8ADE-0060093FFEA6}.KB949258) (Version: 1 - Microsoft Corporation)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.1 - VideoLAN)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3508.0205 - Microsoft Corporation)

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

CustomCLSID: HKU\S-1-5-21-2407381306-1223850301-1151369756-1001_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\WINDOWS\system32\igfxEM.exe (Intel Corporation)

==================== Wiederherstellungspunkte =========================

10-08-2015 18:35:33 eBay Worldwide wird entfernt

==================== Hosts Inhalt: ===============================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2013-08-22 15:25 - 2015-08-13 08:55 - 00000854 ____A C:\WINDOWS\system32\Drivers\etc\hosts
0.0.0.1        mssplus.mcafee.com

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {0BD48D90-F36B-435E-BD73-6B4B8D3B96EE} - System32\Tasks\Start Driver Reviver( SR ) for CHRISTIAN@CM => C:\Program Files\ReviverSoft\Driver Reviver\DriverReviver.exe [2015-08-02] ()
Task: {11C8A6BB-D07D-481B-BA46-8FCD494FF068} - System32\Tasks\ALU => C:\Program Files (x86)\Acer\Live Updater\updater.exe [2012-08-30] ()
Task: {3E844EFA-FB7D-4E97-A655-23F7B49A4D16} - System32\Tasks\uxdhnzsu => C:\Program Files\Common Files\fheekncx\510aewnbklrwj.exe [2015-08-11] ()
Task: {43605C70-6BD8-4812-9A7B-D304CF75F70E} - System32\Tasks\Start Driver Reviver for CHRISTIAN@CM(logon) => C:\Program Files\ReviverSoft\Driver Reviver\DriverReviver.exe [2015-08-02] ()
Task: {463BA461-0542-4292-9138-5061A4C73249} - System32\Tasks\Windows-Agent für die Installation 1.0.29 => C:\Users\CM\AppData\Local\WindowsAgentfr\windows-agent.exe [2015-07-29] ()
Task: {5650D0B7-F334-4460-A603-98F842AFBCD0} - System32\Tasks\Microsoft\Windows\Application Experience\ProgramDataUpdater => Rundll32.exe invagent.dll,RunUpdate -noappraiser
Task: {5FFE0D90-F781-4143-A98B-747649F52FBD} - System32\Tasks\Smart Timer Task Scheduler => C:\Program Files\Smart Timer\Smart_Timer.exe [2012-06-22] (Acer Incorporated)
Task: {62D6983C-943F-45FD-B0BB-8CCC5C708434} - System32\Tasks\DeviceDetector => C:\Program Files (x86)\CyberLink\MediaEspresso\DeviceDetector\DeviceDetector.exe [2012-07-04] (CyberLink)
Task: {64859127-B26A-4F1C-B260-4A6290F716C6} - System32\Tasks\McAfee\McAfee Auto Maintenance Task Agent
Task: {6C0127BA-BB30-452D-98ED-8A3150AC2662} - System32\Tasks\Theft Shield\AcerTheftShieldTask => C:\Program Files\Acer\Acer Theft Shield\USecuAppLauncher.exe [2012-08-22] (Acer Incorporated)
Task: {7261664A-4C58-4115-A7B7-5661BBBD8696} - System32\Tasks\EgisUpdate => C:\Program Files\EgisTec IPS\EgisUpdate.exe [2012-07-11] (Egis Technology Inc.)
Task: {754E30AC-2245-4122-8454-0ED8DAC75F98} - System32\Tasks\snp => C:\ProgramData\Zontone\dn3wklvi.exe [2015-08-11] ()
Task: {868E2D60-6147-4DAA-96BC-7924FAE8B700} - System32\Tasks\PMMUpdate => C:\Program Files\EgisTec IPS\PMMUpdate.exe [2012-07-11] (Egis Technology Inc.)
Task: {8E954A8E-8307-4179-9943-C44A6A0D8D4D} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2015-08-12] (Microsoft Corporation)
Task: {9F12B1F1-BE52-4B59-BB96-5F30CAFEFF23} - System32\Tasks\iuEmailOutlookAgent => C:\Program Files\Acer\Acer Instant Service\InstantUpdate\iuEmailOutlookAgent.exe [2012-08-22] ()
Task: {A01219C0-0502-4B47-B2F5-B7A354F3FB77} - System32\Tasks\ALUAgent => C:\Program Files (x86)\Acer\Live Updater\liveupdater_agent.exe [2012-06-22] ()
Task: {A1B8FDA9-EA3C-4C1C-BA01-0A466924F720} - System32\Tasks\{26E9F40E-B5F3-4D4A-931D-6E738019A6DF} => pcalua.exe -a C:\Users\CM\Downloads\WcPlugin(2).exe -d C:\Users\CM\Downloads
Task: {C7E6B18E-2F86-4E61-B3F5-04CE5B03321F} - System32\Tasks\snf => C:\ProgramData\Zontone\dn3wklvi.exe [2015-08-11] ()
Task: {C8E6D7D8-43FA-475C-A2D7-D26165351C1D} - System32\Tasks\iuBrowserIEAgent => C:\Program Files\Acer\Acer Instant Service\InstantUpdate\iuBrowserIEAgent.exe [2012-08-22] ()
Task: {CB6BFC18-8006-4C53-8DCA-3DADD106012B} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-08-13] (Adobe Systems Incorporated)
Task: {E3E7BC91-0A6D-4936-9181-0536CA5B35FE} - System32\Tasks\VNFZWYG1 => C:\ProgramData\SecurityUtility\SecurityUtility.exe <==== ACHTUNG
Task: {E963EE60-7E56-4729-8CDE-D9A92974F7C3} - System32\Tasks\Start Driver Reviver( SR ) for CHRISTIAN@CM at logon => C:\Program Files\ReviverSoft\Driver Reviver\DriverReviver.exe [2015-08-02] ()
Task: {EB8DA8DF-9886-451F-A852-73C5190B3064} - System32\Tasks\Recovery Management\Notification => C:\Program Files\Acer\Acer Recovery Management\Notification\Notification.exe [2012-07-31] (Acer Incorporated)
Task: {FC59B92A-75CA-4474-BBDD-A312E1CCC57B} - System32\Tasks\Power Management => C:\Program Files\Acer\Acer Power Management\ePowerTray.exe [2012-08-22] (Acer Incorporated)
Task: {FF1AD0B3-D918-4B8B-8FC3-EA3852D51D38} - System32\Tasks\{9E330F1F-59C2-4E91-BCB5-6CB5C80C79A1} => pcalua.exe -a C:\Users\CM\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\SkyDriveSetup.exe -c  /uninstall

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\Start Driver Reviver for CHRISTIAN@CM(logon).job => C:\Program Files\ReviverSoft\Driver Reviver\DriverReviver.exe
Task: C:\WINDOWS\Tasks\Start Driver Reviver( SR ) for CHRISTIAN@CM.job => C:\Program Files\ReviverSoft\Driver Reviver\DriverReviver.exe-runExecutable SRTray.exe
Task: C:\WINDOWS\Tasks\VNFZWYG1.job => C:\ProgramData\SecurityUtility\SecurityUtility.exe <==== ACHTUNG

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2015-07-27 13:53 - 2015-07-27 13:53 - 00376832 _____ () C:\Program Files\Controller\cohc.exe
2015-08-11 14:01 - 2015-08-11 14:01 - 00035840 _____ () C:\ProgramData\Zontone\Zontone.exe
2012-10-18 03:30 - 2012-10-18 03:30 - 01193176 _____ () C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe
2012-08-10 18:28 - 2012-08-10 18:28 - 00384128 _____ () C:\Program Files (x86)\Bluetooth Suite\ContactsApi.dll
2012-08-10 18:23 - 2012-08-10 18:23 - 00020992 _____ () C:\Program Files (x86)\Bluetooth Suite\L10n\de-DE\BtTray.de-DE.dll
2012-08-22 15:04 - 2012-08-22 15:04 - 00044176 _____ () C:\Program Files\Acer\Acer Instant Service\InstantUpdate\iuBrowserIEAgent.exe
2012-08-22 15:04 - 2012-08-22 15:04 - 00025232 _____ () C:\Program Files\Acer\Acer Instant Service\InstantUpdate\iuEmailOutlookAgent.exe
2015-08-14 06:53 - 2015-08-02 00:53 - 24383240 _____ () C:\Program Files\ReviverSoft\Driver Reviver\DriverReviver.exe
2012-08-23 08:26 - 2012-08-23 08:26 - 00465384 _____ () C:\Program Files (x86)\NTI\Acer Backup Manager\sqlite3.dll
2012-08-23 08:25 - 2012-08-23 08:25 - 00125504 _____ () C:\Program Files (x86)\NTI\Acer Backup Manager\MailConverter32.dll
2012-08-23 08:26 - 2012-08-23 08:26 - 00155712 _____ () C:\Program Files (x86)\NTI\Acer Backup Manager\VolumeSnapshot.dll
2012-08-23 08:25 - 2012-08-23 08:25 - 00118336 _____ () C:\Program Files (x86)\NTI\Acer Backup Manager\Online.dll
2012-08-23 08:25 - 2012-08-23 08:25 - 01081408 _____ () C:\Program Files (x86)\NTI\Acer Backup Manager\ACE.dll
2012-08-23 08:25 - 2012-08-23 08:25 - 00052288 _____ () C:\Program Files (x86)\NTI\Acer Backup Manager\OsSettingPort.dll
2012-08-23 08:26 - 2012-08-23 08:26 - 00727616 _____ () C:\Program Files (x86)\NTI\Acer Backup Manager\OutlookShadow.dll
2012-10-18 03:09 - 2012-06-25 10:41 - 01198912 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll
2015-08-11 23:02 - 2015-08-11 23:02 - 00928768 _____ () C:\ProgramData\Zontone\1cxl12ae.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)

AlternateDataStreams: C:\Users\CM\OneDrive:ms-properties
AlternateDataStreams: C:\Users\CM\OneDrive (2):ms-properties
AlternateDataStreams: C:\Users\CM\OneDrive (2).old:ms-properties
AlternateDataStreams: C:\Users\CM\OneDrive.old:ms-properties

==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McNaiAnn => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeaack => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeaack.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeavfk => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeavfk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefire => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfemms => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfetdi2k => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfetdi2k.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfevtp => ""="Service"

==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)


==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-2407381306-1223850301-1151369756-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\CM\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper
DNS Servers: 192.168.178.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)


==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{FB550BD7-EF60-4D3B-93F0-74BC191DB204}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [{CEFDE913-0DB7-4BC0-A12D-9D9E21BC3A85}] => (Allow) LPort=1900
FirewallRules: [{29FDB856-2149-4C56-B30D-80A0912B38E8}] => (Allow) LPort=2869
FirewallRules: [{761B5561-0A89-460C-B03A-7DFE58569EE1}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{498FBA32-8EE7-46D1-AF75-A1A8D69E470D}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{2C0B5A69-9276-4E9C-A6A5-93A169E7DA36}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{A3C7B35A-3184-4974-9778-6CCBA5EDDDF6}] => (Allow) C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe
FirewallRules: [{822464E6-F21F-4842-BC94-A66186D999D3}] => (Allow) C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe
FirewallRules: [{3BCCF5CB-6AF2-448D-B21E-78D04860C10C}] => (Allow) c:\Program Files\Acer\Acer Theft Shield\USecuAppClient.exe
FirewallRules: [{8B8338DE-60B6-4638-815A-1C627355AF0D}] => (Allow) C:\Program Files (x86)\Acer\clear.fi Photo\WindowsUpnp.exe
FirewallRules: [{5DD93D57-DC0E-4F59-9CE7-5F1A5EB109F8}] => (Allow) C:\Program Files (x86)\Acer\clear.fi Photo\WindowsUpnp.exe
FirewallRules: [{AE46788E-11EA-4A04-A208-233D3FEE05EF}] => (Allow) C:\Program Files (x86)\Acer\clear.fi Photo\DMCDaemon.exe
FirewallRules: [{B8F205A6-C519-4FCE-AC5C-26764E44021E}] => (Allow) C:\Program Files (x86)\Acer\clear.fi Photo\DMCDaemon.exe
FirewallRules: [{D31F685E-1D45-478F-AE80-E326D924EADF}] => (Allow) C:\Program Files (x86)\Acer\clear.fi SDK21\Movie\PlayMovie.exe
FirewallRules: [{5FA51961-C795-48DD-B187-485A079CA7CD}] => (Allow) C:\Program Files (x86)\Acer\clear.fi SDK21\Video\MusicPlayer.exe
FirewallRules: [{CE9B5EFE-C661-41BB-8206-8AF86B576749}] => (Allow) C:\Program Files (x86)\Acer\clear.fi SDK21\Video\VideoPlayer.exe
FirewallRules: [{2E57AC22-BD77-4467-92DF-8963B2A67D5D}] => (Allow) C:\Program Files (x86)\Acer\clear.fi Media\WindowsUpnpMV.exe
FirewallRules: [{8B7A27FD-5633-418B-AAD9-EDF16BA966F5}] => (Allow) C:\Program Files (x86)\Acer\clear.fi Media\WindowsUpnpMV.exe
FirewallRules: [{14FEEFF0-5F99-4A68-9FE5-163FC94DF1DC}] => (Allow) C:\Program Files (x86)\Acer\clear.fi Media\DMCDaemon.exe
FirewallRules: [{4D5FED86-96AD-4A35-8332-CEE5F87464B8}] => (Allow) C:\Program Files (x86)\Acer\clear.fi Media\DMCDaemon.exe
FirewallRules: [{96A4D97E-482E-457C-89C1-88CBA03A702F}] => (Allow) C:\Program Files (x86)\Acer\Acer Cloud\ccd.exe
FirewallRules: [{C3D7AFE2-361E-4653-B661-BFBF6A01C178}] => (Allow) C:\Program Files (x86)\Acer\Acer Cloud\ccd.exe
FirewallRules: [{CB8B85C7-FFFC-45FE-BFCC-C8D97BC92C14}] => (Allow) C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe
FirewallRules: [{F7DE67E8-20A7-43B8-B63A-EE650C592BBD}] => (Allow) C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe
FirewallRules: [{C7DDF357-7515-49B6-BE2F-784694105231}] => (Allow) C:\Program Files (x86)\Spotify\spotify.exe
FirewallRules: [{7850E51E-32BD-4CED-B35D-F23AEF768E50}] => (Allow) C:\Program Files (x86)\Spotify\spotify.exe
FirewallRules: [{0F544170-6411-41C9-8B5B-00B4CE5217FC}] => (Allow) C:\Program Files (x86)\NTI\Acer Backup Manager\FileExplorer.exe
FirewallRules: [{80DAF1FF-436B-49B7-87DA-907D408384B2}] => (Allow) C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe
FirewallRules: [{4FBF307D-3410-4825-B2EF-7DA09D40ACE9}] => (Allow) C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManager.exe
FirewallRules: [{AF1EACE4-48FF-446D-B9EE-25E4ADAECA41}] => (Allow) C:\Program Files\Common Files\mcafee\mcsvchost\McSvHost.exe
FirewallRules: [{13745DAA-B916-49F5-8469-399FB6C67E5D}] => (Allow) C:\Program Files\Common Files\mcafee\mcsvchost\McSvHost.exe

==================== Fehlerhafte Geräte im Gerätemanager =============

Name: Bluetooth Audio Device
Description: Bluetooth Audio Device
Class Guid: {4d36e96c-e325-11ce-bfc1-08002be10318}
Manufacturer: Qualcomm Atheros Communications
Service: BTATH_A2DP
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.

Name: Virtual Bluetooth Support (Include Audio)
Description: Virtual Bluetooth Support (Include Audio)
Class Guid: {c7c038ad-1f2d-44d4-b2fe-d912be20e6d5}
Manufacturer: Qualcomm Atheros Communications
Service: AthBTPort
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver

Name: Bluetooth LWFLT Device
Description: Bluetooth LWFLT Device
Class Guid: {c7c038ad-1f2d-44d4-b2fe-d912be20e6d5}
Manufacturer: Qualcomm Atheros Communications
Service: BTATH_LWFLT
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (08/15/2015 03:31:05 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80070005

Error: (08/15/2015 02:50:58 PM) (Source: Desktop Window Manager) (EventID: 9020) (User: )
Description: Der Desktopfenster-Manager hat einen schwerwiegenden Fehler (0x8898008d) festgestellt.

Error: (08/14/2015 12:33:21 PM) (Source: Perflib) (EventID: 1023) (User: )
Description: rdyboost4

Error: (08/13/2015 03:41:42 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: CHRISTIAN)
Description: Bei der Aktivierung der App „microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1“ ist folgender Fehler aufgetreten: -2144927141. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.

Error: (08/13/2015 01:30:22 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: svchost.exe_stisvc, Version: 6.3.9600.17415, Zeitstempel: 0x54504177
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00000000ffffffff
ID des fehlerhaften Prozesses: 0x8a8
Startzeit der fehlerhaften Anwendung: 0xsvchost.exe_stisvc0
Pfad der fehlerhaften Anwendung: svchost.exe_stisvc1
Pfad des fehlerhaften Moduls: svchost.exe_stisvc2
Berichtskennung: svchost.exe_stisvc3
Vollständiger Name des fehlerhaften Pakets: svchost.exe_stisvc4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: svchost.exe_stisvc5

Error: (08/13/2015 08:53:36 AM) (Source: Perflib) (EventID: 1023) (User: )
Description: rdyboost4

Error: (08/12/2015 10:43:05 AM) (Source: ePowerSvc) (EventID: 0) (User: )
Description: ePowerSvc error: 1063StartServiceCtrlDispatcher failed.

Error: (08/11/2015 11:03:10 PM) (Source: Perflib) (EventID: 1023) (User: )
Description: rdyboost4

Error: (08/11/2015 09:15:44 AM) (Source: MsiInstaller) (EventID: 10021) (User: CHRISTIAN)
Description: Produkt: ABBYY FineReader 10 Corporate Edition -- Das Gerät ist nicht bereit.
(NULL)(NULL)(NULL)(NULL)(NULL)

Error: (08/10/2015 07:36:19 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: CHRISTIAN)
Description: Bei der Aktivierung der App „Microsoft.Reader_8wekyb3d8bbwe!Microsoft.Reader“ ist folgender Fehler aufgetreten: -2144927141. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.


Systemfehler:
=============
Error: (08/15/2015 03:17:42 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalAktivierung{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar

Error: (08/14/2015 01:47:04 PM) (Source: DCOM) (EventID: 10010) (User: CHRISTIAN)
Description: {4AA0A5C4-1B9B-4F2E-99D7-99C6AEC83474}

Error: (08/14/2015 10:53:35 AM) (Source: DCOM) (EventID: 10010) (User: NT-AUTORITÄT)
Description: {ADA518B9-B7A3-4C36-B4ED-49EB3FA189FC}

Error: (08/14/2015 10:53:05 AM) (Source: DCOM) (EventID: 10010) (User: NT-AUTORITÄT)
Description: {ADA518B9-B7A3-4C36-B4ED-49EB3FA189FC}

Error: (08/14/2015 08:29:25 AM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalAktivierung{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar

Error: (08/14/2015 07:03:01 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80240020 fehlgeschlagen: Upgrade auf Windows 10 Home

Error: (08/13/2015 03:41:37 PM) (Source: DCOM) (EventID: 10010) (User: CHRISTIAN)
Description: Microsoft.WindowsLive.Mail.AppXj3e9v0xw9sf8t58nqr15tqqb2yq4zsfg.mca

Error: (08/13/2015 01:30:23 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Windows-Bilderfassung (WIA)" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (08/13/2015 11:01:09 AM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst mfemms erreicht.

Error: (08/13/2015 11:00:25 AM) (Source: Service Control Manager) (EventID: 7043) (User: )
Description: Der Dienst Windows Update konnte nach dem Empfang eines Preshutdown-Steuerelements nicht richtig heruntergefahren werden.


Microsoft Office:
=========================

CodeIntegrity:
===================================
  Date: 2015-08-10 09:53:46.198
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files (x86)\AVG\AVG PC TuneUp\avgdumpa.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2015-08-10 09:53:45.451
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files (x86)\AVG\AVG PC TuneUp\avgdumpx.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2015-08-09 14:53:28.294
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files (x86)\AVG\AVG PC TuneUp\avgdumpa.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2015-08-09 14:53:27.666
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files (x86)\AVG\AVG PC TuneUp\avgdumpx.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2015-08-08 17:24:46.488
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files (x86)\AVG\AVG PC TuneUp\avgdumpa.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2015-08-08 17:24:42.708
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files (x86)\AVG\AVG PC TuneUp\avgdumpx.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2015-08-07 19:13:52.657
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files (x86)\AVG\AVG PC TuneUp\avgdumpa.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2015-08-07 19:13:50.866
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files (x86)\AVG\AVG PC TuneUp\avgdumpx.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2015-08-03 22:06:35.582
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files (x86)\AVG\AVG PC TuneUp\avgdumpa.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2015-08-03 22:06:35.207
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files (x86)\AVG\AVG PC TuneUp\avgdumpx.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.


==================== Speicherinformationen ===========================

Processor: Intel(R) Core(TM) i3-3217U CPU @ 1.80GHz
Prozentuale Nutzung des RAM: 68%
Installierter physikalischer RAM: 3911.27 MB
Verfügbarer physikalischer RAM: 1215.67 MB
Summe virtueller Speicher: 5191.27 MB
Verfügbarer virtueller Speicher: 1671.11 MB

==================== Laufwerke ================================

Drive c: (ACER) (Fixed) (Total:451.96 GB) (Free:394.33 GB) NTFS

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: CCEAE869)

Partition: GPT.

========================================================
Disk: 1 (Size: 18.6 GB) (Disk ID: 704A4DDD)

Partition: GPT.

==================== Ende von Ergebnis ============================

deeprybka 15.08.2015 16:50
Bitte mal neue Scans durchführen. Alle Funde entfernen lassen:

Schritt 1
Downloade Dir bitte AdwCleaner Logo Icon AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
  • Starte die AdwCleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel löschen
    • Winsock Einstellungen zurücksetzen
    • Proxy Einstellungen zurücksetzen
    • Internet Explorer Richtlinien zurücksetzen
    • Chrome Richtlinien zurücksetzen
    • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).


Schritt 2

http://deeprybka.trojaner-board.de/m...mbamlogo4a.pnghttp://deeprybka.trojaner-board.de/m...mbamlogo4b.png
  • Download und Anleitung
  • Starte Malwarebytes' Anti-Malware (MBAM).
  • Sollte die Benutzeroberfläche noch in Englisch sein, klicke auf Settings und wähle bei Language Deutsch aus.
  • Unter Einstellungen/ Erkennung und Schutz setze bitte einen Haken bei "Suche nach Rootkits".
  • Gehe zurück zum Armaturenbrett und klicke auf "Jetzt scannen".
  • Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben und poste mir das Log.

ravioli 15.08.2015 23:42
Hey deeprybka,

hier die Logs:

Code:
# AdwCleaner v5.000 - Logfile created 15/08/2015 at 20:11:40
# Updated 14/08/2015 by Xplode
# Database : 2015-08-14.3 [Server]
# Operating system : Windows 8.1  (x64)
# Username : CM - CHRISTIAN
# Running from : C:\Users\CM\Desktop\AdwCleaner_5.000.exe
# Option : Cleaning

***** [ Services ] *****


***** [ Folders ] *****


***** [ Files ] *****

[-] File Deleted : C:\Users\Public\Desktop\Driver Reviver.lnk

***** [ Shortcuts ] *****


***** [ Scheduled tasks ] *****

[-] Task Deleted : VNFZWYG1

***** [ Registry ] *****

[-] Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID [{1F91A9A1-01BA-4C81-863D-3BA0751E1419}]
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Driver Reviver

***** [ Web browsers ] *****

[-] [C:\Users\CM\AppData\Roaming\Mozilla\Firefox\Profiles\dl70p1bv.default\prefs.js] [Preference] Deleted : user_pref("extensions.quick_start.sd.closeWindowWithLastTab_prev_state", false);

*************************

:: Proxy settings cleared
:: Winsock settings cleared
!! Unable to delete Internet Explorer policies
!! Unable to delete Chrome policies

*************************

C:\AdwCleaner[C2].txt - [1204 octets] - [15/08/2015 20:11:40]
C:\AdwCleaner[S2].txt - [1133 octets] - [15/08/2015 20:02:12]

########## EOF - C:\AdwCleaner[C2].txt - [1330 octets] ##########
und:

Code:
Malwarebytes Anti-Malware
www.malwarebytes.org

Suchlaufdatum: 16.08.2015
Suchlaufzeit: 00:38
Protokolldatei: malwarebytes.txt
Administrator: Ja

Version: 0.0.0.0000
Malware-Datenbank: v2015.08.15.06
Rootkit-Datenbank: v2015.08.06.01
Lizenz: Testversion
Malware-Schutz: Aktiviert
Schutz vor bösartigen Websites: Aktiviert
Selbstschutz: Deaktiviert

Betriebssystem: Windows 8.1
CPU: x64
Dateisystem: NTFS
Benutzer: CM

Suchlauftyp: Bedrohungssuchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 380806
Abgelaufene Zeit: 49 Min., 3 Sek.

Speicher: Aktiviert
Start: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristik: Aktiviert
PUP: Aktiviert
PUM: Aktiviert

Prozesse: 0
(keine bösartigen Elemente erkannt)

Module: 0
(keine bösartigen Elemente erkannt)

Registrierungsschlüssel: 0
(keine bösartigen Elemente erkannt)

Registrierungswerte: 0
(keine bösartigen Elemente erkannt)

Registrierungsdaten: 0
(keine bösartigen Elemente erkannt)

Ordner: 0
(keine bösartigen Elemente erkannt)

Dateien: 0
(keine bösartigen Elemente erkannt)

Physische Sektoren: 0
(keine bösartigen Elemente erkannt)


(end)
Danke!!!

deeprybka 16.08.2015 11:16
Schritt 1

http://filepony.de/icon/frst.pnghttp://deeprybka.trojaner-board.de/b...e/frst/sn4.PNG

Drücke bitte die http://deeprybka.trojaner-board.de/b...ne/revo/w8.png + R Taste und schreibe notepad in das Ausführen Fenster.
Klicke auf OK und kopiere nun den Text aus der Codebox in das leere Textdokument:
Code:
CloseProcesses:
HKLM-x32\...\Run: [LManager] => [X]
AppInit_DLLs: C:\ProgramData\Zontone\yjnsg3mq.dll => C:\ProgramData\Zontone\yjnsg3mq.dll [146944 2015-08-11] ()
AppInit_DLLs-x32: C:\ProgramData\Zontone\4spzqbdf.dll => C:\ProgramData\Zontone\4spzqbdf.dll [120320 2015-08-11] ()
C:\ProgramData\Zontone
SearchScopes: HKLM-x32 -> DefaultScope {ielnksrch} URL =
SearchScopes: HKLM-x32 -> ielnksrch URL =
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-2407381306-1223850301-1151369756-1001 -> DefaultScope {ielnksrch} URL = hxxp
SearchScopes: HKU\S-1-5-21-2407381306-1223850301-1151369756-1001 -> {ielnksrch} URL = hxxp://
FF DefaultSearchEngine: findit
R2 cohci1394; C:\Program Files\Controller\cohc.exe [376832 2015-07-27] () [Datei ist nicht signiert]
C:\Program Files\Controller
S2 Got; C:\ProgramData\Got\Got [X]
R2 Zontone; C:\ProgramData\Zontone\Zontone [X]
C:\Program Files\Common Files\a2d0ljkm.exe
C:\ProgramData\Got
C:\ProgramData\SecurityUtility
C:\Users\CM\AppData\Local\WindowsAgentfr
C:\Program Files\Common Files\fheekncx
Task: {3E844EFA-FB7D-4E97-A655-23F7B49A4D16} - System32\Tasks\uxdhnzsu => C:\Program Files\Common Files\fheekncx\510aewnbklrwj.exe [2015-08-11] ()
Task: {463BA461-0542-4292-9138-5061A4C73249} - System32\Tasks\Windows-Agent für die Installation 1.0.29 => C:\Users\CM\AppData\Local\WindowsAgentfr\windows-agent.exe [2015-07-29] ()
Task: {754E30AC-2245-4122-8454-0ED8DAC75F98} - System32\Tasks\snp => C:\ProgramData\Zontone\dn3wklvi.exe [2015-08-11] ()
Task: {C7E6B18E-2F86-4E61-B3F5-04CE5B03321F} - System32\Tasks\snf => C:\ProgramData\Zontone\dn3wklvi.exe [2015-08-11] ()
Task: {E3E7BC91-0A6D-4936-9181-0536CA5B35FE} - System32\Tasks\VNFZWYG1 => C:\ProgramData\SecurityUtility\SecurityUtility.exe
Task: C:\WINDOWS\Tasks\VNFZWYG1.job => C:\ProgramData\SecurityUtility\SecurityUtility.exe
Speichere dieses bitte als Fixlist.txt in das Verzeichnis ab, in dem sich auch die FRST-Anwendung befindet.
  • Starte FRST und drücke auf den Entfernen-Button.
  • Das Tool erstellt eine "Fixlog.txt" -Datei.
  • Poste mir bitte deren Inhalt.


Schritt 2

ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schließe das Fenster von ESET.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset


ravioli 18.08.2015 00:00
Ok, hat alles etwas länger gedauert, aber hier jetzt die Fixlog.txt:

Code:
Entferungsergebnis von Farbar Recovery Scan Tool (x64) Version:14-08-2015 01
durchgeführt von CM (2015-08-16 18:32:42) Run:1
Gestartet von C:\Users\CM\Desktop
Geladene Profile: CM (Verfügbare Profile: CM)
Start-Modus: Normal
==============================================

fixlist Inhalt:
*****************
CloseProcesses:
HKLM-x32\...\Run: [LManager] => [X]
AppInit_DLLs: C:\ProgramData\Zontone\yjnsg3mq.dll => C:\ProgramData\Zontone\yjnsg3mq.dll [146944 2015-08-11] ()
AppInit_DLLs-x32: C:\ProgramData\Zontone\4spzqbdf.dll => C:\ProgramData\Zontone\4spzqbdf.dll [120320 2015-08-11] ()
C:\ProgramData\Zontone
SearchScopes: HKLM-x32 -> DefaultScope {ielnksrch} URL =
SearchScopes: HKLM-x32 -> ielnksrch URL =
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-2407381306-1223850301-1151369756-1001 -> DefaultScope {ielnksrch} URL = hxxp
SearchScopes: HKU\S-1-5-21-2407381306-1223850301-1151369756-1001 -> {ielnksrch} URL = hxxp://
FF DefaultSearchEngine: findit
R2 cohci1394; C:\Program Files\Controller\cohc.exe [376832 2015-07-27] () [Datei ist nicht signiert]
C:\Program Files\Controller
S2 Got; C:\ProgramData\Got\Got [X]
R2 Zontone; C:\ProgramData\Zontone\Zontone [X]
C:\Program Files\Common Files\a2d0ljkm.exe
C:\ProgramData\Got
C:\ProgramData\SecurityUtility
C:\Users\CM\AppData\Local\WindowsAgentfr
C:\Program Files\Common Files\fheekncx
Task: {3E844EFA-FB7D-4E97-A655-23F7B49A4D16} - System32\Tasks\uxdhnzsu => C:\Program Files\Common Files\fheekncx\510aewnbklrwj.exe [2015-08-11] ()
Task: {463BA461-0542-4292-9138-5061A4C73249} - System32\Tasks\Windows-Agent für die Installation 1.0.29 => C:\Users\CM\AppData\Local\WindowsAgentfr\windows-agent.exe [2015-07-29] ()
Task: {754E30AC-2245-4122-8454-0ED8DAC75F98} - System32\Tasks\snp => C:\ProgramData\Zontone\dn3wklvi.exe [2015-08-11] ()
Task: {C7E6B18E-2F86-4E61-B3F5-04CE5B03321F} - System32\Tasks\snf => C:\ProgramData\Zontone\dn3wklvi.exe [2015-08-11] ()
Task: {E3E7BC91-0A6D-4936-9181-0536CA5B35FE} - System32\Tasks\VNFZWYG1 => C:\ProgramData\SecurityUtility\SecurityUtility.exe
Task: C:\WINDOWS\Tasks\VNFZWYG1.job => C:\ProgramData\SecurityUtility\SecurityUtility.exe
*****************

Prozess erfolgreich geschlossen.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\LManager => Wert erfolgreich entfernt
"C:\ProgramData\Zontone\yjnsg3mq.dll" => Wert Daten erfolgreich entfernt.
"C:\ProgramData\Zontone\4spzqbdf.dll" => Wert Daten erfolgreich entfernt.
C:\ProgramData\Zontone => erfolgreich verschoben.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Wert erfolgreich wiederhergestellt
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\ielnksrch => Schlüssel nicht gefunden.
HKCR\Wow6432Node\CLSID\ielnksrch => Schlüssel nicht gefunden.
HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Wert erfolgreich entfernt
HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Wert erfolgreich entfernt
HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Wert erfolgreich entfernt
HKU\S-1-5-21-2407381306-1223850301-1151369756-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Wert erfolgreich entfernt
HKU\S-1-5-21-2407381306-1223850301-1151369756-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{ielnksrch} => Schlüssel nicht gefunden.
HKCR\CLSID\{ielnksrch} => Schlüssel nicht gefunden.
Firefox DefaultSearchEngine erfolgreich entfernt
cohci1394 => Dienst konnte nicht gestoppt werden.
cohci1394 => Dienst erfolgreich entfernt
C:\Program Files\Controller => erfolgreich verschoben.
Got => Dienst erfolgreich entfernt
Zontone => Dienst erfolgreich entfernt
C:\Program Files\Common Files\a2d0ljkm.exe => erfolgreich verschoben.
"C:\ProgramData\Got" => Datei/Ordner nicht gefunden.
"C:\ProgramData\SecurityUtility" => Datei/Ordner nicht gefunden.
C:\Users\CM\AppData\Local\WindowsAgentfr => erfolgreich verschoben.
C:\Program Files\Common Files\fheekncx => erfolgreich verschoben.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{3E844EFA-FB7D-4E97-A655-23F7B49A4D16}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3E844EFA-FB7D-4E97-A655-23F7B49A4D16}" => Schlüssel erfolgreich entfernt
C:\WINDOWS\System32\Tasks\uxdhnzsu => erfolgreich verschoben.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\uxdhnzsu" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{463BA461-0542-4292-9138-5061A4C73249}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{463BA461-0542-4292-9138-5061A4C73249}" => Schlüssel erfolgreich entfernt
C:\WINDOWS\System32\Tasks\Windows-Agent für die Installation 1.0.29 => erfolgreich verschoben.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Windows-Agent für die Installation 1.0.29" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{754E30AC-2245-4122-8454-0ED8DAC75F98}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{754E30AC-2245-4122-8454-0ED8DAC75F98}" => Schlüssel erfolgreich entfernt
C:\WINDOWS\System32\Tasks\snp nicht gefunden.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\snp => Schlüssel nicht gefunden.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{C7E6B18E-2F86-4E61-B3F5-04CE5B03321F}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C7E6B18E-2F86-4E61-B3F5-04CE5B03321F}" => Schlüssel erfolgreich entfernt
C:\WINDOWS\System32\Tasks\snf nicht gefunden.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\snf => Schlüssel nicht gefunden.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E3E7BC91-0A6D-4936-9181-0536CA5B35FE} => Schlüssel nicht gefunden.
C:\WINDOWS\System32\Tasks\VNFZWYG1 nicht gefunden.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\VNFZWYG1 => Schlüssel nicht gefunden.
C:\WINDOWS\Tasks\VNFZWYG1.job nicht gefunden.


Das System musste neu gestartet werden..

==== Ende von Fixlog 18:33:21 ====
und der ESET Log:

Code:
ESETSmartInstaller@High as downloader log:
Can not read file from internet.ESETSmartInstaller@High as downloader log:
Can not read file from internet.# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=7f55a1ca18566e48b11eaf90381b2151
# end=init
# utc_time=2015-08-16 04:54:02
# local_time=2015-08-16 06:54:02 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# osver=6.2.9200 NT
Update Init
Update Download
Update Finalize
Updated modules version: 25301
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=7f55a1ca18566e48b11eaf90381b2151
# end=updated
# utc_time=2015-08-16 05:29:19
# local_time=2015-08-16 07:29:19 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# osver=6.2.9200 NT
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7777
# api_version=3.1.1
# EOSSerial=7f55a1ca18566e48b11eaf90381b2151
# engine=25301
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2015-08-17 06:33:07
# local_time=2015-08-17 08:33:07 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1031
# osver=6.2.9200 NT
# compatibility_mode_1=''
# compatibility_mode=5893 16776574 100 94 420857 99299298 0 0
# scanned=200715
# found=42
# cleaned=0
# scan_time=47027
sh=CEF5BBDA50BC933224861F17A24364C4054A318D ft=1 fh=51c8a848b8bf1d80 vn="Variante von Win32/ELEX.BM evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\miuitab\BrowerWatchCH.dll.vir"
sh=8E24D16AA12FAFDB5BAC638C43A0067232373D01 ft=1 fh=f09c8201b23ce97b vn="Variante von Win32/ELEX.BM evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\miuitab\BrowerWatchFF.dll.vir"
sh=049FF7BE8454064134C48770372CF912319AEE78 ft=1 fh=c71c00113b3d00b3 vn="Win32/ELEX.EL evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\miuitab\BrowserAction.dll.vir"
sh=FC3A070F624083F3F9C6859D60C9FD4A3EA24B9F ft=1 fh=bb83e4d704f13eb8 vn="Variante von Win32/ELEX.CY evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\miuitab\CmdShell.exe.vir"
sh=F46F29207788875FA4FDB1C1F645E29EB55091A6 ft=0 fh=0000000000000000 vn="Win32/Toolbar.TNT2.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\miuitab\defsearchp@gmail.com!1.0.0.1039.xpi.vir"
sh=745C1A205A18FA3870920680029E1CF21EE50F4D ft=1 fh=13a78ab56a14c429 vn="Variante von Win32/ELEX.DK evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\miuitab\HPNotify.exe.vir"
sh=B9F4CE8B8ACD641CA4C4E753E8642D699315AB70 ft=1 fh=854369134149d38c vn="Win32/ELEX.BM evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\miuitab\IeWatchDog.dll.vir"
sh=A6D62B9383D04A2CA193F0E6C9AB8DB390397F73 ft=1 fh=b40f65c521660fe0 vn="Variante von Win32/ELEX.EE evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\miuitab\ProtectService.exe.vir"
sh=243DFE771C87B8B1BF3DAE81653C115EDD36A05B ft=1 fh=eefdf380943d47ba vn="Variante von Win32/Thinknice.B evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\miuitab\SupTab.dll.vir"
sh=C0230232CAC2993A7F67FA924CD81E8644C8FC97 ft=1 fh=77a23c46da678814 vn="MSIL/Toolbar.Linkury.Z evtl. unerwünschte Anwendung" ac=I fn="C:\FRST\Quarantine\C\Program Files\Common Files\a2d0ljkm.exe.xBAD"
sh=CA3A924D54EA739DB3D50742A214AFD9A7C17BD7 ft=1 fh=db771837bc9305b4 vn="Variante von MSIL/Amonetize.AA evtl. unerwünschte Anwendung" ac=I fn="C:\FRST\Quarantine\C\Program Files\Controller\cohc.exe"
sh=F0F650092B8AFE7CC7A8D93EBF1BE4AEA3DE1ED2 ft=1 fh=5a9397b84281972b vn="Variante von Win32/Toolbar.Linkury.U.gen evtl. unerwünschte Anwendung" ac=I fn="C:\FRST\Quarantine\C\ProgramData\Zontone\1cxl12ae.dll"
sh=949C0A7CEF7597521A725AE5BFDED07C22ECBB68 ft=1 fh=345702c91b20240b vn="Variante von Win32/Toolbar.Linkury.U.gen evtl. unerwünschte Anwendung" ac=I fn="C:\FRST\Quarantine\C\ProgramData\Zontone\1exrwhrc.dll"
sh=C2642E405303C1095E0BCAEB79D986CFAB7E4EB6 ft=1 fh=ce414e983e0c2fd9 vn="Variante von Win32/Toolbar.Linkury.T evtl. unerwünschte Anwendung" ac=I fn="C:\FRST\Quarantine\C\ProgramData\Zontone\4spzqbdf.dll"
sh=DA765F71DBE2CFC6CBF81519BC84608CDE1E1A80 ft=1 fh=e789ed601bc210ec vn="Variante von Win32/Toolbar.Linkury.T evtl. unerwünschte Anwendung" ac=I fn="C:\FRST\Quarantine\C\ProgramData\Zontone\bvfmbpgx.dll"
sh=841A59A22B9BB781F3405D36ED2984ADEBD6B762 ft=1 fh=139eb9138b168ab1 vn="Variante von Win64/Toolbar.Linkury.E evtl. unerwünschte Anwendung" ac=I fn="C:\FRST\Quarantine\C\ProgramData\Zontone\cynj3oab.dll"
sh=B150B37133D01F7EE40F5C83C08D86FEAF46C1EA ft=1 fh=fc7a5f8e36dffba2 vn="MSIL/Toolbar.Linkury.AA evtl. unerwünschte Anwendung" ac=I fn="C:\FRST\Quarantine\C\ProgramData\Zontone\dn3wklvi.exe"
sh=954B625A492DE194292EC04AF465A77116239C2E ft=1 fh=1970907e4e7f57fb vn="Variante von Win64/Toolbar.Linkury.E evtl. unerwünschte Anwendung" ac=I fn="C:\FRST\Quarantine\C\ProgramData\Zontone\h3egjrke.dll"
sh=49477D227019D68847F9D39E65E3C2BE0C042D43 ft=1 fh=31de7be2de27e263 vn="Variante von Win64/Toolbar.Linkury.E evtl. unerwünschte Anwendung" ac=I fn="C:\FRST\Quarantine\C\ProgramData\Zontone\irq031cx.dll"
sh=3FDC21CF32881728B54A687DAB7A77F08D739007 ft=1 fh=48ba171b84851741 vn="Variante von MSIL/Toolbar.Linkury.Y evtl. unerwünschte Anwendung" ac=I fn="C:\FRST\Quarantine\C\ProgramData\Zontone\mgqjyrid.exe"
sh=CF1320D7484BE217263406DA26723138AC6C220D ft=1 fh=d0090e109f1f3d9e vn="Variante von Win32/Toolbar.Linkury.U.gen evtl. unerwünschte Anwendung" ac=I fn="C:\FRST\Quarantine\C\ProgramData\Zontone\mtavk55i.dll"
sh=FDBFDE0E32C642464098BF7B4344845438EEE114 ft=1 fh=23c94cc653c3a885 vn="Variante von Win64/Toolbar.Linkury.E evtl. unerwünschte Anwendung" ac=I fn="C:\FRST\Quarantine\C\ProgramData\Zontone\yjnsg3mq.dll"
sh=CB80D3A46BC475EA825BA91CFCBDE89D34D9118F ft=1 fh=ed758e1e9a5a7af7 vn="Variante von MSIL/Toolbar.Linkury.Z evtl. unerwünschte Anwendung" ac=I fn="C:\FRST\Quarantine\C\ProgramData\Zontone\Zontone.exe"
sh=8386624A896E6DF760F80FAD36AE3AC89FB1432E ft=1 fh=bf155ea3dac9311a vn="Variante von MSIL/Agent.QOJ Trojaner" ac=I fn="C:\FRST\Quarantine\C\Users\CM\AppData\Local\WindowsAgentfr\windows-agent.exe"
sh=8386624A896E6DF760F80FAD36AE3AC89FB1432E ft=1 fh=bf155ea3dac9311a vn="Variante von MSIL/Agent.QOJ Trojaner" ac=I fn="C:\Users\CM\AppData\Local\McAfeeActivation\mcafee.exe"
sh=55926BB32C4CBE9F6ECFB64EB5497B36D7A32998 ft=0 fh=0000000000000000 vn="JS/InstallCore.A evtl. unerwünschte Anwendung" ac=I fn="C:\Users\CM\Downloads\FirefoxSetup.jse"
sh=C967410B7D8F21FC9BDF674C15742173663B67C2 ft=0 fh=0000000000000000 vn="JS/InstallCore.A evtl. unerwünschte Anwendung" ac=I fn="C:\Users\CM\Downloads\Firefox_38.0.1_einrichten (1).jse"
sh=9BD36350E120ED3BF6BE4D9DAE4A4507BF13263E ft=1 fh=4151fb171da4202e vn="Variante von Win32/Adware.AdInstaller.F Anwendung" ac=I fn="C:\Users\CM\Downloads\install-adobe-reader.exe"
sh=51C2D02E9D3B89C79A04C3561DF4EEDA001DE4C3 ft=1 fh=4ad1ed6289bad35d vn="Variante von Win32/Adware.AdInstaller.F Anwendung" ac=I fn="C:\Users\CM\Downloads\install-quicktime.exe"
sh=2484F51EBFF675925BCEC1C448E8DAC20CBDC100 ft=1 fh=6aae48ad11be6770 vn="Win32/Adware.AdInstaller.F Anwendung" ac=I fn="C:\Users\CM\Downloads\install-windows-movie-maker.exe"
sh=216ED8B5F8F91ED1525B57D5643FB44D6DD7260D ft=1 fh=c2cf38ee90e0be9b vn="Variante von Win32/ReImageRepair.E evtl. unerwünschte Anwendung" ac=I fn="C:\Users\CM\Downloads\ReimageRepair(1).exe"
sh=216ED8B5F8F91ED1525B57D5643FB44D6DD7260D ft=1 fh=c2cf38ee90e0be9b vn="Variante von Win32/ReImageRepair.E evtl. unerwünschte Anwendung" ac=I fn="C:\Users\CM\Downloads\ReimageRepair.exe"
sh=F5C58668B1DF1F3BC4E7630C5A59A0FF2E7818C7 ft=0 fh=0000000000000000 vn="JS/TrojanDropper.Agent.NAJ Trojaner" ac=I fn="C:\Users\CM\Downloads\Setup (1).jse"
sh=061D111F89B6940676C32A1709BF5340D6616E44 ft=0 fh=0000000000000000 vn="JS/TrojanDropper.Agent.NAJ Trojaner" ac=I fn="C:\Users\CM\Downloads\Setup (2).jse"
sh=7839320B97832DAF82C00393A78ADF5C8005EC8F ft=0 fh=0000000000000000 vn="JS/TrojanDropper.Agent.NAJ Trojaner" ac=I fn="C:\Users\CM\Downloads\Setup (3).jse"
sh=BEBA2948249F208CCE612DE681D31E02E92FC834 ft=0 fh=0000000000000000 vn="JS/InstallCore.A evtl. unerwünschte Anwendung" ac=I fn="C:\Users\CM\Downloads\setup.jse"
sh=C2B9CF54398D53F27AD3976FCAE608FCF61219A4 ft=1 fh=ec781a077de57ca2 vn="Win32/Solvusoft.A evtl. unerwünschte Anwendung" ac=I fn="C:\Users\CM\Downloads\Setup_FileViewPro_[Video_Bonus_Edition].exe"
sh=0524D5A31BF97524DB24866A741C42AA2975024D ft=1 fh=3ac3bf71b0932995 vn="Win32/Adware.AdInstaller.F Anwendung" ac=I fn="C:\Users\CM\Downloads\VLC-Media-Player_092.exe"
sh=10B66A4B673DF7442C9FFFA717A06BF694ED66E0 ft=1 fh=ee7f1574c4009b86 vn="Win32/Adware.AdInstaller.F Anwendung" ac=I fn="C:\Users\CM\Downloads\Windows-Movie-Maker-DL-Manager(1).exe"
sh=8A2118CE84A4F99F14CF763E54C5507F4A0D89CB ft=1 fh=739bebca7075aad4 vn="Win32/Adware.AdInstaller.F Anwendung" ac=I fn="C:\Users\CM\Downloads\Windows-Movie-Maker-DL-Manager(2).exe"
sh=C965223482911E55FBC3D6FF3A0CAB1FF29EA573 ft=1 fh=fa51d3509e24620f vn="Win32/Adware.AdInstaller.F Anwendung" ac=I fn="C:\Users\CM\Downloads\Windows-Movie-Maker-DL-Manager.exe"
sh=C31A76CBB9671C769DCD1643598BAF94BB7F7CB5 ft=1 fh=85eda412a243ac20 vn="Win32/DownloadGuide.E evtl. unerwünschte Anwendung" ac=I fn="C:\Users\CM\Downloads\windows-movie-maker-Download.exe"
merci merci :)

deeprybka 18.08.2015 18:49
Hi,

Schritt 1

http://filepony.de/icon/frst.pnghttp://deeprybka.trojaner-board.de/b...e/frst/sn4.PNG

Drücke bitte die http://deeprybka.trojaner-board.de/b...ne/revo/w7.png + R Taste und schreibe notepad in das Ausführen Fenster.
Klicke auf OK und kopiere nun den Text aus der Codebox in das leere Textdokument:
Code:
C:\Users\CM\AppData\Local\McAfeeActivation\
C:\Users\CM\Downloads\FirefoxSetup.jse
C:\Users\CM\Downloads\Firefox_38.0.1_einrichten (1).jse
C:\Users\CM\Downloads\install-adobe-reader.exe
C:\Users\CM\Downloads\install-quicktime.exe
C:\Users\CM\Downloads\install-windows-movie-maker.exe
C:\Users\CM\Downloads\ReimageRepair(1).exe
C:\Users\CM\Downloads\ReimageRepair.exe
C:\Users\CM\Downloads\Setup
C:\Users\CM\Downloads\Setup
C:\Users\CM\Downloads\Setup
C:\Users\CM\Downloads\setup.jse
C:\Users\CM\Downloads\Setup_FileViewPro_[Video_Bonus_Edition].exe
C:\Users\CM\Downloads\VLC-Media-Player_092.exe
C:\Users\CM\Downloads\Windows-Movie-Maker-DL-Manager(1).exe
C:\Users\CM\Downloads\Windows-Movie-Maker-DL-Manager(2).exe
C:\Users\CM\Downloads\Windows-Movie-Maker-DL-Manager.exe
C:\Users\CM\Downloads\windows-movie-maker-Download.exe
Speichere dieses bitte als Fixlist.txt in das Verzeichnis ab, in dem sich auch die FRST-Anwendung befindet.
  • Starte FRST und drücke auf den Entfernen-Button.
  • Das Tool erstellt eine "Fixlog.txt" -Datei.
  • Poste mir bitte deren Inhalt.

Schritt 2

http://filepony.de/icon/frst.pnghttp://deeprybka.trojaner-board.de/b...e/frst/sn1.PNG

Bitte starte FRST erneut, markiere auch die checkbox http://deeprybka.trojaner-board.de/b...t/addition.pngund drücke auf Untersuchen.
Bitte poste mir den Inhalt der beiden Logs die erstellt werden.

http://www.trojaner-board.de/extra/lesestoff.pngGibt es jetzt noch Probleme mit dem PC? Wenn ja, welche?

ravioli 19.08.2015 06:52
Hier die Fixlog.txt:

Code:
Entferungsergebnis von Farbar Recovery Scan Tool (x64) Version:17-08-2015
durchgeführt von CM (2015-08-18 23:41:36) Run:2
Gestartet von C:\Users\CM\Desktop
Geladene Profile: CM (Verfügbare Profile: CM)
Start-Modus: Normal
==============================================

fixlist Inhalt:
*****************
C:\Users\CM\AppData\Local\McAfeeActivation\
C:\Users\CM\Downloads\FirefoxSetup.jse
C:\Users\CM\Downloads\Firefox_38.0.1_einrichten (1).jse
C:\Users\CM\Downloads\install-adobe-reader.exe
C:\Users\CM\Downloads\install-quicktime.exe
C:\Users\CM\Downloads\install-windows-movie-maker.exe
C:\Users\CM\Downloads\ReimageRepair(1).exe
C:\Users\CM\Downloads\ReimageRepair.exe
C:\Users\CM\Downloads\Setup
C:\Users\CM\Downloads\Setup
C:\Users\CM\Downloads\Setup
C:\Users\CM\Downloads\setup.jse
C:\Users\CM\Downloads\Setup_FileViewPro_[Video_Bonus_Edition].exe
C:\Users\CM\Downloads\VLC-Media-Player_092.exe
C:\Users\CM\Downloads\Windows-Movie-Maker-DL-Manager(1).exe
C:\Users\CM\Downloads\Windows-Movie-Maker-DL-Manager(2).exe
C:\Users\CM\Downloads\Windows-Movie-Maker-DL-Manager.exe
C:\Users\CM\Downloads\windows-movie-maker-Download.exe
*****************

C:\Users\CM\AppData\Local\McAfeeActivation => erfolgreich verschoben.
C:\Users\CM\Downloads\FirefoxSetup.jse => erfolgreich verschoben.
C:\Users\CM\Downloads\Firefox_38.0.1_einrichten (1).jse => erfolgreich verschoben.
C:\Users\CM\Downloads\install-adobe-reader.exe => erfolgreich verschoben.
C:\Users\CM\Downloads\install-quicktime.exe => erfolgreich verschoben.
C:\Users\CM\Downloads\install-windows-movie-maker.exe => erfolgreich verschoben.
C:\Users\CM\Downloads\ReimageRepair(1).exe => erfolgreich verschoben.
C:\Users\CM\Downloads\ReimageRepair.exe => erfolgreich verschoben.
"C:\Users\CM\Downloads\Setup" => Datei/Ordner nicht gefunden.
"C:\Users\CM\Downloads\Setup" => Datei/Ordner nicht gefunden.
"C:\Users\CM\Downloads\Setup" => Datei/Ordner nicht gefunden.
C:\Users\CM\Downloads\setup.jse => erfolgreich verschoben.
C:\Users\CM\Downloads\Setup_FileViewPro_[Video_Bonus_Edition].exe => erfolgreich verschoben.
C:\Users\CM\Downloads\VLC-Media-Player_092.exe => erfolgreich verschoben.
C:\Users\CM\Downloads\Windows-Movie-Maker-DL-Manager(1).exe => erfolgreich verschoben.
C:\Users\CM\Downloads\Windows-Movie-Maker-DL-Manager(2).exe => erfolgreich verschoben.
C:\Users\CM\Downloads\Windows-Movie-Maker-DL-Manager.exe => erfolgreich verschoben.
C:\Users\CM\Downloads\windows-movie-maker-Download.exe => erfolgreich verschoben.

==== Ende von Fixlog 23:41:48 ====
Und die beiden FRST Logs:

Code:
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:17-08-2015
durchgeführt von CM (Administrator) auf CHRISTIAN (18-08-2015 23:43:45)
Gestartet von C:\Users\CM\Desktop
Geladene Profile: CM (Verfügbare Profile: CM)
Platform: Windows 8.1 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(ABBYY) C:\Program Files (x86)\Common Files\ABBYY\FineReader\10.00\Licensing\CE\NetworkLicenseServer.exe
(Qualcomm Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Acer Cloud\CCDMonitorService.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\dsiwmis.exe
(Diskeeper Corporation) C:\Program Files\Diskeeper Corporation\ExpressCache\ExpressCache.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Instant Service\Sleep Memory Optimizer\FFSService.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
(McAfee, Inc.) C:\Program Files (x86)\McAfee\SiteAdvisor\mcsacore.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\systemcore\mfemms.exe
(McAfee, Inc.) C:\Windows\System32\mfevtps.exe
(McAfee, Inc.) C:\Windows\System32\mfevtps.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\AMCore\mcshield.exe
(NTI Corporation) C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\systemcore\mfefire.exe
(Dritek System INC.) C:\Windows\RfBtnSvc64.exe
(Atheros) C:\Program Files (x86)\Qualcomm Atheros\Ath_WlanAgent.exe
(McAfee, Inc.) C:\Program Files\mcafee\msc\McAPExe.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\systemcore\mfefire.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMutilps32.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LManager.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel Corporation) C:\Windows\System32\igfxTray.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
() C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe
(NTI Corporation) C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.11.149\SSScheduler.exe
(Dolby Laboratories Inc.) C:\Dolby PCEE4\pcee4.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerTray.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerEvent.exe
(CyberLink) C:\Program Files (x86)\CyberLink\MediaEspresso\DeviceDetector\DeviceDetector.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Qualcomm Atheros) C:\Program Files (x86)\Bluetooth Suite\BtTray.exe
(Atheros Communications) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
() C:\Program Files\Acer\Acer Instant Service\InstantUpdate\iuEmailOutlookAgent.exe
() C:\Program Files\Acer\Acer Instant Service\InstantUpdate\iuBrowserIEAgent.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Theft Shield\USecuAppClient.exe
(Egis Technology Inc.) C:\Program Files\EgisTec IPS\PmmUpdate.exe
(Egis Technology Inc.) C:\Program Files\EgisTec IPS\EgisUpdate.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\Platform\McUICnt.exe


==================== Registry (Nicht auf der Ausnahmeliste) ===========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [2864528 2012-08-20] (ELAN Microelectronics Corp.)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12936848 2012-07-31] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1214608 2012-07-31] (Realtek Semiconductor)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
HKLM\...\Run: [HotKeysCmds] => C:\Windows\system32\hkcmd.exe
HKLM\...\Run: [Persistence] => C:\Windows\system32\igfxpers.exe
HKLM\...\Run: [BtPreLoad] => C:\Program Files (x86)\Bluetooth Suite\BtPreLoad.exe [64640 2012-08-10] ()
HKLM-x32\...\Run: [mcui_exe] => C:\Program Files\McAfee.com\Agent\mcagent.exe [641504 2015-07-21] (McAfee, Inc.)
HKLM-x32\...\Run: [Dolby Home Theater v4] => C:\Dolby PCEE4\pcee4.exe [508256 2012-04-23] (Dolby Laboratories Inc.)
HKLM-x32\...\Run: [Bonus.SSR.FR10] => C:\Program Files (x86)\ABBYY FineReader 10\Bonus.ScreenshotReader.exe [941320 2009-12-20] (ABBYY.)
HKLM\...\Policies\Explorer: [NoFolderOptions] 0
HKLM\...\Policies\Explorer: [NoControlPanel] 0
HKU\S-1-5-21-2407381306-1223850301-1151369756-1001\...\Run: [Spotify Web Helper] => C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe [1193176 2012-10-18] ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Acer Backup Manager Tray.lnk [2012-09-01]
ShortcutTarget: Acer Backup Manager Tray.lnk -> C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe (NTI Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk [2015-07-26]
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.11.149\SSScheduler.exe (McAfee, Inc.)

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt..)

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
BHO: CIESpeechBHO Class -> {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} -> C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll [2012-08-10] (Qualcomm Atheros Commnucations)
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll [2015-08-04] (McAfee, Inc.)
Handler-x32: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll [2015-08-04] (McAfee, Inc.)
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll [2015-08-04] (McAfee, Inc.)
Handler-x32: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll [2015-08-04] (McAfee, Inc.)
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\mcafee\msc\McSnIePl64.dll [2015-07-21] (McAfee, Inc.)
Filter-x32: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files (x86)\McAfee\msc\McSnIePl.dll [2015-07-21] (McAfee, Inc.)
Hosts: 0.0.0.1        mssplus.mcafee.com
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{B7849172-6A74-4C08-8B3E-2D246B3D9F41}: [DhcpNameServer] 192.168.178.1

FireFox:
========
FF ProfilePath: C:\Users\CM\AppData\Roaming\Mozilla\Firefox\Profiles\dl70p1bv.default
FF Homepage: web.de
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_18_0_0_232.dll [2015-08-13] ()
FF Plugin: @mcafee.com/MSC,version=10 -> c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL [2015-07-21] ()
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_232.dll [2015-08-13] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-06-06] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-06-06] (Intel Corporation)
FF Plugin-x32: @mcafee.com/MSC,version=10 -> c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL [2015-07-21] ()
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3508.0205 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2013-02-05] (Microsoft Corporation)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Extension: McAfee WebAdvisor - C:\Users\CM\AppData\Roaming\Mozilla\Firefox\Profiles\dl70p1bv.default\Extensions\{4ED1F68A-5463-4931-9384-8FFF5ED91D92}.xpi [2015-07-31]
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK
FF Extension: McAfee Anti-Spam Thunderbird Extension - C:\Program Files\McAfee\MSK [2012-09-01]

Chrome:
=======
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx [2015-08-06]
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx [2015-08-06]

==================== Dienste (Nicht auf der Ausnahmeliste) ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 ABBYY.Licensing.FineReader.Corporate.10.0; C:\Program Files (x86)\Common Files\ABBYY\FineReader\10.00\Licensing\CE\NetworkLicenseServer.exe [814344 2009-12-19] (ABBYY)
R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [211584 2012-08-10] (Qualcomm Atheros Commnucations) [Datei ist nicht signiert]
S3 BthHFSrv; C:\Windows\System32\BthHFSrv.dll [324608 2014-11-21] (Microsoft Corporation)
R2 CCDMonitorService; C:\Program Files (x86)\Acer\Acer Cloud\CCDMonitorService.exe [2435728 2012-08-23] (Acer Incorporated)
S3 DeviceFastLaneService; C:\Program Files\Acer\Acer Device Fast-lane\DeviceFastLaneSvc.exe [468624 2012-08-22] (Acer Incorporated)
R3 ePowerSvc; C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe [658576 2012-08-22] (Acer Incorporated)
R2 ExpressCache; C:\Program Files\Diskeeper Corporation\ExpressCache\ExpressCache.exe [79664 2012-03-30] (Diskeeper Corporation)
R2 FFSOpzSvc; C:\Program Files\Acer\Acer Instant Service\Sleep Memory Optimizer\FFSService.exe [161384 2012-03-12] (Acer Incorporated)
R2 HomeNetSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [368048 2015-07-21] (McAfee, Inc.)
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [319376 2014-10-01] (Intel Corporation)
S3 irstrtsv; C:\Windows\SysWOW64\irstrtsv.exe [193576 2012-07-20] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [166720 2012-06-25] (Intel Corporation)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2015-06-18] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1133880 2015-06-18] (Malwarebytes Corporation)
R2 McAfee SiteAdvisor Service; C:\Program Files (x86)\McAfee\SiteAdvisor\McSACore.exe [155368 2015-08-04] (McAfee, Inc.)
R2 McAPExe; C:\Program Files\McAfee\MSC\McAPExe.exe [782608 2015-07-21] (McAfee, Inc.)
S3 McAWFwk; C:\Program Files\mcafee\msc\McAWFwk.exe [332080 2012-01-26] (McAfee, Inc.)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.11.149\McCHSvc.exe [289256 2015-06-26] (McAfee, Inc.)
S4 mccspsvc; C:\Program Files\Common Files\McAfee\CSP\1.6.1008.0\McCSPServiceHost.exe [1694152 2015-07-23] (McAfee, Inc.)
R2 McMPFSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [368048 2015-07-21] (McAfee, Inc.)
R2 McNaiAnn; C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe [368048 2015-07-21] (McAfee, Inc.)
S3 McODS; C:\Program Files\mcafee\VirusScan\mcods.exe [639456 2015-07-17] (McAfee, Inc.)
S2 McOobeSv; C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe [200728 2012-05-11] (McAfee, Inc.)
R2 mcpltsvc; C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe [368048 2015-07-21] (McAfee, Inc.)
R2 McProxy; C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe [368048 2015-07-21] (McAfee, Inc.)
R3 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [232656 2015-06-29] (McAfee, Inc.)
R2 mfemms; C:\Program Files\Common Files\McAfee\SystemCore\\mfemms.exe [373704 2015-07-06] (McAfee, Inc.)
R2 mfevtp; C:\windows\system32\mfevtps.exe [254792 2015-06-29] (McAfee, Inc.)
R2 MSK80Service; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [368048 2015-07-21] (McAfee, Inc.)
R2 NTI IScheduleSvc; C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe [259136 2012-08-23] (NTI Corporation)
R2 RfButtonDriverService; C:\Windows\RfBtnSvc64.exe [93296 2012-10-18] (Dritek System INC.)
S3 USecuAppSvc; c:\Program Files\Acer\Acer Theft Shield\USecuAppSvc.exe [344720 2012-08-22] (Acer Incorporated)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366552 2015-07-07] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2015-07-07] (Microsoft Corporation)
R2 ZAtheros Wlan Agent; C:\Program Files (x86)\Qualcomm Atheros\Ath_WlanAgent.exe [81536 2012-08-01] (Atheros) [Datei ist nicht signiert]

===================== Treiber (Nicht auf der Ausnahmeliste) ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [76952 2012-08-10] (Qualcomm Atheros)
R3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [226304 2014-11-21] (Microsoft Corporation)
R3 cfwids; C:\Windows\System32\drivers\cfwids.sys [77536 2015-07-02] (McAfee, Inc.)
S3 dot4; C:\Windows\system32\DRIVERS\Dot4.sys [151968 2012-10-19] (Windows (R) Win 7 DDK provider)
S3 Dot4Print; C:\Windows\System32\drivers\Dot4Prt.sys [21928 2015-03-23] (Windows (R) Win 7 DDK provider)
R1 excfs; C:\Windows\System32\DRIVERS\excfs.sys [23344 2012-03-30] (Diskeeper Corporation)
R0 excsd; C:\Windows\System32\DRIVERS\excsd.sys [95024 2012-03-30] (Diskeeper Corporation)
S3 HipShieldK; C:\Windows\System32\drivers\HipShieldK.sys [207208 2015-05-19] (McAfee, Inc.)
R3 irstrtdv; C:\Windows\System32\drivers\irstrtdv.sys [43800 2012-07-21] (Intel Corporation)
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25816 2015-06-18] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [113880 2015-08-18] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [64216 2015-06-18] (Malwarebytes Corporation)
R3 mfeaack; C:\Windows\System32\drivers\mfeaack.sys [412440 2015-07-02] (McAfee, Inc.)
R3 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [347800 2015-07-02] (McAfee, Inc.)
S0 mfeelamk; C:\Windows\System32\drivers\mfeelamk.sys [80920 2015-07-02] (McAfee, Inc.)
R3 mfefirek; C:\Windows\System32\drivers\mfefirek.sys [496888 2015-07-02] (McAfee, Inc.)
R0 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [875928 2015-07-02] (McAfee, Inc.)
R3 mfencbdc; C:\Windows\System32\DRIVERS\mfencbdc.sys [529080 2015-06-28] (McAfee, Inc.)
S3 mfencrk; C:\Windows\System32\DRIVERS\mfencrk.sys [109728 2015-06-28] (McAfee, Inc.)
R3 mfesapsn; C:\Program Files (x86)\McAfee\SiteAdvisor\x64\mfesapsn.sys [37960 2015-08-04] (McAfee, Inc.)
R0 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [344704 2015-07-02] (McAfee, Inc.)
R3 Ps2Kb2Hid; C:\Windows\System32\drivers\aPs2Kb2Hid.sys [26736 2012-10-18] (Dritek System Inc.)

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2015-08-18 23:41 - 2015-08-18 23:41 - 00000000 ____D C:\Users\CM\Desktop\FRST-OlderVersion
2015-08-18 21:32 - 2015-08-18 21:32 - 00000000 ___SH C:\DkHyperbootSync
2015-08-18 00:54 - 2015-08-18 00:54 - 00009300 _____ C:\Users\CM\Desktop\eset_funde.txt
2015-08-16 18:31 - 2015-08-16 18:31 - 00000853 _____ C:\Users\CM\Desktop\Fixlog.txt - Verknüpfung.lnk
2015-08-16 18:30 - 2015-08-16 18:30 - 02870984 _____ (ESET) C:\Users\CM\Downloads\esetsmartinstaller_deu.exe
2015-08-16 09:36 - 2015-08-16 09:36 - 00000000 ____D C:\ProgramData\Zontones
2015-08-16 00:38 - 2015-08-16 00:38 - 00001190 _____ C:\Users\CM\Desktop\malwarebytes.txt
2015-08-15 20:11 - 2015-08-15 20:11 - 00001403 _____ C:\AdwCleaner[C2].txt
2015-08-15 20:02 - 2015-08-15 20:04 - 00001133 _____ C:\AdwCleaner[S2].txt
2015-08-15 20:01 - 2015-08-15 20:01 - 01563648 _____ C:\Users\CM\Desktop\AdwCleaner_5.000.exe
2015-08-15 20:00 - 2015-08-15 20:01 - 01563648 _____ C:\Users\CM\Downloads\AdwCleaner_5.000.exe
2015-08-15 15:54 - 2015-08-15 15:55 - 00037125 _____ C:\Users\CM\Desktop\Addition.txt
2015-08-15 15:54 - 2015-08-15 15:53 - 00380416 _____ C:\Users\CM\Desktop\Gmer-19357.exe
2015-08-15 15:53 - 2015-08-15 15:53 - 00380416 _____ C:\Users\CM\Downloads\Gmer-19357.exe
2015-08-15 15:51 - 2015-08-18 23:43 - 00018148 _____ C:\Users\CM\Desktop\FRST.txt
2015-08-15 15:46 - 2015-08-18 23:44 - 00000000 ____D C:\FRST
2015-08-15 15:44 - 2015-08-18 23:41 - 02173440 _____ (Farbar) C:\Users\CM\Desktop\FRST64.exe
2015-08-15 15:44 - 2015-08-15 15:44 - 00000466 _____ C:\Users\CM\Downloads\defogger_disable.log
2015-08-15 15:44 - 2015-08-15 15:44 - 00000000 _____ C:\Users\CM\defogger_reenable
2015-08-15 15:33 - 2015-08-15 15:33 - 00050477 _____ C:\Users\CM\Downloads\Defogger.exe
2015-08-14 10:53 - 2015-08-14 11:06 - 00000000 ____D C:\Users\CM\Documents\Bluetooth Folder
2015-08-14 06:54 - 2015-08-16 00:38 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ReviverSoft
2015-08-14 06:53 - 2015-08-14 06:53 - 04797752 _____ (ReviverSoft LLC) C:\Users\CM\Downloads\DriverReviverSetup_ppc.exe
2015-08-14 06:53 - 2015-08-14 06:53 - 00000000 ____D C:\ProgramData\ReviverSoft
2015-08-13 08:55 - 2015-08-13 08:55 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Security Scan Plus
2015-08-13 08:55 - 2015-08-13 08:55 - 00000000 ____D C:\Program Files\McAfee Security Scan
2015-08-12 11:27 - 2015-07-30 16:04 - 00124624 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2015-08-12 11:27 - 2015-07-30 15:48 - 00103120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2015-08-12 11:10 - 2015-08-12 11:10 - 00000000 ____D C:\WINDOWS\PCHEALTH
2015-08-11 23:02 - 2015-07-19 03:58 - 00136904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2015-08-11 23:02 - 2015-07-18 20:51 - 03704320 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2015-08-11 23:02 - 2015-07-18 20:31 - 00140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuwebv.dll
2015-08-11 23:02 - 2015-07-18 20:31 - 00095744 _____ (Microsoft Corporation) C:\WINDOWS\system32\wudriver.dll
2015-08-11 23:02 - 2015-07-18 20:31 - 00035840 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapp.exe
2015-08-11 23:02 - 2015-07-18 20:29 - 00409088 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUSettingsProvider.dll
2015-08-11 23:02 - 2015-07-18 20:29 - 00124928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuwebv.dll
2015-08-11 23:02 - 2015-07-18 20:29 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapp.exe
2015-08-11 23:02 - 2015-07-18 20:28 - 00081920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wudriver.dll
2015-08-11 23:02 - 2015-07-18 20:12 - 02228736 _____ (Microsoft Corporation) C:\WINDOWS\system32\wucltux.dll
2015-08-11 23:02 - 2015-07-18 20:10 - 00891904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2015-08-11 23:02 - 2015-07-18 20:09 - 00721920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2015-08-11 23:01 - 2015-07-16 23:14 - 25192448 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2015-08-11 23:01 - 2015-07-16 22:36 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2015-08-11 23:01 - 2015-07-16 22:36 - 00417792 _____ (Microsoft Corporation) C:\WINDOWS\system32\html.iec
2015-08-11 23:01 - 2015-07-16 22:35 - 02885632 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2015-08-11 23:01 - 2015-07-16 22:26 - 05923328 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2015-08-11 23:01 - 2015-07-16 22:23 - 00615936 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieui.dll
2015-08-11 23:01 - 2015-07-16 22:21 - 00816640 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2015-08-11 23:01 - 2015-07-16 22:20 - 19870208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2015-08-11 23:01 - 2015-07-16 21:53 - 00145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll
2015-08-11 23:01 - 2015-07-16 21:51 - 00504320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2015-08-11 23:01 - 2015-07-16 21:50 - 00341504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\html.iec
2015-08-11 23:01 - 2015-07-16 21:45 - 02279424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2015-08-11 23:01 - 2015-07-16 21:45 - 01032704 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll
2015-08-11 23:01 - 2015-07-16 21:41 - 00479232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieui.dll
2015-08-11 23:01 - 2015-07-16 21:39 - 00664064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2015-08-11 23:01 - 2015-07-16 21:38 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll
2015-08-11 23:01 - 2015-07-16 21:36 - 00801280 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2015-08-11 23:01 - 2015-07-16 21:34 - 14451200 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2015-08-11 23:01 - 2015-07-16 21:32 - 02125824 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2015-08-11 23:01 - 2015-07-16 21:14 - 02880000 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2015-08-11 23:01 - 2015-07-16 21:13 - 00880128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll
2015-08-11 23:01 - 2015-07-16 21:12 - 04520448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2015-08-11 23:01 - 2015-07-16 21:12 - 02427904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2015-08-11 23:01 - 2015-07-16 21:10 - 12856832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2015-08-11 23:01 - 2015-07-16 21:06 - 00689152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2015-08-11 23:01 - 2015-07-16 21:01 - 01545728 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2015-08-11 23:01 - 2015-07-16 20:52 - 01048576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll
2015-08-11 23:01 - 2015-07-16 20:49 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2015-08-11 23:01 - 2015-07-16 20:42 - 01951232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2015-08-11 23:01 - 2015-07-16 20:38 - 01310720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2015-08-11 23:01 - 2015-07-16 20:37 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2015-08-11 23:01 - 2015-06-09 20:27 - 00411133 _____ C:\WINDOWS\system32\ApnDatabase.xml
2015-08-11 22:58 - 2015-07-29 01:24 - 00025776 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2015-08-11 22:58 - 2015-07-28 16:24 - 01148416 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2015-08-11 22:58 - 2015-07-28 16:24 - 01116160 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2015-08-11 22:58 - 2015-07-28 16:24 - 00774144 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2015-08-11 22:58 - 2015-07-28 16:24 - 00743424 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2015-08-11 22:58 - 2015-07-28 16:24 - 00437248 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2015-08-11 22:58 - 2015-07-28 16:24 - 00069120 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2015-08-11 22:58 - 2015-07-16 02:29 - 07458648 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2015-08-11 22:58 - 2015-07-16 02:29 - 01735000 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2015-08-11 22:58 - 2015-07-16 02:29 - 00101720 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mountmgr.sys
2015-08-11 22:58 - 2015-07-16 02:28 - 01499920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2015-08-11 22:58 - 2015-07-14 23:59 - 01113944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2015-08-11 22:58 - 2015-07-14 23:59 - 00487256 _____ (Microsoft Corporation) C:\WINDOWS\system32\netcfgx.dll
2015-08-11 22:58 - 2015-07-14 23:59 - 00393560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netcfgx.dll
2015-08-11 22:58 - 2015-07-14 05:22 - 02529880 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2015-08-11 22:58 - 2015-07-14 05:21 - 01901776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2015-08-11 22:58 - 2015-07-13 21:46 - 00059392 _____ (Microsoft Corporation) C:\WINDOWS\system32\csrsrv.dll
2015-08-11 22:58 - 2015-07-13 21:45 - 00059392 _____ (Microsoft Corporation) C:\WINDOWS\system32\basesrv.dll
2015-08-11 22:58 - 2015-07-10 20:19 - 01101824 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdvidcrl.dll
2015-08-11 22:58 - 2015-07-10 19:54 - 01217024 _____ (Microsoft Corporation) C:\WINDOWS\system32\sysmain.dll
2015-08-11 22:58 - 2015-07-10 19:42 - 02345472 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2015-08-11 22:58 - 2015-07-10 19:14 - 00856064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdvidcrl.dll
2015-08-11 22:58 - 2015-07-10 19:13 - 07032320 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2015-08-11 22:58 - 2015-07-10 18:47 - 01556992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll
2015-08-11 22:58 - 2015-07-10 18:31 - 06213120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2015-08-11 22:58 - 2015-07-09 19:13 - 00221184 _____ (Microsoft Corporation) C:\WINDOWS\system32\notepad.exe
2015-08-11 22:58 - 2015-07-09 19:13 - 00221184 _____ (Microsoft Corporation) C:\WINDOWS\notepad.exe
2015-08-11 22:58 - 2015-07-09 18:30 - 00212992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\notepad.exe
2015-08-11 22:58 - 2015-07-07 11:40 - 00270168 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdFilter.sys
2015-08-11 22:58 - 2015-07-07 11:40 - 00114520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdNisDrv.sys
2015-08-11 22:58 - 2015-07-07 11:40 - 00044560 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdBoot.sys
2015-08-11 22:58 - 2015-07-02 00:19 - 00228864 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebClnt.dll
2015-08-11 22:58 - 2015-07-02 00:16 - 00104448 _____ (Microsoft Corporation) C:\WINDOWS\system32\davclnt.dll
2015-08-11 22:58 - 2015-07-01 23:37 - 00198656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WebClnt.dll
2015-08-11 22:58 - 2015-07-01 23:35 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\davclnt.dll
2015-08-11 22:58 - 2015-06-12 19:03 - 18823680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2015-08-11 22:58 - 2015-06-12 18:36 - 15159296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2015-08-11 22:58 - 2015-06-11 22:12 - 02476376 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2015-08-11 22:58 - 2015-06-11 22:12 - 00428888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS
2015-08-11 22:58 - 2015-05-12 02:24 - 00536920 _____ (Microsoft Corporation) C:\WINDOWS\system32\mcupdate_GenuineIntel.dll
2015-08-11 22:57 - 2015-07-29 16:37 - 01994752 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll
2015-08-11 22:57 - 2015-07-29 16:30 - 01381888 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll
2015-08-11 22:57 - 2015-07-29 16:23 - 01559552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWrite.dll
2015-08-11 22:57 - 2015-07-24 20:57 - 04177408 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2015-08-11 22:57 - 2015-07-24 20:57 - 00358912 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2015-08-11 22:57 - 2015-07-24 20:52 - 00044032 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2015-08-11 22:57 - 2015-07-24 19:27 - 00301568 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll
2015-08-11 22:57 - 2015-07-24 19:23 - 00035840 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2015-08-11 09:42 - 2015-08-11 09:42 - 00000458 _____ C:\Users\CM\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\DVD-RW-Laufwerk (E) ABBYY FINEREADER.lnk
2015-08-11 09:32 - 2015-08-11 09:32 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ABBYY FineReader 10
2015-08-11 09:31 - 2015-08-11 09:40 - 00000000 ____D C:\Program Files (x86)\ABBYY FineReader 10
2015-08-10 21:24 - 2015-08-10 21:24 - 00000000 ____D C:\Users\CM\AppData\Local\GWX
2015-08-10 19:44 - 2015-08-18 23:34 - 00113880 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2015-08-10 19:44 - 2015-08-10 19:44 - 00001082 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2015-08-10 19:44 - 2015-08-10 19:44 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-08-10 19:44 - 2015-08-10 19:44 - 00000000 ____D C:\ProgramData\Malwarebytes
2015-08-10 19:44 - 2015-08-10 19:44 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-08-10 19:44 - 2015-06-18 08:42 - 00064216 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys
2015-08-10 19:44 - 2015-06-18 08:41 - 00109272 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2015-08-10 19:44 - 2015-06-18 08:41 - 00025816 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys
2015-08-10 19:32 - 2015-08-15 20:11 - 00000000 ____D C:\AdwCleaner
2015-08-10 19:31 - 2015-08-10 19:32 - 24345872 _____ (Malwarebytes Corporation ) C:\Users\CM\Downloads\mbam-setup-2.1.8.1057.exe
2015-08-10 19:28 - 2015-08-10 19:28 - 02248704 _____ C:\Users\CM\Downloads\adwcleaner_4.208.exe
2015-08-10 19:04 - 2015-08-12 11:10 - 00000000 ____D C:\WINDOWS\system32\appraiser
2015-08-10 18:51 - 2015-08-10 18:51 - 00003174 _____ C:\WINDOWS\System32\Tasks\{9E330F1F-59C2-4E91-BCB5-6CB5C80C79A1}
2015-08-10 14:06 - 2015-08-10 14:06 - 00064326 _____ C:\Users\CM\Downloads\Reiseplan_ELLEN_GRAEBENER_YKJ2IJ(1)
2015-08-10 14:04 - 2015-08-10 14:08 - 00064326 _____ C:\Users\CM\Downloads\Reiseplan_ELLEN_GRAEBENER_YKJ2IJ
2015-08-06 17:56 - 2015-08-06 17:56 - 00015973 _____ C:\WINDOWS\system32\ScanResults.xml
2015-08-06 17:50 - 2015-08-06 17:50 - 00000464 _____ C:\WINDOWS\system32\ScannerSettings
2015-08-05 20:21 - 2015-05-25 15:23 - 00036864 _____ (Microsoft Corporation) C:\WINDOWS\system32\UtcResources.dll
2015-08-05 20:21 - 2015-05-25 15:07 - 01430528 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2015-08-05 20:18 - 2014-06-10 00:13 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TsWpfWrp.exe
2015-08-05 20:18 - 2014-06-10 00:13 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe
2015-08-05 20:16 - 2014-07-24 05:20 - 00875688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcr120_clr0400.dll
2015-08-05 20:16 - 2014-07-24 05:20 - 00869544 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvcr120_clr0400.dll
2015-08-05 20:14 - 2015-06-27 01:21 - 00227328 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepdu.dll
2015-08-05 20:14 - 2015-05-21 15:08 - 00193536 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2015-08-05 20:14 - 2015-01-19 20:42 - 01487976 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2015-08-05 20:11 - 2015-05-12 15:19 - 00294912 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemEventsBrokerServer.dll
2015-08-05 14:13 - 2015-08-05 15:48 - 00000000 ____D C:\Users\CM\AppData\Roaming\Spotify
2015-08-05 14:13 - 2015-08-05 14:13 - 00000000 ____D C:\Users\CM\AppData\Local\Spotify
2015-08-05 05:30 - 2015-08-05 05:30 - 00000000 ____D C:\Users\CM\AppData\Local\BMExplorer
2015-08-05 05:28 - 2015-08-05 05:28 - 00000144 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2015-08-04 13:15 - 2015-08-14 11:19 - 00000000 ____D C:\Users\CM\AppData\Local\Deployment
2015-08-04 12:44 - 2015-08-16 18:35 - 00000000 ___DO C:\Users\CM\OneDrive (2)
2015-08-04 12:43 - 2015-08-04 12:43 - 00002259 _____ C:\WINDOWS\epplauncher.mif
2015-08-04 12:40 - 2015-08-04 12:41 - 14262464 _____ (Microsoft Corporation) C:\Users\CM\Downloads\mseinstall.exe
2015-08-04 12:40 - 2015-08-04 12:41 - 14262464 _____ (Microsoft Corporation) C:\Users\CM\Downloads\mseinstall(1).exe
2015-08-04 12:34 - 2015-08-04 12:34 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_LocationProvider_01_11_00.Wdf
2015-08-04 11:23 - 2015-08-04 11:23 - 00000451 _____ C:\WINDOWS\system32\{F33C3B9B-72AF-418A-B3FD-560646F7CDA2}.bat
2015-08-04 11:23 - 2015-08-04 11:23 - 00000020 ___SH C:\Users\CM\ntuser.ini
2015-08-04 01:11 - 2015-08-13 14:50 - 00000000 ___DC C:\WINDOWS\Panther
2015-08-04 01:07 - 2015-08-04 01:07 - 04837376 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncEngine.dll
2015-08-04 01:07 - 2015-08-04 01:07 - 02819584 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers.dll
2015-08-04 01:07 - 2015-08-04 01:07 - 01574400 _____ (Microsoft Corporation) C:\WINDOWS\system32\vssapi.dll
2015-08-04 01:07 - 2015-08-04 01:07 - 01454080 _____ (Microsoft Corporation) C:\WINDOWS\system32\VSSVC.exe
2015-08-04 01:07 - 2015-08-04 01:07 - 01154048 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDrive.exe
2015-08-04 01:07 - 2015-08-04 01:07 - 01142272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vssapi.dll
2015-08-04 01:07 - 2015-08-04 01:07 - 01084416 _____ (Microsoft Corporation) C:\WINDOWS\system32\IKEEXT.DLL
2015-08-04 01:07 - 2015-08-04 01:07 - 01027584 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2015-08-04 01:07 - 2015-08-04 01:07 - 00962216 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll
2015-08-04 01:07 - 2015-08-04 01:07 - 00952896 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2015-08-04 01:07 - 2015-08-04 01:07 - 00885760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2015-08-04 01:07 - 2015-08-04 01:07 - 00845312 _____ (Microsoft Corporation) C:\WINDOWS\system32\BFE.DLL
2015-08-04 01:07 - 2015-08-04 01:07 - 00827392 _____ (Microsoft Corporation) C:\WINDOWS\system32\spoolsv.exe
2015-08-04 01:07 - 2015-08-04 01:07 - 00801584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll
2015-08-04 01:07 - 2015-08-04 01:07 - 00786120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2015-08-04 01:07 - 2015-08-04 01:07 - 00733696 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDriveTelemetry.dll
2015-08-04 01:07 - 2015-08-04 01:07 - 00713216 _____ (Microsoft Corporation) C:\WINDOWS\system32\nshwfp.dll
2015-08-04 01:07 - 2015-08-04 01:07 - 00702464 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasapi32.dll
2015-08-04 01:07 - 2015-08-04 01:07 - 00658432 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSDApi.dll
2015-08-04 01:07 - 2015-08-04 01:07 - 00657920 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsapi.dll
2015-08-04 01:07 - 2015-08-04 01:07 - 00624640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasapi32.dll
2015-08-04 01:07 - 2015-08-04 01:07 - 00561664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\nshwfp.dll
2015-08-04 01:07 - 2015-08-04 01:07 - 00558080 _____ (Microsoft Corporation) C:\WINDOWS\system32\untfs.dll
2015-08-04 01:07 - 2015-08-04 01:07 - 00555520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSDApi.dll
2015-08-04 01:07 - 2015-08-04 01:07 - 00551232 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vhdmp.sys
2015-08-04 01:07 - 2015-08-04 01:07 - 00514048 _____ (Microsoft Corporation) C:\WINDOWS\system32\DevicePairing.dll
2015-08-04 01:07 - 2015-08-04 01:07 - 00507392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\untfs.dll
2015-08-04 01:07 - 2015-08-04 01:07 - 00498688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dnsapi.dll
2015-08-04 01:07 - 2015-08-04 01:07 - 00473408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netio.sys
2015-08-04 01:07 - 2015-08-04 01:07 - 00465408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DevicePairing.dll
2015-08-04 01:07 - 2015-08-04 01:07 - 00422400 _____ (Microsoft Corporation) C:\WINDOWS\system32\FWPUCLNT.DLL
2015-08-04 01:07 - 2015-08-04 01:07 - 00420864 _____ (Microsoft Corporation) C:\WINDOWS\system32\vpnike.dll
2015-08-04 01:07 - 2015-08-04 01:07 - 00332800 _____ (Microsoft Corporation) C:\WINDOWS\system32\fhcpl.dll
2015-08-04 01:07 - 2015-08-04 01:07 - 00309760 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSDMon.dll
2015-08-04 01:07 - 2015-08-04 01:07 - 00272384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FWPUCLNT.DLL
2015-08-04 01:07 - 2015-08-04 01:07 - 00252416 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsrslvr.dll
2015-08-04 01:07 - 2015-08-04 01:07 - 00242176 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinSCard.dll
2015-08-04 01:07 - 2015-08-04 01:07 - 00211968 _____ (Microsoft Corporation) C:\WINDOWS\system32\QSHVHOST.DLL
2015-08-04 01:07 - 2015-08-04 01:07 - 00182784 _____ (Microsoft Corporation) C:\WINDOWS\system32\rascfg.dll
2015-08-04 01:07 - 2015-08-04 01:07 - 00169984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinSCard.dll
2015-08-04 01:07 - 2015-08-04 01:07 - 00166912 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll
2015-08-04 01:07 - 2015-08-04 01:07 - 00162304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rascfg.dll
2015-08-04 01:07 - 2015-08-04 01:07 - 00155648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\QSHVHOST.DLL
2015-08-04 01:07 - 2015-08-04 01:07 - 00143360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxAllUserStore.dll
2015-08-04 01:07 - 2015-08-04 01:07 - 00136512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wfplwfs.sys
2015-08-04 01:07 - 2015-08-04 01:07 - 00128512 _____ (Microsoft Corporation) C:\WINDOWS\splwow64.exe
2015-08-04 01:07 - 2015-08-04 01:07 - 00128000 _____ (Microsoft Corporation) C:\WINDOWS\system32\QSVRMGMT.DLL
2015-08-04 01:07 - 2015-08-04 01:07 - 00112640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rasl2tp.sys
2015-08-04 01:07 - 2015-08-04 01:07 - 00096768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\agilevpn.sys
2015-08-04 01:07 - 2015-08-04 01:07 - 00094208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\QSVRMGMT.DLL
2015-08-04 01:07 - 2015-08-04 01:07 - 00086336 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pdc.sys
2015-08-04 01:07 - 2015-08-04 01:07 - 00080896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wanarp.sys
2015-08-04 01:07 - 2015-08-04 01:07 - 00077824 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasdiag.dll
2015-08-04 01:07 - 2015-08-04 01:07 - 00074752 _____ (Microsoft Corporation) C:\WINDOWS\system32\vsstrace.dll
2015-08-04 01:07 - 2015-08-04 01:07 - 00072192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndproxy.sys
2015-08-04 01:07 - 2015-08-04 01:07 - 00061440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasdiag.dll
2015-08-04 01:07 - 2015-08-04 01:07 - 00058176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dam.sys
2015-08-04 01:07 - 2015-08-04 01:07 - 00055296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vsstrace.dll
2015-08-04 01:07 - 2015-08-04 01:07 - 00048128 _____ (Microsoft Corporation) C:\WINDOWS\system32\kmddsp.tsp
2015-08-04 01:07 - 2015-08-04 01:07 - 00043008 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasmxs.dll
2015-08-04 01:07 - 2015-08-04 01:07 - 00039744 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\intelpep.sys
2015-08-04 01:07 - 2015-08-04 01:07 - 00039424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kmddsp.tsp
2015-08-04 01:07 - 2015-08-04 01:07 - 00033280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasmxs.dll
2015-08-04 01:07 - 2015-08-04 01:07 - 00030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasser.dll
2015-08-04 01:07 - 2015-08-04 01:07 - 00024576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndistapi.sys
2015-08-04 01:07 - 2015-08-04 01:07 - 00022528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasser.dll
2015-08-04 01:07 - 2015-08-04 01:07 - 00016896 _____ (Microsoft Corporation) C:\WINDOWS\system32\eventcls.dll
2015-08-04 01:07 - 2015-08-04 01:07 - 00015360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eventcls.dll
2015-08-04 01:05 - 2015-08-18 23:44 - 01443952 _____ C:\WINDOWS\WindowsUpdate.log
2015-08-04 01:05 - 2015-08-04 01:05 - 04417536 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbgeng.dll
2015-08-04 01:05 - 2015-08-04 01:05 - 02985984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbgeng.dll
2015-08-04 01:05 - 2015-08-04 01:05 - 01491456 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbghelp.dll
2015-08-04 01:05 - 2015-08-04 01:05 - 01207296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbghelp.dll
2015-08-04 01:05 - 2015-08-04 01:05 - 00000000 _SHDL C:\Users\Default\Vorlagen
2015-08-04 01:05 - 2015-08-04 01:05 - 00000000 _SHDL C:\Users\Default\Startmenü
2015-08-04 01:05 - 2015-08-04 01:05 - 00000000 _SHDL C:\Users\Default\Netzwerkumgebung
2015-08-04 01:05 - 2015-08-04 01:05 - 00000000 _SHDL C:\Users\Default\Lokale Einstellungen
2015-08-04 01:05 - 2015-08-04 01:05 - 00000000 _SHDL C:\Users\Default\Eigene Dateien
2015-08-04 01:05 - 2015-08-04 01:05 - 00000000 _SHDL C:\Users\Default\Druckumgebung
2015-08-04 01:05 - 2015-08-04 01:05 - 00000000 _SHDL C:\Users\Default\Documents\Eigene Musik
2015-08-04 01:05 - 2015-08-04 01:05 - 00000000 _SHDL C:\Users\Default\Documents\Eigene Bilder
2015-08-04 01:05 - 2015-08-04 01:05 - 00000000 _SHDL C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2015-08-04 01:05 - 2015-08-04 01:05 - 00000000 _SHDL C:\Users\Default\AppData\Local\Verlauf
2015-08-04 01:05 - 2015-08-04 01:05 - 00000000 _SHDL C:\Users\Default\AppData\Local\Anwendungsdaten
2015-08-04 01:05 - 2015-08-04 01:05 - 00000000 _SHDL C:\Users\Default\Anwendungsdaten
2015-08-04 01:05 - 2015-08-04 01:05 - 00000000 _SHDL C:\Users\Default User\Documents\Eigene Musik
2015-08-04 01:05 - 2015-08-04 01:05 - 00000000 _SHDL C:\Users\Default User\Documents\Eigene Bilder
2015-08-04 01:05 - 2015-08-04 01:05 - 00000000 _SHDL C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2015-08-04 01:05 - 2015-08-04 01:05 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Verlauf
2015-08-04 01:05 - 2015-08-04 01:05 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Anwendungsdaten
2015-08-04 01:04 - 2015-08-04 01:04 - 00445440 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhotoMetadataHandler.dll
2015-08-04 01:04 - 2015-08-04 01:04 - 00364544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PhotoMetadataHandler.dll
2015-08-04 01:04 - 2015-08-04 01:04 - 00316416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\udfs.sys
2015-08-04 01:04 - 2015-08-04 01:04 - 00275968 _____ (Microsoft Corporation) C:\WINDOWS\system32\authz.dll
2015-08-04 01:04 - 2015-08-04 01:04 - 00180224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authz.dll
2015-08-04 01:03 - 2015-08-04 01:03 - 01090048 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmCoreR.dll
2015-08-04 01:03 - 2015-08-04 01:03 - 00791040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MrmCoreR.dll
2015-08-04 01:02 - 2015-08-04 01:02 - 02052608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2015-08-04 01:02 - 2015-08-04 01:02 - 00327168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2015-08-04 01:02 - 2015-08-04 01:02 - 00316928 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2015-08-04 01:02 - 2015-08-04 01:02 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2015-08-04 01:02 - 2015-08-04 01:02 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webcheck.dll
2015-08-04 01:02 - 2015-08-04 01:02 - 00199680 _____ (Microsoft Corporation) C:\WINDOWS\system32\msrating.dll
2015-08-04 01:02 - 2015-08-04 01:02 - 00168960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrating.dll
2015-08-04 01:02 - 2015-08-04 01:02 - 00128000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iepeers.dll
2015-08-04 01:02 - 2015-08-04 01:02 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2015-08-04 01:02 - 2015-08-04 01:02 - 00088064 _____ (Microsoft Corporation) C:\WINDOWS\system32\MshtmlDac.dll
2015-08-04 01:02 - 2015-08-04 01:02 - 00087552 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdc.ocx
2015-08-04 01:02 - 2015-08-04 01:02 - 00076288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2015-08-04 01:02 - 2015-08-04 01:02 - 00073216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdc.ocx
2015-08-04 01:02 - 2015-08-04 01:02 - 00064000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MshtmlDac.dll
2015-08-04 01:02 - 2015-08-04 01:02 - 00022960 _____ C:\WINDOWS\system32\emptyregdb.dat
2015-08-04 01:01 - 2015-08-04 01:01 - 03607552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2015-08-04 01:01 - 2015-08-04 01:01 - 03320320 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2015-08-04 01:01 - 2015-08-04 01:01 - 02774528 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2015-08-04 01:01 - 2015-08-04 01:01 - 02460160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll
2015-08-04 01:01 - 2015-08-04 01:01 - 02171904 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlowUI.dll
2015-08-04 01:01 - 2015-08-04 01:01 - 00672984 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAgent.exe
2015-08-04 01:01 - 2015-08-04 01:01 - 00463872 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.Handlers.dll
2015-08-04 01:01 - 2015-08-04 01:01 - 00273240 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlows.exe
2015-08-04 01:01 - 2015-08-04 01:01 - 00116736 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsDatabase.dll
2015-08-04 01:01 - 2015-08-04 01:01 - 00065024 _____ (Microsoft Corporation) C:\WINDOWS\system32\msiexec.exe
2015-08-04 01:01 - 2015-08-04 01:01 - 00059904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msiexec.exe
2015-08-04 01:00 - 2015-08-04 01:00 - 00814080 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2015-08-04 01:00 - 2015-08-04 01:00 - 00620032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2015-08-04 01:00 - 2015-08-04 01:00 - 00374272 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2015-08-04 00:59 - 2015-08-04 00:59 - 01763352 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll
2015-08-04 00:59 - 2015-08-04 00:59 - 01488040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecs.dll
2015-08-04 00:59 - 2015-08-04 00:59 - 01249280 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAutomationCore.dll
2015-08-04 00:59 - 2015-08-04 00:59 - 01018880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIAutomationCore.dll
2015-08-04 00:59 - 2015-08-04 00:59 - 00788680 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2015-08-04 00:59 - 2015-08-04 00:59 - 00602776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll
2015-08-04 00:59 - 2015-08-04 00:59 - 00108544 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\i8042prt.sys
2015-08-04 00:59 - 2015-08-04 00:59 - 00059712 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\kbdclass.sys
2015-08-04 00:59 - 2015-08-04 00:59 - 00051008 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mouclass.sys
2015-08-04 00:59 - 2015-08-04 00:59 - 00032256 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\kbdhid.sys
2015-08-04 00:59 - 2015-08-04 00:59 - 00030208 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mouhid.sys
2015-08-04 00:59 - 2015-08-04 00:59 - 00026112 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sermouse.sys
2015-08-04 00:58 - 2015-08-04 00:58 - 00186368 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpapisrv.dll
2015-08-04 00:58 - 2015-08-04 00:58 - 00130048 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiFiDisplay.dll
2015-08-04 00:56 - 2015-08-04 00:56 - 00971776 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSShared.dll
2015-08-04 00:56 - 2015-08-04 00:56 - 00811008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSShared.dll
2015-08-04 00:56 - 2015-08-04 00:56 - 00513480 _____ C:\WINDOWS\SysWOW64\locale.nls
2015-08-04 00:56 - 2015-08-04 00:56 - 00513480 _____ C:\WINDOWS\system32\locale.nls
2015-08-04 00:56 - 2015-08-04 00:56 - 00429568 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2015-08-04 00:56 - 2015-08-04 00:56 - 00391680 _____ (Microsoft Corporation) C:\WINDOWS\system32\nlasvc.dll
2015-08-04 00:56 - 2015-08-04 00:56 - 00360448 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncsi.dll
2015-08-04 00:56 - 2015-08-04 00:56 - 00358912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll
2015-08-04 00:56 - 2015-08-04 00:56 - 00274944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2015-08-04 00:56 - 2015-08-04 00:56 - 00210944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2015-08-04 00:56 - 2015-08-04 00:56 - 00057856 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthhfenum.sys
2015-08-04 00:56 - 2015-08-04 00:56 - 00046456 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockScreenContentServer.exe
2015-08-04 00:55 - 2015-08-04 00:55 - 03547648 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2015-08-04 00:55 - 2015-08-04 00:55 - 01970432 _____ (Microsoft Corporation) C:\WINDOWS\system32\crypt32.dll
2015-08-04 00:55 - 2015-08-04 00:55 - 01612992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\crypt32.dll
2015-08-04 00:55 - 2015-08-04 00:55 - 01091072 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2015-08-04 00:55 - 2015-08-04 00:55 - 00864256 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32spl.dll
2015-08-04 00:55 - 2015-08-04 00:55 - 00477184 _____ (Microsoft Corporation) C:\WINDOWS\system32\puiobj.dll
2015-08-04 00:55 - 2015-08-04 00:55 - 00367104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\puiobj.dll
2015-08-04 00:55 - 2015-08-04 00:55 - 00346112 _____ (Microsoft Corporation) C:\WINDOWS\system32\eappcfg.dll
2015-08-04 00:55 - 2015-08-04 00:55 - 00339456 _____ (Microsoft Corporation) C:\WINDOWS\system32\eapphost.dll
2015-08-04 00:55 - 2015-08-04 00:55 - 00331776 _____ (Microsoft Corporation) C:\WINDOWS\system32\eapp3hst.dll
2015-08-04 00:55 - 2015-08-04 00:55 - 00309760 _____ (Microsoft Corporation) C:\WINDOWS\system32\compstui.dll
2015-08-04 00:55 - 2015-08-04 00:55 - 00278016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eappcfg.dll
2015-08-04 00:55 - 2015-08-04 00:55 - 00266752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eapphost.dll
2015-08-04 00:55 - 2015-08-04 00:55 - 00250880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eapp3hst.dll
2015-08-04 00:55 - 2015-08-04 00:55 - 00131584 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2015-08-04 00:55 - 2015-08-04 00:55 - 00102912 _____ (Microsoft Corporation) C:\WINDOWS\system32\eappgnui.dll
2015-08-04 00:55 - 2015-08-04 00:55 - 00091648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eappgnui.dll
2015-08-04 00:55 - 2015-08-04 00:55 - 00014848 _____ (Microsoft Corporation) C:\WINDOWS\system32\winshfhc.dll
2015-08-04 00:55 - 2015-08-04 00:55 - 00012800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winshfhc.dll
2015-08-04 00:54 - 2015-08-10 19:09 - 00000000 ___SD C:\WINDOWS\system32\GWX
2015-08-04 00:54 - 2015-08-10 19:04 - 00000000 ___SD C:\WINDOWS\SysWOW64\GWX
2015-08-04 00:54 - 2015-08-04 00:54 - 01661576 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2015-08-04 00:54 - 2015-08-04 00:54 - 01212248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2015-08-04 00:54 - 2015-08-04 00:54 - 00950784 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdh.dll
2015-08-04 00:54 - 2015-08-04 00:54 - 00749568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdh.dll
2015-08-04 00:54 - 2015-08-04 00:54 - 00653824 _____ (Microsoft Corporation) C:\WINDOWS\system32\comctl32.dll
2015-08-04 00:54 - 2015-08-04 00:54 - 00549888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comctl32.dll
2015-08-04 00:54 - 2015-08-04 00:54 - 00411648 _____ (Microsoft Corporation) C:\WINDOWS\system32\tracerpt.exe
2015-08-04 00:54 - 2015-08-04 00:54 - 00402432 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMPhoto.dll
2015-08-04 00:54 - 2015-08-04 00:54 - 00377152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys
2015-08-04 00:54 - 2015-08-04 00:54 - 00369152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tracerpt.exe
2015-08-04 00:54 - 2015-08-04 00:54 - 00360480 _____ (Microsoft Corporation) C:\WINDOWS\system32\sechost.dll
2015-08-04 00:54 - 2015-08-04 00:54 - 00357376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMPhoto.dll
2015-08-04 00:54 - 2015-08-04 00:54 - 00285184 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64.dll
2015-08-04 00:54 - 2015-08-04 00:54 - 00257216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sechost.dll
2015-08-04 00:54 - 2015-08-04 00:54 - 00246272 _____ (Microsoft Corporation) C:\WINDOWS\system32\microsoft-windows-system-events.dll
2015-08-04 00:54 - 2015-08-04 00:54 - 00075264 _____ (Microsoft Corporation) C:\WINDOWS\system32\clfsw32.dll
2015-08-04 00:54 - 2015-08-04 00:54 - 00058880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\clfsw32.dll
2015-08-04 00:54 - 2015-08-04 00:54 - 00020992 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usb8023.sys
2015-08-04 00:54 - 2015-08-04 00:54 - 00013312 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64cpu.dll
2015-08-04 00:53 - 2015-08-04 00:53 - 01385256 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2015-08-04 00:53 - 2015-08-04 00:53 - 01124352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2015-08-04 00:53 - 2015-08-04 00:53 - 00239424 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys
2015-08-04 00:53 - 2015-08-04 00:53 - 00154432 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsd.sys
2015-08-04 00:53 - 2015-08-04 00:53 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSWbPrxy.exe
2015-08-04 00:53 - 2015-08-04 00:53 - 00080384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ahcache.sys
2015-08-04 00:52 - 2015-08-04 00:52 - 04298240 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_47.dll
2015-08-04 00:52 - 2015-08-04 00:52 - 03551744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_47.dll
2015-08-04 00:52 - 2015-08-04 00:52 - 02067968 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpdshext.dll
2015-08-04 00:52 - 2015-08-04 00:52 - 01969664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wpdshext.dll
2015-08-04 00:52 - 2015-08-04 00:52 - 01488896 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfc42u.dll
2015-08-04 00:52 - 2015-08-04 00:52 - 01464832 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfc42.dll
2015-08-04 00:52 - 2015-08-04 00:52 - 01380600 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll
2015-08-04 00:52 - 2015-08-04 00:52 - 01230336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfc42u.dll
2015-08-04 00:52 - 2015-08-04 00:52 - 01204224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfc42.dll
2015-08-04 00:52 - 2015-08-04 00:52 - 01201664 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys
2015-08-04 00:52 - 2015-08-04 00:52 - 01097216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32.dll
2015-08-04 00:52 - 2015-08-04 00:52 - 00167424 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rfcomm.sys
2015-08-04 00:52 - 2015-08-04 00:52 - 00097792 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidbth.sys
2015-08-04 00:51 - 2015-08-04 00:51 - 01696256 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtsvc.dll
2015-08-04 00:51 - 2015-08-04 00:51 - 00780800 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsm.dll
2015-08-04 00:51 - 2015-08-04 00:51 - 00564224 _____ (Microsoft Corporation) C:\WINDOWS\system32\apphelp.dll
2015-08-04 00:51 - 2015-08-04 00:51 - 00325464 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBXHCI.SYS
2015-08-04 00:51 - 2015-08-04 00:51 - 00227328 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvc.dll
2015-08-04 00:51 - 2015-08-04 00:51 - 00203264 _____ (Microsoft Corporation) C:\WINDOWS\system32\ubpm.dll
2015-08-04 00:51 - 2015-08-04 00:51 - 00158720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rgb9rast.dll
2015-08-04 00:50 - 2015-08-04 00:50 - 01441792 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2015-08-04 00:50 - 2015-08-04 00:50 - 01311960 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcrt4.dll
2015-08-04 00:50 - 2015-08-04 00:50 - 00989184 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2015-08-04 00:50 - 2015-08-04 00:50 - 00802816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2015-08-04 00:50 - 2015-08-04 00:50 - 00747520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpcrt4.dll
2015-08-04 00:50 - 2015-08-04 00:50 - 00561928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2015-08-04 00:50 - 2015-08-04 00:50 - 00445440 _____ (Microsoft Corporation) C:\WINDOWS\system32\certcli.dll
2015-08-04 00:50 - 2015-08-04 00:50 - 00442712 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2015-08-04 00:50 - 2015-08-04 00:50 - 00401408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
2015-08-04 00:50 - 2015-08-04 00:50 - 00359936 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinSetupUI.dll
2015-08-04 00:50 - 2015-08-04 00:50 - 00332120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2015-08-04 00:50 - 2015-08-04 00:50 - 00324096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certcli.dll
2015-08-04 00:50 - 2015-08-04 00:50 - 00284672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb10.sys
2015-08-04 00:50 - 2015-08-04 00:50 - 00202240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys
2015-08-04 00:50 - 2015-08-04 00:50 - 00178008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2015-08-04 00:50 - 2015-08-04 00:50 - 00075264 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorageContextHandler.dll
2015-08-04 00:50 - 2015-08-04 00:50 - 00066048 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups.dll
2015-08-04 00:50 - 2015-08-04 00:50 - 00060928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StorageContextHandler.dll
2015-08-04 00:50 - 2015-08-04 00:50 - 00052224 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups2.dll
2015-08-04 00:50 - 2015-08-04 00:50 - 00034304 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceSetupStatusProvider.dll
2015-08-04 00:50 - 2015-08-04 00:50 - 00028672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DeviceSetupStatusProvider.dll
2015-08-04 00:50 - 2015-08-04 00:50 - 00027136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wups.dll
2015-08-04 00:49 - 2015-08-04 00:49 - 22292672 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2015-08-04 00:49 - 2015-08-04 00:49 - 19734960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2015-08-04 00:49 - 2015-08-04 00:49 - 07784448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2015-08-04 00:49 - 2015-08-04 00:49 - 05264384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2015-08-04 00:49 - 2015-08-04 00:49 - 03109376 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExplorerFrame.dll
2015-08-04 00:49 - 2015-08-04 00:49 - 02706432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExplorerFrame.dll
2015-08-04 00:49 - 2015-08-04 00:49 - 02162176 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRH.dll
2015-08-04 00:49 - 2015-08-04 00:49 - 01812992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRH.dll
2015-08-04 00:49 - 2015-08-04 00:49 - 00933888 _____ (Microsoft Corporation) C:\WINDOWS\system32\calc.exe
2015-08-04 00:49 - 2015-08-04 00:49 - 00816128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\calc.exe
2015-08-04 00:49 - 2015-08-04 00:49 - 00410128 _____ (Microsoft Corporation) C:\WINDOWS\system32\services.exe
2015-08-04 00:49 - 2015-08-04 00:49 - 00172544 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Input.Inking.dll
2015-08-04 00:49 - 2015-08-04 00:49 - 00141824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Input.Inking.dll
2015-08-04 00:48 - 2015-08-04 00:48 - 00723072 _____ (Microsoft Corporation) C:\WINDOWS\system32\SHCore.dll
2015-08-04 00:48 - 2015-08-04 00:48 - 00560392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SHCore.dll
2015-08-04 00:48 - 2015-08-04 00:48 - 00259072 _____ (Microsoft Corporation) C:\WINDOWS\system32\pku2u.dll
2015-08-04 00:48 - 2015-08-04 00:48 - 00208896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\pku2u.dll
2015-08-04 00:48 - 2015-08-04 00:48 - 00200192 _____ (Microsoft Corporation) C:\WINDOWS\system32\storewuauth.dll
2015-08-04 00:48 - 2015-08-04 00:48 - 00140800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxdav.sys
2015-08-04 00:48 - 2015-08-04 00:48 - 00017408 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaext.dll
2015-08-04 00:48 - 2015-08-04 00:48 - 00015360 _____ (Microsoft Corporation) C:\WINDOWS\system32\wu.upgrade.ps.dll
2015-08-04 00:46 - 2015-08-04 00:46 - 03633664 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
2015-08-04 00:46 - 2015-08-04 00:46 - 02749952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll
2015-08-04 00:46 - 2015-08-04 00:46 - 02551808 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll
2015-08-04 00:46 - 2015-08-04 00:46 - 02256896 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2015-08-04 00:46 - 2015-08-04 00:46 - 01943040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2015-08-04 00:46 - 2015-08-04 00:46 - 01920000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssrch.dll
2015-08-04 00:46 - 2015-08-04 00:46 - 00903168 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchIndexer.exe
2015-08-04 00:46 - 2015-08-04 00:46 - 00774144 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssvp.dll
2015-08-04 00:46 - 2015-08-04 00:46 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchIndexer.exe
2015-08-04 00:46 - 2015-08-04 00:46 - 00699392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssvp.dll
2015-08-04 00:46 - 2015-08-04 00:46 - 00538624 _____ (Microsoft Corporation) C:\WINDOWS\system32\scesrv.dll
2015-08-04 00:46 - 2015-08-04 00:46 - 00468480 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssph.dll
2015-08-04 00:46 - 2015-08-04 00:46 - 00467776 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS
2015-08-04 00:46 - 2015-08-04 00:46 - 00393728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\scesrv.dll
2015-08-04 00:46 - 2015-08-04 00:46 - 00391680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssph.dll
2015-08-04 00:46 - 2015-08-04 00:46 - 00337408 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchProtocolHost.exe
2015-08-04 00:46 - 2015-08-04 00:46 - 00272896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchProtocolHost.exe
2015-08-04 00:46 - 2015-08-04 00:46 - 00248832 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssphtb.dll
2015-08-04 00:46 - 2015-08-04 00:46 - 00035840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\atlthunk.dll
2015-08-04 00:44 - 2015-08-04 00:44 - 02501368 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2015-08-04 00:44 - 2015-08-04 00:44 - 02207488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2015-08-04 00:44 - 2015-08-04 00:44 - 00991552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\http.sys
2015-08-04 00:44 - 2015-08-04 00:44 - 00522240 _____ (Microsoft Corporation) C:\WINDOWS\system32\GeofenceMonitorService.dll
2015-08-04 00:44 - 2015-08-04 00:44 - 00367104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GeofenceMonitorService.dll
2015-08-04 00:44 - 2015-08-04 00:44 - 00222208 _____ (Microsoft Corporation) C:\WINDOWS\system32\rastapi.dll
2015-08-04 00:44 - 2015-08-04 00:44 - 00207872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rastapi.dll
2015-08-04 00:44 - 2015-08-04 00:44 - 00146432 _____ (Microsoft Corporation) C:\WINDOWS\system32\poqexec.exe
2015-08-04 00:44 - 2015-08-04 00:44 - 00129536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\poqexec.exe
2015-08-04 00:43 - 2015-08-04 00:43 - 00720384 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2015-08-04 00:43 - 2015-08-04 00:43 - 00490496 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtmsft.dll
2015-08-04 00:43 - 2015-08-04 00:43 - 00418304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtmsft.dll
2015-08-04 00:43 - 2015-08-04 00:43 - 00107520 _____ (Microsoft Corporation) C:\WINDOWS\system32\inseng.dll
2015-08-04 00:42 - 2015-08-04 00:42 - 03084288 _____ (Microsoft Corporation) C:\WINDOWS\system32\msftedit.dll
2015-08-04 00:42 - 2015-08-04 00:42 - 02471424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msftedit.dll
2015-08-04 00:42 - 2015-08-04 00:42 - 00347136 _____ (Microsoft Corporation) C:\WINDOWS\system32\photowiz.dll
2015-08-04 00:42 - 2015-08-04 00:42 - 00290816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\photowiz.dll
2015-08-04 00:41 - 2015-08-04 00:41 - 00911360 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2015-08-04 00:41 - 2015-08-04 00:41 - 00535640 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2015-08-04 00:41 - 2015-08-04 00:41 - 00531616 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2015-08-04 00:41 - 2015-08-04 00:41 - 00448792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll
2015-08-04 00:41 - 2015-08-04 00:41 - 00413248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Faultrep.dll
2015-08-04 00:41 - 2015-08-04 00:41 - 00372408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Faultrep.dll
2015-08-04 00:41 - 2015-08-04 00:41 - 00262144 _____ C:\WINDOWS\system32\config\userdiff
2015-08-04 00:41 - 2015-08-04 00:41 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2015-08-04 00:41 - 2015-08-04 00:41 - 00108944 _____ (Microsoft Corporation) C:\WINDOWS\system32\EncDump.dll
2015-08-04 00:41 - 2015-08-04 00:41 - 00038264 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFaultSecure.exe
2015-08-04 00:41 - 2015-08-04 00:41 - 00037888 _____ (Microsoft Corporation) C:\WINDOWS\system32\werdiagcontroller.dll
2015-08-04 00:41 - 2015-08-04 00:41 - 00033584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFaultSecure.exe
2015-08-04 00:41 - 2015-08-04 00:41 - 00025600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\setup16.exe
2015-08-04 00:41 - 2015-08-04 00:41 - 00016896 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntvdm64.dll
2015-08-04 00:41 - 2015-08-04 00:41 - 00014336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntvdm64.dll
2015-08-04 00:41 - 2015-08-04 00:41 - 00008704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\instnm.exe
2015-08-04 00:41 - 2015-08-04 00:41 - 00005632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wow32.dll
2015-08-04 00:41 - 2015-08-04 00:41 - 00004096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user.exe
2015-08-04 00:35 - 2015-08-04 00:35 - 00000000 ____D C:\Users\Default\AppData\Local\Microsoft Help
2015-08-04 00:35 - 2015-08-04 00:35 - 00000000 ____D C:\Users\Default User\AppData\Local\Microsoft Help
2015-08-04 00:34 - 2015-08-04 00:34 - 00001547 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2015-08-04 00:34 - 2015-08-04 00:34 - 00000000 ____D C:\WINDOWS\SysWOW64\XPSViewer
2015-08-04 00:34 - 2015-08-04 00:34 - 00000000 ____D C:\Program Files\Reference Assemblies
2015-08-04 00:34 - 2015-08-04 00:34 - 00000000 ____D C:\Program Files\MSBuild
2015-08-04 00:34 - 2015-08-04 00:34 - 00000000 ____D C:\Program Files (x86)\Reference Assemblies
2015-08-04 00:34 - 2015-08-04 00:34 - 00000000 ____D C:\Program Files (x86)\MSBuild
2015-08-04 00:34 - 2013-08-03 06:48 - 01166520 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationNative_v0300.dll
2015-08-04 00:34 - 2013-08-03 06:41 - 00778936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationNative_v0300.dll
2015-08-04 00:33 - 2015-08-04 00:33 - 00024576 _____ (Microsoft Corporation) C:\WINDOWS\system32\sdbinst.exe
2015-08-04 00:33 - 2015-08-04 00:33 - 00021504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sdbinst.exe
2015-08-04 00:30 - 2015-08-04 00:30 - 00000000 ____D C:\WINDOWS\system32\config\bbimigrate
2015-08-04 00:28 - 2015-08-15 15:44 - 00000000 ____D C:\Users\CM
2015-08-04 00:28 - 2015-08-04 00:30 - 00000000 ___RD C:\Users\CM\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-08-04 00:28 - 2015-08-04 00:28 - 00000000 _SHDL C:\Users\CM\Vorlagen
2015-08-04 00:28 - 2015-08-04 00:28 - 00000000 _SHDL C:\Users\CM\Startmenü
2015-08-04 00:28 - 2015-08-04 00:28 - 00000000 _SHDL C:\Users\CM\Netzwerkumgebung
2015-08-04 00:28 - 2015-08-04 00:28 - 00000000 _SHDL C:\Users\CM\Lokale Einstellungen
2015-08-04 00:28 - 2015-08-04 00:28 - 00000000 _SHDL C:\Users\CM\Eigene Dateien
2015-08-04 00:28 - 2015-08-04 00:28 - 00000000 _SHDL C:\Users\CM\Druckumgebung
2015-08-04 00:28 - 2015-08-04 00:28 - 00000000 _SHDL C:\Users\CM\Documents\Eigene Musik
2015-08-04 00:28 - 2015-08-04 00:28 - 00000000 _SHDL C:\Users\CM\Documents\Eigene Bilder
2015-08-04 00:28 - 2015-08-04 00:28 - 00000000 _SHDL C:\Users\CM\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2015-08-04 00:28 - 2015-08-04 00:28 - 00000000 _SHDL C:\Users\CM\AppData\Local\Verlauf
2015-08-04 00:28 - 2015-08-04 00:28 - 00000000 _SHDL C:\Users\CM\AppData\Local\Anwendungsdaten
2015-08-04 00:28 - 2015-08-04 00:28 - 00000000 _SHDL C:\Users\CM\Anwendungsdaten
2015-08-04 00:28 - 2014-11-21 12:52 - 00000000 ___RD C:\Users\CM\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-08-04 00:28 - 2014-11-21 12:52 - 00000000 ___RD C:\Users\CM\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2015-08-04 00:28 - 2014-11-21 05:42 - 00000369 _____ C:\Users\CM\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pictures.lnk
2015-08-04 00:28 - 2014-11-21 05:42 - 00000369 _____ C:\Users\CM\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Documents.lnk
2015-08-04 00:28 - 2013-08-22 17:36 - 00000000 ____D C:\Users\CM\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2015-08-04 00:26 - 2015-08-04 01:02 - 00028578 _____ C:\WINDOWS\diagwrn.xml
2015-08-04 00:26 - 2015-08-04 01:02 - 00028578 _____ C:\WINDOWS\diagerr.xml
2015-08-04 00:17 - 2015-08-04 00:33 - 00000000 ____D C:\Program Files (x86)\Intel
2015-08-04 00:17 - 2015-08-04 00:17 - 00000000 ____D C:\WINDOWS\SysWOW64\RTCOM
2015-08-04 00:17 - 2015-08-04 00:17 - 00000000 ____D C:\Program Files\Realtek
2015-08-04 00:16 - 2014-10-01 19:54 - 00064000 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.DLL
2015-08-04 00:16 - 2014-10-01 19:54 - 00060416 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.DLL
2015-08-04 00:15 - 2015-08-04 00:15 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_WpdFs_01_11_00.Wdf
2015-08-04 00:15 - 2015-08-04 00:15 - 00000000 ____D C:\Program Files\Elantech
2015-08-03 22:17 - 2015-08-03 22:17 - 00004608 _____ C:\Users\CM\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-08-02 19:33 - 2015-08-02 19:33 - 00000000 ___HD C:\ProgramData\CanonIJScan
2015-08-02 19:33 - 2015-08-02 19:33 - 00000000 ____D C:\Users\CM\AppData\Roaming\Canon
2015-08-02 19:33 - 2015-08-02 19:33 - 00000000 _____ C:\Users\CM\Sti_Trace.log
2015-08-02 19:31 - 2015-08-02 19:31 - 00000000 ____D C:\Users\CM\AppData\Roaming\ABBYY
2015-08-02 19:09 - 2015-08-11 09:31 - 00000000 ____D C:\Users\CM\AppData\Local\ABBYY
2015-08-02 18:06 - 2015-08-02 19:19 - 00000000 ____D C:\ProgramData\ABBYY
2015-07-31 19:22 - 2015-08-04 01:02 - 00008044 _____ C:\WINDOWS\comsetup.log
2015-07-29 23:06 - 2015-07-29 23:06 - 00000000 ____D C:\Users\CM\AppData\Local\ClearfiPhoto
2015-07-29 22:16 - 2015-07-29 22:16 - 00497213 _____ C:\Users\CM\Downloads\Microsoft Privacy Statement.htm
2015-07-29 22:16 - 2015-07-29 22:16 - 00000000 ____D C:\Users\CM\Downloads\Microsoft Privacy Statement-Dateien
2015-07-29 15:50 - 2015-07-30 09:39 - 00000000 ____D C:\Users\Administrator
2015-07-29 15:28 - 2015-08-14 11:16 - 00000000 ____D C:\Users\CM\AppData\Roaming\vlc
2015-07-29 15:27 - 2015-08-04 00:39 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2015-07-29 15:27 - 2015-07-29 15:27 - 00001074 _____ C:\Users\Public\Desktop\VLC media player.lnk
2015-07-29 15:27 - 2015-07-29 15:27 - 00000000 ____D C:\Program Files (x86)\VideoLAN
2015-07-29 15:25 - 2015-07-29 15:25 - 28849904 _____ C:\Users\CM\Downloads\vlc-2.2.1-win32(1).exe
2015-07-29 14:17 - 2015-07-29 14:17 - 00000000 ____D C:\Users\CM\Documents\Hanlet 2 x 5 Min
2015-07-29 13:36 - 2015-07-29 13:37 - 00772016 _____ (Reimage®) C:\Users\CM\Downloads\ReimageRepair(11).exe
2015-07-29 13:25 - 2015-08-04 00:39 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live
2015-07-29 13:25 - 2015-08-04 00:39 - 00000000 ____D C:\WINDOWS\de
2015-07-29 13:25 - 2015-07-29 13:25 - 00001462 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Mail.lnk
2015-07-29 13:25 - 2015-07-29 13:25 - 00001378 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Photo Gallery.lnk
2015-07-29 13:25 - 2015-07-29 13:25 - 00001309 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Movie Maker.lnk
2015-07-29 13:25 - 2015-07-29 13:25 - 00000000 ____D C:\Program Files (x86)\Microsoft SQL Server Compact Edition
2015-07-29 13:24 - 2015-07-29 13:25 - 00000000 ____D C:\Program Files (x86)\Windows Live
2015-07-29 13:24 - 2015-07-29 13:24 - 00002490 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Messenger.lnk
2015-07-29 13:24 - 2015-07-29 13:24 - 00000000 ____D C:\Program Files\Windows Live
2015-07-29 13:23 - 2015-07-29 13:23 - 00000193 _____ C:\WINDOWS\DirectX.log
2015-07-29 13:23 - 2010-06-02 04:55 - 00527192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_7.dll
2015-07-29 13:23 - 2010-06-02 04:55 - 00518488 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_7.dll
2015-07-29 13:23 - 2010-06-02 04:55 - 00077656 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAPOFX1_5.dll
2015-07-29 13:23 - 2010-06-02 04:55 - 00074072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAPOFX1_5.dll
2015-07-29 13:23 - 2010-05-26 11:41 - 02526056 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_43.dll
2015-07-29 13:23 - 2010-05-26 11:41 - 02106216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_43.dll
2015-07-29 13:23 - 2010-05-26 11:41 - 00276832 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx11_43.dll
2015-07-29 13:23 - 2010-05-26 11:41 - 00248672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx11_43.dll
2015-07-29 13:23 - 2009-09-04 17:29 - 00523088 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_42.dll
2015-07-29 13:23 - 2009-09-04 17:29 - 00453456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_42.dll
2015-07-29 13:23 - 2006-11-29 13:06 - 04398360 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_32.dll
2015-07-29 13:23 - 2006-11-29 13:06 - 03426072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_32.dll
2015-07-29 13:22 - 2015-07-29 13:22 - 00000000 ___RD C:\Users\CM\SkyDrive
2015-07-29 13:22 - 2015-07-29 13:22 - 00000000 ____D C:\Program Files (x86)\Microsoft SkyDrive
2015-07-29 13:21 - 2015-07-29 13:21 - 00000000 ____D C:\ProgramData\Microsoft SkyDrive
2015-07-29 13:19 - 2015-08-10 14:08 - 00000000 ____D C:\Users\CM\AppData\Local\Windows Live
2015-07-29 12:51 - 2015-07-29 15:50 - 00000000 ____D C:\Users\CM\AppData\Roaming\dlg
2015-07-29 12:47 - 2015-08-07 20:02 - 00000000 ____D C:\ProgramData\AVG
2015-07-29 12:47 - 2015-07-29 12:47 - 00000000 ____D C:\Users\CM\AppData\Roaming\AVG
2015-07-29 12:47 - 2015-07-29 12:47 - 00000000 ____D C:\Users\CM\AppData\Local\Avg
2015-07-29 12:47 - 2015-07-29 12:47 - 00000000 ____D C:\Program Files (x86)\AVG
2015-07-29 12:41 - 2015-07-29 12:41 - 00772016 _____ (Reimage®) C:\Users\CM\Downloads\ReimageRepair(10).exe
2015-07-29 12:35 - 2015-07-29 12:35 - 00000000 ____D C:\ProgramData\7b24ec7cc000461ebe26d116b88142c8
2015-07-29 12:18 - 2015-07-29 12:18 - 00001017 _____ C:\Users\CM\AppData\Bilder - Verknüpfung.lnk
2015-07-29 12:18 - 2015-07-29 12:18 - 00000625 _____ C:\Users\CM\AppData\Roaming\Bibliotheken - Verknüpfung.lnk
2015-07-29 12:00 - 2015-07-24 12:06 - 00002687 _____ C:\Users\CM\Downloads\Hamlet 5 min.  Demo wlmp (1).wlmp
2015-07-29 11:55 - 2015-07-20 15:23 - 00012288 ___SH C:\Users\CM\Desktop\Thumbs - Kopie.db
2015-07-29 10:11 - 2015-08-02 19:10 - 00000000 ____D C:\Users\CM\AppData\Local\CrashDumps
2015-07-28 16:31 - 2015-08-05 05:27 - 00000000 ____D C:\WINDOWS\system32\AutoUpdateLicense
2015-07-28 16:17 - 2015-05-19 13:59 - 00207208 _____ (McAfee, Inc.) C:\WINDOWS\system32\Drivers\HipShieldK.sys
2015-07-28 16:14 - 2015-08-13 09:00 - 00000000 ____D C:\WINDOWS\System32\Tasks\McAfee
2015-07-27 16:15 - 2015-08-03 22:18 - 00000000 ____D C:\Users\CM\AppData\Local\clear.fi
2015-07-27 16:00 - 2012-07-04 11:55 - 01354240 _____ (CANON INC.) C:\WINDOWS\system32\CNQ2414C.dll
2015-07-27 16:00 - 2012-07-04 11:55 - 00112128 _____ (CANON INC.) C:\WINDOWS\system32\CNQ2414I.dll
2015-07-27 16:00 - 2012-07-04 11:29 - 00106496 _____ (CANON INC.) C:\WINDOWS\SysWOW64\CNQ2414U.dll
2015-07-27 16:00 - 2010-12-17 14:49 - 00515072 _____ (CANON INC.) C:\WINDOWS\system32\CNQ2414L.dll
2015-07-27 16:00 - 2010-12-17 14:49 - 00438272 _____ (CANON INC.) C:\WINDOWS\SysWOW64\CNQ2414L.dll
2015-07-27 16:00 - 2010-03-19 10:04 - 00393256 _____ C:\WINDOWS\SysWOW64\CNQ2414N.DAT
2015-07-27 16:00 - 2010-03-19 10:04 - 00393256 _____ C:\WINDOWS\system32\CNQ2414N.DAT
2015-07-27 16:00 - 2008-08-25 18:02 - 00017920 _____ (CANON INC.) C:\WINDOWS\system32\CNHMCA6.dll
2015-07-27 16:00 - 2008-08-25 18:02 - 00015872 _____ (CANON INC.) C:\WINDOWS\SysWOW64\CNHMCA.dll
2015-07-27 15:18 - 2015-07-27 15:18 - 00000000 ____D C:\Users\CM\AppData\Local\Apps\2.0
2015-07-27 15:16 - 2015-08-04 00:39 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
2015-07-27 15:15 - 2015-07-28 16:00 - 00000000 ____D C:\Program Files (x86)\Microsoft Works
2015-07-27 15:12 - 2015-07-27 15:12 - 00000000 ____D C:\Program Files\Microsoft Office
2015-07-27 15:11 - 2015-08-12 11:29 - 00000000 ____D C:\ProgramData\Microsoft Help
2015-07-27 15:11 - 2015-08-04 15:54 - 00000000 ____D C:\Users\CM\AppData\Local\Microsoft Help
2015-07-27 14:20 - 2015-07-27 14:41 - 340508784 _____ (Microsoft Corporation) C:\Users\CM\Downloads\MicrosoftInstaller.exe
2015-07-27 11:38 - 2015-03-04 09:26 - 00011105 ____N C:\WINDOWS\system32\AutoconfigV2.cab
2015-07-27 10:30 - 2015-08-04 00:33 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee
2015-07-26 23:20 - 2015-07-26 23:20 - 00000117 _____ C:\WINDOWS\system32\netcfg-195645406.txt
2015-07-26 22:58 - 2015-07-26 22:58 - 00000117 _____ C:\WINDOWS\system32\netcfg-194312734.txt
2015-07-26 22:58 - 2015-07-26 22:58 - 00000117 _____ C:\WINDOWS\system32\netcfg-194309687.txt
2015-07-26 22:57 - 2015-07-26 22:57 - 00000117 _____ C:\WINDOWS\system32\netcfg-194304062.txt
2015-07-26 22:57 - 2015-07-26 22:57 - 00000117 _____ C:\WINDOWS\system32\netcfg-194303656.txt
2015-07-26 14:33 - 2015-08-12 11:25 - 00000000 ____D C:\WINDOWS\system32\MRT
2015-07-26 14:33 - 2015-08-12 11:18 - 132483416 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2015-07-26 14:18 - 2013-05-04 06:51 - 00014848 ____N (Microsoft) C:\WINDOWS\system32\rars.rs
2015-07-26 14:18 - 2013-05-04 06:10 - 00014848 ____N (Microsoft) C:\WINDOWS\SysWOW64\rars.rs
2015-07-26 11:54 - 2015-07-26 11:54 - 00003114 _____ C:\WINDOWS\System32\Tasks\{26E9F40E-B5F3-4D4A-931D-6E738019A6DF}
2015-07-26 11:53 - 2015-07-26 11:53 - 02256152 _____ (Microsoft Corporation) C:\Users\CM\Downloads\WcPlugin(2).exe
2015-07-26 11:52 - 2015-07-26 11:52 - 00000000 ____D C:\Users\CM\AppData\Local\Macromedia
2015-07-26 11:47 - 2015-08-18 23:43 - 00000884 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2015-07-26 11:47 - 2015-08-13 09:44 - 00003772 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2015-07-26 11:47 - 2015-08-13 08:55 - 00001954 _____ C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk
2015-07-26 11:47 - 2015-07-26 11:47 - 00000000 ____D C:\ProgramData\McAfee Security Scan
2015-07-26 11:44 - 2015-08-02 19:32 - 00000000 ____D C:\Users\CM\AppData\Local\Adobe
2015-07-26 11:40 - 2015-07-26 11:40 - 00000117 _____ C:\WINDOWS\system32\netcfg-153679546.txt
2015-07-26 11:40 - 2015-07-26 11:40 - 00000117 _____ C:\WINDOWS\system32\netcfg-153676531.txt
2015-07-26 11:40 - 2015-07-26 11:40 - 00000117 _____ C:\WINDOWS\system32\netcfg-153656750.txt
2015-07-26 11:40 - 2015-07-26 11:40 - 00000117 _____ C:\WINDOWS\system32\netcfg-153656578.txt
2015-07-25 14:21 - 2015-07-25 14:21 - 00000117 _____ C:\WINDOWS\system32\netcfg-76930812.txt
2015-07-25 14:21 - 2015-07-25 14:21 - 00000117 _____ C:\WINDOWS\system32\netcfg-76930734.txt
2015-07-25 14:21 - 2015-07-25 14:21 - 00000117 _____ C:\WINDOWS\system32\netcfg-76926796.txt
2015-07-25 14:21 - 2015-07-25 14:21 - 00000117 _____ C:\WINDOWS\system32\netcfg-76926578.txt
2015-07-25 07:22 - 2015-07-25 07:22 - 00000000 ___RD C:\Users\CM\Box Sync
2015-07-25 07:05 - 2015-07-25 07:05 - 00002687 _____ C:\Users\CM\Downloads\Hamlet 5 min.  Demo wlmp.wlmp
2015-07-25 07:03 - 2015-07-25 07:04 - 27015280 _____ (Box Inc.) C:\Users\CM\Downloads\BoxSyncSetup(1).exe
2015-07-25 07:00 - 2015-07-25 07:02 - 00000000 ____D C:\ProgramData\Package Cache
2015-07-25 06:59 - 2015-07-25 06:59 - 27015280 _____ (Box Inc.) C:\Users\CM\Downloads\BoxSyncSetup.exe
2015-07-25 06:39 - 2015-08-11 23:03 - 00001173 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2015-07-25 06:39 - 2015-08-11 23:03 - 00001167 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2015-07-25 06:39 - 2015-08-10 19:16 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2015-07-25 06:39 - 2015-07-25 06:45 - 00000000 ____D C:\Users\CM\AppData\Local\Mozilla
2015-07-25 06:39 - 2015-07-25 06:39 - 00000000 ____D C:\Users\CM\AppData\Roaming\Mozilla
2015-07-25 06:39 - 2015-07-25 06:39 - 00000000 ____D C:\ProgramData\Mozilla
2015-07-25 06:39 - 2015-07-25 06:39 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2015-07-25 06:18 - 2015-07-25 06:18 - 00000000 ____D C:\Program Files\Common Files\AV
2015-07-25 06:13 - 2015-07-25 06:13 - 00000117 _____ C:\WINDOWS\system32\netcfg-47620843.txt
2015-07-25 06:13 - 2015-07-25 06:13 - 00000117 _____ C:\WINDOWS\system32\netcfg-47617828.txt
2015-07-25 06:12 - 2015-07-25 06:12 - 00000117 _____ C:\WINDOWS\system32\netcfg-47613656.txt
2015-07-25 06:12 - 2015-07-25 06:12 - 00000117 _____ C:\WINDOWS\system32\netcfg-47612562.txt
2015-07-24 17:15 - 2015-08-18 23:45 - 00003598 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2407381306-1223850301-1151369756-1001
2015-07-24 17:12 - 2015-07-24 17:12 - 00000000 ____D C:\Users\CM\AppData\Local\EgisTec IPS
2015-07-24 17:11 - 2015-07-24 17:11 - 00000000 ____D C:\Users\CM\AppData\Roaming\Atheros
2015-07-24 17:10 - 2015-07-24 17:10 - 00019212 _____ C:\Users\CM\Desktop\Entfernte Anwendungen.html
2015-07-24 17:10 - 2015-07-24 17:10 - 00000000 ____D C:\WINDOWS\System32\Tasks\WPD
2015-07-24 17:09 - 2015-08-11 23:03 - 00001458 _____ C:\Users\CM\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2015-07-24 17:08 - 2015-07-24 17:08 - 00002156 _____ C:\Users\CM\Desktop\McAfee Anti-Theft.lnk
2015-07-24 17:08 - 2015-07-24 17:08 - 00002027 _____ C:\Users\Public\Desktop\LOVEFiLM.lnk
2015-07-24 17:08 - 2015-07-24 17:08 - 00001736 _____ C:\Users\Public\Desktop\Online kaufen.lnk
2015-07-24 17:08 - 2015-07-24 17:08 - 00000000 ____D C:\Program Files\Preload
2015-07-24 17:08 - 2015-07-24 17:08 - 00000000 ____D C:\Program Files\Accessory Store
2015-07-24 17:07 - 2015-07-24 17:07 - 00000093 _____ C:\WINDOWS\WLangUpt.log
2015-07-24 17:07 - 2015-07-24 17:07 - 00000000 ____D C:\Users\CM\AppData\Roaming\lm
2015-07-24 17:04 - 2015-07-24 17:04 - 00000000 ____D C:\Users\CM\AppData\Roaming\Macromedia
2015-07-24 17:04 - 2015-07-24 17:04 - 00000000 ____D C:\Users\CM\AppData\Roaming\Adobe
2015-07-24 17:03 - 2015-07-29 16:50 - 00000000 ____D C:\Users\CM\AppData\Local\VirtualStore
2015-07-24 17:02 - 2015-08-03 23:22 - 01178932 _____ C:\WINDOWS\WindowsUpdate (1).log
2015-07-24 17:01 - 2015-07-24 17:01 - 00000117 _____ C:\WINDOWS\system32\netcfg-144968.txt
2015-07-24 17:01 - 2015-07-24 17:01 - 00000117 _____ C:\WINDOWS\system32\netcfg-144906.txt
2015-07-24 17:01 - 2015-07-24 17:01 - 00000117 _____ C:\WINDOWS\system32\netcfg-142812.txt
2015-07-24 17:00 - 2015-07-24 17:00 - 00000117 _____ C:\WINDOWS\system32\netcfg-98968.txt
2015-07-24 17:00 - 2015-07-24 17:00 - 00000000 _SHDL C:\Users\Public\Documents\Eigene Musik
2015-07-24 17:00 - 2015-07-24 17:00 - 00000000 _SHDL C:\Users\Public\Documents\Eigene Bilder
2015-07-24 17:00 - 2015-07-24 17:00 - 00000000 _SHDL C:\Users\Default.migrated\Vorlagen
2015-07-24 17:00 - 2015-07-24 17:00 - 00000000 _SHDL C:\Users\Default.migrated\Startmenü
2015-07-24 17:00 - 2015-07-24 17:00 - 00000000 _SHDL C:\Users\Default.migrated\Netzwerkumgebung
2015-07-24 17:00 - 2015-07-24 17:00 - 00000000 _SHDL C:\Users\Default.migrated\Lokale Einstellungen
2015-07-24 17:00 - 2015-07-24 17:00 - 00000000 _SHDL C:\Users\Default.migrated\Eigene Dateien
2015-07-24 17:00 - 2015-07-24 17:00 - 00000000 _SHDL C:\Users\Default.migrated\Druckumgebung
2015-07-24 17:00 - 2015-07-24 17:00 - 00000000 _SHDL C:\Users\Default.migrated\Documents\Eigene Musik
2015-07-24 17:00 - 2015-07-24 17:00 - 00000000 _SHDL C:\Users\Default.migrated\Documents\Eigene Bilder
2015-07-24 17:00 - 2015-07-24 17:00 - 00000000 _SHDL C:\Users\Default.migrated\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2015-07-24 17:00 - 2015-07-24 17:00 - 00000000 _SHDL C:\Users\Default.migrated\AppData\Local\Verlauf
2015-07-24 17:00 - 2015-07-24 17:00 - 00000000 _SHDL C:\Users\Default.migrated\AppData\Local\Anwendungsdaten
2015-07-24 17:00 - 2015-07-24 17:00 - 00000000 _SHDL C:\Users\Default.migrated\Anwendungsdaten
2015-07-24 17:00 - 2015-07-24 17:00 - 00000000 _SHDL C:\ProgramData\Vorlagen
2015-07-24 17:00 - 2015-07-24 17:00 - 00000000 _SHDL C:\ProgramData\Startmenü
2015-07-24 17:00 - 2015-07-24 17:00 - 00000000 _SHDL C:\ProgramData\Microsoft\Windows\Start Menu\Programme
2015-07-24 17:00 - 2015-07-24 17:00 - 00000000 _SHDL C:\ProgramData\Dokumente
2015-07-24 17:00 - 2015-07-24 17:00 - 00000000 _SHDL C:\ProgramData\Anwendungsdaten
2015-07-24 17:00 - 2015-07-24 17:00 - 00000000 _SHDL C:\Program Files\Gemeinsame Dateien
2015-07-24 16:28 - 2015-07-24 17:47 - 00000000 ___HD C:\$SysReset
2015-07-24 14:11 - 2015-07-24 14:11 - 00871739 _____ C:\Users\CM\Downloads\Setup (3).jse
2015-07-24 14:10 - 2015-07-24 14:11 - 00871750 _____ C:\Users\CM\Downloads\Setup (1).jse
2015-07-24 14:10 - 2015-07-24 14:10 - 00871750 _____ C:\Users\CM\Downloads\Setup (2).jse
2015-07-24 13:39 - 2015-07-24 13:39 - 00772016 _____ (Reimage®) C:\Users\CM\Downloads\ReimageRepair (12).exe
2015-07-24 13:39 - 2015-07-24 13:39 - 00772016 _____ (Reimage®) C:\Users\CM\Downloads\ReimageRepair (11).exe
2015-07-24 13:38 - 2015-07-24 13:38 - 00772016 _____ (Reimage®) C:\Users\CM\Downloads\ReimageRepair (10).exe
2015-07-24 13:18 - 2015-07-24 13:18 - 00772016 _____ (Reimage®) C:\Users\CM\Downloads\ReimageRepair (9).exe
2015-07-24 13:18 - 2015-07-24 13:18 - 00772016 _____ (Reimage®) C:\Users\CM\Downloads\ReimageRepair (8).exe
2015-07-24 13:17 - 2015-07-24 13:17 - 00772016 _____ (Reimage®) C:\Users\CM\Downloads\ReimageRepair (7).exe
2015-07-24 13:13 - 2015-07-24 13:13 - 00772016 _____ (Reimage®) C:\Users\CM\Downloads\ReimageRepair (6).exe
2015-07-24 13:00 - 2015-07-24 13:00 - 00772016 _____ (Reimage®) C:\Users\CM\Downloads\ReimageRepair (5).exe
2015-07-24 12:18 - 2015-07-24 12:18 - 01319011 _____ C:\Users\CM\Downloads\Nicht bestätigt 407671.crdownload
2015-07-24 11:00 - 2015-07-24 11:00 - 00772016 _____ (Reimage®) C:\Users\CM\Downloads\ReimageRepair (4).exe
2015-07-24 11:00 - 2015-07-24 11:00 - 00772016 _____ (Reimage®) C:\Users\CM\Downloads\ReimageRepair (3).exe
2015-07-24 10:56 - 2015-07-24 10:56 - 00772016 _____ (Reimage®) C:\Users\CM\Downloads\ReimageRepair (2).exe
2015-07-24 10:55 - 2015-07-24 10:55 - 00772016 _____ (Reimage®) C:\Users\CM\Downloads\ReimageRepair (1).exe
2015-07-23 18:01 - 2015-07-23 18:01 - 00772016 _____ (Reimage®) C:\Users\CM\Downloads\ReimageRepair(9).exe
2015-07-23 17:56 - 2015-07-23 17:57 - 00242928 _____ C:\Users\CM\Downloads\Firefox Setup Stub 39.0 (1).exe
2015-07-23 14:23 - 2015-07-23 14:23 - 00772016 _____ (Reimage®) C:\Users\CM\Downloads\ReimageRepair(8).exe
2015-07-23 09:42 - 2015-07-23 09:42 - 01245384 _____ (Microsoft Corporation) C:\Users\CM\Downloads\wlsetup-web(1).exe
2015-07-23 09:19 - 2015-08-04 11:43 - 00000000 ____D C:\Users\CM\AppData\Local\Packages
2015-07-23 07:05 - 2015-07-23 07:05 - 00242912 _____ C:\Users\CM\Downloads\Firefox Setup Stub 39.0.exe
2015-07-22 19:41 - 2015-07-22 19:41 - 00772016 _____ (Reimage®) C:\Users\CM\Downloads\ReimageRepair(7).exe
2015-07-22 12:54 - 2015-07-22 12:54 - 00772016 _____ (Reimage®) C:\Users\CM\Downloads\ReimageRepair(6).exe
2015-07-22 12:52 - 2015-07-22 12:52 - 00772016 _____ (Reimage®) C:\Users\CM\Downloads\ReimageRepair(5).exe
2015-07-22 12:51 - 2015-07-22 12:52 - 00772016 _____ (Reimage®) C:\Users\CM\Downloads\ReimageRepair(4).exe
2015-07-22 11:26 - 2015-07-22 11:26 - 00772016 _____ (Reimage®) C:\Users\CM\Downloads\ReimageRepair(3).exe
2015-07-22 11:10 - 2015-07-22 11:10 - 00772016 _____ (Reimage®) C:\Users\CM\Downloads\ReimageRepair(2).exe
2015-07-22 07:33 - 2015-07-22 07:36 - 01245384 _____ (Microsoft Corporation) C:\Users\CM\Downloads\wlsetup-web (2).exe
2015-07-22 07:04 - 2015-07-22 07:05 - 01245384 _____ (Microsoft Corporation) C:\Users\CM\Downloads\wlsetup-web.exe
2015-07-21 19:16 - 2015-07-29 14:54 - 07357440 _____ C:\Users\CM\Downloads\WindowsMovieMakerSetup.exe
2015-07-21 18:33 - 2015-07-23 11:15 - 00000000 _____ C:\dummy.htm
2015-07-21 18:01 - 2015-07-21 18:01 - 00000000 _____ C:\LILF48E.tmp
2015-07-21 18:01 - 2015-07-21 18:01 - 00000000 _____ C:\LILF48D.tmp
2015-07-21 18:00 - 2015-07-21 18:02 - 00000000 ____D C:\c9eab403-51a3-4e95-81f7-b6263ea83a2d
2015-07-21 17:57 - 2015-07-21 18:02 - 128227047 _____ C:\Users\CM\Downloads\wlsetup-all.exe.part
2015-07-20 15:23 - 2015-08-14 06:42 - 00012288 ___SH C:\Users\CM\Desktop\Thumbs.db
2015-07-20 15:22 - 2015-07-20 14:36 - 507502069 _____ C:\Users\CM\Desktop\Projekt.m4v

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2015-08-18 23:34 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\system32\sru
2015-08-18 19:59 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\AppReadiness
2015-08-18 00:08 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\rescache
2015-08-16 18:40 - 2014-11-21 05:35 - 01776918 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2015-08-16 18:40 - 2014-11-21 04:45 - 00765582 _____ C:\WINDOWS\system32\perfh007.dat
2015-08-16 18:40 - 2014-11-21 04:45 - 00159366 _____ C:\WINDOWS\system32\perfc007.dat
2015-08-16 18:34 - 2014-11-20 20:24 - 00060576 _____ C:\WINDOWS\PFRO.log
2015-08-16 18:34 - 2013-08-22 16:46 - 00296108 _____ C:\WINDOWS\setupact.log
2015-08-16 18:34 - 2013-08-22 16:45 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2015-08-16 18:34 - 2013-08-22 15:25 - 00262144 ___SH C:\WINDOWS\system32\config\BBI
2015-08-16 09:34 - 2012-07-26 10:12 - 00000000 ____D C:\WINDOWS\TAPI
2015-08-13 14:25 - 2015-07-10 19:28 - 00000000 ___HD C:\$Windows.~BT
2015-08-13 13:30 - 2012-09-01 22:32 - 00000000 ____D C:\Program Files (x86)\McAfee
2015-08-13 09:06 - 2012-09-01 22:32 - 00000000 ____D C:\ProgramData\McAfee
2015-08-13 09:03 - 2012-09-01 22:32 - 00000000 ____D C:\Program Files\Common Files\mcafee
2015-08-13 08:51 - 2013-08-22 16:44 - 00377856 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2015-08-12 11:38 - 2013-08-22 17:36 - 00000000 ___RD C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-08-12 11:38 - 2013-08-22 17:36 - 00000000 ___RD C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-08-12 11:38 - 2013-08-22 17:36 - 00000000 ____D C:\Program Files\Windows Defender
2015-08-12 11:38 - 2013-08-22 17:36 - 00000000 ____D C:\Program Files (x86)\Windows Defender
2015-08-12 11:29 - 2012-07-26 09:59 - 00000000 ____D C:\WINDOWS\CbsTemp
2015-08-12 11:10 - 2014-11-21 12:51 - 00000000 ___SD C:\WINDOWS\system32\CompatTel
2015-08-12 11:08 - 2013-08-22 17:36 - 00000000 ___RD C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-08-12 11:08 - 2013-08-22 17:36 - 00000000 ___RD C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-08-11 09:01 - 2013-08-22 15:25 - 00262144 ___SH C:\WINDOWS\system32\config\ELAM
2015-08-11 08:44 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\AppCompat
2015-08-10 19:05 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\system32\sr-Latn-RS
2015-08-10 19:05 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\system32\sr-Latn-CS
2015-08-10 18:47 - 2012-09-01 22:36 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2015-08-10 18:47 - 2012-09-01 22:36 - 00000000 ____D C:\ProgramData\WildTangent
2015-08-10 18:35 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\system32\restore
2015-08-08 15:55 - 2014-11-21 13:01 - 00794088 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2015-08-08 15:55 - 2014-11-21 13:01 - 00179688 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2015-08-05 16:04 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\system32\NDF
2015-08-05 05:30 - 2012-10-18 03:30 - 00000000 ____D C:\ProgramData\Atheros
2015-08-04 12:44 - 2015-03-23 16:29 - 00000000 __RDO C:\Users\CM\OneDrive
2015-08-04 01:11 - 2015-02-10 03:35 - 00000000 __SHD C:\Recovery
2015-08-04 01:10 - 2013-08-22 17:36 - 00262144 _____ C:\WINDOWS\system32\config\BCD-Template
2015-08-04 01:08 - 2013-08-22 17:36 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2015-08-04 01:07 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\SysWOW64\setup
2015-08-04 01:07 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\system32\setup
2015-08-04 01:05 - 2013-08-22 17:36 - 00000000 ____D C:\Program Files\Windows NT
2015-08-04 01:05 - 2013-08-22 15:36 - 00000000 __RHD C:\Users\Default
2015-08-04 01:02 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\Registration
2015-08-04 01:01 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\PolicyDefinitions
2015-08-04 00:56 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\WinStore
2015-08-04 00:55 - 2014-11-21 05:27 - 02473472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2015-08-04 00:55 - 2013-08-22 17:36 - 00000000 ___RD C:\WINDOWS\ToastData
2015-08-04 00:54 - 2013-08-22 17:36 - 00000000 __RSD C:\WINDOWS\Media
2015-08-04 00:53 - 2013-08-22 17:36 - 00000000 __RHD C:\Users\Public\Libraries
2015-08-04 00:49 - 2013-08-22 17:36 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
2015-08-04 00:44 - 2014-11-21 05:13 - 00000000 ____D C:\Program Files\Windows Journal
2015-08-04 00:41 - 2013-08-22 15:36 - 00000000 ____D C:\WINDOWS\system32\AdvancedInstallers
2015-08-04 00:39 - 2014-11-21 05:13 - 00000000 ____D C:\WINDOWS\ShellNew
2015-08-04 00:39 - 2013-08-22 15:36 - 00000000 ____D C:\WINDOWS\system32\Sysprep
2015-08-04 00:39 - 2012-10-18 03:46 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EgisTec
2015-08-04 00:39 - 2012-10-18 03:45 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink MediaEspresso 6.5
2015-08-04 00:39 - 2012-10-18 03:11 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dolby
2015-08-04 00:39 - 2012-09-01 23:08 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acer
2015-08-04 00:35 - 2013-08-22 17:37 - 00005217 _____ C:\WINDOWS\DtcInstall.log
2015-08-04 00:35 - 2012-07-26 07:37 - 00000000 ____D C:\Users\Default.migrated
2015-08-04 00:34 - 2014-11-21 04:45 - 00000000 ____D C:\WINDOWS\SysWOW64\WCN
2015-08-04 00:34 - 2014-11-21 04:45 - 00000000 ____D C:\WINDOWS\SysWOW64\sysprep
2015-08-04 00:34 - 2014-11-21 04:45 - 00000000 ____D C:\WINDOWS\system32\WCN
2015-08-04 00:34 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\SysWOW64\MUI
2015-08-04 00:34 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\SysWOW64\migwiz
2015-08-04 00:34 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\SysWOW64\IME
2015-08-04 00:34 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2015-08-04 00:34 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\system32\spool
2015-08-04 00:34 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\system32\MUI
2015-08-04 00:34 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\system32\IME
2015-08-04 00:34 - 2013-08-22 15:36 - 00000000 ____D C:\WINDOWS\SysWOW64\SMI
2015-08-04 00:34 - 2013-08-22 15:36 - 00000000 ____D C:\WINDOWS\system32\oobe
2015-08-04 00:34 - 2012-09-01 22:33 - 00000000 ____D C:\WINDOWS\SysWOW64\sda
2015-08-04 00:33 - 2013-08-22 17:43 - 00000000 ____D C:\WINDOWS\DigitalLocker
2015-08-04 00:33 - 2013-08-22 17:36 - 00000000 __SHD C:\Program Files\Windows Sidebar
2015-08-04 00:33 - 2013-08-22 17:36 - 00000000 __SHD C:\Program Files (x86)\Windows Sidebar
2015-08-04 00:33 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\IME
2015-08-04 00:33 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\Help
2015-08-04 00:33 - 2012-08-03 19:17 - 00000000 ____D C:\ProgramData\PRICache
2015-08-04 00:32 - 2013-08-22 17:36 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2015-08-04 00:30 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\system32\Recovery
2015-08-04 00:17 - 2013-08-22 16:46 - 00000084 _____ C:\WINDOWS\setuperr.log
2015-08-03 22:04 - 2012-07-26 10:12 - 00000000 ____D C:\WINDOWS\AUInstallAgent
2015-07-28 16:16 - 2012-07-26 10:12 - 00000000 ___HD C:\WINDOWS\ELAMBKUP
2015-07-27 15:35 - 2015-06-12 12:23 - 00000000 ____D C:\288a4c48-26e1-4814-8d65-7bb6d264b397
2015-07-27 15:15 - 2012-10-18 03:53 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
2015-07-27 10:30 - 2012-09-01 22:33 - 00001862 _____ C:\Users\Public\Desktop\McAfee Internet Security Suite.lnk
2015-07-24 17:12 - 2012-10-18 03:45 - 00000000 ____D C:\ProgramData\EgisTec IPS
2015-07-24 17:08 - 2012-10-18 03:30 - 00000000 ____D C:\ProgramData\OEM
2015-07-24 17:08 - 2012-09-01 23:27 - 00000225 _____ C:\WINDOWS\User.xml
2015-07-24 17:08 - 2012-09-01 22:28 - 01677814 _____ C:\WINDOWS\launApp.log
2015-07-24 17:08 - 2012-08-03 20:05 - 00000000 ___HD C:\Elements
2015-07-24 17:07 - 2012-10-18 12:31 - 00000225 _____ C:\WINDOWS\WisLangCode.ini
2015-07-24 17:07 - 2012-09-01 23:17 - 00391316 _____ C:\WINDOWS\PLaunch.log
2015-07-24 17:07 - 2012-09-01 22:29 - 00000159 __RSH C:\WINDOWS\Preload.rev
2015-07-24 17:07 - 2012-09-01 22:28 - 00005410 _____ C:\WINDOWS\PatchFul.log

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2015-07-29 12:18 - 2015-07-29 12:18 - 0000625 _____ () C:\Users\CM\AppData\Roaming\Bibliotheken - Verknüpfung.lnk
2015-08-03 22:17 - 2015-08-03 22:17 - 0004608 _____ () C:\Users\CM\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2012-10-18 03:11 - 2012-10-18 03:11 - 0000000 ____H () C:\ProgramData\DP45977C.lfl

Einige Dateien in TEMP:
====================
C:\Users\CM\AppData\Local\Temp\DseShExt-x64.dll
C:\Users\CM\AppData\Local\Temp\DseShExt-x86.dll
C:\Users\CM\AppData\Local\Temp\Quarantine.exe
C:\Users\CM\AppData\Local\Temp\SDShelEx-win32.dll
C:\Users\CM\AppData\Local\Temp\SDShelEx-x64.dll
C:\Users\CM\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap =================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert


LastRegBack: 2015-08-16 18:45

==================== Ende von Ergebnis ============================

ravioli 19.08.2015 07:04
Hier noch die Addition.txt:

Code:
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:17-08-2015
durchgeführt von CM (2015-08-18 23:47:14)
Gestartet von C:\Users\CM\Desktop
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-2407381306-1223850301-1151369756-500 - Administrator - Disabled)
CM (S-1-5-21-2407381306-1223850301-1151369756-1001 - Administrator - Enabled) => C:\Users\CM
Gast (S-1-5-21-2407381306-1223850301-1151369756-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2407381306-1223850301-1151369756-1007 - Limited - Enabled)

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: McAfee Anti-Virus und Anti-Spyware (Enabled - Up to date) {DA9F8ED0-D0DE-39CC-F55A-51AB4CC1B556}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: McAfee Anti-Virus und Anti-Spyware (Enabled - Up to date) {61FE6F34-F6E4-3642-CFEA-6AD93746FFEB}
FW: McAfee Firewall (Enabled) {E2A40FF5-9AB1-3894-DE05-F89EB212F22D}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

ABBYY FineReader 10 Corporate Edition (HKLM-x32\...\{F1000000-0001-0000-0000-074957833700}) (Version: 10.501.154.7211 - ABBYY)
Acer Backup Manager (HKLM-x32\...\InstallShield_{9DDDF20E-9FD1-4434-A43E-E7889DBC9420}) (Version: 4.0.0.0059 - NTI Corporation)
Acer Device Fast-lane (HKLM\...\{3F62D2FD-13C1-49A2-8B5D-47623D9460D7}) (Version: 1.00.3007 - Acer Incorporated)
Acer Instant Update Service (HKLM\...\{F6100F13-F183-47A2-94A8-9AAC4976E228}) (Version: 1.00.3013 - Acer Incorporated)
Acer Power Management (HKLM\...\{91F52DE4-B789-42B0-9311-A349F10E5479}) (Version: 7.00.3006 - Acer Incorporated)
Acer Recovery Management (HKLM\...\{07F2005A-8CAC-4A4B-83A2-DA98A722CA61}) (Version: 6.00.3011 - Acer Incorporated)
Acer Theft Shield (HKLM\...\{8ADB0CD2-4E5A-452F-BB3B-3A2984CAC749}) (Version: 1.01.3001 - Acer Incorporated)
AcerCloud (HKLM-x32\...\{A5AD0B17-F34D-49BE-A157-C8B3D52ACD13}) (Version: 2.01.3115 - Acer Incorporated)
AcerCloud Docs (HKLM-x32\...\{CA4FE8B0-298C-4E5D-A486-F33B126D6A0A}) (Version: 1.00.3201 - Acer Incorporated)
Adobe Flash Player 18 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 18.0.0.232 - Adobe Systems Incorporated)
Backup Manager v4 (x32 Version: 4.0.0.0059 - NTI Corporation) Hidden
Box Sync (x32 Version: 4.0.6447.0 - Box Inc.) Hidden
clear.fi Media (HKLM-x32\...\{E9AF1707-3F3A-49E2-8345-4F2D629D0876}) (Version: 2.01.3108 - Acer Incorporated)
clear.fi Photo (HKLM-x32\...\{B5AD89F2-03D3-4206-8487-018298007DD0}) (Version: 2.01.3108 - Acer Incorporated)
clear.fi SDK - Video 2 (x32 Version: 2.1.1925 - CyberLink Corp.) Hidden
clear.fi SDK- Movie 2 (x32 Version: 2.1.2008 - CyberLink Corp.) Hidden
CyberLink MediaEspresso 6.5 (HKLM-x32\...\InstallShield_{E3739848-5329-48E3-8D28-5BBD6E8BE384}) (Version: 6.5.3103_44819 - CyberLink Corp.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Dolby Home Theater v4 (HKLM-x32\...\{B26438B4-BF51-49C3-9567-7F14A5E40CB9}) (Version: 7.2.8000.13 - Dolby Laboratories Inc)
ETDWare PS/2-X64 11.6.6.002_WHQL (HKLM\...\Elantech) (Version: 11.6.6.002 - ELAN Microelectronic Corp.)
ExpressCache (HKLM\...\{2EBEFDA8-F905-4C39-AC1C-D5ABE7B3E0AE}) (Version: 1.0.86 - Diskeeper Corporation)
Fotogalerie (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Identity Card (HKLM-x32\...\{3D9CB654-99AD-4301-89C6-0D12A790767C}) (Version: 2.00.3004 - Acer Incorporated)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1252 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3958 - Intel Corporation)
Intel(R) Rapid Start Technology (HKLM-x32\...\3D073343-CEEB-4ce7-85AC-A69A7631B5D6) (Version: 2.1.0.1002 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.5.0.1207 - Intel Corporation)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation)
Junk Mail filter update (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Launch Manager (HKLM-x32\...\LManager) (Version: 7.0.4 - Acer Inc.)
Live Updater (HKLM-x32\...\{EE26E302-876A-48D9-9058-3129E5B99999}) (Version: 2.00.3004 - Acer Incorporated)
Malwarebytes Anti-Malware Version 2.1.8.1057 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.8.1057 - Malwarebytes Corporation)
McAfee Internet Security Suite (HKLM-x32\...\MSC) (Version: 14.0.4113 - McAfee, Inc.)
McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.11.149.2 - McAfee, Inc.)
McAfee WebAdvisor (HKLM-x32\...\{35ED3F83-4BDC-4c44-8EC6-6A8301C7413A}) (Version: 4.0.124 - McAfee, Inc.)
Microsoft Office (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.6120.5004 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
Microsoft Office Home and Student 2007 (HKLM-x32\...\HOMESTUDENTR) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Movie Maker (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Mozilla Firefox 39.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 39.0 (x86 de)) (Version: 39.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 39.0 - Mozilla)
MyWinLocker (Version: 4.0.14.35 - Egis Technology Inc.) Hidden
MyWinLocker 4 (x32 Version: 4.0.14.35 - Egis Technology Inc.) Hidden
MyWinLocker Suite (HKLM-x32\...\InstallShield_{17DF9714-60C9-43C9-A9C2-32BCAED44CBE}) (Version: 4.0.14.24 - Egis Technology Inc.)
MyWinLocker Suite (x32 Version: 4.0.14.24 - Egis Technology Inc.) Hidden
Office Addin (HKLM-x32\...\{6D2BBE1D-E600-4695-BA37-0B0E605542CC}) (Version: 2.01.3200 - Acer)
Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.0.206 - Ihr Firmenname)
Qualcomm Atheros WiFi Driver Installation (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 11.05 - Qualcomm Atheros)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6690 - Realtek Semiconductor Corp.)
Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.8400.39030 - Realtek Semiconductor Corp.)
Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee)
Shredder (Version: 2.0.8.9 - Egis Technology Inc.) Hidden
Shredder (x32 Version: 2.0.8.9 - Egis Technology Inc.) Hidden
Sleep Memory Optimizer (HKLM\...\{A10FCEC8-5523-4C2D-8B42-091B48EDEB55}) (Version: 1.01.3000 - Acer Incorporated)
Smart Timer (HKLM-x32\...\{89DB52FC-EA72-468F-A0C7-150AF8B7AB74}) (Version: 1.00.3007 - Acer Incorporated)
Spotify (HKLM-x32\...\Spotify) (Version: 0.8.4.99.ga249b5f1 - Spotify AB)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
Update für Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0407-0000-0000000FF1CE}_HOMESTUDENTR_{BEC163EC-7A83-48A1-BFB6-3BF47CC2F8CF}) (Version:  - Microsoft)
Update für Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0407-0000-0000000FF1CE}_HOMESTUDENTR_{EA160DA3-E9B5-4D03-A518-21D306665B96}) (Version:  - Microsoft)
Update für Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0407-0000-0000000FF1CE}_HOMESTUDENTR_{38472199-D7B6-4833-A949-10E4EE6365A1}) (Version:  - Microsoft)
Visual Studio 2005 Tools for Office Second Edition Runtime (HKLM-x32\...\Microsoft Visual Studio 2005 Tools for Office Runtime) (Version:  - Microsoft Corporation)
Visual Studio Tools for the Office system 3.0 Runtime (HKLM-x32\...\Visual Studio Tools for the Office system 3.0 Runtime) (Version:  - Microsoft Corporation)
Visual Studio Tools for the Office system 3.0 Runtime Service Pack 1 (KB949258) (HKLM-x32\...\{8FB53850-246A-3507-8ADE-0060093FFEA6}.KB949258) (Version: 1 - Microsoft Corporation)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.1 - VideoLAN)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3508.0205 - Microsoft Corporation)

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

CustomCLSID: HKU\S-1-5-21-2407381306-1223850301-1151369756-1001_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\WINDOWS\system32\igfxEM.exe (Intel Corporation)

==================== Wiederherstellungspunkte =========================

18-08-2015 20:21:38 Geplanter Prüfpunkt

==================== Hosts Inhalt: ===============================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2013-08-22 15:25 - 2015-08-13 08:55 - 00000854 ____A C:\WINDOWS\system32\Drivers\etc\hosts
0.0.0.1        mssplus.mcafee.com

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {11C8A6BB-D07D-481B-BA46-8FCD494FF068} - System32\Tasks\ALU => C:\Program Files (x86)\Acer\Live Updater\updater.exe [2012-08-30] ()
Task: {5650D0B7-F334-4460-A603-98F842AFBCD0} - System32\Tasks\Microsoft\Windows\Application Experience\ProgramDataUpdater => Rundll32.exe invagent.dll,RunUpdate -noappraiser
Task: {5FFE0D90-F781-4143-A98B-747649F52FBD} - System32\Tasks\Smart Timer Task Scheduler => C:\Program Files\Smart Timer\Smart_Timer.exe [2012-06-22] (Acer Incorporated)
Task: {62D6983C-943F-45FD-B0BB-8CCC5C708434} - System32\Tasks\DeviceDetector => C:\Program Files (x86)\CyberLink\MediaEspresso\DeviceDetector\DeviceDetector.exe [2012-07-04] (CyberLink)
Task: {64859127-B26A-4F1C-B260-4A6290F716C6} - System32\Tasks\McAfee\McAfee Auto Maintenance Task Agent
Task: {6C0127BA-BB30-452D-98ED-8A3150AC2662} - System32\Tasks\Theft Shield\AcerTheftShieldTask => C:\Program Files\Acer\Acer Theft Shield\USecuAppLauncher.exe [2012-08-22] (Acer Incorporated)
Task: {7261664A-4C58-4115-A7B7-5661BBBD8696} - System32\Tasks\EgisUpdate => C:\Program Files\EgisTec IPS\EgisUpdate.exe [2012-07-11] (Egis Technology Inc.)
Task: {868E2D60-6147-4DAA-96BC-7924FAE8B700} - System32\Tasks\PMMUpdate => C:\Program Files\EgisTec IPS\PMMUpdate.exe [2012-07-11] (Egis Technology Inc.)
Task: {8810170B-2F27-4A55-B503-C4F0DB3384A6} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2015-08-12] (Microsoft Corporation)
Task: {9F12B1F1-BE52-4B59-BB96-5F30CAFEFF23} - System32\Tasks\iuEmailOutlookAgent => C:\Program Files\Acer\Acer Instant Service\InstantUpdate\iuEmailOutlookAgent.exe [2012-08-22] ()
Task: {A01219C0-0502-4B47-B2F5-B7A354F3FB77} - System32\Tasks\ALUAgent => C:\Program Files (x86)\Acer\Live Updater\liveupdater_agent.exe [2012-06-22] ()
Task: {A1B8FDA9-EA3C-4C1C-BA01-0A466924F720} - System32\Tasks\{26E9F40E-B5F3-4D4A-931D-6E738019A6DF} => pcalua.exe -a C:\Users\CM\Downloads\WcPlugin(2).exe -d C:\Users\CM\Downloads
Task: {C8E6D7D8-43FA-475C-A2D7-D26165351C1D} - System32\Tasks\iuBrowserIEAgent => C:\Program Files\Acer\Acer Instant Service\InstantUpdate\iuBrowserIEAgent.exe [2012-08-22] ()
Task: {CB6BFC18-8006-4C53-8DCA-3DADD106012B} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-08-13] (Adobe Systems Incorporated)
Task: {E963EE60-7E56-4729-8CDE-D9A92974F7C3} - \Start Driver Reviver( SR ) for CHRISTIAN@CM at logon -> Keine Datei <==== ACHTUNG
Task: {EB8DA8DF-9886-451F-A852-73C5190B3064} - System32\Tasks\Recovery Management\Notification => C:\Program Files\Acer\Acer Recovery Management\Notification\Notification.exe [2012-07-31] (Acer Incorporated)
Task: {FC59B92A-75CA-4474-BBDD-A312E1CCC57B} - System32\Tasks\Power Management => C:\Program Files\Acer\Acer Power Management\ePowerTray.exe [2012-08-22] (Acer Incorporated)
Task: {FF1AD0B3-D918-4B8B-8FC3-EA3852D51D38} - System32\Tasks\{9E330F1F-59C2-4E91-BCB5-6CB5C80C79A1} => pcalua.exe -a C:\Users\CM\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\SkyDriveSetup.exe -c  /uninstall

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2012-10-18 03:30 - 2012-10-18 03:30 - 01193176 _____ () C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe
2012-08-10 18:28 - 2012-08-10 18:28 - 00384128 _____ () C:\Program Files (x86)\Bluetooth Suite\ContactsApi.dll
2012-08-10 18:23 - 2012-08-10 18:23 - 00020992 _____ () C:\Program Files (x86)\Bluetooth Suite\L10n\de-DE\BtTray.de-DE.dll
2012-08-22 15:04 - 2012-08-22 15:04 - 00025232 _____ () C:\Program Files\Acer\Acer Instant Service\InstantUpdate\iuEmailOutlookAgent.exe
2012-08-22 15:04 - 2012-08-22 15:04 - 00044176 _____ () C:\Program Files\Acer\Acer Instant Service\InstantUpdate\iuBrowserIEAgent.exe
2012-08-23 08:26 - 2012-08-23 08:26 - 00465384 _____ () C:\Program Files (x86)\NTI\Acer Backup Manager\sqlite3.dll
2012-08-23 08:25 - 2012-08-23 08:25 - 00125504 _____ () C:\Program Files (x86)\NTI\Acer Backup Manager\MailConverter32.dll
2012-08-23 08:26 - 2012-08-23 08:26 - 00155712 _____ () C:\Program Files (x86)\NTI\Acer Backup Manager\VolumeSnapshot.dll
2012-08-23 08:25 - 2012-08-23 08:25 - 00118336 _____ () C:\Program Files (x86)\NTI\Acer Backup Manager\Online.dll
2012-08-23 08:25 - 2012-08-23 08:25 - 01081408 _____ () C:\Program Files (x86)\NTI\Acer Backup Manager\ACE.dll
2012-08-23 08:25 - 2012-08-23 08:25 - 00052288 _____ () C:\Program Files (x86)\NTI\Acer Backup Manager\OsSettingPort.dll
2012-08-23 08:26 - 2012-08-23 08:26 - 00727616 _____ () C:\Program Files (x86)\NTI\Acer Backup Manager\OutlookShadow.dll
2012-10-18 03:09 - 2012-06-25 10:41 - 01198912 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)

AlternateDataStreams: C:\Users\CM\OneDrive:ms-properties
AlternateDataStreams: C:\Users\CM\OneDrive (2):ms-properties
AlternateDataStreams: C:\Users\CM\OneDrive (2).old:ms-properties
AlternateDataStreams: C:\Users\CM\OneDrive.old:ms-properties

==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McNaiAnn => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeaack => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeaack.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeavfk => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeavfk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefire => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfemms => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfetdi2k => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfetdi2k.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfevtp => ""="Service"

==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)


==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-2407381306-1223850301-1151369756-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\CM\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper
DNS Servers: 192.168.178.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)


==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{FB550BD7-EF60-4D3B-93F0-74BC191DB204}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [{CEFDE913-0DB7-4BC0-A12D-9D9E21BC3A85}] => (Allow) LPort=1900
FirewallRules: [{29FDB856-2149-4C56-B30D-80A0912B38E8}] => (Allow) LPort=2869
FirewallRules: [{761B5561-0A89-460C-B03A-7DFE58569EE1}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{498FBA32-8EE7-46D1-AF75-A1A8D69E470D}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{2C0B5A69-9276-4E9C-A6A5-93A169E7DA36}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{A3C7B35A-3184-4974-9778-6CCBA5EDDDF6}] => (Allow) C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe
FirewallRules: [{822464E6-F21F-4842-BC94-A66186D999D3}] => (Allow) C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe
FirewallRules: [{3BCCF5CB-6AF2-448D-B21E-78D04860C10C}] => (Allow) c:\Program Files\Acer\Acer Theft Shield\USecuAppClient.exe
FirewallRules: [{8B8338DE-60B6-4638-815A-1C627355AF0D}] => (Allow) C:\Program Files (x86)\Acer\clear.fi Photo\WindowsUpnp.exe
FirewallRules: [{5DD93D57-DC0E-4F59-9CE7-5F1A5EB109F8}] => (Allow) C:\Program Files (x86)\Acer\clear.fi Photo\WindowsUpnp.exe
FirewallRules: [{AE46788E-11EA-4A04-A208-233D3FEE05EF}] => (Allow) C:\Program Files (x86)\Acer\clear.fi Photo\DMCDaemon.exe
FirewallRules: [{B8F205A6-C519-4FCE-AC5C-26764E44021E}] => (Allow) C:\Program Files (x86)\Acer\clear.fi Photo\DMCDaemon.exe
FirewallRules: [{D31F685E-1D45-478F-AE80-E326D924EADF}] => (Allow) C:\Program Files (x86)\Acer\clear.fi SDK21\Movie\PlayMovie.exe
FirewallRules: [{5FA51961-C795-48DD-B187-485A079CA7CD}] => (Allow) C:\Program Files (x86)\Acer\clear.fi SDK21\Video\MusicPlayer.exe
FirewallRules: [{CE9B5EFE-C661-41BB-8206-8AF86B576749}] => (Allow) C:\Program Files (x86)\Acer\clear.fi SDK21\Video\VideoPlayer.exe
FirewallRules: [{2E57AC22-BD77-4467-92DF-8963B2A67D5D}] => (Allow) C:\Program Files (x86)\Acer\clear.fi Media\WindowsUpnpMV.exe
FirewallRules: [{8B7A27FD-5633-418B-AAD9-EDF16BA966F5}] => (Allow) C:\Program Files (x86)\Acer\clear.fi Media\WindowsUpnpMV.exe
FirewallRules: [{14FEEFF0-5F99-4A68-9FE5-163FC94DF1DC}] => (Allow) C:\Program Files (x86)\Acer\clear.fi Media\DMCDaemon.exe
FirewallRules: [{4D5FED86-96AD-4A35-8332-CEE5F87464B8}] => (Allow) C:\Program Files (x86)\Acer\clear.fi Media\DMCDaemon.exe
FirewallRules: [{96A4D97E-482E-457C-89C1-88CBA03A702F}] => (Allow) C:\Program Files (x86)\Acer\Acer Cloud\ccd.exe
FirewallRules: [{C3D7AFE2-361E-4653-B661-BFBF6A01C178}] => (Allow) C:\Program Files (x86)\Acer\Acer Cloud\ccd.exe
FirewallRules: [{CB8B85C7-FFFC-45FE-BFCC-C8D97BC92C14}] => (Allow) C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe
FirewallRules: [{F7DE67E8-20A7-43B8-B63A-EE650C592BBD}] => (Allow) C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe
FirewallRules: [{C7DDF357-7515-49B6-BE2F-784694105231}] => (Allow) C:\Program Files (x86)\Spotify\spotify.exe
FirewallRules: [{7850E51E-32BD-4CED-B35D-F23AEF768E50}] => (Allow) C:\Program Files (x86)\Spotify\spotify.exe
FirewallRules: [{0F544170-6411-41C9-8B5B-00B4CE5217FC}] => (Allow) C:\Program Files (x86)\NTI\Acer Backup Manager\FileExplorer.exe
FirewallRules: [{80DAF1FF-436B-49B7-87DA-907D408384B2}] => (Allow) C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe
FirewallRules: [{4FBF307D-3410-4825-B2EF-7DA09D40ACE9}] => (Allow) C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManager.exe
FirewallRules: [{AF1EACE4-48FF-446D-B9EE-25E4ADAECA41}] => (Allow) C:\Program Files\Common Files\mcafee\mcsvchost\McSvHost.exe
FirewallRules: [{13745DAA-B916-49F5-8469-399FB6C67E5D}] => (Allow) C:\Program Files\Common Files\mcafee\mcsvchost\McSvHost.exe

==================== Fehlerhafte Geräte im Gerätemanager =============

Name: Bluetooth Audio Device
Description: Bluetooth Audio Device
Class Guid: {4d36e96c-e325-11ce-bfc1-08002be10318}
Manufacturer: Qualcomm Atheros Communications
Service: BTATH_A2DP
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.

Name: Virtual Bluetooth Support (Include Audio)
Description: Virtual Bluetooth Support (Include Audio)
Class Guid: {c7c038ad-1f2d-44d4-b2fe-d912be20e6d5}
Manufacturer: Qualcomm Atheros Communications
Service: AthBTPort
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver

Name: Bluetooth LWFLT Device
Description: Bluetooth LWFLT Device
Class Guid: {c7c038ad-1f2d-44d4-b2fe-d912be20e6d5}
Manufacturer: Qualcomm Atheros Communications
Service: BTATH_LWFLT
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (08/18/2015 01:00:20 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17810_none_6240b9c7ecbd0bda.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17810_none_6240b9c7ecbd0bda.manifest2" in Zeile C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17810_none_6240b9c7ecbd0bda.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17810_none_6240b9c7ecbd0bda.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17810_none_a9edf09f013934e0.manifest.

Error: (08/18/2015 12:56:55 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17810_none_6240b9c7ecbd0bda.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17810_none_6240b9c7ecbd0bda.manifest2" in Zeile C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17810_none_6240b9c7ecbd0bda.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17810_none_6240b9c7ecbd0bda.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17810_none_a9edf09f013934e0.manifest.

Error: (08/16/2015 06:54:54 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: McSvHost.exe, Version: 5.0.4062.0, Zeitstempel: 0x55aee26a
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.3.9600.17936, Zeitstempel: 0x55a68e0c
Ausnahmecode: 0xc0000374
Fehleroffset: 0x00000000000f1280
ID des fehlerhaften Prozesses: 0x9c0
Startzeit der fehlerhaften Anwendung: 0xMcSvHost.exe0
Pfad der fehlerhaften Anwendung: McSvHost.exe1
Pfad des fehlerhaften Moduls: McSvHost.exe2
Berichtskennung: McSvHost.exe3
Vollständiger Name des fehlerhaften Pakets: McSvHost.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: McSvHost.exe5

Error: (08/16/2015 06:50:24 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17810_none_6240b9c7ecbd0bda.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17810_none_6240b9c7ecbd0bda.manifest2" in Zeile C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17810_none_6240b9c7ecbd0bda.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17810_none_6240b9c7ecbd0bda.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17810_none_a9edf09f013934e0.manifest.

Error: (08/16/2015 06:37:12 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17810_none_6240b9c7ecbd0bda.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17810_none_6240b9c7ecbd0bda.manifest2" in Zeile C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17810_none_6240b9c7ecbd0bda.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17810_none_6240b9c7ecbd0bda.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17810_none_a9edf09f013934e0.manifest.

Error: (08/16/2015 06:37:08 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17810_none_6240b9c7ecbd0bda.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17810_none_6240b9c7ecbd0bda.manifest2" in Zeile C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17810_none_6240b9c7ecbd0bda.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17810_none_6240b9c7ecbd0bda.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17810_none_a9edf09f013934e0.manifest.

Error: (08/16/2015 06:37:02 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17810_none_6240b9c7ecbd0bda.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17810_none_6240b9c7ecbd0bda.manifest2" in Zeile C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17810_none_6240b9c7ecbd0bda.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17810_none_6240b9c7ecbd0bda.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17810_none_a9edf09f013934e0.manifest.

Error: (08/16/2015 06:37:02 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17810_none_6240b9c7ecbd0bda.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17810_none_6240b9c7ecbd0bda.manifest2" in Zeile C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17810_none_6240b9c7ecbd0bda.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17810_none_6240b9c7ecbd0bda.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17810_none_a9edf09f013934e0.manifest.

Error: (08/16/2015 06:36:56 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17810_none_6240b9c7ecbd0bda.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17810_none_6240b9c7ecbd0bda.manifest2" in Zeile C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17810_none_6240b9c7ecbd0bda.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17810_none_6240b9c7ecbd0bda.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17810_none_a9edf09f013934e0.manifest.

Error: (08/16/2015 09:41:02 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: McSvHost.exe, Version: 5.0.4062.0, Zeitstempel: 0x55aee26a
Name des fehlerhaften Moduls: HOMENE~3.DLL, Version: 8.0.4088.0, Zeitstempel: 0x55a88b74
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000000000169f89
ID des fehlerhaften Prozesses: 0xac0
Startzeit der fehlerhaften Anwendung: 0xMcSvHost.exe0
Pfad der fehlerhaften Anwendung: McSvHost.exe1
Pfad des fehlerhaften Moduls: McSvHost.exe2
Berichtskennung: McSvHost.exe3
Vollständiger Name des fehlerhaften Pakets: McSvHost.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: McSvHost.exe5


Systemfehler:
=============
Error: (08/18/2015 07:54:03 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80240020 fehlgeschlagen: Upgrade auf Windows 10 Home

Error: (08/17/2015 11:22:09 PM) (Source: volsnap) (EventID: 36) (User: )
Description: Die Schattenkopien von Volume "C:" wurden abgebrochen, weil der Schattenkopiespeicher nicht auf ein benutzerdefiniertes Limit vergrößert werden konnte.

Error: (08/16/2015 07:26:29 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1275

Error: (08/16/2015 07:26:29 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\CM\AppData\Local\Temp\ehdrv.sys

Error: (08/16/2015 07:26:29 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1275

Error: (08/16/2015 07:26:29 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\CM\AppData\Local\Temp\ehdrv.sys

Error: (08/16/2015 07:26:29 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1275

Error: (08/16/2015 07:26:29 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\CM\AppData\Local\Temp\ehdrv.sys

Error: (08/16/2015 06:54:57 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "McAfee Anti-Spam Service" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 60000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (08/16/2015 06:54:57 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "McAfee Proxy Service" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 60000 Millisekunden durchgeführt: Neustart des Diensts.


Microsoft Office:
=========================

CodeIntegrity:
===================================
  Date: 2015-08-10 09:53:46.198
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files (x86)\AVG\AVG PC TuneUp\avgdumpa.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2015-08-10 09:53:45.451
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files (x86)\AVG\AVG PC TuneUp\avgdumpx.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2015-08-09 14:53:28.294
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files (x86)\AVG\AVG PC TuneUp\avgdumpa.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2015-08-09 14:53:27.666
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files (x86)\AVG\AVG PC TuneUp\avgdumpx.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2015-08-08 17:24:46.488
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files (x86)\AVG\AVG PC TuneUp\avgdumpa.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2015-08-08 17:24:42.708
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files (x86)\AVG\AVG PC TuneUp\avgdumpx.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2015-08-07 19:13:52.657
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files (x86)\AVG\AVG PC TuneUp\avgdumpa.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2015-08-07 19:13:50.866
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files (x86)\AVG\AVG PC TuneUp\avgdumpx.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2015-08-03 22:06:35.582
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files (x86)\AVG\AVG PC TuneUp\avgdumpa.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2015-08-03 22:06:35.207
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files (x86)\AVG\AVG PC TuneUp\avgdumpx.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.


==================== Speicherinformationen ===========================

Processor: Intel(R) Core(TM) i3-3217U CPU @ 1.80GHz
Prozentuale Nutzung des RAM: 63%
Installierter physikalischer RAM: 3911.27 MB
Verfügbarer physikalischer RAM: 1434.73 MB
Summe virtueller Speicher: 5127.27 MB
Verfügbarer virtueller Speicher: 1856.23 MB

==================== Laufwerke ================================

Drive c: (ACER) (Fixed) (Total:451.96 GB) (Free:408.24 GB) NTFS

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: CCEAE869)

Partition: GPT.

========================================================
Disk: 1 (Size: 18.6 GB) (Disk ID: 704A4DDD)

Partition: GPT.

==================== Ende von Ergebnis ============================
Ich kann die Startseite von Mozilla Firefox nicht festlegen, egal was ich unter Einstellungen eintrage, es kommt immer diese URL: hxxp://www.%snf%.com/

Sonst fällt mir nichts auf! :)

deeprybka 19.08.2015 17:55
Hi,

Schritt 1

http://filepony.de/icon/frst.pnghttp://deeprybka.trojaner-board.de/b...e/frst/sn1.PNG

Bitte starte FRST erneut, markiere auch die checkbox http://deeprybka.trojaner-board.de/b...ne/frst/sh.PNGund drücke auf Untersuchen.
Bitte poste mir den Inhalt von "Shortcut.txt".

ravioli 19.08.2015 20:01
Hey,

hier die Shortcuts.txt:

Code:
Untersuchungsergebnis der Verknüpfungen des Benutzers (x64) Version:17-08-2015
durchgeführt von CM (2015-08-19 20:59:17)
Gestartet von C:\Users\CM\Desktop
Start-Modus: Normal
==================== Verknüpfungen =============================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)



Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acer Quick Guide.lnk -> C:\OEM\Preload\Autorun\Book\QG\Quick_Guide.pdf ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acer User's manual.lnk -> C:\OEM\Preload\Autorun\Book\UG\Guide_all.pdf ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Camera.lnk -> C:\Windows\Camera\Camera.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FileManager.lnk -> C:\Windows\FileManager\FileManager.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Immersive Control Panel.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office.lnk -> C:\Windows\Installer\{95140000-0070-0000-0000-0000000FF1CE}\oobeicon.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Movie Maker.lnk -> C:\Program Files (x86)\Windows Live\Photo Gallery\MovieMaker.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Photo Gallery.lnk -> C:\Program Files (x86)\Windows Live\Photo Gallery\WLXPhotoGallery.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PhotosApp.lnk -> C:\Windows\FileManager\PhotosApp.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spotify.lnk -> C:\Program Files (x86)\Spotify\SpotifyLauncher.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Mail.lnk -> C:\Program Files (x86)\Windows Live\Mail\wlmail.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Messenger.lnk -> C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Store.lnk -> C:\Windows\WinStore\WinStore.htm ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live\Windows Live Writer.lnk -> C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriter.exe (Microsoft Corp.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN\Documentation.lnk -> C:\Program Files (x86)\VideoLAN\VLC\Documentation.url ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN\Release Notes.lnk -> C:\Program Files (x86)\VideoLAN\VLC\NEWS.txt ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN\VideoLAN Website.lnk -> C:\Program Files (x86)\VideoLAN\VLC\VideoLAN Website.url ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN\VLC media player.lnk -> C:\Program Files (x86)\VideoLAN\VLC\vlc.exe (VideoLAN)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Tools\Windows Easy Transfer.lnk -> C:\Windows\System32\migwiz\migwiz.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Tools\Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StartUp\McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.11.149\SSScheduler.exe (McAfee, Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Microsoft Office Excel 2007.lnk -> C:\Windows\Installer\{91120000-002F-0000-0000-0000000FF1CE}\xlicons.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Microsoft Office OneNote 2007.lnk -> C:\Windows\Installer\{91120000-002F-0000-0000-0000000FF1CE}\joticon.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Microsoft Office PowerPoint 2007.lnk -> C:\Windows\Installer\{91120000-002F-0000-0000-0000000FF1CE}\pptico.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Microsoft Office Word 2007.lnk -> C:\Windows\Installer\{91120000-002F-0000-0000-0000000FF1CE}\wordicon.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Microsoft Office Tools\Digitales Zertifikat für VBA-Projekte.lnk -> C:\Windows\Installer\{91120000-002F-0000-0000-0000000FF1CE}\misc.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Microsoft Office Tools\Microsoft Clip Organizer.lnk -> C:\Windows\Installer\{91120000-002F-0000-0000-0000000FF1CE}\cagicon.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Microsoft Office Tools\Microsoft Office 2007 Spracheinstellungen.lnk -> C:\Windows\Installer\{91120000-002F-0000-0000-0000000FF1CE}\misc.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Microsoft Office Tools\Microsoft Office Picture Manager.lnk -> C:\Windows\Installer\{91120000-002F-0000-0000-0000000FF1CE}\oisicon.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Microsoft Office Tools\Microsoft Office-Diagnose.lnk -> C:\Windows\Installer\{91120000-002F-0000-0000-0000000FF1CE}\misc.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware\Malwarebytes Anti-Malware entfernen.lnk -> C:\Program Files (x86)\Malwarebytes Anti-Malware\unins000.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware\Malwarebytes Anti-Malware Notifications.lnk -> C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe (Malwarebytes Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware\Malwarebytes Anti-Malware.lnk -> C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe (Malwarebytes Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware\Tools\Malwarebytes Anti-Malware Chameleon.lnk -> C:\Program Files (x86)\Malwarebytes Anti-Malware\Chameleon\Windows\chameleon.chm ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games\More Games from WildTangent Games.lnk -> C:\Program Files (x86)\WildTangent Games\Game Explorer Categories - main\provider.exe (Keine Datei)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EgisTec\MyWinLocker.lnk -> C:\Program Files (x86)\EgisTec MyWinLocker\EgisMgtConsole.exe (Egis Technology Inc. )
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dolby\Dolby Demo.lnk -> C:\Dolby PCEE4\pcee4d.exe (Dolby Laboratories Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dolby\Dolby Editor.lnk -> C:\Dolby PCEE4\pcee4e.exe (Dolby Laboratories Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink MediaEspresso 6.5\CyberLink MediaEspresso 6.5.lnk -> C:\Program Files (x86)\CyberLink\MediaEspresso\MediaEspresso.exe (CyberLink Corp.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Component Services.lnk -> C:\Windows\System32\comexp.msc ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\dfrgui.lnk -> C:\Windows\System32\dfrgui.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Disk Cleanup.lnk -> C:\Windows\System32\cleanmgr.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\iSCSI Initiator.lnk -> C:\Windows\System32\iscsicpl.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Memory Diagnostics Tool.lnk -> C:\Windows\System32\MdSched.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\ODBC Data Sources (32-bit).lnk -> C:\Windows\SysWOW64\odbcad32.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\ODBC Data Sources (64-bit).lnk -> C:\Windows\System32\odbcad32.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\services.lnk -> C:\Windows\System32\services.msc ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\System Configuration.lnk -> C:\Windows\System32\msconfig.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\System Information.lnk -> C:\Windows\System32\msinfo32.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Windows Firewall with Advanced Security.lnk -> C:\Windows\System32\WF.msc ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Windows PowerShell (x86).lnk -> C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Windows PowerShell ISE (x86).lnk -> C:\Windows\SysWOW64\WindowsPowerShell\v1.0\PowerShell_ISE.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Windows PowerShell ISE.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\PowerShell_ISE.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acer\Acer Device Fast-lane.lnk -> C:\Program Files\Acer\Acer Device Fast-lane\DeviceFastLaneUI.exe (Acer Incorporated)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acer\Acer Instant Update Dienstprogramm.lnk -> C:\Program Files\Acer\Acer Instant Service\InstantUpdate\InstantUpdateUtility.exe (Microsoft)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acer\Acer Power Button.lnk -> C:\Program Files\Acer\Acer Power Management\ePowerButton.exe (Acer Incorporated)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acer\Acer Power Management.lnk -> C:\Program Files\Acer\Acer Power Management\ePowerUI.exe (Acer Incorporated)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acer\Acer Recovery Management.lnk -> C:\Program Files\Acer\Acer Recovery Management\eRecoveryUI.exe (Acer Incorporated)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acer\AcerCloud Docs.lnk -> C:\Program Files (x86)\Acer\AcerCloud Docs\AcerCloud Docs.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acer\AcerCloud.lnk -> C:\Program Files (x86)\Acer\Acer Cloud\acpanel_win.exe (Acer Incorporated)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acer\clear.fi Media.lnk -> C:\Program Files (x86)\Acer\clear.fi Media\ClearfiMedia.exe (Acer Incorporated)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acer\clear.fi Photo.lnk -> C:\Program Files (x86)\Acer\clear.fi Photo\ClearfiPhoto.exe (Acer Incorporated)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acer\Identity Card.lnk -> C:\Program Files (x86)\Acer\Identity Card\IDCard.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acer\Live Updater.lnk -> C:\Program Files (x86)\Acer\Live Updater\updater.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acer\Acer Theft Shield\Acer Theft Shield.lnk -> C:\Program Files\Acer\Acer Theft Shield\USecuAppUI.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Calculator.lnk -> C:\Windows\System32\calc.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Math Input Panel.lnk -> C:\Program Files\Common Files\Microsoft Shared\ink\mip.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Paint.lnk -> C:\Windows\System32\mspaint.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Remote Desktop Connection.lnk -> C:\Windows\System32\mstsc.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Snipping Tool.lnk -> C:\Windows\System32\SnippingTool.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Sound Recorder.lnk -> C:\Windows\System32\SoundRecorder.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Steps Recorder.lnk -> C:\Windows\System32\psr.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Sticky Notes.lnk -> C:\Windows\System32\StikyNot.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Windows Fax and Scan.lnk -> C:\Windows\System32\WFS.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Wordpad.lnk -> C:\Program Files\Windows NT\Accessories\wordpad.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\XPS Viewer.lnk -> C:\Windows\System32\xpsrchvw.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Tablet PC\Windows Journal.lnk -> C:\Program Files\Windows Journal\Journal.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Character Map.lnk -> C:\Windows\System32\charmap.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ABBYY FineReader 10\ABBYY FineReader 10 Corporate Edition.lnk -> C:\Windows\Installer\{F1000000-0001-0000-0000-074957833700}\ICON_FineReader.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ABBYY FineReader 10\ABBYY Hot Folder.lnk -> C:\Windows\Installer\{F1000000-0001-0000-0000-074957833700}\ICON_HF.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ABBYY FineReader 10\ABBYY Screenshot Reader.lnk -> C:\Windows\Installer\{F1000000-0001-0000-0000-074957833700}\ICON_Bonus.Screenshotreader.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ABBYY FineReader 10\Benutzerhandbuch.lnk -> C:\Program Files (x86)\ABBYY FineReader 10\Guide\Guide_German.pdf ()
Shortcut: C:\Users\CM\Start Menu\Programs\SpyHunter\SpyHunter.lnk -> C:\Program Files\Enigma Software Group\SpyHunter\SpyHunter4.exe (Keine Datei)
Shortcut: C:\Users\CM\Start Menu\Programs\SpyHunter\Uninstall.lnk -> C:\Users\CM\AppData\Roaming\Enigma Software Group\sh_installer.exe (Keine Datei)
Shortcut: C:\Users\CM\Links\Desktop.lnk -> C:\Users\CM\Desktop ()
Shortcut: C:\Users\CM\Links\Downloads.lnk -> C:\Users\CM\Downloads ()
Shortcut: C:\Users\CM\Links\OneDrive.lnk -> C:\Users\CM\OneDrive (2) ()
Shortcut: C:\Users\CM\Links\SkyDrive.lnk -> C:\Users\CM\SkyDrive ()
Shortcut: C:\Users\CM\Downloads\Musik - Verknüpfung.lnk -> C:\Users\CM\Music ()
Shortcut: C:\Users\CM\Desktop\Fixlog.txt - Verknüpfung.lnk -> C:\Users\CM\Desktop\Fixlog.txt (Keine Datei)
Shortcut: C:\Users\CM\AppData\Bilder - Verknüpfung.lnk -> C:\Users\CM\AppData\Roaming\Microsoft\Windows\Libraries\Pictures.library-ms ()
Shortcut: C:\Users\CM\AppData\Roaming\Bibliotheken - Verknüpfung.lnk -> C:\Users\CM\AppData\Roaming\Microsoft\Windows\Libraries ()
Shortcut: C:\Users\CM\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Documents.lnk -> C:\Users\CM\Documents ()
Shortcut: C:\Users\CM\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\DVD-RW-Laufwerk (E) ABBYY FINEREADER.lnk -> E:\ (Keine Datei)
Shortcut: C:\Users\CM\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pictures.lnk -> C:\Users\CM\Pictures ()
Shortcut: C:\Users\CM\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\CM\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Windows.Defender.lnk -> C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
Shortcut: C:\Users\CM\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Notepad.lnk -> C:\Windows\System32\notepad.exe (Microsoft Corporation)
Shortcut: C:\Users\CM\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\Magnify.lnk -> C:\Windows\System32\Magnify.exe (Microsoft Corporation)
Shortcut: C:\Users\CM\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\Narrator.lnk -> C:\Windows\System32\Narrator.exe (Microsoft Corporation)
Shortcut: C:\Users\CM\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\On-Screen Keyboard.lnk -> C:\Windows\System32\osk.exe (Microsoft Corporation)
Shortcut: C:\Users\CM\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Acer Device Fast-lane.lnk -> C:\Program Files\Acer\Acer Device Fast-lane\DeviceFastLaneUI.exe (Acer Incorporated)
Shortcut: C:\Users\CM\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Acer Power Button.lnk -> C:\Program Files\Acer\Acer Power Management\ePowerButton.exe (Acer Incorporated)
Shortcut: C:\Users\CM\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\AcerCloud Docs.lnk -> C:\Program Files (x86)\Acer\AcerCloud Docs\AcerCloud Docs.exe ()
Shortcut: C:\Users\CM\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\clear.fi Media.lnk -> C:\Program Files (x86)\Acer\clear.fi Media\ClearfiMedia.exe (Acer Incorporated)
Shortcut: C:\Users\CM\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\clear.fi Photo.lnk -> C:\Program Files (x86)\Acer\clear.fi Photo\ClearfiPhoto.exe (Acer Incorporated)
Shortcut: C:\Users\CM\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Movie Maker.lnk -> C:\Program Files (x86)\Windows Live\Photo Gallery\MovieMaker.exe (Microsoft Corporation)
Shortcut: C:\Users\CM\AppData\Local\Microsoft\Windows\WinX\Group3\01 - Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\CM\AppData\Local\Microsoft\Windows\WinX\Group3\01a - Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\CM\AppData\Local\Microsoft\Windows\WinX\Group3\02 - Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\CM\AppData\Local\Microsoft\Windows\WinX\Group3\02a - Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\CM\AppData\Local\Microsoft\Windows\WinX\Group3\03 - Computer Management.lnk -> C:\Windows\System32\compmgmt.msc ()
Shortcut: C:\Users\CM\AppData\Local\Microsoft\Windows\WinX\Group3\04 - Disk Management.lnk -> C:\Windows\System32\diskmgmt.msc ()
Shortcut: C:\Users\CM\AppData\Local\Microsoft\Windows\WinX\Group3\07 - Event Viewer.lnk -> C:\Windows\System32\eventvwr.exe (Microsoft Corporation)
Shortcut: C:\Users\CM\AppData\Local\Microsoft\Windows\WinX\Group3\09 - Mobility Center.lnk -> C:\Windows\System32\mblctr.exe (Microsoft Corporation)
Shortcut: C:\Users\CM\AppData\Local\Microsoft\Windows\WinX\Group2\4 - Control Panel.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation)
Shortcut: C:\Users\CM\AppData\Local\Microsoft\Windows\FileHistory\Data\54\C\Users\CM\Desktop\Fixlog.txt - Verknüpfung.lnk -> C:\Users\CM\Desktop\Fixlog.txt (Keine Datei)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Documents.lnk -> C:\Users\CM\Documents ()
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pictures.lnk -> C:\Users\CM\Pictures ()
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Windows.Defender.lnk -> C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Notepad.lnk -> C:\Windows\System32\notepad.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\Magnify.lnk -> C:\Windows\System32\Magnify.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\Narrator.lnk -> C:\Windows\System32\Narrator.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\On-Screen Keyboard.lnk -> C:\Windows\System32\osk.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\01 - Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\01a - Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\02 - Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\02a - Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\03 - Computer Management.lnk -> C:\Windows\System32\compmgmt.msc ()
Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\04 - Disk Management.lnk -> C:\Windows\System32\diskmgmt.msc ()
Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\07 - Event Viewer.lnk -> C:\Windows\System32\eventvwr.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\09 - Mobility Center.lnk -> C:\Windows\System32\mblctr.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group2\4 - Control Panel.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation)
Shortcut: C:\Users\Public\Desktop\Acer Backup Manager.lnk -> C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManager.exe (NTI Corporation)
Shortcut: C:\Users\Public\Desktop\Acer Theft Shield.lnk -> C:\Program Files\Acer\Acer Theft Shield\USecuAppUI.exe ()
Shortcut: C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk -> C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe (Malwarebytes Corporation)
Shortcut: C:\Users\Public\Desktop\VLC media player.lnk -> C:\Program Files (x86)\VideoLAN\VLC\vlc.exe (VideoLAN)


ShortcutWithArgument: C:\Users\CM\Desktop\McAfee Anti-Theft.lnk -> C:\Program Files\Preload\McAfee Anti-Theft\StartURL.exe () -> hxxp://home.mcafee.com/root/campaign.aspx?cid=107661
ShortcutWithArgument: C:\Users\Public\Desktop\LOVEFiLM.lnk -> C:\Program Files\Preload\LoveFilm\StartURL.exe () -> hxxp://Lovefilm.de/acer
ShortcutWithArgument: C:\Users\Public\Desktop\Online kaufen.lnk -> C:\Program Files\Accessory Store\StartURL.exe () -> hxxp://go.acer.com/?id=13400


ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk -> C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation) -> %SNF%
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Search.lnk -> C:\Windows\System32\rundll32.exe (Microsoft Corporation) -> -sta {C90FB8CA-3295-4462-A721-2935E83694BA}
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk -> C:\Program Files (x86)\Windows Media Player\wmplayer.exe (Microsoft Corporation) -> /prefetch:1
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN\VLC media player - reset preferences and cache files.lnk -> C:\Program Files (x86)\VideoLAN\VLC\vlc.exe (VideoLAN) -> --reset-config --reset-plugins-cache vlc://quit
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN\VLC media player skinned.lnk -> C:\Program Files (x86)\VideoLAN\VLC\vlc.exe (VideoLAN) -> -Iskins
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Tools\Default Programs.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.DefaultPrograms
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Tools\Task Manager.lnk -> C:\Windows\System32\Taskmgr.exe (Microsoft Corporation) -> /7
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StartUp\Acer Backup Manager Tray.lnk -> C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe (NTI Corporation) -> -h -k
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Security Scan Plus\Deinstallieren.lnk -> C:\Program Files\McAfee Security Scan\uninstall.exe (McAfee, Inc.) -> C:\Program Files\McAfee Security Scan\3.11.149\McAfee.ico
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Security Scan Plus\McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.11.149\McUICnt.exe (McAfee, Inc.) -> SecurityScanner.dll
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee\McAfee Internet Security Suite.lnk -> C:\Program Files\mcafee.com\agent\mcagent.exe (McAfee, Inc.) -> /desktopicon /platui
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EgisTec\Shredder.lnk -> C:\Program Files (x86)\EgisTec Shredder\x86\ShredConsole.exe (Egis Technology Inc.) -> -s
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink MediaEspresso 6.5\MediaEspresso Gadget.lnk -> C:\Program Files (x86)\CyberLink\MediaEspresso\MediaEspresso.exe (CyberLink Corp.) -> gadget
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Computer Management.lnk -> C:\Windows\System32\compmgmt.msc () -> /s
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Event Viewer.lnk -> C:\Windows\System32\eventvwr.msc () -> /s
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Performance Monitor.lnk -> C:\Windows\System32\perfmon.msc () -> /s
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Resource Monitor.lnk -> C:\Windows\System32\perfmon.exe (Microsoft Corporation) -> /res
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Task Scheduler.lnk -> C:\Windows\System32\taskschd.msc () -> /s
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Windows Media Player.lnk -> C:\Program Files (x86)\Windows Media Player\wmplayer.exe (Microsoft Corporation) -> /prefetch:1
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessibility\Speech Recognition.lnk -> C:\Windows\Speech\Common\sapisvr.exe (Microsoft Corporation) -> -SpeechUX
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ABBYY FineReader 10\Quick Tasks\Foto in Microsoft Word umwandeln.lnk -> C:\Windows\Installer\{F1000000-0001-0000-0000-074957833700}\ICON_Task.exe () -> -StartOpenConvert
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ABBYY FineReader 10\Quick Tasks\In Bilddatei scannen.lnk -> C:\Windows\Installer\{F1000000-0001-0000-0000-074957833700}\ICON_Task.exe () -> -ScanImages
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ABBYY FineReader 10\Quick Tasks\In Microsoft Excel scannen.lnk -> C:\Windows\Installer\{F1000000-0001-0000-0000-074957833700}\ICON_Task.exe () -> -StartMenuScanToExcel
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ABBYY FineReader 10\Quick Tasks\In Microsoft Word scannen.lnk -> C:\Windows\Installer\{F1000000-0001-0000-0000-074957833700}\ICON_Task.exe () -> -StartMenuScanToWord
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ABBYY FineReader 10\Quick Tasks\In PDF scannen.lnk -> C:\Windows\Installer\{F1000000-0001-0000-0000-074957833700}\ICON_Task.exe () -> -StartMenuScanToPdf
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ABBYY FineReader 10\Quick Tasks\PDF-Dateien und Bilder in Microsoft Word umwandeln.lnk -> C:\Windows\Installer\{F1000000-0001-0000-0000-074957833700}\ICON_Task.exe () -> -StartOpenConvert
ShortcutWithArgument: C:\Users\CM\Start Menu\Programs\SpyHunter\SpyHunter Emergency Startup.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> "C:\Program Files\Enigma Software Group\SpyHunter\SpyHunter4.com"
ShortcutWithArgument: C:\Users\CM\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> %SNP%
ShortcutWithArgument: C:\Users\CM\AppData\Roaming\Microsoft\Windows\SendTo\Fax Recipient.lnk -> C:\Windows\System32\WFS.exe (Microsoft Corporation) -> /SendTo
ShortcutWithArgument: C:\Users\CM\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> %SNP%
ShortcutWithArgument: C:\Users\CM\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\In Microsoft Word scannen.lnk -> C:\Windows\Installer\{F1000000-0001-0000-0000-074957833700}\ICON_Task.exe () -> -StartMenuScanToWord
ShortcutWithArgument: C:\Users\CM\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Internet Explorer.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> %SNP%
ShortcutWithArgument: C:\Users\CM\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Mozilla Firefox.lnk -> C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation) -> %SNF%
ShortcutWithArgument: C:\Users\CM\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Windows Media Player.lnk -> C:\Program Files (x86)\Windows Media Player\wmplayer.exe (Microsoft Corporation) -> /prefetch:1
ShortcutWithArgument: C:\Users\CM\AppData\Local\Microsoft\Windows\WinX\Group3\04-1 - Network Connections.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> ::{7007ACC7-3202-11D1-AAD2-00805FC1270E}
ShortcutWithArgument: C:\Users\CM\AppData\Local\Microsoft\Windows\WinX\Group3\05 - Device Manager.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.DeviceManager
ShortcutWithArgument: C:\Users\CM\AppData\Local\Microsoft\Windows\WinX\Group3\06 - System.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.System
ShortcutWithArgument: C:\Users\CM\AppData\Local\Microsoft\Windows\WinX\Group3\08 - Power Options.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.PowerOptions
ShortcutWithArgument: C:\Users\CM\AppData\Local\Microsoft\Windows\WinX\Group3\10 - Programs and Features.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.ProgramsAndFeatures
ShortcutWithArgument: C:\Users\CM\AppData\Local\Microsoft\Windows\WinX\Group2\1 - Run.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{2559a1f3-21d7-11d4-bdaf-00c04f60b9f0}
ShortcutWithArgument: C:\Users\CM\AppData\Local\Microsoft\Windows\WinX\Group2\2 - Search.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{2559a1f8-21d7-11d4-bdaf-00c04f60b9f0}
ShortcutWithArgument: C:\Users\CM\AppData\Local\Microsoft\Windows\WinX\Group2\3 - Windows Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> /e,::{20D04FE0-3AEA-1069-A2D8-08002B30309D}
ShortcutWithArgument: C:\Users\CM\AppData\Local\Microsoft\Windows\WinX\Group2\5 - Task Manager.lnk -> C:\Windows\System32\Taskmgr.exe (Microsoft Corporation) -> /0
ShortcutWithArgument: C:\Users\CM\AppData\Local\Microsoft\Windows\WinX\Group1\1 - Desktop.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{3080F90D-D7AD-11D9-BD98-0000947B0257}
ShortcutWithArgument: C:\Users\Default\AppData\Roaming\Microsoft\Windows\SendTo\Fax Recipient.lnk -> C:\Windows\System32\WFS.exe (Microsoft Corporation) -> /SendTo
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\04-1 - Network Connections.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> ::{7007ACC7-3202-11D1-AAD2-00805FC1270E}
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\05 - Device Manager.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.DeviceManager
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\06 - System.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.System
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\08 - Power Options.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.PowerOptions
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\10 - Programs and Features.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.ProgramsAndFeatures
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group2\1 - Run.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{2559a1f3-21d7-11d4-bdaf-00c04f60b9f0}
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group2\2 - Search.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{2559a1f8-21d7-11d4-bdaf-00c04f60b9f0}
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group2\3 - Windows Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> /e,::{20D04FE0-3AEA-1069-A2D8-08002B30309D}
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group2\5 - Task Manager.lnk -> C:\Windows\System32\Taskmgr.exe (Microsoft Corporation) -> /0
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group1\1 - Desktop.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{3080F90D-D7AD-11D9-BD98-0000947B0257}
ShortcutWithArgument: C:\Users\Public\Desktop\McAfee Internet Security Suite.lnk -> C:\Program Files\mcafee.com\agent\mcagent.exe (McAfee, Inc.) -> /desktopicon /platui
ShortcutWithArgument: C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.11.149\McUICnt.exe (McAfee, Inc.) -> SecurityScanner.dll
ShortcutWithArgument: C:\Users\Public\Desktop\Mozilla Firefox.lnk -> C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation) -> %SNF%


InternetURL: C:\Users\CM\Favorites\Bing.url -> hxxp://go.microsoft.com/fwlink/p/?LinkId=255142
InternetURL: C:\Users\CM\Favorites\Links\Acer Zubehör Shop.url -> hxxp://go.acer.com/?id=14169
InternetURL: C:\Users\CM\Favorites\Acer\Acer.url -> hxxp://www.acer.com/
InternetURL: C:\Users\CM\Favorites\Acer\eBay.url -> hxxp://rover.ebay.com/rover/1/707-67567-24801-3/4
InternetURL: C:\Users\CM\Favorites\Acer\WildTangent Games.url -> hxxp://rdr.wildtangent.com/default/acer/iefav.aspx
InternetURL: C:\Users\CM\AppData\Local\Microsoft\Windows\FileHistory\Data\40\C\Users\CM\Favorites\Bing.url -> hxxp://go.microsoft.com/fwlink/p/?LinkId=255142
InternetURL: C:\Users\CM\AppData\Local\Microsoft\Windows\FileHistory\Data\40\C\Users\CM\Favorites\Links\Acer Zubehör Shop.url -> hxxp://go.acer.com/?id=14169
InternetURL: C:\Users\CM\AppData\Local\Microsoft\Windows\FileHistory\Data\40\C\Users\CM\Favorites\Acer\Acer.url -> hxxp://www.acer.com/
InternetURL: C:\Users\CM\AppData\Local\Microsoft\Windows\FileHistory\Data\40\C\Users\CM\Favorites\Acer\eBay.url -> hxxp://rover.ebay.com/rover/1/707-67567-24801-3/4
InternetURL: C:\Users\CM\AppData\Local\Microsoft\Windows\FileHistory\Data\40\C\Users\CM\Favorites\Acer\WildTangent Games.url -> hxxp://rdr.wildtangent.com/default/acer/iefav.aspx
InternetURL: C:\Users\Default\Favorites\Acer\Acer.url -> hxxp://www.acer.com/
InternetURL: C:\Users\Default\Favorites\Acer\WildTangent Games.url -> hxxp://rdr.wildtangent.com/default/acer/iefav.aspx

==================== Ende von Ergebnis =============================

DANKE DANKE DANKE!

deeprybka 19.08.2015 20:07
Schritt 1

http://filepony.de/icon/frst.pnghttp://deeprybka.trojaner-board.de/b...e/frst/sn4.PNG

Drücke bitte die http://deeprybka.trojaner-board.de/b...ne/revo/w7.png + R Taste und schreibe notepad in das Ausführen Fenster.
Klicke auf OK und kopiere nun den Text aus der Codebox in das leere Textdokument:
Code:
CloseProcesses:
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk -> C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation) -> %snf%
ShortcutWithArgument: C:\Users\CM\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Mozilla Firefox.lnk -> C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation) -> %snf%
ShortcutWithArgument: C:\Users\Public\Desktop\Mozilla Firefox.lnk -> C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation) -> %snf%
Speichere dieses bitte als Fixlist.txt in das Verzeichnis ab, in dem sich auch die FRST-Anwendung befindet.
  • Starte FRST und drücke auf den Entfernen-Button.
  • Das Tool erstellt eine "Fixlog.txt" -Datei.
  • Poste mir bitte deren Inhalt.

Wie sieht es jetzt aus? :)

ravioli 19.08.2015 22:21
Jetzt sieht es viel besser aus, Startseite ist die von mir eingestellte, nirgends mehr unerwünschte Werbung, überhaupt scheint mir, als sei alles weg - ist das so? Gibst du ein "clean"? :)

deeprybka 20.08.2015 06:04

http://deeprybka.trojaner-board.de/b...ndeeprybka.gif
Wir haben es geschafft! :abklatsch:
Die Logs sehen für mich im Moment sauber aus.

Wenn Du möchtest, kannst Du hier sagen, ob Du mit mir und meiner Hilfe zufrieden warst...:dankeschoen:und/oder das Forum mit einer kleinen Spende http://www.trojaner-board.de/extra/spende.png unterstützen. :applaus:
Es bleibt mir nur noch, Dir unbeschwertes und sicheres Surfen zu wünschen und dass wir uns hier so bald nicht wiedersehen. ;)



http://deeprybka.trojaner-board.de/b...cleanupneu.png
Cleanup:
(Die Reihenfolge ist hier entscheidend)

Falls Defogger verwendet wurde: Erneut starten und auf Re-enable klicken.

Falls Combofix verwendet wurde:
http://deeprybka.trojaner-board.de/b.../combofix2.pngCombofix deinstallieren
  • Wichtig: Bitte Antivirus-Programm, evtl. vorhandenes Skript-Blocking und Anti-Malware Programme deaktivieren.
  • Drücke bitte die http://deeprybka.trojaner-board.de/b...ne/revo/w7.png + R Taste und schreibe Combofix /Uninstall in das Ausführen-Fenster.
  • Klicke auf OK.
    Damit wird Combofix komplett entfernt und der Cache der Systemwiederherstellung geleert.
  • Nun die eben deaktivierten Programme wieder aktivieren.

Alle Logs gepostet? Dann lade Dir bitte http://filepony.de/icon/tiny/delfix.pngDelFix herunter.
  • Schließe alle offenen Programme.
  • Starte die delfix.exe mit einem Doppelklick.
  • Setze vor jede Funktion ein Häkchen.
  • Klicke auf Start.

Hinweis: DelFix entfernt u.a. alle verwendeten Programme, die Quarantäne unserer Scanner, den Java-Cache und löscht sich abschließend selbst.
Starte Deinen Rechner abschließend neu. Sollten jetzt noch Programme aus unserer Bereinigung übrig sein, kannst Du diese bedenkenlos löschen.


http://deeprybka.trojaner-board.de/b...ast/schild.png
Absicherung:
Beim Betriebsystem Windows die automatischen Updates aktivieren. Auch die sicherheitsrelevante Software sollte immer nur in der aktuellsten Version vorliegen:

Browser
Java
 Flash-Player
PDF-Reader

Sicherheitslücken (z.B. hier) in deren alten Versionen werden dazu ausgenutzt, um beim einfachen Besuch einer manipulierten Website per "Drive-by" Malware zu installieren.
Ich empfehle z.B. die Verwendung von Mozilla Firefox statt des Internet Explorers. Zudem lassen sich mit dem Firefox auch PDF-Dokumente öffnen.

Aktiviere eine Firewall. Die in Windows integrierte genügt im Normalfall völlig.

Verwende ein Antivirusprogramm mit Echtzeitscanner und stets aktueller Signaturendatenbank.

Meine Kauf-Empfehlung:

http://deeprybka.trojaner-board.de/eset/ESS.png
ESET Smart Security

Zusätzlich kannst Du Deinen PC regelmäßig mit Malwarebytes Anti-Malware scannen.

Optional:
http://filepony.de/icon/noscript.png NoScript verhindert das Ausführen von aktiven Inhalten (Java, JavaScript, Flash,...) für sämtliche Websites. Man kann aber nach dem Prinzip einer Whitelist festlegen, auf welchen Seiten Scripts erlaubt werden sollen.
http://filepony.de/icon/malwarebytes_anti_exploit.pngMalwarebytes Anti Exploit: Schützt die Anwendungen des Computers vor der Ausnutzung bekannter Schwachstellen.


Lade Software von einem sauberen Portal wie http://filepony.de/images/microbanner.gif.
Wähle beim Installieren von Software immer die benutzerdefinierte Option und entferne den Haken bei allen optional angebotenen Toolbars oder sonstigen, fürs Programm, irrelevanten Ergänzungen.
Um Adware wieder los zu werden, empfiehlt sich zunächst die Deinstallation sowie die anschließende Resteentfernung mit Adwcleaner .


Abschließend noch ein paar grundsätzliche Bemerkungen:
Ändere regelmäßig Deine wichtigen Online-Passwörter und erstelle regelmäßig Backups Deiner wichtigen Dateien oder des Systems.
Der Nutzen von Registry-Cleanern, Optimizern usw. zur Performancesteigerung ist umstritten. Ich empfehle deshalb, die Finger von der Registry zu lassen und lieber die windowseigene Datenträgerbereinigung zu verwenden.


Alle Zeitangaben in WEZ +1. Es ist jetzt 17:35 Uhr.
Seite 1 von 2 1 2
100 Beiträge dieses Themas auf einer Seite anzeigen

Copyright ©2000-2025, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131